mirror of
https://github.com/moparisthebest/curl
synced 2024-11-14 13:35:03 -05:00
1786 lines
81 KiB
Plaintext
1786 lines
81 KiB
Plaintext
_ _ ____ _
|
|
___| | | | _ \| |
|
|
/ __| | | | |_) | |
|
|
| (__| |_| | _ <| |___
|
|
\___|\___/|_| \_\_____|
|
|
|
|
Changelog
|
|
|
|
Yang Tse (26 Jan 2010)
|
|
- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
|
|
relative to the asynchronous DNS lookups, along with with some integration
|
|
adjustments I have done are finally committed to CVS.
|
|
|
|
Currently these enhancements will benefit builds done using c-ares on any
|
|
platform as well as Windows builds using the default threaded resolver.
|
|
|
|
This release does not make generally available POSIX threaded DNS lookups
|
|
yet. There is no configure option to enable this feature yet. It is possible
|
|
to experimantally try this feature running configure with compiler flags that
|
|
make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
|
|
HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
|
|
are required to link and properly use pthread_* functions on each platform.
|
|
|
|
Daniel Stenberg (26 Jan 2010)
|
|
- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
|
|
proxy that cannot be resolved when using c-ares. This matches the behaviour
|
|
when not using c-ares.
|
|
|
|
Björn Stenberg (23 Jan 2010)
|
|
- Added a new flag: -J/--remote-header-name. This option tells the
|
|
-O/--remote-name option to use the server-specified Content-Disposition
|
|
filename instead of extracting a filename from the URL.
|
|
|
|
Daniel Stenberg (21 Jan 2010)
|
|
- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
|
|
libcurl options for controlling what to get and how to receive posssibly
|
|
interleaved RTP data.
|
|
|
|
Daniel Stenberg (20 Jan 2010)
|
|
- As was pointed out on the http-state mailing list, the order of cookies in a
|
|
HTTP Cookie: header _needs_ to be sorted on the path length in the cases
|
|
where two cookies using the same name are set more than once using
|
|
(overlapping) paths. Realizing this, identically named cookies must be
|
|
sorted correctly. But detecting only identically named cookies and take care
|
|
of them individually is harder than just to blindly and unconditionally sort
|
|
all cookies based on their path lengths. All major browsers also already do
|
|
this, so this makes our behavior one step closer to them in the cookie area.
|
|
|
|
Test case 8 was the only one that broke due to this change and I updated it
|
|
accordingly.
|
|
|
|
Daniel Stenberg (19 Jan 2010)
|
|
- David McCreedy brought a fix and a new test case (129) to make libcurl work
|
|
again when downloading files over FTP using ASCII and it turns out that the
|
|
final size of the file is not the same as the initial size the server
|
|
reported. This is very common since servers don't take the newline
|
|
conversions into account.
|
|
|
|
Kamil Dudka (14 Jan 2010)
|
|
- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
|
|
being properly detected under certain circumstances. It had been caused by
|
|
strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
|
|
distinguishes among empty and non-existent environment variable in that case.
|
|
|
|
Daniel Stenberg (12 Jan 2010)
|
|
- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
|
|
transfers: curl_multi_fdset() would return -1 and not set and file
|
|
descriptors several times during a transfer of a single file. It turned out
|
|
to be due to two different flaws now fixed. Gil's excellent recipe helped me
|
|
nail this.
|
|
|
|
Daniel Stenberg (11 Jan 2010)
|
|
- Made sure that the progress callback is repeatedly called at a regular
|
|
interval even during very slow connects.
|
|
|
|
- The tests/runtests.pl script now checks to see if the test case that runs is
|
|
present in the tests/data/Makefile.am and outputs a notice message on the
|
|
screen if not. Each test file has to be included in that Makefile.am to get
|
|
included in release archives and forgetting to add files there is a common
|
|
mistake. This is an attempt to make it harder to forget.
|
|
|
|
Daniel Stenberg (9 Jan 2010)
|
|
- Johan van Selst found and fixed a OpenSSL session ref count leak:
|
|
|
|
ossl_connect_step3() increments an SSL session handle reference counter on
|
|
each call. When sessions are re-used this reference counter may be
|
|
incremented many times, but it will be decremented only once when done (by
|
|
Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
|
|
if this reference count remains positive. When a session is re-used the
|
|
reference counter should be corrected by explicitly calling
|
|
SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
|
|
introducing a memory leak.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2926284)
|
|
|
|
Daniel Stenberg (7 Jan 2010)
|
|
- Make sure the progress callback is called repeatedly even during very slow
|
|
name resolves when c-ares is used for resolving.
|
|
|
|
Claes Jakobsson (6 Jan 2010)
|
|
- Julien Chaffraix fixed so that the fragment part in an URL is not sent
|
|
to the server anymore.
|
|
|
|
Kamil Dudka (3 Jan 2010)
|
|
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().
|
|
|
|
Daniel Stenberg (2 Jan 2010)
|
|
- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
|
|
versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
|
|
control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
|
|
option names are still working but the new ones are the ones listed and
|
|
documented.
|
|
|
|
Daniel Stenberg (1 Jan 2010)
|
|
- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
|
|
command is a special "hack" used by the drftpd server, but even though it is
|
|
a custom extension I've deemed it fine to add to libcurl since this server
|
|
seems to survive and people keep using it and want libcurl to support
|
|
it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
|
|
usable from the curl tool with --ftp-pret. Using this option on a server
|
|
that doesn't support this command will make libcurl fail.
|
|
|
|
I added test cases 1107 and 1108 to verify the functionality.
|
|
|
|
The PRET command is documented at
|
|
http://www.drftpd.org/index.php/Distributed_PASV
|
|
|
|
Yang Tse (30 Dec 2009)
|
|
- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
|
|
with the patch and testing.
|
|
|
|
Daniel Stenberg (26 Dec 2009)
|
|
- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
|
|
headers work correctly even on FreeBSD systems before v8.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2916915)
|
|
|
|
Daniel Stenberg (17 Dec 2009)
|
|
- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
|
|
available.
|
|
|
|
- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
|
|
was a bit too quick and broke test case 1101 with that change. The order of
|
|
some of the setups is sensitive. I now changed it slightly again to make
|
|
sure we do them in this order:
|
|
|
|
1 - parse URL and figure out what protocol is used in the URL
|
|
2 - prepend protocol:// to URL if missing
|
|
3 - parse name+password off URL, which needs to know what protocol is used
|
|
(since only some allows for name+password in the URL)
|
|
4 - figure out if a proxy should be used set by an option
|
|
5 - if no proxy option, check proxy environment variables
|
|
6 - run the protocol-specific setup function, which needs to have the proxy
|
|
already set
|
|
|
|
Daniel Stenberg (15 Dec 2009)
|
|
- Jon Nelson found a regression that turned out to be a flaw in how libcurl
|
|
detects and uses proxies based on the environment variables. If the proxy
|
|
was given as an explicit option it worked, but due to the setup order
|
|
mistake proxies would not be used fine for a few protocols when picked up
|
|
from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
|
|
test case 1106 that verifies this functionality.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2913886)
|
|
|
|
Daniel Stenberg (12 Dec 2009)
|
|
- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
|
|
and SMTPS) are now supported. The current state may not yet be solid, but
|
|
the foundation is in place and the test suite has some initial support for
|
|
these protocols. Work will now persue to make them nice libcurl citizens
|
|
until release.
|
|
|
|
The work with supporting these new protocols was sponsored by
|
|
networking4all.com - thanks!
|
|
|
|
Daniel Stenberg (10 Dec 2009)
|
|
- Siegfried Gyuricsko found out that the curl manual said --retry would retry
|
|
on FTP errors in the transient 5xx range. Transient FTP errors are in the
|
|
4xx range. The code itself only tried on 5xx errors that occured _at login_.
|
|
Now the retry code retries on all FTP transfer failures that ended with a
|
|
4xx response.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2911279)
|
|
|
|
- Constantine Sapuntzakis figured out a case which would lead to libcurl
|
|
accessing alredy freed memory and thus crash when using HTTPS (with
|
|
OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
|
|
of cleaning things up. I fixed it.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2905220)
|
|
|
|
Daniel Stenberg (7 Dec 2009)
|
|
- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
|
|
with unknown size. Previously it was only used for posts with a known size
|
|
larger than 1024 bytes.
|
|
|
|
Daniel Stenberg (1 Dec 2009)
|
|
- If the Expect: 100-continue header has been set by the application through
|
|
curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
|
|
data->state.expect100header accordingly - the current code (in 7.19.7 at
|
|
least) doesn't handle this properly. Martin Storsjo provided the fix!
|
|
|
|
Yang Tse (28 Nov 2009)
|
|
- Added Diffie-Hellman parameters to several test harness certificate files in
|
|
PEM format. Required by several stunnel versions used by our test harness.
|
|
|
|
Daniel Stenberg (28 Nov 2009)
|
|
- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
|
|
rework patch that now integrates TFTP properly into libcurl so that it can
|
|
be used non-blocking with the multi interface and more. BLKSIZE also works.
|
|
|
|
The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
|
|
the command line.
|
|
|
|
Daniel Stenberg (26 Nov 2009)
|
|
- Extended and fixed the change I did on Dec 11 for the the progress
|
|
meter/callback during FTP command/response sequences. It turned out it was
|
|
really lame before and now the progress meter SHOULD get called at least
|
|
once per second.
|
|
|
|
Daniel Stenberg (23 Nov 2009)
|
|
- Bjorn Augustsson reported a bug which made curl not report any problems even
|
|
though it failed to write a very small download to disk (done in a single
|
|
fwrite call). It turned out to be because fwrite() returned success, but
|
|
there was insufficient error-checking for the fclose() call which tricked
|
|
curl to believe things were fine.
|
|
|
|
Yang Tse (23 Nov 2009)
|
|
- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
|
|
finer granularity control when generating src and lib makefiles.
|
|
|
|
Yang Tse (22 Nov 2009)
|
|
- I modified configure to force removal of the curlbuild.h file included in
|
|
distribution tarballs for use by non-configure systems. As intended, this
|
|
would get overwriten when doing in-tree builds. But VPATH builds would end
|
|
having two curlbuild.h files, one in the source tree and another in the
|
|
build tree. With the modification I introduced 5 Nov 2009 this could become
|
|
an issue when running libcurl's test suite.
|
|
|
|
Daniel Stenberg (20 Nov 2009)
|
|
- Constantine Sapuntzakis identified a write after close, as the sockets were
|
|
closed by libcurl before the SSL lib were shutdown and they may write to its
|
|
socket. Detected to at least happen with OpenSSL builds.
|
|
|
|
- Jad Chamcham pointed out a bug with connection re-use. If a connection had
|
|
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
|
|
same proxy with the tunnel option disabled would still wrongly re-use that
|
|
previous connection and the outcome would only be badness.
|
|
|
|
Yang Tse (18 Nov 2009)
|
|
- I modified the memory tracking system to make it intolerant with zero sized
|
|
malloc(), calloc() and realloc() function calls.
|
|
|
|
Daniel Stenberg (17 Nov 2009)
|
|
- Constantine Sapuntzakis provided another fix for the DNS cache that could
|
|
end up with entries that wouldn't time-out:
|
|
|
|
1. Set up a first web server that redirects (307) to a http://server:port
|
|
that's down
|
|
2. Have curl connect to the first web server using curl multi
|
|
|
|
After the curl_easy_cleanup call, there will be curl dns entries hanging
|
|
around with in_use != 0.
|
|
|
|
(http://curl.haxx.se/bug/view.cgi?id=2891591)
|
|
|
|
- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
|
|
its pkg-config file. So -Wl stuff ended up in the .pc file, which is really
|
|
bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
|
|
PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)
|
|
|
|
Kamil Dudka (15 Nov 2009)
|
|
- David Byron improved the configure script to use pkg-config to find OpenSSL
|
|
(and in particular the list of required libraries) even if a path is given
|
|
as argument to --with-ssl
|
|
|
|
Claes Jakobsson (14 Nov 2009)
|
|
- curl-config now accepts '--configure' to see what arguments was
|
|
passed to the configure script when building curl.
|
|
|
|
Daniel Stenberg (14 Nov 2009)
|
|
- Claes Jakobsson restored the configure functionality to detect NSS when
|
|
--with-nss is set but not "yes".
|
|
|
|
I think we can still improve that to check for pkg-config in that path etc,
|
|
but at least this patch brings back the same functionality we had before.
|
|
|
|
- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
|
|
the client certificate. It also disable the key name test as some engines
|
|
can select a private key/cert automatically (When there is only one key
|
|
and/or certificate on the hardware device used by the engine)
|
|
|
|
Yang Tse (14 Nov 2009)
|
|
- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
|
|
won't be reused unless protection level for peer and host verification match.
|
|
|
|
Kamil Dudka (12 Nov 2009)
|
|
- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
|
|
closed NSPR descriptor. The issue was hard to find, reported several times
|
|
before and always closed unresolved. More info at the RH bug:
|
|
https://bugzilla.redhat.com/534176
|
|
|
|
- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
|
|
a broken TLS server. However it does not happen if SSL version is selected
|
|
manually. The approach was originally taken from PSM. Kaspar Brand helped me
|
|
to complete the patch. Original bug reports:
|
|
https://bugzilla.redhat.com/525496
|
|
https://bugzilla.redhat.com/527771
|
|
|
|
Yang Tse (12 Nov 2009)
|
|
- I modified configure script to make the getaddrinfo function check also
|
|
verify if the function is thread safe.
|
|
|
|
Yang Tse (11 Nov 2009)
|
|
- Marco Maggi reported that compilation failed when configured --with-gssapi
|
|
and GNU GSS installed due to a missing mutual exclusion of header files in
|
|
the Kerberos 5 code path. He also verified that my patch worked for him.
|
|
|
|
Daniel Stenberg (11 Nov 2009)
|
|
- Constantine Sapuntzakis posted bug #2891595
|
|
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
|
|
in the DNS cache would linger too long if the request that added it was in
|
|
use that long. He also provided the patch that now makes libcurl capable of
|
|
still doing a request while the DNS hash entry may get timed out.
|
|
|
|
- Christian Schmitz noticed that the progress meter/callback was not properly
|
|
used during the FTP connection phase (after the actual TCP connect), while
|
|
it of course should be. I also made the speed check get called correctly so
|
|
that really slow servers will trigger that properly too.
|
|
|
|
Kamil Dudka (5 Nov 2009)
|
|
- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
|
|
in non-blocking mode.
|
|
|
|
Yang Tse (5 Nov 2009)
|
|
- I removed leading 'curl' path on the 'curlbuild.h' include statement in
|
|
curl.h, adjusting auto-makefiles include path, to enhance portability to
|
|
OS's without an orthogonal directory tree structure such as OS/400.
|
|
|
|
Daniel Stenberg (4 Nov 2009)
|
|
- I fixed several problems with the transfer progress meter. It showed the
|
|
wrong percentage for small files, most notable for <1000 bytes and could
|
|
easily end up showing more than 100% at the end. It also didn't show any
|
|
percentage, transfer size or estimated transfer times when transferring
|
|
less than 100 bytes.
|
|
|
|
Version 7.19.7 (4 November 2009)
|
|
|
|
Daniel Stenberg (2 Nov 2009)
|
|
- As reported independent by both Stan van de Burgt and Didier Brisebourg,
|
|
CURLINFO_SIZE_DOWNLOAD (the -w variable size_download) didn't work when
|
|
getting data from ldap!
|
|
|
|
Daniel Stenberg (31 Oct 2009)
|
|
- Gabriel Kuri reported a problem with CURLINFO_CONTENT_LENGTH_DOWNLOAD if the
|
|
download was 0 bytes, as libcurl would then return the size as unknown (-1)
|
|
and not 0. I wrote a fix and test case 566 to verify it.
|
|
|
|
Daniel Stenberg (30 Oct 2009)
|
|
- Liza Alenchery mentioned a problem with re-used SCP connection when a bad
|
|
auth is used, as it caused a crash. I failed to repeat the issue, but still
|
|
made a change that now forces the TCP connection used for a freed SCP
|
|
session to get closed and not be re-used.
|
|
|
|
- "Tom" posted a bug report that mentioned how libcurl did wrong when doing a
|
|
POST using a read callback, with Digest authentication and
|
|
"Transfer-Encoding: chunked" enforced. I would then cause the first request
|
|
to be wrongly sent and then basically hang until the server closed the
|
|
connection. I fixed the problem and added test case 565 to verify it.
|
|
|
|
Daniel Stenberg (25 Oct 2009)
|
|
- Dima Barsky made the curl cookie parser accept cookies even with blank or
|
|
unparsable expiry dates and then treat them as session cookies - previously
|
|
libcurl would reject cookies with a date format it couldn't parse. Research
|
|
shows that the major browser treat such cookies as session cookies. I
|
|
modified test 8 and 31 to verify this.
|
|
|
|
Daniel Stenberg (21 Oct 2009)
|
|
- Attempt to use pkg-config for finding out libssh2 installation details
|
|
during configure.
|
|
|
|
- A patch in bug report #2883177 (http://curl.haxx.se/bug/view.cgi?id=2883177)
|
|
by Johan van Selst introduced the --crlfile option to curl, which makes curl
|
|
tell libcurl about a file with CRL (certificate revocation list) data to
|
|
read.
|
|
|
|
Daniel Stenberg (18 Oct 2009)
|
|
- Ray Dassen provided a patch in Debian's bug tracker (bug number #551461)
|
|
that now makes curl_getdate(3) actually handles RFC 822 formatted dates that
|
|
use the "single letter military timezones".
|
|
http://www.rfc-ref.org/RFC-TEXTS/822/chapter5.html has the details.
|
|
|
|
- Fixed memory leak in the SCP/SFTP code as it never freed the knownhosts
|
|
data!
|
|
|
|
- John Dennis filed bug report #2873666
|
|
(http://curl.haxx.se/bug/view.cgi?id=2873666) which identified a problem
|
|
which made libcurl loop infinitely when given incorrect credentials when
|
|
using HTTP GSS negotiate authentication. He also provided a small and simple
|
|
patch for it.
|
|
|
|
- Kevin Baughman found a double close() problem with libcurl-NSS, as when
|
|
libcurl called NSS to close the SSL "session" it also closed the actual
|
|
socket.
|
|
|
|
Yang Tse (17 Oct 2009)
|
|
- Bug report #2866724 indicated
|
|
(http://curl.haxx.se/bug/view.cgi?id=2866724) that curl on Windows failed
|
|
when writing files whose file names originally contained characters which
|
|
are not valid for file names on Windows. Dan Fandrich provided an initial
|
|
patch and another revised one to fix this issue.
|
|
|
|
Daniel Stenberg (1 Oct 2009)
|
|
- Tom Mueller correctly reported in bug report #2870221
|
|
(http://curl.haxx.se/bug/view.cgi?id=2870221) that libcurl returned an
|
|
incorrect return code from the internal trynextip() function which caused
|
|
him grief. This is a regression that was introduced in 7.19.1 and I find it
|
|
strange it hasn't hit us harder, but I won't persue into figuring out
|
|
exactly why.
|
|
|
|
- Constantine Sapuntzakis: The current implementation will always set
|
|
SO_SNDBUF to CURL_WRITE_SIZE even if the SO_SNDBUF starts out larger. The
|
|
patch doesn't do a setsockopt if SO_SNDBUF is already greater than
|
|
CURL_WRITE_SIZE. This should help folks who have set up their computer with
|
|
large send buffers.
|
|
|
|
Daniel Stenberg (27 Sep 2009)
|
|
- I introduced a maximum limit for received HTTP headers. It is controlled by
|
|
the define CURL_MAX_HTTP_HEADER which is even exposed in the public header
|
|
file to allow for users to fairly easy rebuild libcurl with a modified
|
|
limit. The rationale for a fixed limit is that libcurl is realloc()ing a
|
|
buffer to be able to put a full header into it, so that it can call the
|
|
header callback with the entire header, but that also risk getting it into
|
|
trouble if a server by mistake or willingly sends a header that is more or
|
|
less without an end. The limit is set to 100K.
|
|
|
|
Daniel Stenberg (26 Sep 2009)
|
|
- John P. McCaskey posted a bug report that showed how libcurl did wrong when
|
|
saving received cookies with no given path, if the path in the request had a
|
|
query part. That is means a question mark (?) and characters on the right
|
|
side of that. I wrote test case 1105 and fixed this problem.
|
|
|
|
Kamil Dudka (26 Sep 2009)
|
|
- Implemented a protocol independent way to specify blocking direction, used by
|
|
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
|
|
This enhancement resolves an issue with 100% CPU usage during SFTP upload,
|
|
reported by Vourhey.
|
|
|
|
Daniel Stenberg (25 Sep 2009)
|
|
- Chris Mumford filed bug report #2861587
|
|
(http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used
|
|
the OpenSSL function X509_load_crl_file() wrongly and failed if it would
|
|
load a CRL file with more than one certificate within. This is now fixed.
|
|
|
|
Daniel Stenberg (16 Sep 2009)
|
|
- Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-
|
|
powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name
|
|
field in the certficate it had to match and so even if non-DNS and non-IP
|
|
entry was present it caused the verification to fail.
|
|
|
|
Daniel Fandrich (15 Sep 2009)
|
|
- Moved the libssh2 checks after the SSL library checks. This helps when
|
|
statically linking since libssh2 needs the SSL library link flags to be
|
|
set up already to satisfy its dependencies. This wouldn't be necessary if
|
|
the libssh2 configure check was changed to use pkg-config since the
|
|
--static flag would add the dependencies automatically.
|
|
|
|
Yang Tse (14 Sep 2009)
|
|
- Revert Joshua Kwan's patch committed 11 Sep 2009.
|
|
|
|
Some systems poll function sets POLLHUP in revents without setting
|
|
POLLIN, and sets POLLERR without setting POLLIN and POLLOUT. In some
|
|
libcurl code execution paths this could trigger busy wait loops with
|
|
high CPU usage until a timeout condition aborted the loop.
|
|
|
|
The reverted patch addressed the above issue for a very specific case,
|
|
when awaiting c-ares to resolve. A libcurl-wide fix for Curl_poll now
|
|
superceeds this one.
|
|
|
|
Guenter Knauf (11 Sep 2009)
|
|
- Joshua Kwan provided a patch to pass POLLERR / POLLHUP back to c-ares.
|
|
This fixes a loop problem with high CPU usage.
|
|
|
|
Daniel Stenberg (10 Sep 2009)
|
|
- Claes Jakobsson fixed a problem with cookie expiry dates at exctly the epoch
|
|
start second "Thu Jan 1 00:00:00 GMT 1970" as the date parser then returns 0
|
|
which internally then is treated as a session cookie. That particular date
|
|
is now made to get the value of 1.
|
|
|
|
Daniel Stenberg (2 Sep 2009)
|
|
- Daniel Johnson found a flaw in the code converting sftp-errors to libcurl
|
|
errors.
|
|
|
|
Daniel Stenberg (1 Sep 2009)
|
|
- Peter Sylvester made a debug feature for Curl_resolv() that now will force
|
|
libcurl to resolve 'localhost' whatever name you use in the URL *if* you set
|
|
the --interface option to (exactly) "LocalHost". This will enable us to
|
|
write tests for custom hosts names but still use a local host server.
|
|
|
|
- configure now tries to use pkg-config for a number of sub-dependencies even
|
|
when cross-compiling. The key to success is then you properly setup
|
|
PKG_CONFIG_PATH before invoking configure.
|
|
|
|
I also improved how NSS is detected by trying nss-config if pkg-config isn't
|
|
present, and as a last resort just use the lib name and force the user to
|
|
setup the LIBS/LDFLAGS/CFLAGS etc properly. The previous last resort would
|
|
add a range of various libs that would almost never be quite correct.
|
|
|
|
Daniel Stenberg (31 Aug 2009)
|
|
- When using the multi interface with FTP and you asked for NOBODY, you did no
|
|
QUOTE commands and the request used the same path as the connection had
|
|
already changed to, it would decide that no commands would be necessary for
|
|
the "DO" action and that was not handled properly but libcurl would instead
|
|
hang.
|
|
|
|
Kamil Dudka (28 Aug 2009)
|
|
- Improved error message for not matching certificate subject name in
|
|
libcurl-NSS. Originally reported at:
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=516056#c9
|
|
|
|
Patrick Monnerat (24 Aug 2009)
|
|
- Introduced a SYST-based test to properly set-up name format when dealing
|
|
with the OS/400 FTP server.
|
|
|
|
- Fixed an ftp_readresp() bug preventing detection of failing control socket
|
|
and causing FTP client to loop forever.
|
|
|
|
Daniel Stenberg (24 Aug 2009)
|
|
- Marc de Bruin pointed out that configure --with-gnutls=PATH didn't work
|
|
properly and provided a fix. http://curl.haxx.se/bug/view.cgi?id=2843008
|
|
|
|
- Eric Wong introduced support for the new option -T. (dot) that makes curl
|
|
read stdin in a non-blocking fashion. This also brings back -T- (minus) to
|
|
the previous blocking behavior since it could break stuff for people at
|
|
times.
|
|
|
|
Michal Marek (21 Aug 2009)
|
|
- With CURLOPT_PROXY_TRANSFER_MODE, avoid sending invalid URLs like
|
|
ftp://example.com;type=i if the user specified ftp://example.com without the
|
|
slash.
|
|
|
|
Daniel Stenberg (21 Aug 2009)
|
|
- Andre Guibert de Bruet pointed out a missing return code check for a
|
|
strdup() that could lead to segfault if it returned NULL. I extended his
|
|
suggest patch to now have Curl_retry_request() return a regular return code
|
|
and better check that.
|
|
|
|
- Lots of good work by Krister Johansen, mostly related to pipelining:
|
|
|
|
Fix SIGSEGV on free'd easy_conn when pipe unexpectedly breaks
|
|
Fix data corruption issue with re-connected transfers
|
|
Fix use after free if we're completed but easy_conn not NULL
|
|
|
|
Kamil Dudka (13 Aug 2009)
|
|
- Changed NSS code to not ignore the value of ssl.verifyhost and produce more
|
|
verbose error messages. Originally reported at:
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=516056
|
|
|
|
Daniel Stenberg (12 Aug 2009)
|
|
- Karl Moerder fixed the Makefile.vc* makefiles to include the new file
|
|
nonblock.c so that they work fine again
|
|
|
|
- I expanded test 517 with a bunch of more dates that originate from the
|
|
Chrome browser test suite. It turns out most of them get parsed the same
|
|
way.
|
|
|
|
Version 7.19.6 (12 August 2009)
|
|
|
|
Daniel Stenberg (12 Aug 2009)
|
|
- Carsten Lange reported a bug and provided a patch for TFTP upload and the
|
|
sending of the TSIZE option. I don't like fixing bugs just hours before
|
|
a release, but since it was broken and the patch fixes this for him I decided
|
|
to get it in anyway.
|
|
|
|
Daniel Stenberg (11 Aug 2009)
|
|
- Peter Sylvester made the HTTPS test server use specific certificates for
|
|
each test, so that the test suite can now be used to actually test the
|
|
verification of cert names etc. This made an error show up in the OpenSSL-
|
|
specific code where it would attempt to match the CN field even if a
|
|
subjectAltName exists that doesn't match. This is now fixed and verified
|
|
in test 311.
|
|
|
|
- Benbuck Nason posted the bug report #2835196
|
|
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
|
|
warnings when mixing ints and bools.
|
|
|
|
Daniel Fandrich (10 Aug 2009)
|
|
- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.
|
|
|
|
Daniel Fandrich (9 Aug 2009)
|
|
- Fixed some memory leaks in the command-line tool that caused most of the
|
|
torture tests to fail.
|
|
|
|
Daniel Stenberg (2 Aug 2009)
|
|
- Curt Bogmine reported a problem with SNI enabled on a particular server. We
|
|
should introduce an option to disable SNI, but as we're in feature freeze
|
|
now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
|
|
shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
|
|
Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
|
|
option for SNI, or are we simply not using it?
|
|
|
|
Daniel Stenberg (1 Aug 2009)
|
|
- Scott Cantor posted the bug report #2829955
|
|
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
|
|
verification flaw found and exploited by Moxie Marlinspike. The presentation
|
|
he did at Black Hat is available here:
|
|
https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
|
|
|
|
Apparently at least one CA allowed a subjectAltName or CN that contain a
|
|
zero byte, and thus clients that assumed they would never have zero bytes
|
|
were exploited to OK a certificate that didn't actually match the site. Like
|
|
if the name in the cert was "example.com\0theatualsite.com", libcurl would
|
|
happily verify that cert for example.com.
|
|
|
|
libcurl now better uses the length of the extracted name, not using the zero
|
|
termination for getting the string length.
|
|
|
|
This fixing only made and needed in OpenSSL interfacing code.
|
|
|
|
- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
|
|
only in some OpenSSL installs - like on Windows) isn't thread-safe and we
|
|
agreed that moving it to the global_init() function is a decent way to deal
|
|
with this situation.
|
|
|
|
- Alexander Beedie provided the patch for a noproxy problem: If I have set
|
|
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
|
|
could still end up using a proxy if a proxy environment variable was set.
|
|
|
|
Daniel Stenberg (27 Jul 2009)
|
|
- All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
|
|
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
|
|
send when using FTP, as a sign that libcurl shall simply ignore the response
|
|
from the server instead of treating it as an error. Not treating a 400+ FTP
|
|
response code as an error means that failed commands will not abort the
|
|
chain of commands, nor will they cause the connection to get disconnected.
|
|
|
|
Daniel Stenberg (26 Jul 2009)
|
|
- Johan van Selst posted bug report #2825989
|
|
(http://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
|
|
OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
|
|
provided the solution too: to use OpenSSL_add_all_algorithms() in addition
|
|
to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
|
|
OpenSSL 0.9.5
|
|
|
|
Daniel Stenberg (23 Jul 2009)
|
|
- Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
|
|
They introduce known_host support for SSH keys to libcurl. See docs for
|
|
details. Note that this feature depends on a new enough libssh2 version, to
|
|
be supported in libssh2 1.2 and later (or current git repo at this time).
|
|
|
|
Michal Marek (22 Jul 2009)
|
|
- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
|
|
(https://bugzilla.novell.com/523919). When looking at the code, I found that
|
|
also the ptr pointer can leak.
|
|
|
|
Kamil Dudka (20 Jul 2009)
|
|
- Claes Jakobsson improved the support for client certificates handling in
|
|
NSS-powered libcurl. Now the client certificates can be selected
|
|
automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
|
|
slots is no more performed. It used to cause problems with HW tokens.
|
|
|
|
- Fixed reference counting for NSS client certificates. Now the PEM reader
|
|
module should be always properly unloaded on Curl_nss_cleanup(). If the
|
|
unload fails though, libcurl will try to reuse the already loaded instance.
|
|
|
|
Daniel Fandrich (15 Jul 2009)
|
|
- Added nonblock.c to the non-automake makefiles (note that the dependencies
|
|
in the Watcom makefiles aren't quite correct).
|
|
|
|
Michal Marek (15 Jul 2009)
|
|
- Changed the description of CURLINFO_OS_ERRNO to make it clear that the
|
|
errno is not reset on success.
|
|
|
|
Guenter Knauf (14 Jul 2009)
|
|
- renamed generated config.h to curl_config.h to avoid any future clashes
|
|
with config.h from other projects.
|
|
|
|
Daniel Stenberg (9 Jul 2009)
|
|
- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
|
|
setting a file descriptor non-blocking. Used by the functionality Eric
|
|
himself brough on June 15th.
|
|
|
|
Daniel Stenberg (8 Jul 2009)
|
|
- Constantine Sapuntzakis posted bug report #2813123
|
|
(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
|
|
problem:
|
|
|
|
Url A is accessed using auth. Url A redirects to Url B (on a different
|
|
server0. Url B reuses a persistent connection. Url B has auth, even though
|
|
it's on a different server.
|
|
|
|
Note: if Url B does not reuse a persistent connection, auth is not sent.
|
|
|
|
reason:
|
|
|
|
data->state.first_host is not initialized becuase Curl_http_connect is not
|
|
called when a connection is reused.
|
|
|
|
Solution:
|
|
|
|
move initialization of data->state.first_host to Curl_http. No code before
|
|
Curl_http uses data->state.first_host anyway.
|
|
|
|
Guenter Knauf (4 Jul 2009)
|
|
- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
|
|
couple of both IPv4 and IPv6 autobuilds.
|
|
|
|
Daniel Stenberg (29 Jun 2009)
|
|
- Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
|
|
range if given colon-separated after the host name/address part. Like
|
|
"192.168.0.1:2000-10000"
|
|
|
|
- Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
|
|
don't know how they got wrong in the first place, but using this output
|
|
format makes it possible to quite easily separate the string into an array
|
|
of multiple items.
|
|
|
|
Daniel Fandrich (16 June 2009)
|
|
- Added a few more compiler warning options for gcc.
|
|
|
|
Daniel Stenberg (16 Jun 2009)
|
|
- Reuven Wachtfogel made curl -o - properly produce a binary output on windows
|
|
(no newline translations). Use -B/--use-ascii if you rather get the ascii
|
|
approach.
|
|
|
|
Michal Marek (16 Jun 2009)
|
|
- When doing non-anonymous ftp via http proxies and the password is not
|
|
provided in the url, add it there (squid needs this).
|
|
|
|
Daniel Stenberg (15 Jun 2009)
|
|
- Eric Wong's patch:
|
|
|
|
This allows curl(1) to be used as a client-side tunnel for arbitrary stream
|
|
protocols by abusing chunked transfer encoding in both the HTTP request and
|
|
HTTP response. This requires server support for sending a response while a
|
|
request is still being read, of course.
|
|
|
|
If attempting to read from stdin returns EAGAIN, then we pause our sender.
|
|
This leaves curl to attempt to read from the socket while reading from stdin
|
|
(and thus sending) is paused.
|
|
|
|
This change was needed to allow successfully tunneling the git protocol over
|
|
HTTP (--no-buffer is needed, as well).
|
|
|
|
Patrick Monnerat (15 Jun 2009)
|
|
- Replaced use of standard C library rand()/srand() by our own pseudo-random
|
|
number generator.
|
|
|
|
Yang Tse (11 Jun 2009)
|
|
- I adapted testcurl script to allow building test harness programs when
|
|
cross-compiling for a *-*-mingw* host.
|
|
|
|
Daniel Stenberg (10 Jun 2009)
|
|
- Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
|
|
contributed a range of patches to fix them.
|
|
|
|
Yang Tse (10 Jun 2009)
|
|
- I introduced configure script option --enable-curldebug which now allows
|
|
the decoupled enabling or disabling of the curl debug memory tracking
|
|
feature from the --enable-debug option which no longer controls this.
|
|
|
|
curl --version will list 'Debug' feature for debug enabled builds, and
|
|
will list 'TrackMemory' feature for curl debug memory tracking capable
|
|
builds. These features are independent and can be controlled when running
|
|
the configure script. When --enable-debug is given both features will be
|
|
enabled, unless some restriction prevents memory tracking from being used.
|
|
|
|
Internally, definition of preprocessor symbol DEBUGBUILD restricts code
|
|
which is only compiled for debug enabled builds. And symbol CURLDEBUG is
|
|
used to differentiate code which is _only_ used for memory tracking.
|
|
|
|
Yang Tse (9 Jun 2009)
|
|
- Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
|
|
initializing the fread callback pointer and this triggered a compiler
|
|
warning, also provided a friendly suggestion on how to fix it.
|
|
|
|
Daniel Stenberg (8 Jun 2009)
|
|
- Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
|
|
issue with client certs that caused issues like segfaults.
|
|
http://curl.haxx.se/mail/lib-2009-05/0316.html
|
|
|
|
- Triggered by bug report #2798852 and the patch in there, I fixed configure
|
|
to detect gnutls build options with pkg-config only and not libgnutls-config
|
|
anymore since GnuTLS has stopped distributing that tool. If an explicit path
|
|
is given to configure, we will instead guess on how to link and use that
|
|
lib. I did not use the patch from the bug report.
|
|
|
|
Yang Tse (8 Jun 2009)
|
|
- Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
|
|
included from Makefile.inc, and provided docs\INSTALL VxWorks section.
|
|
|
|
- I removed buildconf.bat from release and daily snapshot archives. This
|
|
file is only for CVS tree checkout builds.
|
|
|
|
Daniel Stenberg (8 Jun 2009)
|
|
- Eric Wong fixed --no-buffer to actually switch off output buffering. Been
|
|
broken since 7.19.0
|
|
|
|
Bill Hoffman (6 Jun 2009)
|
|
- Added some cmake docs and fixed socklen_t in the build.
|
|
|
|
Yang Tse (5 Jun 2009)
|
|
- John E. Malmberg provided VMS specific patch: "This fixes an existing bug
|
|
in urlglob.c where it was not converting the Curl Unix exit code to a VMS
|
|
DCL compatible exit code. This fix required the enhancement described next.
|
|
This also adds an enhancement to main.c so that when curl is run under a
|
|
Unix shell like Bash on VMS, it will return the standard Unix exit codes
|
|
and messages." And another patch for docs/examples.
|
|
|
|
I introduced os-specific.c and os-specific.h for use in curl tool code
|
|
and adjusted John E. Malmberg's patch placement to use these new files
|
|
as an effort to prevent main.c from growing ad infinitum. Code already
|
|
existing in main.c which is OS specific should be moved into these files.
|
|
|
|
Daniel Stenberg (4 June 2009)
|
|
- Setting the Content-Length: header from your app when you do a POST or PUT
|
|
is almost always a VERY BAD IDEA. Yet there are still apps out there doing
|
|
this, and now recently it triggered a bug/side-effect in libcurl as when
|
|
libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
|
|
knows it will just get a 401/407 back. If the app then replaced the
|
|
Content-Length header, it caused the server to wait for input that libcurl
|
|
wouldn't send. Aaron Oneal reported this problem in bug report #2799008
|
|
(http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
|
|
|
|
Yang Tse (4 Jun 2009)
|
|
- Igor Novoseltsev provided patches and information, that after some
|
|
adjustments to better fit curl's way of doing things, have resulted
|
|
in the posibility of building libcurl for VxWorks.
|
|
|
|
Daniel Fandrich (2 June 2009)
|
|
- Checked in a Google Android make file. To use it, you must first
|
|
create a config.h file by running configure in the Android environment,
|
|
which doesn't seem to be easy to do. If no easy way can be found, a
|
|
static config-android.h may need to be created and checked in to the
|
|
libcurl source tree.
|
|
|
|
Daniel Stenberg (1 June 2009)
|
|
- Claes Jakobsson fixed the configure script to better find and use NSS
|
|
without pkg-config.
|
|
|
|
Yang Tse (1 Jun 2009)
|
|
- John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
|
|
out that the configure script was failing to detect the timeval struct on
|
|
VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
|
|
taking place in socket.h instead of time.h. I have adjusted configure
|
|
script to also include this header when checking struct timeval.
|
|
|
|
Daniel Stenberg (27 May 2009)
|
|
- Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
|
|
fine with Nokia 5th edition 1.0 SDK for Symbian.
|
|
|
|
- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
|
|
for a failure properly.
|
|
|
|
- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
|
|
the auth credentials back in 7.19.0 and earlier while now you have to set ""
|
|
to get the same effect. His patch brings back the ability to use NULL.
|
|
|
|
- Claes Jakobsson fixed libcurl-NSS to build fine even without the
|
|
PK11_CreateGenericObject() function.
|
|
|
|
Daniel Stenberg (25 May 2009)
|
|
- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
|
|
out that the cookie parser would leak memory when it parses cookies that are
|
|
received with domain, path etc set multiple times in the same header. While
|
|
such a cookie is questionable, they occur in the wild and libcurl no longer
|
|
leaks memory for them. I added such a header to test case 8.
|
|
|
|
Daniel Fandrich (22 May 2009)
|
|
- Removed some obsolete digest code that caused a valgrind error in test 551.
|
|
|
|
Daniel Fandrich (20 May 2009)
|
|
- Added "non-existing host" test keywords to make it easy to skip those
|
|
tests on machines that have broken DNS configurations (such as
|
|
those configured to use OpenDNS).
|
|
|
|
Daniel Stenberg (19 May 2009)
|
|
- Kamil Dudka brought the patch from the Redhat bug entry
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
|
|
a bad file descriptor when closing down the FTP data connection. Caolan
|
|
McNamara seems to be the original author of it.
|
|
|
|
Version 7.19.5 (18 May 2009)
|
|
|
|
Daniel Stenberg (17 May 2009)
|
|
- James Bursa posted a patch to the mailing list that fixed a problem with
|
|
no_proxy which made it not skip the proxy if the URL entered contained a
|
|
user name. I added test case 1101 to verify.
|
|
|
|
Daniel Stenberg (11 May 2009)
|
|
- Balint Szilakszi reported a memory leak when libcurl did gzip decompression
|
|
of streams that had some parts (legitimately) missing. We now provide and use
|
|
a proper cleanup function for the content encoding submodule.
|
|
http://curl.haxx.se/mail/lib-2009-05/0092.html
|
|
|
|
- Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
|
|
at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12
|
|
|
|
If an incorrect password is given while loading a private key, libcurl ends
|
|
up in an infinite loop consuming memory. The bug is critical.
|
|
|
|
- I fixed the problem with doing NTLM, POST and then following a 302 redirect,
|
|
as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
|
|
curl-library). The transfer was mistakenly marked to get more data to send
|
|
but since it didn't actually have that, it just hung there...
|
|
|
|
Daniel Stenberg (10 May 2009)
|
|
- Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
|
|
byte in the digest code.
|
|
|
|
Yang Tse (9 May 2009)
|
|
- Removed DOS and TPF package's subdirectory Makefile.am, it was only used
|
|
to include some files in the distribution tarball serving no other purpose.
|
|
Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST
|
|
of the Makefile in the parent subdirectory.
|
|
|
|
Yang Tse (8 May 2009)
|
|
- Changed host name literal in several tests to one under the haxx.se domain.
|
|
|
|
- Renamed vc6 workspace and project files to avoid filename clash when used
|
|
for conversion to later VS versions.
|
|
|
|
Daniel Stenberg (8 May 2009)
|
|
- Constantine Sapuntzakis fixed bug report #2784055
|
|
(http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
|
|
connect to SOCKS proxies when using the multi interface. It turned out to
|
|
almost not work at all previously. We need to wait for the TCP connect to
|
|
be properly verified before doing the SOCKS magic.
|
|
|
|
There's still a flaw in the FTP code for this.
|
|
|
|
Daniel Stenberg (7 May 2009)
|
|
- Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
|
|
well. See change 28 Apr 2009.
|
|
|
|
Yang Tse (7 May 2009)
|
|
- Fixed an issue affecting FTP transfers, introduced with the transfer.c
|
|
patch committed May 4.
|
|
|
|
Daniel Stenberg (7 May 2009)
|
|
- Man page *roff problems fixed thanks to input from Colin Watson. Problems
|
|
reported in the Debian package.
|
|
|
|
- Vijay G filed bug report #2723236
|
|
(http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
|
|
libcurl's TFTP code and its lack of dealing with the OACK packet.
|
|
|
|
Yang Tse (5 May 2009)
|
|
- Fixed the --ftp-port address of test #251 to the CLIENTIP address, and
|
|
reverted the change affecting test suite harness committed 4 May.
|
|
|
|
Daniel Stenberg (5 May 2009)
|
|
- Inspired by Michael Smith's session id fix for OpenSSL, I did the
|
|
corresponding fix in the GnuTLS code: make sure to store the new session id
|
|
in case the previous re-used one is rejected.
|
|
|
|
Daniel Stenberg (4 May 2009)
|
|
- Michael Smith posted bug report #2786255
|
|
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
|
|
libcurl did not deal with SSL session ids properly if the server rejected a
|
|
re-use of one. Starting now, it will forget the rejected one and remember
|
|
the new. This change was for OpenSSL only, it is likely that other SSL lib
|
|
code needs similar fixes.
|
|
|
|
Yang Tse (4 May 2009)
|
|
- Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
|
|
non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
|
|
1) On non-ASCII platforms not all of the protocol portions of the PUT are
|
|
being translated to ASCII. 2) On all platforms the line endings of part of
|
|
the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or
|
|
data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV).
|
|
|
|
- Applied David McCreedy's patch to fix test suite harness to allow test FTP
|
|
server and client on different machines, providing FTP client address when
|
|
running the FTP test server.
|
|
|
|
Daniel Fandrich (3 May 2009)
|
|
- Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug
|
|
report failed to mention that a proxy must be used to reproduce it.
|
|
|
|
Yang Tse (2 May 2009)
|
|
- Use a build-time configured curl_socklen_t data type instead of socklen_t.
|
|
|
|
Yang Tse (1 May 2009)
|
|
- Applied David McCreedy's patches "TPF-platform specific changes to various
|
|
files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the
|
|
former with minor edits.
|
|
|
|
Daniel Stenberg (30 Apr 2009)
|
|
- I was going to fix issue #59 in KNOWN_BUGS
|
|
|
|
If the CURLOPT_PORT option is used on an FTP URL like
|
|
"ftp://example.com/file;type=A" the ";type=A" is stripped off.
|
|
|
|
I added test case 562 to verify, only to find out that I couldn't repeat
|
|
this bug so I hereby consider it not a bug anymore!
|
|
|
|
Daniel Stenberg (29 Apr 2009)
|
|
- Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
|
|
I've now made TFTP "connections" not being kept for re-use within libcurl.
|
|
TFTP is UDP-based so the benefit was really low (if even existing) to begin
|
|
with so instead of tracking down to fix this problem we instead removed the
|
|
re-use. I also enabled test case 1099 that I wrote a few days ago to verify
|
|
that this change fixes the reported problem.
|
|
|
|
Daniel Stenberg (28 Apr 2009)
|
|
- Constantine Sapuntzakis filed bug report #2783090
|
|
(http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
|
|
we need to grow the SO_SNDBUF buffer somewhat to get really good upload
|
|
speeds. http://support.microsoft.com/kb/823764 has the details. Friends
|
|
confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
|
|
|
|
- Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
|
|
Chen pointed out how curl couldn't upload with resume when reading from a
|
|
pipe.
|
|
|
|
This ended up with the introduction of a new return code for the
|
|
CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
|
|
that libcurl may try to resolve the situation anyway. In our case this means
|
|
libcurl will attempt to instead read that much data from the stream instead
|
|
of seeking and that way curl can now upload with resume when data is read
|
|
from a stream!
|
|
|
|
Daniel Stenberg (26 Apr 2009)
|
|
- Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
|
|
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
|
|
interface and provided a patch that fixed the problem!
|
|
|
|
Daniel Stenberg (24 Apr 2009)
|
|
- Kamil Dudka fixed another NSS-related leak when client certs were used.
|
|
|
|
- Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer
|
|
Koenig pointed out that the man page didn't tell that the *_proxy
|
|
environment variables can be specified lower case or UPPER CASE and the
|
|
lower case takes precedence,
|
|
|
|
Daniel Fandrich (21 Apr 2009)
|
|
- Added new libcurl source files to Amiga, RiscOS and VC6 build files.
|
|
|
|
Yang Tse (21 Apr 2009)
|
|
- Moved potential inclusion of system's malloc.h and memory.h header files to
|
|
setup_once.h. Inclusion of each header file is based on the definition of
|
|
NEED_MALLOC_H and NEED_MEMORY_H respectively.
|
|
|
|
Renamed libcurl's memory.h to curl_memory.h
|
|
|
|
Daniel Stenberg (20 Apr 2009)
|
|
- Leanic Lefever reported a crash and did some detailed research on why and
|
|
how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
|
|
conclusion was that if an error is detected and Curl_done() is called for
|
|
the connection, ftp_done() could at times return another error code that
|
|
then would take precedence and that new code confused existing logic that
|
|
works for the first error code (CURLE_SEND_ERROR) only.
|
|
|
|
- Gisle Vanem noticed that --libtool would produce bogus strings at times for
|
|
OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
|
|
within the app for setting plain string options to avoid the risk of this
|
|
mistake happening.
|
|
|
|
Daniel Stenberg (17 Apr 2009)
|
|
- Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
|
|
proxy. libcurl would then wrongly close the connection after each
|
|
request. In his case it had the weird side-effect that it killed NTLM auth
|
|
for the proxy causing an inifinite loop!
|
|
|
|
I added test case 1098 to verify this fix. The test case does however not
|
|
properly verify that the transfers are done persistently - as I couldn't
|
|
think of a clever way to achieve it right now - but you need to read the
|
|
stderr output after a test run to see that it truly did the right thing.
|
|
|
|
Daniel Stenberg (13 Apr 2009)
|
|
- bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
|
|
Storsjö pointed out how setting CURLOPT_NOBODY to 0 could be downright
|
|
confusing as it set the method to either GET or HEAD. The example he showed
|
|
looked like:
|
|
|
|
curl_easy_setopt(curl, CURLOPT_PUT, 1);
|
|
curl_easy_setopt(curl, CURLOPT_NOBODY, 0);
|
|
|
|
The new way doesn't alter the method until the request is about to start. If
|
|
CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
|
|
0 and the request happens to have been set to HEAD, it will then instead be
|
|
set to GET. I believe this will be less surprising to users, and hopefully
|
|
not hit any existing users badly.
|
|
|
|
- Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
|
|
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
|
|
is found in Redhat's bug tracker:
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=453612
|
|
|
|
There are still memory leaks present, but they seem to have other reasons.
|
|
|
|
Daniel Fandrich (11 Apr 2009)
|
|
- Added new libcurl source files to Symbian OS build files.
|
|
- Improved Symbian support for SSL.
|
|
|
|
Yang Tse (10 Apr 2009)
|
|
- Daniel Johnson improved the MacOSX-Framework shell script to now perform all
|
|
the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
|
|
libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later.
|
|
|
|
Yang Tse (8 Apr 2009)
|
|
- Removed Sun compilers preprocessor block from curlbuild.h.dist, this also
|
|
removes it from the curlbuild.h file originally distributed by the cURL
|
|
project as this file is intended for systems not capable of running the
|
|
configure script. For those who have been building curl out of the source
|
|
code curl distribution tarball provided by curl.haxx.se the change implies
|
|
nothing. Previous change in this area committed 2 Apr becomes irrelevant.
|
|
|
|
Daniel Stenberg (6 Apr 2009)
|
|
- I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success
|
|
and 1 on fatal errors. Previously it only mentioned non-zero on fatal
|
|
errors. This is a slight change in meaning, but it follows what we've done
|
|
elsewhere before and it opens up for LOTS of more useful return codes
|
|
whenever we can think of them...
|
|
|
|
Yang Tse (2 Apr 2009)
|
|
- Fix curl_off_t definition for builds done using Sun compilers and a
|
|
non-configured libcurl. In this case curl_off_t data type was gated
|
|
to the off_t data type which depends on the _FILE_OFFSET_BITS. This
|
|
configuration is exactly the unwanted configuration for our curl_off_t
|
|
data type which must not depend on such setting. This breaks ABI for
|
|
libcurl libraries built with Sun compilers which were built without
|
|
having run the configure script with _FILE_OFFSET_BITS different than
|
|
64 and using the ILP32 data model.
|
|
|
|
Daniel Stenberg (1 Apr 2009)
|
|
- Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
|
|
strdup() call failed.
|
|
|
|
Daniel Fandrich (31 Mar 2009)
|
|
- Properly return an error code in curl_easy_recv (reported by Jim Freeman).
|
|
|
|
Daniel Stenberg (18 Mar 2009)
|
|
- Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
|
|
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
|
|
explicitly.
|
|
|
|
Daniel Stenberg (13 Mar 2009)
|
|
- Use libssh2_version() to present the libssh2 version in case the libssh2
|
|
library is found to support it.
|
|
|
|
Yang Tse (12 Mar 2009)
|
|
- Added missing Curl_read() return code checking in TELNET transfers.
|
|
|
|
- Pierre Brico found and fixed TELNET transfers not being aborted upon
|
|
a write callback failure.
|
|
|
|
Daniel Stenberg (11 Mar 2009)
|
|
- Kamil Dudka made the curl tool properly call curl_global_init() before any
|
|
other libcurl function.
|
|
|
|
Yang Tse (11 Mar 2009)
|
|
- Added missing TELNET timeout support for Windows builds. This issue was
|
|
reported by Pierre Brico.
|
|
|
|
Daniel Stenberg (9 Mar 2009)
|
|
- Frank Hempel found out a bug and provided the fix:
|
|
|
|
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
|
|
option. It only enabled the cookie engine in the destination handle if
|
|
data->cookies is not NULL (where data is the source handle). In case of a
|
|
newly initialized handle which just had the cookie support enabled by a
|
|
curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
|
|
still NULL because the setopt-call only appends the value to
|
|
data->change.cookielist, hence duplicating this handle would not have the
|
|
cookie engine switched on.
|
|
|
|
We also concluded that the slist-functionality would be suitable for being
|
|
put in its own module rather than simply hanging out in lib/sendf.c so I
|
|
created lib/slist.[ch] for them.
|
|
|
|
- Andreas Farber made the 'buildconf' script check for the presence of m4
|
|
scripts to make it detect a bad checkout earlier. People with older
|
|
checkouts who don't do cvs update with the -d option won't get the new dirs
|
|
and then will get funny outputs that can be a bit hard to understand and
|
|
fix.
|
|
|
|
Daniel Stenberg (8 Mar 2009)
|
|
- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
|
|
allocation of the memory BIO was not being properly checked.
|
|
|
|
- Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
|
|
in the gnutls code where we were checking for negative values for errors,
|
|
when the man pages state that GNUTLS_E_SUCCESS is returned on success and
|
|
other values indicate error conditions.
|
|
|
|
- Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that
|
|
curl didn't use sprintf() in a way that is documented to work in POSIX but
|
|
since we use our own printf() code (from libcurl) that shouldn't be a
|
|
problem. Nonetheless I modified the code to not rely on such particular
|
|
features and to not cause further raised eyebrowse with no good reason.
|
|
|
|
Daniel Fandrich (5 Mar 2009)
|
|
- Expanded the security section of the libcurl-tutorial man page to cover
|
|
more issues for authors to consider when writing robust libcurl-using
|
|
applications.
|
|
|
|
Yang Tse (5 Mar 2009)
|
|
- Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This
|
|
issue was noticed by Chris Deidun.
|
|
|
|
Daniel Fandrich (4 Mar 2009)
|
|
- Fixed a problem with m4 quoting in the OpenSSL configure check reported
|
|
by Daniel Johnson.
|
|
|
|
Daniel Stenberg (3 Mar 2009)
|
|
- David James brought a patch that make libcurl close (all) dead connections
|
|
whenever you attempt to open a new connection.
|
|
|
|
1. After cleaning up a dead connection, "continue" instead of
|
|
returning FALSE. This ensures that we clean up all dead connections,
|
|
rather than just cleaning up the first dead connection.
|
|
2. Move up the cleanup for dead connections so that it occurs for
|
|
all connections, rather than just the connections which have the same
|
|
preferences as our current new connection.
|
|
|
|
Version 7.19.4 (3 March 2009)
|
|
|
|
Daniel Stenberg (3 Mar 2009)
|
|
- David Kierznowski notified us about a security flaw
|
|
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
|
|
which previous libcurl versions (by design) can be tricked to access an
|
|
arbitrary local/different file instead of a remote one when
|
|
CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
|
|
together this the addition of two new setopt options for controlling this
|
|
new behavior:
|
|
|
|
o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
|
|
follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
|
|
excludes the FILE and SCP protocols and thus you nee to explicitly allow
|
|
them in your app if you really want that behavior.
|
|
|
|
o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
|
|
using the primary URL option. This is useful if you want to allow a user or
|
|
other outsiders control what URL to pass to libcurl and yet not allow all
|
|
protocols libcurl may have been built to support.
|
|
|
|
Daniel Stenberg (27 Feb 2009)
|
|
- Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and
|
|
CURLOPT_LOCALPORT were used together (the local port bind failed), and
|
|
Markus Koetter provided the fix!
|
|
|
|
Daniel Stenberg (25 Feb 2009)
|
|
- As Daniel Fandrich figured out, we must do the GnuTLS initing in the
|
|
curl_global_init() function to properly maintain the performing functions
|
|
thread-safe. We've previously (28 April 2007) moved the init to a later time
|
|
just to avoid it to fail very early when libgcrypt dislikes the situation,
|
|
but that move was bad and the fix should rather be in libgcrypt or
|
|
elsewhere.
|
|
|
|
Daniel Stenberg (24 Feb 2009)
|
|
- Brian J. Murrell found out that Negotiate proxy authentication didn't work.
|
|
It happened because the code used the struct for server-based auth all the
|
|
time for both proxy and server auth which of course was wrong.
|
|
|
|
Daniel Stenberg (23 Feb 2009)
|
|
- After a bug reported by James Cheng I've made curl_easy_getinfo() for
|
|
CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
|
|
-1 if the sizes aren't know. Previously these returned 0, make it impossible
|
|
to detect the difference between actually zero and unknown.
|
|
|
|
Yang Tse (23 Feb 2009)
|
|
- Daniel Johnson provided a shell script that will perform all the steps needed
|
|
to build a Mac OS X fat ppc/i386 or ppc64/x86_64 libcurl.framework
|
|
|
|
Daniel Stenberg (23 Feb 2009)
|
|
- I renamed everything in the windows builds files that used the name 'curllib'
|
|
to the proper 'libcurl' as clearly this caused confusion.
|
|
|
|
Yang Tse (20 Feb 2009)
|
|
- Do not halt compilation when using VS2008 to build a Windows 2000 target.
|
|
|
|
Daniel Stenberg (20 Feb 2009)
|
|
- Linus Nielsen Feltzing reported and helped me repeat and fix a problem with
|
|
FTP with the multi interface: when a transfer fails, like when aborted by a
|
|
write callback, the control connection was wrongly closed and thus not
|
|
re-used properly.
|
|
|
|
This change is also an attempt to cleanup the code somewhat in this area, as
|
|
now the FTP code attempts to keep (better) track on pending responses
|
|
necessary to get read in ftp_done().
|
|
|
|
Daniel Stenberg (19 Feb 2009)
|
|
- Patrik Thunstrom reported a problem and helped me repeat it. It turned out
|
|
libcurl did a superfluous 1000ms wait when doing SFTP downloads!
|
|
|
|
We read data with libssh2 while doing the "DO" operation for SFTP and then
|
|
when we were about to start getting data for the actual file part, the
|
|
"TRANSFER" part, we waited for socket action (in 1000ms) before doing a
|
|
libssh2-read. But in this case libssh2 had already read and buffered the
|
|
data so we ended up always just waiting 1000ms before we get working on the
|
|
data!
|
|
|
|
Patrick Monnerat (18 Feb 2009)
|
|
- FTP downloads (i.e.: RETR) ending with code 550 now return error
|
|
CURLE_REMOTE_FILE_NOT_FOUND instead of CURLE_FTP_COULDNT_RETR_FILE.
|
|
|
|
Daniel Stenberg (17 Feb 2009)
|
|
- Kamil Dudka made NSS-powered builds compile and run again!
|
|
|
|
- A second follow-up change by Andre Guibert de Bruet to fix a related memory
|
|
leak like that fixed on the 14th. When zlib returns failure, we need to
|
|
cleanup properly before returning error.
|
|
|
|
- CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
|
|
plain FTP connections, and it will then allow MKD to fail once and retry the
|
|
CWD afterwards. This is especially useful if you're doing many simultanoes
|
|
connections against the same server and they all have this option enabled,
|
|
as then CWD may first fail but then another connection does MKD before this
|
|
connection and thus MKD fails but trying CWD works! The numbers can
|
|
(should?) now be set with the convenience enums now called
|
|
CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.
|
|
|
|
Tests has proven that if you're making an application that uploads a set of
|
|
files to an ftp server, you will get a noticable gain in speed if you're
|
|
using multiple connections and this option will be then be very useful.
|
|
|
|
Daniel Stenberg (14 Feb 2009)
|
|
- Andre Guibert de Bruet found and fixed a memory leak in the content encoding
|
|
code, which could happen on libz errors.
|
|
|
|
Daniel Fandrich (12 Feb 2009)
|
|
- Added support for Digest and NTLM authentication using GnuTLS.
|
|
|
|
Daniel Stenberg (11 Feb 2009)
|
|
- CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
|
|
the condition in the previous request was unmet. This is typically a time
|
|
condition set with CURLOPT_TIMECONDITION and was previously not possible to
|
|
reliably figure out. From bug report #2565128
|
|
(http://curl.haxx.se/bug/view.cgi?id=2565128) filed by Jocelyn Jaubert.
|
|
|
|
Daniel Fandrich (4 Feb 2009)
|
|
- Don't add the standard /usr/lib or /usr/include paths to LDFLAGS and CPPFLAGS
|
|
(respectively) when --with-ssl=/usr is used (patch based on FreeBSD).
|
|
|
|
- Added an explicit buffer limit check in msdosify() (patch based on FreeBSD).
|
|
This couldn't ever overflow in curl, but might if the code were used
|
|
elsewhere or under different conditions.
|
|
|
|
Daniel Stenberg (3 Feb 2009)
|
|
- Hidemoto Nakada provided a small fix that makes it possible to get the
|
|
CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
|
|
CURLOPT_NOBODY set true.
|
|
|
|
Daniel Stenberg (2 Feb 2009)
|
|
- Patrick Scott found a rather large memory leak when using the multi
|
|
interface and setting CURLMOPT_MAXCONNECTS to something less than the number
|
|
of handles you add to the multi handle. All the connections that didn't fit
|
|
in the cache would not be properly disconnected nor freed!
|
|
|
|
- Craig A West brought us: libcurl now defaults to do CONNECT with HTTP
|
|
version 1.1 instead of 1.0 like before. This change also introduces the new
|
|
proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to
|
|
switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0
|
|
option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0.
|
|
|
|
I updated all test cases cases that use CONNECT and I tried to do some using
|
|
--proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
|
|
|
|
Daniel Stenberg (31 Jan 2009)
|
|
- When building with c-ares 1.6.1 (not yet released) or later and IPv6 support
|
|
enabled, we can now take advantage of its brand new AF_UNSPEC support in
|
|
ares_gethostbyname(). This makes test case 241 finally run fine for me with
|
|
this setup since it now parses the "::1 ip6-localhost" line fine in my
|
|
/etc/hosts file!
|
|
|
|
Daniel Stenberg (30 Jan 2009)
|
|
- Scott Cantor filed bug report #2550061
|
|
(http://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to
|
|
properly make sure that the VC9 makefiles got included in the latest
|
|
release. I've now fixed the release script and verified it so next release
|
|
will hopefully include them properly!
|
|
|
|
Daniel Fandrich (30 Jan 2009)
|
|
- Fixed --disable-proxy for FTP and SOCKS. Thanks to Daniel Egger for
|
|
reporting.
|
|
|
|
Yang Tse (29 Jan 2009)
|
|
- Introduced curl_sspi.c and curl_sspi.h for the implementation of functions
|
|
Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were
|
|
named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c
|
|
Also adjusted socks_sspi.c to remove the link-time dependency on the Windows
|
|
SSPI library using it now in the same way as it was done in http_ntlm.c.
|
|
|
|
Daniel Stenberg (28 Jan 2009)
|
|
- Markus Moeller introduced two new options to libcurl:
|
|
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
|
|
to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
|
|
options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
|
|
these.
|
|
|
|
Daniel Stenberg (26 Jan 2009)
|
|
- Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
|
|
to set desired block size to use for TFTP transfers instead of the default
|
|
512 bytes.
|
|
|
|
- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
|
|
disable "rfc4507bis session ticket support". rfc4507bis was later turned
|
|
into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077
|
|
|
|
The enabled extension concerns the session management. I wonder how often
|
|
libcurl stops a connection and then resumes a TLS session. also, sending the
|
|
session data is some overhead. .I suggest that you just use your proposed
|
|
patch (which explicitly disables TICKET).
|
|
|
|
If someone writes an application with libcurl and openssl who wants to
|
|
enable the feature, one can do this in the SSL callback.
|
|
|
|
Sharad Gupta brought this to my attention. Peter Sylvester helped me decide
|
|
on the proper action.
|
|
|
|
- Alexey Borzov filed bug report #2535504
|
|
(http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with
|
|
quoted quotation marks in HTTP Digest headers didn't work. I've now added
|
|
test case 1095 that verifies my fix.
|
|
|
|
- Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
|
|
They basically offer the same thing the NO_PROXY environment variable only
|
|
offered previously: list a set of host names that shall not use the proxy
|
|
even if one is specified.
|
|
|
|
Daniel Fandrich (20 Jan 2009)
|
|
- Call setlocale() for libtest tests to test the effects of locale-induced
|
|
libc changes on libcurl.
|
|
|
|
- Fixed a couple more locale-dependent toupper conversions, mainly for
|
|
clarity. This does fix one problem that causes ;type=i FTP URLs
|
|
to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is
|
|
used (test case 561)
|
|
|
|
- Added tests 561 and 1091 through 1094 to test various combinations
|
|
of ;type= and ;mode= URLs that could potentially fail in the Turkish
|
|
locale.
|
|
|
|
Daniel Stenberg (20 Jan 2009)
|
|
- Lisa Xu pointed out that the ssh.obj file was missing from the
|
|
lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too).
|
|
|
|
Version 7.19.3 (19 January 2009)
|
|
|
|
Daniel Stenberg (16 Jan 2009)
|
|
- Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, both
|
|
32 bit and 64 bit.
|
|
|
|
Daniel Stenberg (15 Jan 2009)
|
|
- Tim Ansell fixed a compiler warning in lib/cookie.c
|
|
|
|
Daniel Stenberg (14 Jan 2009)
|
|
- Grant Erickson fixed timeouts for TFTP such that specifying a
|
|
connect-timeout, a max-time or both options work correctly and as expected
|
|
by passing the correct boolean value to Curl_timeleft via the
|
|
'duringconnect' parameter.
|
|
|
|
With this small change, curl TFTP now behaves as expected (and likely as
|
|
originally-designed):
|
|
|
|
1) For non-existent or unreachable dotted IP addresses:
|
|
|
|
a) With no options, follows the default curl 300s timeout...
|
|
b) With --connect-timeout only, follows that value...
|
|
c) With --max-time only, follows that value...
|
|
d) With both --connect-timeout and --max-time, follows the smaller value...
|
|
|
|
and times out with a "curl: (7) Couldn't connect to server" error.
|
|
|
|
2) For transfers to/from a valid host:
|
|
|
|
a) With no options, follows default curl 300s timeout for the
|
|
first XRQ/DATA/ACK transaction and the default TFTP 3600s
|
|
timeout for the remainder of the transfer...
|
|
|
|
b) With --connect-time only, follows that value for the
|
|
first XRQ/DATA/ACK transaction and the default TFTP 3600s
|
|
timeout for the remainder of the transfer...
|
|
|
|
c) With --max-time only, follows that value for the first
|
|
XRQ/DATA/ACK transaction and for the remainder of the
|
|
transfer...
|
|
|
|
d) With both --connect-timeout and --max-time, follows the former
|
|
for the first XRQ/DATA/ACK transaction and the latter for the
|
|
remainder of the transfer...
|
|
|
|
and times out with a "curl: (28) Timeout was reached" error as
|
|
appropriate.
|
|
|
|
Daniel Stenberg (13 Jan 2009)
|
|
- Michael Wallner fixed a NULL pointer deref when calling
|
|
curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no
|
|
cookies data.
|
|
|
|
- Stefan Teleman brought a patch to fix the default curlbuild.h file for the
|
|
SunPro compilers.
|
|
|
|
Daniel Stenberg (12 Jan 2009)
|
|
- Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665)
|
|
by Daniel Black, I've now added magic to the configure script that makes it
|
|
use pkg-config to detect gnutls details as well if the existing method
|
|
(using libgnutls-config) fails. While doing this, I cleaned up and unified
|
|
the pkg-config usage when detecting openssl and nss as well.
|
|
|
|
Daniel Stenberg (11 Jan 2009)
|
|
- Karl Moerder brought the patch that creates vc9 Makefiles, and I made
|
|
'maketgz' now use the actual makefile targets to do the VC8 and VC9
|
|
makefiles.
|
|
|
|
Daniel Stenberg (10 Jan 2009)
|
|
- Emil Romanus fixed:
|
|
|
|
When using the multi interface over HTTP and the server returns a Location
|
|
header, the running easy handle will get stuck in the CURLM_STATE_PERFORM
|
|
state, leaving the external event loop stuck waiting for data from the
|
|
ingoing socket (when using the curl_multi_socket_action stuff). While this
|
|
bug was pretty hard to find, it seems to require only a one-line fix. The
|
|
break statement on line 1374 in multi.c caused the function to skip the call
|
|
to multistate().
|
|
|
|
How to reproduce this bug? Well, that's another question. evhiperfifo.c in
|
|
the examples directory chokes on this bug only _sometimes_, probably
|
|
depending on how fast the URLs are added. One way of testing the bug out is
|
|
writing to hiper.fifo from more than one source at the same time.
|
|
|
|
Daniel Fandrich (7 Jan 2009)
|
|
- Unified much of the SessionHandle initialization done in Curl_open() and
|
|
curl_easy_reset() by creating Curl_init_userdefined(). This had the side
|
|
effect of fixing curl_easy_reset() so it now also resets
|
|
CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
|
|
|
|
Daniel Stenberg (7 Jan 2009)
|
|
- Rob Crittenden did once again provide an NSS update:
|
|
|
|
I have to jump through a few hoops now with the NSS library initialization
|
|
since another part of an application may have already initialized NSS by the
|
|
time Curl gets invoked. This patch is more careful to only shutdown the NSS
|
|
library if Curl did the initialization.
|
|
|
|
It also adds in a bit of code to set the default ciphers if the app that
|
|
call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific
|
|
ciphers. One might argue that this lets other application developers get
|
|
lazy and/or they aren't using the NSS API correctly, and you'd be right.
|
|
But still, this will avoid terribly difficult-to-trace crashes and is
|
|
generally helpful.
|
|
|
|
Daniel Stenberg (1 Jan 2009)
|
|
- 'reconf' is removed since we rather have users use 'buildconf'
|
|
|
|
Daniel Stenberg (31 Dec 2008)
|
|
- Bas Mevissen reported http://curl.haxx.se/bug/view.cgi?id=2479030 pointing
|
|
out that 'reconf' didn't properly point out the m4 subdirectory when running
|
|
aclocal.
|
|
|
|
Daniel Stenberg (29 Dec 2008)
|
|
- Phil Lisiecki filed bug report #2413067
|
|
(http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that
|
|
would cause libcurl to mark a DNS cache entry "in use" eternally if the
|
|
subsequence TCP connect failed. It would thus never get pruned and refreshed
|
|
as it should've been.
|
|
|
|
Phil provided his own patch to this problem that while it seemed to work
|
|
wasn't complete and thus I wrote my own fix to the problem.
|
|
|
|
Daniel Stenberg (28 Dec 2008)
|
|
- Peter Korsgaard fixed building libcurl with "configure --with-ssl
|
|
--disable-verbose".
|
|
|
|
- Anthony Bryan fixed more language and spelling flaws in man pages.
|
|
|
|
Daniel Stenberg (22 Dec 2008)
|
|
- Given a recent enough libssh2, libcurl can now seek/resume with SFTP even
|
|
on file indexes beyond 2 or 4GB.
|
|
|
|
- Anthony Bryan provided a set of patches that cleaned up manual language,
|
|
corrected spellings and more.
|
|
|
|
Daniel Stenberg (20 Dec 2008)
|
|
- Igor Novoseltsev fixed a bad situation for the multi_socket() API when doing
|
|
pipelining, as libcurl could then easily get confused and A) work on the
|
|
handle that was not "first in queue" on a pipeline, or even B) tell the app
|
|
to REMOVE a socket while it was in use by a second handle in a pipeline. Both
|
|
errors caused hanging or stalling applications.
|
|
|
|
Daniel Stenberg (19 Dec 2008)
|
|
- curl_multi_timeout() could return a timeout value of 0 even though nothing
|
|
was actually ready to get done, as the internal time resolution is higher
|
|
than the returned millisecond timer. Therefore it could cause applications
|
|
running on fast processors to do short bursts of busy-loops.
|
|
curl_multi_timeout() will now only return 0 if the timeout is actually
|
|
alreay triggered.
|
|
|
|
- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl
|
|
now has an improved ability to do right when the multi interface (both
|
|
"regular" and multi_socket) is used for SCP and SFTP transfers. This should
|
|
result in (much) less busy-loop situations and thus less CPU usage with no
|
|
speed loss.
|
|
|
|
Daniel Stenberg (17 Dec 2008)
|
|
- SCP and SFTP with the multi interface had the same flaw: the 'DONE'
|
|
operation didn't complete properly if the EAGAIN equivalent was returned but
|
|
libcurl would simply continue with a half-completed close operation
|
|
performed. This ruined persistent connection re-use and cause some
|
|
SSH-protocol errors in general. The correction is unfortunately adding a
|
|
blocking function - doing it entirely non-blocking should be considered for
|
|
a better fix.
|
|
|
|
Gisle Vanem (16 Dec 2008)
|
|
- Added the possibility to use the Watt-32 tcp/ip stack under Windows.
|
|
The change simply involved adding a USE_WATT32 section in the
|
|
config-win32.h files (under ./lib and ./src). This section disables
|
|
the use of any Winsock headers.
|
|
|
|
Daniel Stenberg (16 Dec 2008)
|
|
- libssh2_sftp_last_error() was wrongly used at some places in libcurl which
|
|
made libcurl sometimes not properly abort problematic SFTP transfers.
|
|
|
|
Daniel Stenberg (12 Dec 2008)
|
|
- More work with Igor Novoseltsev to first fix the remaining stuff for
|
|
removing easy handles from multi handles when the easy handle is/was within
|
|
a HTTP pipeline. His bug report #2351653
|
|
(http://curl.haxx.se/bug/view.cgi?id=2351653) was also related and was
|
|
eventually fixed by a patch by Igor himself.
|
|
|
|
Yang Tse (12 Dec 2008)
|
|
- Patrick Monnerat fixed a build regression, introduced in 7.19.2, affecting
|
|
OS/400 compilations with IPv6 enabled.
|
|
|
|
Daniel Stenberg (12 Dec 2008)
|
|
- Mark Karpeles filed bug report #2416182 titled "crash in ConnectionExists
|
|
when using duphandle+curl_mutli"
|
|
(http://curl.haxx.se/bug/view.cgi?id=2416182) which showed that
|
|
curl_easy_duphandle() wrongly also copied the pointer to the connection
|
|
cache, which was plain wrong and caused a segfault if the handle would be
|
|
used in a different multi handle than the handle it was duplicated from.
|
|
|
|
Daniel Stenberg (11 Dec 2008)
|
|
- Keshav Krity found out that libcurl failed to deal with dotted IPv6
|
|
addresses if they were very long (>39 letters) due to a too strict address
|
|
validity parser. It now accepts addresses up to 45 bytes long.
|
|
|
|
Daniel Stenberg (11 Dec 2008)
|
|
- Internet Explorer had a broken HTTP digest authentication before v7 and
|
|
there are servers "out there" that relies on the client doing this broken
|
|
Digest authentication. Apache even comes with an option to work with such
|
|
broken clients.
|
|
|
|
The difference is only for URLs that contain a query-part (a '?'-letter and
|
|
text to the right of it).
|
|
|
|
libcurl now supports this quirk, and you enable it by setting the
|
|
CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
|
|
CURLOPT_PROXYAUTH options. They are thus individually controlled to server
|
|
and proxy.
|
|
|
|
(note that there's no way to activate this with the curl tool yet)
|
|
|
|
Daniel Fandrich (9 Dec 2008)
|
|
- Added test cases 1089 and 1090 to test --write-out after a redirect to
|
|
test a report that the size didn't work, but these test cases pass.
|
|
|
|
- Documented CURLOPT_CONNECT_ONLY as being useful only on HTTP URLs.
|
|
|
|
Daniel Stenberg (9 Dec 2008)
|
|
- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any
|
|
particular state for the control connection like it did before for implicit
|
|
FTPS (libcurl assumed such control connections to be encrypted while some
|
|
FTPS servers such as FileZilla assumes such connections to be clear
|
|
mode). Use the CURLOPT_USE_SSL option to set your desired level.
|
|
|
|
Daniel Stenberg (8 Dec 2008)
|
|
- Fred Machado posted about a weird FTP problem on the curl-users list and when
|
|
researching it, it turned out he got a 550 response back from a SIZE command
|
|
and then I fell over the text in RFC3659 that says:
|
|
|
|
The presence of the 550 error response to a SIZE command MUST NOT be taken
|
|
by the client as an indication that the file cannot be transferred in the
|
|
current MODE and TYPE.
|
|
|
|
In other words: the change I did on September 30th 2008 and that has been
|
|
included in the last two releases were a regression and a bad idea. We MUST
|
|
NOT take a 550 response from SIZE as a hint that the file doesn't exist.
|
|
|
|
- Christian Krause filed bug #2221237
|
|
(http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite
|
|
loop during GSS authentication given some specific conditions. With his
|
|
patience and great feedback I managed to narrow down the problem and
|
|
eventually fix it although I can't test any of this myself!
|
|
|
|
Daniel Fandrich (3 Dec 2008)
|
|
- Fixed the getifaddrs version of Curl_if2ip to work on systems without IPv6
|
|
support (e.g. Minix)
|
|
|
|
Daniel Stenberg (3 Dec 2008)
|
|
- Igor Novoseltsev filed bug #2351645
|
|
(http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with
|
|
the multi interface that occured if you removed an easy handle while in
|
|
progress and the handle was used in a HTTP pipeline.
|
|
|
|
- Pawel Kierski pointed out a mistake in the cookie code that could lead to a
|
|
bad fclose() after a fatal error had occured.
|
|
(http://curl.haxx.se/bug/view.cgi?id=2382219)
|
|
|
|
Daniel Fandrich (25 Nov 2008)
|
|
- If a HTTP request is Basic and num is already >=1000, the HTTP test
|
|
server adds 1 to num to get the data section to return. This allows
|
|
testing authentication negotiations using the Basic authentication
|
|
method.
|
|
|
|
- Added tests 1087 and 1088 to test Basic authentication on a redirect
|
|
with and without --location-trusted
|
|
|
|
Daniel Stenberg (24 Nov 2008)
|
|
- Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19
|
|
function when built to support SCP and SFTP that helps the library to know
|
|
in which direction a particular libssh2 operation would return EAGAIN so
|
|
that libcurl knows what socket conditions to wait for before trying the
|
|
function call again. Previously (and still when using libssh2 0.18 or
|
|
earlier), libcurl will busy-loop in this situation when the easy interface
|
|
is used!
|
|
|
|
Daniel Fandrich (20 Nov 2008)
|
|
- Automatically detect OpenBSD's CA cert bundle.
|
|
|
|
Daniel Stenberg (19 Nov 2008)
|
|
- I removed the default use of "Pragma: no-cache" from libcurl when a proxy is
|
|
used. It has been used since forever but it was never a good idea to use
|
|
unless explicitly asked for.
|
|
|
|
- Josef Wolf's extension that allows a $TESTDIR/gdbinit$testnum file that when
|
|
you use runtests.pl -g, will be sourced by gdb to allow additional fancy or
|
|
whatever you see fit
|
|
|
|
- Christian Krause reported and fixed a memory leak that would occur with HTTP
|
|
GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
|
|
|
|
- Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
|
|
when uploading files to a single FTP server using multiple easy handle
|
|
handles with the multi interface. Occasionally a handle would stall in
|
|
mysterious ways.
|
|
|
|
The problem turned out to be a side-effect of the ConnectionExists()
|
|
function's eagerness to re-use a handle for HTTP pipelining so it would
|
|
select it even if already being in use, due to an inadequate check for its
|
|
chances of being used for pipelnining.
|
|
|
|
Daniel Fandrich (17 Nov 2008)
|
|
- Added more compiler warning options for gcc 4.3
|
|
|
|
Yang Tse (17 Nov 2008)
|
|
- Fix a remaining problem in the inet_pton() runtime configure check. And
|
|
fix internal Curl_inet_pton() failures to reject certain malformed literals.
|
|
|
|
- Make configure script check if ioctl with the SIOCGIFADDR command can be
|
|
used, and define HAVE_IOCTL_SIOCGIFADDR if appropriate.
|
|
|
|
Daniel Stenberg (16 Nov 2008)
|
|
- Christian Krause fixed a build failure when building with gss support
|
|
enabled and FTP disabled.
|
|
|
|
- Added check for NULL returns from strdup() in src/main.c and lib/formdata.c
|
|
- reported by Jim Meyering also prevent buffer overflow on MSDOS when you do
|
|
for example -O on a url with a file name part longer than PATH_MAX letters
|
|
|
|
- lib/nss.c fixes based on the report by Jim Meyering: I went over and added
|
|
checks for return codes for all calls to malloc and strdup that were
|
|
missing. I also changed a few malloc(13) to use arrays on the stack and a
|
|
few malloc(PATH_MAX) to instead use aprintf() to lower memory use.
|
|
|
|
- I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is
|
|
in use.
|
|
|
|
Daniel Fandrich (14 Nov 2008)
|
|
- Added .xml as one of the few common file extensions known by the multipart
|
|
form generator.
|
|
|
|
- Added some #ifdefs around header files and change the EAGAIN test to
|
|
fix compilation on Cell (reported by Jeff Curley).
|
|
|
|
Yang Tse (14 Nov 2008)
|
|
- Fixed several configure script issues affecting checks for inet_ntoa_r(),
|
|
inet_ntop(), inet_pton(), getifaddrs(), fcntl() and getaddrinfo().
|
|
|
|
Yang Tse (13 Nov 2008)
|
|
- Refactored configure script detection of functions used to set sockets into
|
|
non-blocking mode, and decouple function detection from function capability.
|
|
|