mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
840 lines
34 KiB
Plaintext
840 lines
34 KiB
Plaintext
_ _ ____ _
|
|
___| | | | _ \| |
|
|
/ __| | | | |_) | |
|
|
| (__| |_| | _ <| |___
|
|
\___|\___/|_| \_\_____|
|
|
|
|
Changelog
|
|
|
|
Version 7.10.6 (28 July 2003)
|
|
|
|
Daniel (28 July)
|
|
- François Pons brought a patch that once again made curl deal with ftp and
|
|
"double slash" as indicating the root directory. In the RFC1738-fix of April
|
|
30, that ability was removed (since it is not the "right" way). So, starting
|
|
now we can list the root dir of an ftp server both these ways:
|
|
|
|
curl ftp://server.com/%2f as well as
|
|
curl ftp://server.com//
|
|
|
|
Daniel (24 July)
|
|
- Henry Bland pointed out that we included sys/resource.h without good reason
|
|
in several source files. Without it included, QNX builds better...
|
|
|
|
- Andrés García updated the mingw makefiles.
|
|
|
|
Daniel (23 July)
|
|
- Tracy Boehrer experienced DNS cache problems and did some nice debugging
|
|
and tracking which made it easy for me to correct the problem and Tracy
|
|
could verify that it did cure the problem! When re-using a connection we
|
|
now make sure we don't re-use the 'connect_addr' struct.
|
|
|
|
- Daniel Kouril corrected the GSS-Negotiate code.
|
|
|
|
- Juan F. Codagnone provided fixes to allow curl to build fine on Windows
|
|
again.
|
|
|
|
Daniel (22 July)
|
|
- Edited the curl/curl.h include file to build on Windows properly.
|
|
|
|
Daniel (21 July)
|
|
- Moved the proxy credentials from the SessionHandle struct to the connectdata
|
|
struct, to make multiple proxy connections with differerent user names work.
|
|
|
|
- Adjusted the NTLM code to support proxy functionality.
|
|
|
|
- Made the krb4 stuff compile with the user+password fields moved.
|
|
|
|
Version 7.10.6-pre4 (21 July 2003)
|
|
|
|
Daniel (20 July)
|
|
- David Gardner pointed out in bug report 770755 that using the FTP command
|
|
CWD with a blank argument is a bad idea and I made libcurl skip empty path
|
|
segments starting now.
|
|
|
|
Daniel (18 July)
|
|
- Cris pointed out that my fix on July 16th didn't work fully. His pointing
|
|
out this (and his patch) also made me realize that we have a very similar
|
|
bug in the FTP connection re-use code. We must store a separate user and
|
|
password field for each connection we keep (at least for FTP and HTTP+NTLM
|
|
connections, so I made us do this unconditionally).
|
|
|
|
- Since NTLM authenticates connections instead of single requests, I had to
|
|
re-arrange how we store the NTLM data and I had to improve the test suite to
|
|
finally work properly with persistancy to make the NTLM tests run fine
|
|
again. This also forced me to have to update lots of HTTP test cases.
|
|
|
|
Daniel (16 July)
|
|
- Cris Bailiff's bug report 768275 pointed out that using Basic auth with
|
|
wrong user+password caused an endless loop. Fixed now. He also found out that
|
|
we didn't properly authenticate connections with NTLM. Fixed too.
|
|
|
|
- Dan Winship provided fixes for the NTLM code.
|
|
|
|
Daniel (5 July)
|
|
- Doug Kaufman provided additional fixes for the DOS port.
|
|
|
|
Daniel (4 July)
|
|
- Rick Richardson pointed out that using setvbuf() to achive non-buffering
|
|
on output is no-good for SCO Xenix and other unixes. We switched over to
|
|
using plain fflush() instead.
|
|
|
|
- Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
|
|
the configure script, and I had to change some build stuff to make the new
|
|
way work.
|
|
|
|
- Peter Sylvester's patch was applied that introduces the following:
|
|
|
|
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
|
|
OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
|
|
anything but CURLE_OK is returned, that will also be returned by libcurl
|
|
all the way back. If this function changes the CURLOPT_URL, libcurl will
|
|
detect this and instead go use the new URL.
|
|
|
|
CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
|
|
with CURLOPT_SSL_CTX_FUNCTION.
|
|
|
|
Daniel (1 July)
|
|
- David Byron provided a patch that allows a client to quit the test suite's
|
|
HTTP server.
|
|
|
|
- Gisle Vanem found and patched a lib handle leak in the ldap code.
|
|
|
|
Daniel (25 June)
|
|
- More NTLM-improvements. Less code. Smaller packets back and forth.
|
|
|
|
Daniel (23 June)
|
|
- Eric Glass provided us with a better doc on NTLM details, and I added more
|
|
comments and clarified the current code more. Using the new knowledge, we
|
|
should be able to make the NTLM stuff work even better.
|
|
Eric's original URL: http://davenport.sourceforge.net/ntlm.html
|
|
Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
|
|
|
|
- Fixed the minor compile problems pre3 had if built without GSSAPI and/or
|
|
SSL.
|
|
|
|
Version 7.10.6-pre3 (19 June 2003)
|
|
|
|
Daniel (19 June)
|
|
- Made curl use curl_free() on memory returned by curl_getenv(), as this
|
|
should theoreticly make it possibly to build and run curl and libcurl with
|
|
different memory allocation schemes with no problems.
|
|
|
|
Daniel (18 June)
|
|
- Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
|
|
include a better comment in the top for the gzip compressed version.
|
|
|
|
Daniel (17 June)
|
|
- CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
|
|
type(s) you want to use. If more than one is set, libcurl will use one of
|
|
the selected one and the one it considers is more secure. Test case 67 and
|
|
68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
|
|
featches, and test case 69 and 70 were added for testing authentication
|
|
"picking". --anyauth is the new command line tool option, and I also added
|
|
--basic for completeness (that's the default type).
|
|
|
|
- Fixed the runtests.pl script to use the info provided by the new curl -V
|
|
output.
|
|
|
|
- --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
|
|
is meant to be a generic debug conditional.
|
|
|
|
- curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
|
|
indicate that the library was built with CURLDEBUG set.
|
|
|
|
- Ralph Mitchell found out that some web applications very badly uses white
|
|
spaces in Location: redirects, and apparently IE is a browser (the only
|
|
one?) that supports this abomination. Based on Ralph's patch, I added code
|
|
that now attempts to replace white spaces with the proper "%20" or "+".
|
|
Test case 40 and 42 were added to verify my changes.
|
|
|
|
- curl -V now also outputs a list of features the available library offers (if
|
|
any).
|
|
|
|
- The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
|
|
support.
|
|
|
|
- David Orrell reported that libcurl still crashed when sending HUGE requests
|
|
over HTTPS... I fixed.
|
|
|
|
Version 7.10.6-pre2 (16 June 2003)
|
|
|
|
Daniel (16 June)
|
|
- curl_version_info() now returns bitmasked information weather NTLM and
|
|
GSSNEGOTIATE are supported, since it is doomed to vary on different
|
|
installatiions.
|
|
|
|
- I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
|
|
that is present, and only use our own MD5-code if it isn't.
|
|
|
|
Daniel (13 June)
|
|
- More NTLM help, fixes and patches from Cris Bailiff.
|
|
|
|
- Marty Kuhrt brought include fixes for making VMS builds warning-free.
|
|
|
|
Daniel (12 June)
|
|
- NTLM authentication works somewhat against the test servers provided by
|
|
Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
|
|
CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
|
|
were added for this. NTLM-support requires OpenSSL.
|
|
|
|
- Dan Fandrich provided a patch, that granted that gzip and libz are available
|
|
at build-time, compresses the hugehelp text in the curl command line and
|
|
uncompresses it at request. Saves some ~60K in the final output executable.
|
|
|
|
Daniel (11 June)
|
|
- Long day of fighting the NTLM demons.
|
|
|
|
Daniel (10 June)
|
|
- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
|
|
and pick method. Supported ones currently are:
|
|
CURLAUTH_BASIC - default selection
|
|
CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
|
|
CURLAUTH_GSSNEGOTIATE
|
|
|
|
- Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
|
|
the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
|
|
Microsoft web applications. --negotiate is the new family member. To take
|
|
advantage of this, you need one of these packages:
|
|
|
|
o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
|
|
o GSSAPI from Globus http://www.globus.org/
|
|
o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
|
|
|
|
- A missing ending bracket (']') while doing URL globbing could lead to a
|
|
segfault. While fixing this, I also introduced better error reporting in the
|
|
globbing code. (All this is application code outside libcurl.)
|
|
|
|
Daniel (6 June)
|
|
- David Orrell found out that sending a huge GET request over HTTPS could
|
|
make libcurl fail and return an error code.
|
|
|
|
Daniel (2 June)
|
|
- Richard Bramante found out that "Content-Length: 0" was not properly used by
|
|
libcurl if the response-headers indicated that the connection would be
|
|
closed.
|
|
|
|
- David Byron's patch was applied, that makes the --progress-bar take the
|
|
local size into account when doing resumed downloads.
|
|
|
|
- Feedback from Serge Semashko made me change the error message returned when
|
|
CURLE_HTTP_RETURNED_ERROR is returned.
|
|
|
|
- Anonymous in bug report #745122 pointed out that we should really be using
|
|
SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
|
|
implementations.
|
|
|
|
Daniel (27 May)
|
|
- Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
|
|
the sys/select.h header file so including it unconditionally in curl/multi.h
|
|
is not a good thing. Now we check for HPUX and avoid using that header on
|
|
such systems.
|
|
|
|
- Rudy Koento experienced problems with curl's recent habit of POSTing data in
|
|
two separate send() calls, first the headers and then the data. I've now
|
|
made a fix that for static and known content that is less than 100K in size,
|
|
everything is now sent in one single system call again. This is also better
|
|
for network performance reasons.
|
|
|
|
- I modified the main makefile to not build the test suite and a few other
|
|
unnecessary things by default. Now, the test suite is built when 'make test'
|
|
is run. This reduces build time for those who don't care for the test
|
|
suite, and it also reduces confusion for people using platforms where the
|
|
test suite build fails!
|
|
|
|
Daniel (26 May)
|
|
- Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
|
|
which is now corrected.
|
|
|
|
- Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
|
|
proxy a little too much like as if it was a http proxy.
|
|
|
|
Daniel (23 May)
|
|
- Ricardo Cadime found a socket leak when listing directories without
|
|
contents. Test cases 144 and 145 were added to verify the fix.
|
|
|
|
- Rudy Koento found yet another problem when a HTTP server returns only a
|
|
single-line of contents without any headers at all. libcurl then failed to
|
|
count the data, thus returning error 52 "no contents". Test case 66 was
|
|
added to verify that we now do right.
|
|
|
|
Version 7.10.6-pre1 (23 May 2003)
|
|
|
|
Daniel (23 May)
|
|
- Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
|
|
|
|
Daniel (22 May)
|
|
- David Remahl set up a test-server for me providing Digest authentication,
|
|
and I wrote the first working code that support it. The test suite was
|
|
modified slightly as well to work better for it and --digest was added to
|
|
the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
|
|
has all the gory details.
|
|
|
|
Daniel (21 May)
|
|
- David Balazic pointed out that curl_unescape() didn't check that %-codes
|
|
were correctly followed by two hexadecimal digits when it unescape strings.
|
|
Now, we do the check and only %XX codes are unescaped if the X letters are
|
|
hexadecimals.
|
|
|
|
- Gisle Vanem made curl build with djgpp on DOS.
|
|
|
|
- Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
|
|
shown with curl -M.
|
|
|
|
Daniel (20 May)
|
|
- Gisle Vanem provided a fix that makes libcurl more conservative, not
|
|
expecting h_aliases of the hostent struct to always be non-NULL.
|
|
|
|
Daniel (19 May)
|
|
- As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
|
|
supports user name and password in the proxy environment variables. Added
|
|
test case 63 to verify this.
|
|
|
|
Version 7.10.5 (19 May 2003)
|
|
|
|
Daniel (15 May)
|
|
- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
|
|
a very common type inet_addr() returns.
|
|
|
|
Daniel (14 May)
|
|
- George Comninos provided a fix that calls the progress meter when waiting
|
|
for FTP command responses take >1 second. It'll make applications more
|
|
"responsive" even when dealing with very slow ftp servers.
|
|
|
|
Daniel (12 May)
|
|
- George Comninos pointed out that libcurl uploads had two quirks:
|
|
o when using FTP PORT command, it used blocking sockets!
|
|
o it could loop a long time without doing progress meter updates
|
|
Both items are fixed now.
|
|
|
|
Daniel (9 May)
|
|
- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
|
|
set to "". This frees the application from having to know which encodings
|
|
the library supports.
|
|
|
|
- Dan Fandrich pointed out we had three unnecessary files in CVS that is
|
|
generated with libtoolize, so they're now removed and libtoolize is invoked
|
|
accordingly in the buildconf script.
|
|
|
|
- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
|
|
given name is a network interface gave a real performance penalty on Linux,
|
|
so now we more appropriately first check if it is an IP number and if so
|
|
we don't check for a network interface with that name.
|
|
|
|
- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
|
|
to use EPRT and LPRT before the traditional PORT command. The command line
|
|
tool sets this option with '--disable-eprt'.
|
|
|
|
Version 7.10.5-pre2 (6 May 2003)
|
|
|
|
Daniel (6 May)
|
|
- Kevin Delafield reported another case where we didn't correctly check for
|
|
EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
|
|
|
|
Daniel (4 May)
|
|
- Ben Greear noticed that the check for 'writable argv' exited the configure
|
|
script when run for cross-compiling, which wasn't nice. Now it'll default to
|
|
no and output a warning about the fact that it was not checked for.
|
|
|
|
Daniel (2 May)
|
|
- Added test case 62 and fixed some more on the cookie sending with a custom
|
|
Host: header set.
|
|
|
|
Daniel (1 May)
|
|
- Andy Cedilnik fixed a few compiler warnings.
|
|
|
|
- Made the "SSL read error: 5" error message more verbose, by adding code that
|
|
queries the OpenSSL library to fill in the error buffer.
|
|
|
|
Daniel (30 Apr)
|
|
- Added sys/select.h include in the curl/multi.h file, after having been
|
|
reminded about this by Rich Gray.
|
|
|
|
- I made each test set its own server requirements, thus abandoning the
|
|
previous system where the test number implied what server(s) to use for a
|
|
specific test.
|
|
|
|
- David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
|
|
that libcurl now uses one CWD command for each path part. A bunch of test
|
|
cases were fixed to work accordingly.
|
|
|
|
- Cookie fixes:
|
|
|
|
A. Save domains in jars like Mozilla does. It means all domains set in
|
|
Set-Cookie: headers are dot-prefixed.
|
|
B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
|
|
(the second column).
|
|
C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
|
|
both domains with too few dots or domains that are outside the currently
|
|
operating server host's domain.
|
|
D. Set the path part by default to the one used in the request, if none was
|
|
set in the Set-Cookie line.
|
|
|
|
To make item C really good, I also made libcurl notice custom Host: headers
|
|
and extract the host name set in there and use that as the host name for the
|
|
site we're getting the cookies from. This allows user to specify a site's
|
|
IP-address, but still be able to receive and send its cookies properly if
|
|
you provide a valid Host: name for the site.
|
|
|
|
Daniel (29 Apr)
|
|
- Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
|
|
when using the multi interface (too).
|
|
|
|
Version 7.10.5-pre1 (23 Apr 2003)
|
|
|
|
Daniel (23 Apr)
|
|
- Upgraded to libtool 1.5.
|
|
|
|
Daniel (22 Apr)
|
|
- Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
|
|
return CURLE_OK no matter what happens.
|
|
|
|
- Dan Fandrich fixed some gzip decompression bugs and flaws.
|
|
|
|
Daniel (16 Apr)
|
|
- Fixed minor typo in man page, reported in the Debian bug tracker.
|
|
|
|
Daniel (15 Apr)
|
|
- Fixed some FTP tests in the test suite that failed on my Solaris host, due
|
|
to the config.h not being included before the system headers. When done that
|
|
way, it did get a mixed sense of if big files are supported or not and then
|
|
stat() and fstat() (as used in test case 505) got confused and failed to
|
|
return a proper file size.
|
|
|
|
- Formposting a file using a .html suffix is now properly set to Content-Type: text/html.
|
|
|
|
Daniel (14 Apr)
|
|
- Fixed the SSL error handling to return proper SSL error messages again, they
|
|
broke in 7.10.4. I also attempt to track down CA cert problems and then
|
|
return the CURLE_SSL_CACERT error code.
|
|
|
|
- The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
|
|
a fairly big and explanatory error message. Kevin Roth helped me out with
|
|
the wording.
|
|
|
|
Daniel (11 Apr)
|
|
- Nic Hines provided a second patch for gzip decompression, and fixed a bug
|
|
when deflate or gzip contents were downloaded using chunked encoding.
|
|
|
|
- Dan Fandrich made libcurl support automatic decompression of gzip contents
|
|
(as an addition to the previous deflate support).
|
|
|
|
- I made the CWD command during FTP session consider all 2xy codes to be OK
|
|
responses.
|
|
|
|
Daniel (10 Apr)
|
|
- Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
|
|
after the host name, but still had "?" and parameters appended, as in
|
|
"http://hostname.com?foobar=moo", were not properly parsed by libcurl.
|
|
|
|
Daniel (9 Apr)
|
|
- Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
|
|
for HTTP. This then made -z work for ftp transfers too. Added test case 139
|
|
and 140 for verifying this.
|
|
|
|
- Getting the file date of an ftp file used the wrong time zone when
|
|
displayed. It is supposedly always GMT. Added test case 141 for this.
|
|
|
|
- Made the test suite's FTP server support MDTM.
|
|
|
|
- The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
|
|
CURLINFO_HEADER_IN data as well. The most notable effect from this is that
|
|
using curl -v, you get to see the incoming "headers" as well. This is
|
|
perhaps most useful when doing ftp.
|
|
|
|
Daniel (8 Apr)
|
|
- James Bursa fixed a flaw in the Content-Type extraction code, which missed
|
|
the first letter if no space followed the colon.
|
|
|
|
- Magnus Nilsson pointed out that share.c was missing in the MSVC project
|
|
file.
|
|
|
|
Daniel (6 Apr)
|
|
- Ryan Weaver provided a patch that makes the CA cert bundle not get installed
|
|
anymore when 'configure --without-ssl' has been used.
|
|
|
|
Daniel (4 Apr)
|
|
- Martijn Broenland found another cases where a server application didn't
|
|
like the boundary string used by curl when foing a multi-part/formpost. We
|
|
modified the boundary string to look like the one IE uses, as this is
|
|
probably gonna make curl work with more applications.
|
|
|
|
Daniel (3 Apr)
|
|
- Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
|
|
when using perl 5.8 (and they run fine with perl 5.6), and another set
|
|
failed because of an artifact in the test suite's FTP server that I
|
|
corrected. It turned out the FTP server code was still having a file opened
|
|
while the main test script removed it and invoked the HTTP server that
|
|
attempted to create the same file name of the file the FTP server kept open.
|
|
This operation works fine on unix, but not on cygwin.
|
|
|
|
Version 7.10.4 (2 Apr 2003)
|
|
|
|
Daniel (1 Apr)
|
|
- Added test case 505 to exercise FTP upload with rename done with libcurl,
|
|
and for that I had to extend the test suite's FTP server to deal with the
|
|
RNFR and RNTO commands.
|
|
|
|
Daniel (31 Mar)
|
|
- Even more SSL config check modifications after Richard's testing.
|
|
|
|
Version 7.10.4-pre6 (31 Mar 2003)
|
|
|
|
Daniel (31 Mar)
|
|
- More fixes for the SSL session ID cache checks when SSL configs are changed
|
|
between connections. Based on tests and talks with Richard Bramante.
|
|
|
|
- Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
|
|
When enabled, it will prevent libcurl from limiting to which host it sends
|
|
user+password to when following locations. By default, libcurl only sends
|
|
name and password to the original host used in the first URL, but with this
|
|
option set it will send the auth info to all hosts it follows location
|
|
headers to. The new tool command line option for this is named
|
|
"--location-trusted".
|
|
|
|
- Frankie Fong reported a problem with libcurl if you re-used an easy handle
|
|
with a proxy, and you first made a https:// connction to a host and then
|
|
switched to a http:// one to the same host. libcurl would then wrongly re-use
|
|
the same connection for it and fail to get the second URL properly
|
|
|
|
Daniel (29 Mar)
|
|
- Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
|
|
-O" was applied.
|
|
|
|
Daniel (26 Mar)
|
|
- Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
|
|
I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
|
|
this. Thanks a bunch Bryan!
|
|
|
|
Daniel (25 Mar)
|
|
- Renamed configure.in to configure.ac
|
|
|
|
Version 7.10.4-pre5 (25 Mar 2003)
|
|
|
|
Daniel (25 Mar)
|
|
- Richard Bramante provided a fix for a handle re-use problem seen when you
|
|
change options on an SSL-enabled connection between requests. Previously,
|
|
changing peer verification or host verification and similar things was not
|
|
taken into account when a connection were checked for re-use and thus
|
|
enabling stricter check between requests on a re-used connection made no
|
|
difference and the connection would thus be used erroneously.
|
|
|
|
Daniel (24 Mar)
|
|
- Götz Babin-Ebell pointed out that the ca-bundle.crt file contained a
|
|
certificate from Trustcenter that was a demo certificate only that was never
|
|
indended to be part of a CA bundle.
|
|
|
|
Daniel (21 Mar)
|
|
- Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
|
|
Churchill filed one bug report each, both identifying problems with a second
|
|
transfer when doing persistant transfers re-using a connection. Tim's one is
|
|
#706624, labeled "Multiple uploads per handle fail" and Michael's #707003
|
|
"Does not send Authorization: header when reusing connection". I could track
|
|
both down to the same piece of logic and it turned out libcurl was not using
|
|
new settings properly when re-using an existing connection. This concerned
|
|
both uploading and downloading and involved exactly those pieces these two
|
|
reports identified. This code has been this faulty since the day I
|
|
introduced persistant connection support in libcurl, more than 2 years ago.
|
|
|
|
Daniel (20 Mar 2003)
|
|
- Five year anniversary. Today five years ago, the first ever curl release saw
|
|
the light of day.
|
|
|
|
Daniel (17 Mar)
|
|
- Andy Cedilnik corrected flaws in some libcurl example-usage sources.
|
|
|
|
Daniel (16 Mar)
|
|
- Juan F. Codagnone reported that the fix from March 2nd was incomplete.
|
|
|
|
- Added code to the configure.in to check for select() argument types. I've
|
|
not made any code use the results just yet though.
|
|
|
|
Daniel (15 Mar)
|
|
- Gisle Vanem provided two patches to build better on Windows.
|
|
|
|
- Adjusted the test suite code to better make sure that the server(s) required
|
|
for a specific test is properly started before the test case is attempted.
|
|
Many tests now run a lot faster than before.
|
|
|
|
Daniel (14 Mar)
|
|
- Another configure.in adjustment made the configure detect functions properly
|
|
on HPUX now.
|
|
|
|
Daniel (13 Mar)
|
|
- Philippe Raoult fixed pre4-compile quirks for FreeBSD.
|
|
|
|
Version 7.10.4-pre4 (13 Mar 2003)
|
|
|
|
Daniel (13 Mar)
|
|
- Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
|
|
as I believe some checks on HPUX need this. At least some of the info given
|
|
to us by Rick Jones seemed to indicate this.
|
|
|
|
Daniel (12 Mar)
|
|
- Thomas Tonino found out that if you used the curl tool to do PUT operations
|
|
as in 'curl www.foo.com/dir/ -T file' and the file name included for example
|
|
space or other characters that don't belong in URLs, curl did not properly
|
|
URL encode them before using them in the URL.
|
|
|
|
- Added an option to configure called --enable-libgcc that simply adds -lgcc
|
|
to the LIBS variable, as this seems to be a common problem.
|
|
|
|
- I modified the configure.in file, so that the headers are now checked in an
|
|
order of "viality". We must also make sure to use the "default headers"
|
|
parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
|
|
prerequisites included (i.e all the major and generally important header
|
|
files are included there by default). This might be what we need for various
|
|
Sun, HP, AIX and Tru64 systems to behave good again on the header check
|
|
front.
|
|
|
|
- Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
|
|
|
|
- I made the configure --help output nicer by using AC_HELP_STRING() a lot
|
|
more.
|
|
|
|
Daniel (11 Mar)
|
|
- Christophe Demory fixed the socket sending code to work better on HP-UX
|
|
when sending data to a socket that would block. It then returns EAGAIN, not
|
|
EWOULDBLOCK.
|
|
|
|
- Richard Gorton improved the seeding function for systems without a good
|
|
and reliable random source.
|
|
|
|
- Richard Gorton fixed a few warnings that popped up when you built curl
|
|
using the Sun compiler on a 64bit SPARC platform.
|
|
|
|
- Martin C. Martin fixed a case where a connect failure using the multi
|
|
interface didn't produce a human readable error string.
|
|
|
|
Daniel (10 Mar)
|
|
- Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
|
|
broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
|
|
requirements on what versions of the other tools (autoconf + automake) that
|
|
I am not familiar with and thus I couldn't fulfill at this point.
|
|
|
|
Yes, this is more than mildly frustrating.
|
|
|
|
Daniel (7 Mar)
|
|
- Run libtoolize version 1.4.3.
|
|
|
|
Version 7.10.4-pre3 (4 Mar 2003)
|
|
|
|
Daniel (3 Mar)
|
|
- Added share.obj to the VC6 and Borland libcurl makefiles.
|
|
|
|
- Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
|
|
presumably only on 4.3 or later. gethostbyname_r() is not returning data
|
|
that is possible to "keep" and cache the way libcurl does. But instead these
|
|
versions of AIX uses a gethostbyname() that works thread-safely we can
|
|
instead use the ordinary gethostbyname() and our pack_hostent() approach to
|
|
achieve what we want. The configure script now attempts to detect AIX 4.3 or
|
|
later to adjust for this.
|
|
|
|
Daniel (2 Mar)
|
|
- Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
|
|
POST and then back to a GET using the same easy handle.
|
|
|
|
Daniel (28 Feb)
|
|
- Removed the strequal and strnequal defines from curl/curl.h header. They
|
|
were never meant for the public header anyway. Philippe Raoult brought it
|
|
up.
|
|
|
|
- James Bursa fixed the RISC OS build.
|
|
|
|
Daniel (27 Feb)
|
|
- Avery Fay pointed out the very misleading curl_multi_info_read man page, and
|
|
I updated it to become more accurate.
|
|
|
|
- Salvatore Sorrentino found a problem with FTP downloading that turned out to
|
|
be his FTP server returning size zero (0 bytes) when SIZE was used on a file
|
|
while being in BINARY mode. We now make a second check for the actual size
|
|
by scanning the RETR reply anyway, even if the SIZE command returned 0.
|
|
|
|
Daniel (26 Feb)
|
|
- Kyle Sallee reported a case where he would do a transfer that didn't update
|
|
the progress meter properly. It turned out to be a case where libcurl would
|
|
loop a little too eagerly in the tranfer loop, which isn't really good for
|
|
the APIs, especially not the multi API.
|
|
|
|
Version 7.10.4-pre2 (24 Feb 2003)
|
|
|
|
Daniel (24 Feb)
|
|
- Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
|
|
than 5 could cause a segfault.
|
|
|
|
- I believe I fixed the 'Expect: 100-continue' behavior that has been broken
|
|
for a while (I think since my change dated Dec 10 2002). When this header is
|
|
used, libcurl should wait for a HTTP 100 (or timeout) before sending the
|
|
post/put data.
|
|
|
|
Daniel (14 Feb)
|
|
- Matthew Clarke provided some info what to modify to make curl build
|
|
flawlessly on AIX 3.2.5.
|
|
|
|
- Martin C. Martin found and fixed a problem in the multi interface when
|
|
running on Windows and trying to connect to a port without a listener.
|
|
|
|
Daniel (13 Feb)
|
|
- Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
|
|
data to encode.
|
|
|
|
Daniel (4 Feb)
|
|
- Jean-Philippe added the first code that enables the 'share' system. This
|
|
should now enable sharing of DNS data between two curl easy handles.
|
|
|
|
- Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
|
|
|
|
- James Bursa corrected a bad comment in the public include file curl/multi.h
|
|
|
|
- Peter Forret reported one of those error:00000000 cases in libcurl again
|
|
when connecting to a HTTPS site, and this time I did discover some oddities
|
|
in how curl reports SSL errors back. It could miss showing the actual error.
|
|
|
|
Version 7.10.4-pre1 (3 Feb 2003)
|
|
|
|
Daniel (3 Feb)
|
|
- Removed things in the docs saying capath doesn't work on Windows, as Julian
|
|
Noble told us it works fine.
|
|
|
|
Daniel (31 Jan)
|
|
- Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
|
|
|
|
Daniel (30 Jan)
|
|
- Kevin Roth found out that curl on Windows always checked for the CA cert
|
|
bundle using the environment variable and the path scan, even though
|
|
-k/--insecure was used.
|
|
|
|
- Hamish Mackenzie pointed out that curl only did strict host name verifying
|
|
if capath or cainfo was used. Now it'll always do it unless -k / --insecure
|
|
is used!
|
|
|
|
- Pavel Cenek pointed out that the Content-Type extraction was done wrongly
|
|
as the full string was not fetched. Added test case 57 to verify that curl
|
|
does it right now.
|
|
|
|
Daniel (29 Jan)
|
|
- Jamie Wilkinson provided a patch that now makes curl attempt to clear out
|
|
"sensitive" command line arguments so that they don't appear in ps outputs
|
|
(only on platforms that allow writing to argv[]).
|
|
|
|
- John McGowan found out that the DEBUGFUNCTION could be called with bad
|
|
arguments and thus cause the --trace outputs to go wrong.
|
|
|
|
- Removed all the emacs local variables from all files. Mats Lidell provided
|
|
the new sample.emacs file (for a sample of what to include in your .emacs)
|
|
and the curl-style.el that sets a better c-style for editing curl sources.
|
|
|
|
- Dave Halbakken found a problem with FTP downloads that could accidently
|
|
return CURLE_PARTIAL_FILE when curl_easy_perform() was called with NOBODY
|
|
set TRUE.
|
|
|
|
Daniel (27 Jan)
|
|
- The fopen.c example was flawed as Nick Humfrey noticed, and I fixed it to
|
|
work again.
|
|
|
|
Daniel (24 Jan)
|
|
- Bertrand Demiddelaer found and fixed a memory leak (the content-type string)
|
|
when following locations.
|
|
|
|
Daniel (22 Jan 2003)
|
|
- Ian Wilkes and Legoff Vincent both independently provided fixes for making
|
|
curl/multi.h work properly when compiled with a C++ compiler.
|
|
|
|
Daniel (20 Jan 2003)
|
|
- Fixed 'buildconf' to check version number of the required tools before
|
|
they're actually used.
|
|
|
|
- Wrote 'testcurl.sh', a script targeted for automatic and distributed curl
|
|
tests on various platforms.
|
|
|
|
- David Thiel pointed out that the .netrc file was not being dealt with
|
|
properly anymore. I broke this in the password prompting "fix".
|
|
|
|
- Markus F.X.J. Oberhumer patched libcurl to allocate the scratch buffer only
|
|
on demand and thus we save 32KB in each curl handle that don't use that
|
|
buffer. This need appeared when some people started using thousands of
|
|
simultaneous curl handles... :-)
|
|
|
|
Daniel (16 Jan 2003)
|
|
- Markus Oberhumer fixed curl-config --cflags when the includedir was not
|
|
/usr/include.
|
|
|
|
- Markus Oberhumer fixed CURLINFO_PRIVATE to properly return NULL if it was
|
|
set to NULL!
|
|
|
|
Version 7.10.3 (14 Jan 2003)
|
|
|
|
Daniel (10 Jan 2003)
|
|
- Steve Oliphant pointed out that test case 105 did not work anymore and this
|
|
was due to a missing fix for the password prompting.
|
|
|
|
Version 7.10.3-pre6 (10 Jan 2003)
|
|
|
|
Daniel (9 Jan 2003)
|
|
- Bryan Kemp pointed out that curl -u could not provide a blank password
|
|
without prompting the user. It can now. -u username: makes the password
|
|
empty, while -u username makes curl prompt the user for a password.
|
|
|
|
- Kjetil Jacobsen found a remaining connect problem in the multi interface on
|
|
ipv4 systems (Linux only?), that I fixed and Kjetil verified that it fixed
|
|
his problems.
|
|
|
|
- memanalyze.pl now reads a file name from the command line, and no longer
|
|
takes the data on stdin as before.
|
|
|
|
Version 7.10.3-pre5 (9 Jan 2003)
|
|
|
|
Daniel (9 Jan 2003)
|
|
- Fixed tests/memanalyze.pl to work with file names that contain colons (as on
|
|
Windows).
|
|
|
|
- Kjetil Jacobsen quickly pointed out that lib/share.h was missing...
|
|
|
|
Version 7.10.3-pre4 (9 Jan 2003)
|
|
|
|
Daniel (9 Jan 2003)
|
|
- Updated lib/share.c quite a bit to match the design document at
|
|
http://curl.haxx.se/dev/sharing.txt a lot more.
|
|
|
|
I'll try to update the document soonish. share.c is still not actually used
|
|
by libcurl, but the API is slowly getting there and we can start
|
|
implementing code that takes advantage of this system.
|
|
|
|
Daniel (8 Jan 2003)
|
|
- Updated share stuff in curl/curl.h, including data types, structs and
|
|
function prototypes. The corresponding files in lib/ were also modified
|
|
of course to remain compilable. Based on input from Jean-Philippe and also
|
|
to make it more in line with the design document.
|
|
|
|
- Jean-Philippe Barrette-LaPierre patched a very trivial memory leak in
|
|
curl_escape() that would happen when realloc() returns NULL...
|
|
|
|
- Matthew Blain provided feedback to make the --create-dirs stuff build
|
|
properly on Windows.
|
|
|
|
- Fixed the #include in tests/libtest/first.c as Legoff Vincent pointed out.
|
|
|
|
Daniel (7 Jan 2003)
|
|
- Philippe Raoult provided a patch that now makes libcurl properly support
|
|
wildcard checks for certificate names.
|
|
|
|
- Simon Liu added CURLOPT_HTTP200ALIASES, to let an application set other
|
|
strings recognized as "HTTP 200" to allow http-like protocols to get
|
|
downloaded fine by curl.
|
|
|
|
- Now using autoconf 2.57 and automake 1.7.2
|
|
|
|
- Doing "curl -I ftp://domain/non-existing-file" still outputed a date!
|
|
Wayne Haigh reported.
|
|
|
|
- The error message is now written properly with a newline in the --trace
|
|
file.
|
|
|
|
Daniel (6 Jan 2003)
|
|
- Sterling Hughes fixed a possible bug: previously, if you called
|
|
curl_easy_perform and then set the global dns cache, the global cache
|
|
wouldn't be used. Pointed out by Jean-Philippe Barrette-LaPierre.
|
|
|
|
- Matthew Blain's fixed the VC6 libcurl makefile to include better debug data
|
|
on debug builds.
|