| _ _ ____ _ |
| ___| | | | _ \| | |
| / __| | | | |_) | | |
| | (__| |_| | _ <| |___ |
| \___|\___/|_| \_\_____| |
| |
| Changelog |
| |
| Michal Marek (11 Mar 2008) |
| - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only |
| works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html , |
| http://curl.haxx.se/mail/lib-2008-02/0292.html ) |
| |
| Daniel Fandrich (10 Mar 2008) |
| - Added tests 618-621 to test SFTP/SCP transfers of more than one file |
| (test 620 tests the just-fixed problem reported by Brian Ulm). |
| |
| Daniel Stenberg (9 Mar 2008) |
| - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used |
| easy handle if curl_easy_reset() was used between them. I fixed it and Brian |
| verified that it cured his problem. |
| |
| - Brian Ulm reported that if you first tried to download a non-existing SFTP |
| file and then fetched an existing one and re-used the handle, libcurl would |
| still report the second one as non-existing as well! I fixed it abd Brian |
| verified that it cured his problem. |
| |
| Michal Marek (6 Mar 2008) |
| - Fix the gssapi configure check to detect newer MIT Kerberos (patch by |
| Michael Calmer) |
| |
| Yang Tse (6 Mar 2008) |
| - Fix regression on Curl_socket_ready() and Curl_poll() so that these will |
| again fail on select/poll errors different than EINTR. |
| |
| Daniel Fandrich (5 Mar 2008) |
| - Fixed the test harness so it will write out zero-length data files. |
| |
| - Added tests 616 and 617 to see how SFTP and SCP cope with zero-length |
| files, as questioned by Mike Protts. SFTP does for me but SCP doesn't |
| so test 617 is disabled for now. |
| |
| Daniel S (4 Mar 2008) |
| - Mike Protts brought a patch that makes resumed transfers work with SFTP. |
| |
| Daniel S (1 Mar 2008) |
| - Anatoli Tubman found and fixed a crash with Negotiate authentication used on |
| a re-used connection where both requests used Negotiate. |
| |
| Guenter Knauf (26 Feb 2008) |
| - Kaspar Brand provided a patch to support server name indication (RFC 4366). |
| |
| Daniel S (25 Feb 2008) |
| - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that |
| forces it to prefer SSLv3. |
| |
| Daniel S (23 Feb 2008) |
| - Sam Listopad provided a patch in feature-request #1900014 |
| http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to |
| use OpenSSL) support a full chain of certificates in a given PKCS12 |
| certificate. |
| |
| Daniel S (22 Feb 2008) |
| - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model |
| options as the lib/Makefile.vc6 already did. |
| |
| Daniel S (21 Feb 2008) |
| - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which |
| happened if you set the connection cache size to 1 and for example failed to |
| login to an FTP site. Bug report #1896698 |
| (http://curl.haxx.se/bug/view.cgi?id=1896698) |
| |
| Daniel S (20 Feb 2008) |
| - Fixed test case 405 to not fail when libcurl is built with GnuTLS |
| |
| - Based on initial work done by Gautam Kachroo to address a bug, we now keep |
| better control at the exact state of the connection's SSL status so that we |
| know exactly when it has completed the SSL negotiation or not so that there |
| won't be accidental re-uses of connections that are wrongly believed to be |
| in SSL-completed-negotiate state. |
| |
| - We no longer support setting the CURLOPT_URL option from inside a callback |
| such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location: |
| following. The patch that introduced this feature was done for 7.11.0, but |
| this code and functionality has been broken since about 7.15.4 (March 2006) |
| with the introduction of non-blocking OpenSSL "connects". |
| |
| It was a hack to begin with and since it doesn't work and hasn't worked |
| correctly for a long time and nobody has even noticed, I consider it a very |
| suitable subject for plain removal. And so it was done. |
| |
| Guenter Knauf (19 Feb 2008) |
| - We do no longer support SSLv2 by default since it has known flaws. |
| Kaspar Brand provided a patch for all supported SSL toolkits. |
| |
| Daniel Fandrich (19 Feb 2008) |
| - Added test309 to test HTTP redirect to HTTPS URL |
| |
| Daniel S (18 Feb 2008) |
| - We're no longer providing a very old ca-bundle in the curl tarball. You can |
| get a fresh one downloaded and created with 'make ca-bundle' or you can get |
| one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh |
| new one extracted from Mozilla's recent list of ca certs. |
| |
| The configure option --with-ca-bundle now lets you specify what file to use |
| as default ca bundle for your build. If not specified, the configure script |
| will check a few known standard places for a global ca cert to use. |
| |
| Daniel S (17 Feb 2008) |
| - Jerome Muffat-Meridol helped me fix Curl_done() to close the current |
| connection by force when it was called before the entire request is |
| completed, simply because we can't know if the connection really can be |
| re-used safely at that point. |
| |
| - Based on the same debugging logic, I've also made Curl_http_done() not |
| return CURLE_GOT_NOTHING if called "prematurely". This should have no real |
| effect to anything but the code makes more sense like this. |
| |
| Daniel S (15 Feb 2008) |
| - Made the gnutls code path not even try to get the server cert if no peer |
| verification is requested. Previously it would even return failure if gnutls |
| failed to get the server cert even though no verification was asked for. |
| Public server showing the problem: https://www.net222.caisse-epargne.fr |
| |
| - Fix my Curl_timeleft() leftover mistake in the gnutls code |
| |
| - Pooyan McSporran found and fixed a flaw where you first would do a normal |
| http request and then you'd reuse the handle and replace the Accept: header, |
| as then libcurl would send two Accept: headers! |
| |
| Daniel S (11 Feb 2008) |
| - Yang Tse pointed out a few remaining quirks from my timeout refactoring from |
| Feb 7 that didn't abort properly on timeouts. These are actually old |
| problems but now they should be fixed. |
| |
| Yang Tse (10 Feb 2008) |
| - Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out |
| and provides test program that demonstrates that libcurl might not set error |
| description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded |
| name resolver builds. Fixed now. |
| |
| Daniel Fandrich (8 Feb 2007) |
| - Added key words to all SSL-using tests so they can be skipped if necessary. |
| Removed a few unnecessary requires SSL statements. |
| |
| Daniel S (8 Feb 2008) |
| - Mike Hommey filed and fixed bug report #1889856 |
| (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl |
| layer, cleaning-up and reinitializing curl ends up with https requests |
| failing with "ASN1 parser: Element was not found" errors. Obviously a |
| regression added in 7.16.3. |
| |
| Yang Tse (8 Feb 2008) |
| - Improved test harness SCP/SFTP start up server verification, doing a real |
| connection to the sftp server, authenticating and running a simple sftp |
| pwd command using the test harness generated configuration and key files. |
| |
| Daniel S (8 Feb 2008) |
| - Günter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and |
| creates a suitable ca-bundle.crt file in PEM format for use with curl. The |
| recommended way to run it is to use 'make ca-bundle' in the build tree root. |
| |
| Daniel Fandrich (7 Feb 2007) |
| - Added tests 1022 and 1023 to validate output of curl-config --version and |
| --vernum |
| |
| Daniel S (7 Feb 2008) |
| - Refactored a lot of timeout code into a few functions in an attempt to make |
| them all use the same (hopefully correct) logic to make it less error-prone |
| and easier to introduce library-wide where it should be used. |
| |
| Yang Tse (6 Feb 2008) |
| - Fix an issue in strdup replacement function when dealing with absolutely |
| huge strings. Only systems without a standard strdup would be affected. |
| |
| Daniel S (3 Feb 2008) |
| - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and |
| use of the "is_in_pipeline" struct field. |
| |
| - I wrote up and added the threaded-ssl.c example source code that shows how |
| to do multi-threaded downloads of HTTPS files with a libcurl that is built |
| with OpenSSL. It uses pthreads for the threading. |
| |
| Daniel S (31 Jan 2008) |
| - Niklas Angebrand made the cookie support in libcurl properly deal with the |
| "HttpOnly" feature introduced by Microsoft and apparently also supported by |
| Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly |
| is now supported when received from servers in HTTP headers, when written to |
| cookie jars and when read from existing cookie jars. |
| |
| I modified test case 31 and 46 to also do some basic HttpOnly testing. |
| |
| - Dmitry Kurochkin moved several struct fields from the connectdata struct to |
| the SingleRequest one to make pipelining better. It is a bit tricky to keep |
| them in the right place, to keep things related to the actual request or to |
| the actual connection in the right place. |
| |
| Daniel S (29 Jan 2008) |
| - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously |
| crash! |
| |
| - Michal Marek fixed minor mistake in test case 553 that prevented it from |
| working on other IP-addresses or port numbers. |
| |
| Version 7.18.0 (28 January 2008) |
| |
| Daniel S (27 Jan 2008) |
| - Dmitry Kurochkin: In "real world" testing I found more bugs in |
| pipelining. Broken connection is not restored and we get into infinite |
| loop. It happens because of wrong is_in_pipeline values. |
| |
| Daniel S (26 Jan 2008) |
| - Kevin Reed filed bug report #1879375 |
| (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl |
| got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any |
| proxy authentication and the proxy replies with an auth (like NTLM) and then |
| closes the connection after that initial informational response. |
| |
| libcurl would not properly re-initialize the connection to the proxy and |
| continue the auth negotiation like supposed. It does now however, as it will |
| now detect if one or more authentication methods were available and asked |
| for, and will thus retry the connection and continue from there. |
| |
| - I made the progress callback get called properly during proxy CONNECT. |
| |
| Daniel S (23 Jan 2008) |
| - Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked |
| memory, and so did "SESS". Fixed now. |
| |
| Yang Tse (22 Jan 2008) |
| - Check poll.h at configuration time, and use it when sys/poll.h unavailable |
| |
| Daniel S (22 Jan 2008) |
| - Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed |
| that it is bad anyway. Starting now, removing a handle that is in used in a |
| pipeline will break the pipeline - it'll be set back up again but still... |
| |
| Yang Tse (21 Jan 2008) |
| - Disable ldap support for cygwin builds, since it breaks whole build process. |
| Fixing it will affect other platforms, so it is postponed for another release. |
| |
| Daniel S (18 Jan 2008) |
| - Lau Hang Kin found and fixed a problem with the multi interface when doing |
| CONNECT over a proxy. curl_multi_fdset() didn't report back the socket |
| properly during that state, due to a missing case in the switch in the |
| multi_getsock() function. |
| |
| Yang Tse (17 Jan 2008) |
| - Don't abort tests 518 and 537 when unable to raise the open-file soft limit. |
| |
| Daniel S (16 Jan 2008) |
| - Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring |
| out what valgrind to run. |
| |
| Yang Tse (16 Jan 2008) |
| - Improved handling of out of memory in the command line tool that afected |
| data url encoded HTTP POSTs when reading it from a file. |
| |
| Daniel S (16 Jan 2008) |
| - Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that |
| previously had a number of flaws, perhaps most notably when an application |
| fired up N transfers at once as then they wouldn't pipeline at all that |
| nicely as anyone would think... Test case 530 was also updated to take the |
| improved functionality into account. |
| |
| - Calls to Curl_failf() are not supposed to provide a trailing newline as the |
| function itself adds that. Fixed on 50 or something strings! |
| |
| Daniel S (15 Jan 2008) |
| - I made the torture test on test 530 go through. This was actually due to |
| silly code left from when we switched to let the multi handle "hold" the dns |
| cache when using the multi interface... Of course this only triggered when a |
| certain function call returned error at the correct moment. |
| |
| Daniel S (14 Jan 2008) |
| - Joe Malicki filed bug report #1871269 |
| (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang- |
| problem that occurred when doing a large HTTP POST request with the |
| response-body read from a callback. |
| |
| Daniel S (12 Jan 2008) |
| - I re-arranged the curl --help output. All the options are now sorted on |
| their long option names and all descriptions are one-liners. |
| |
| - Eric Landes provided the patch (edited by me) that introduces the |
| --keepalive-time to curl to set the keepalive probe interval. I also took |
| the opportunity to rename the recently added no-keep-alive option to |
| no-keepalive to keep a consistent naming and to avoid getting two dashes in |
| these option names. Eric also provided an update to the man page for the new |
| option. |
| |
| Daniel S (11 Jan 2008) |
| - Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it |
| already worked for FTP:// URLs. |
| |
| - I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the |
| spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved |
| performance for the upload resume cases where you want to upload the last |
| few bytes of a very large file. To implement this decently, I had to switch |
| the client code for uploading from fopen()/fread() to plain open()/read() so |
| that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that) |
| on systems that offer support for that. |
| |
| Daniel S (10 Jan 2008) |
| - Michal Marek made curl-config --libs not include /usr/lib64 in the output |
| (it already before skipped /usr/lib). /usr/lib64 is the default library |
| directory on many 64bit systems and it's unlikely that anyone would use the |
| path privately on systems where it's not. |
| |
| - Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow |
| libcurl to seek in a given input stream. This is particularly important when |
| doing upload resumes when there's already a huge part of the file present |
| remotely. Before, and still if this callback isn't used, libcurl will read |
| and through away the entire file up to the point to where the resuming |
| begins (which of course can be a slow opereration depending on file size, |
| I/O bandwidth and more). This new function will also be preferred to get |
| used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when |
| doing multi-stage HTTP auth with POST/PUT. |
| |
| - Nikitinskit Dmitriy filed bug report #1868255 |
| (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies |
| and fixes a problem with parsing WWW-Authenticate: headers with additional |
| spaces in the line that the parser wasn't written to deal with. |
| |
| Daniel S (8 Jan 2008) |
| - Introducing curl_easy_pause() and new magic return codes for both the read |
| and the write callbacks that now can make a connection's reading and/or |
| writing get paused. |
| |
| Daniel S (6 Jan 2008) |
| - Jeff Johnson filed bug report #1863171 |
| (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that |
| libcurl's date parser didn't accept a +1300 time zone which actually is used |
| fairly often (like New Zealand's Dailight Savings Time), so I modified the |
| parser to now accept up to and including -1400 to +1400. |
| |
| Daniel S (5 Jan 2008) |
| - Based on further discussion on curl-library, I reverted yesterday's SOCKS5 |
| code to instead introduce support for a new proxy type called |
| CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy |
| instead of IP address and there's thus no longer any need for a new |
| curl_easy_setopt() option. |
| |
| The default SOCKS5 proxy is again back to sending the IP address to the |
| proxy. The new curl command line option for enabling sending host name to a |
| SOCKS5 proxy is now --socks5-hostname. |
| |
| Daniel S (4 Jan 2008) |
| - Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the |
| proxy do the host name resolving and only if --socks5ip (or |
| CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and |
| pass on the IP address only to the proxy. |
| |
| Yang Tse (3 Jan 2008) |
| - Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with |
| OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH |
| 3.7, SunSSH 1.0 or later. |
| |
| Daniel S (2 Jan 2008) |
| - I fixed two cases of missing return code checks when handling chunked |
| decoding where a write error (or abort return from a callback) didn't stop |
| libcurl's processing. |
| |
| - I removed the socklen_t use from the public curl/curl.h header and instead |
| made it an unsigned int. The type was only used in the curl_sockaddr struct |
| definition (only used by the curl_opensocket_callback). On all platforms I |
| could find information about, socklen_t is 32 unsigned bits large so I don't |
| think this will break the API or ABI. The main reason for this change is of |
| course for all the platforms that don't have a socklen_t definition in their |
| headers to build fine again. Providing our own configure magic and custom |
| definition of socklen_t on those systems proved to work but was a lot of |
| cruft, code and extra magic needed - when this very small change of type |
| seems harmless and still solves the missing socklen_t problem. |
| |
| - Richard Atterer brought a patch that added support for SOCKS4a proxies, |
| which is an inofficial PROXY4 variant that sends the hostname to the proxy |
| instead of the resolved address (which is already supported by SOCKS5). |
| --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can |
| now be set to CURLPROXY_SOCKS4A as well. |
| |
| Daniel S (1 Jan 2008) |
| - Mohun Biswas pointed out that --libcurl generated a source code with an int |
| function but without a return statement. While fixing that, I also took care |
| about adding some better comments for the generated code. |
| |
| Daniel S (27 Dec 2007) |
| - Dmitry Kurochkin mentioned a flaw |
| (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which |
| failed to set the bits.proxy variable properly when an environment variable |
| told libcurl to use a http proxy. |
| |
| Daniel S (26 Dec 2007) |
| - In an attempt to repeat the problem in bug report #1850730 |
| (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The |
| test is doing a 70K POST with a read callback and an ioctl callback over a |
| proxy requiring Digest auth. The test case code is more or less identical to |
| the test recipe code provided by Spacen Jasset (who submitted the bug |
| report). |
| |
| Daniel S (25 Dec 2007) |
| - Gary Maxwell filed bug report #1856628 |
| (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the |
| (small) memory leak in the SSL session ID caching code. It happened when a |
| previous entry in the cache was re-used. |
| |
| Daniel Fandrich (19 Dec 2007) |
| - Ensure that nroff doesn't put anything but ASCII characters into the |
| --manual text. |
| |
| Yang Tse (18 Dec 2007) |
| - MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP, |
| and makes wrong asumptions of build target when it isn't specified. So, |
| if no build target has been defined we will target WinXP when building |
| curl/libcurl with MSVC 9.0 (VS2008). |
| |
| - (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed |
| a file truncation problem on Windows build targets triggered when retrying |
| a download with curl. |
| |
| Daniel S (17 Dec 2007) |
| - Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and |
| defines in winsock2.h somehow differently than previous versions and that |
| curl 7.17.1 would fail to compile out of the box. |
| |
| Daniel S (13 Dec 2007) |
| - David Wright filed bug report #1849764 |
| (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He |
| identified a problem for re-used connections that previously had sent |
| Expect: 100-continue and in some situations the subsequent POST (that didn't |
| use Expect:) still had the internal flag set for its use. David's fix (that |
| makes the setting of the flag in every single request unconditionally) is |
| fine and is now used! |
| |
| Daniel S (12 Dec 2007) |
| - Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and |
| added the --no-keep-alive option that can disable that on demand. |
| |
| Daniel S (9 Dec 2007) |
| - Andrew Moise filed bug report #1847501 |
| (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy() |
| that should be memmove() in the convert_lineends() function. |
| |
| Daniel S (8 Dec 2007) |
| - Renamed all internal static functions that had Curl_ prefixes to no longer |
| have them. The Curl_ prefix is exclusively used for library internal global |
| symbols. Static functions can be named anything, except for using Curl_ or |
| curl_ prefixes. This is for consistency and for easier maintainance and |
| overview. |
| |
| - Cleaned up and reformatted the TODO document to look like the FAQ and |
| CONTRIBUTE, which makes nicer web pages |
| |
| - Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE. |
| |
| - Added keywords on a bunch of test cases |
| |
| - Fixed an OOM problem in the curl code that would lead to fclose on a bad |
| handle and crash |
| |
| Daniel S (5 Dec 2007) |
| - Spacen Jasset reported a problem with doing POST (with data read with a |
| callback) over a proxy when NTLM is used as auth with the proxy. The bug |
| also concerned Digest and was limited to using callback only. Spacen worked |
| with us to provide a useful patch. I added the test case 547 and 548 to |
| verify two variations of POST over proxy with NTLM. |
| |
| Daniel S (3 Dec 2007) |
| - Ray Pekowski filed bug report #1842029 |
| (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a |
| problem with SSL session caching that prevent it from working, and provided |
| the associated fix! |
| |
| - Now libcurl (built with OpenSSL) doesn't return error anymore if the remote |
| SSL-based server doesn't present a certificate when the request is told to |
| ignore certificate verification anyway. |
| |
| - Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control |
| the appending of the "type=" thing on FTP URLs when they are passed to a |
| HTTP proxy. Some proxies just don't like that appending (which is done |
| unconditionally in 7.17.1), and some proxies treat binary/ascii transfers |
| better with the appending done! |
| |
| Daniel S (29 Nov 2007) |
| - A bug report on the curl-library list showed a HTTP Digest session going on |
| with a 700+ letter nonce. Previously libcurl only support 127 letter ones |
| and now I bumped it to 1023. |
| |
| - Fixed the resumed FTP upload loop to not require that the read callback |
| returns a full buffer on each invoke. |
| |
| Daniel S (25 Nov 2007) |
| - Added test case 1015 that tests --data-urlencode in multiple ways |
| |
| - Fixed --data-urlencode for when no @ or = are used |
| |
| - Extended the user-agent buffer curl uses, since we can hit the 128 byte |
| border with plenty development libraries used. Like my current set: "curl |
| 7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g |
| zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS" |
| |
| Daniel S (24 Nov 2007) |
| - Internal rearrangements, so that the previous struct HandleData is no more. |
| It is now known as SingleRequest and the Curl_transfer_keeper struct within |
| that was remove entirely. This has the upside that there are less duplicate |
| struct members that made it hard to see and remember what struct that was |
| used to store what data. The transfer_keeper thing was once stored on a |
| per-connection basis and then it made sense to have the duplicate info but |
| since it was moved to the SessionHandle (in 7.16.0) it just added weirdness. |
| The SingleRequest struct is used by data that only is valid for this single |
| request. |
| |
| Yang Tse (22 Nov 2007) |
| - Provide a socklen_t definition in curl.h for Win32 API build targets |
| which don't have one. |
| |
| Daniel S (22 Nov 2007) |
| - Alessandro Vesely helped me improve the --data-urlencode's syntax, parser |
| and documentation. |
| |
| Daniel S (21 Nov 2007) |
| - While inspecting the Negotiate code, I noticed how the proxy auth was using |
| the same state struct as the host auth, so both could never be used at the |
| same time! I fixed it (without being able to check) to use two separate |
| structs to allow authentication using Negotiate on host and proxy |
| simultaneously. |
| |
| Daniel S (20 Nov 2007) |
| - Emil Romanus pointed out a bug that made an easy handle get the cookie |
| engine activated when set to use a share (even if the share doesn't share |
| cookies). I fixed it. |
| |
| - Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s", |
| since the second %s would then wrongly used the numerical precision argument |
| instead and crash. |
| |
| - Introduced --data-urlencode to the curl tool for easier url encoding of the |
| data sent in a post. |
| |
| Daniel S (18 Nov 2007) |
| - Rob Crittenden fixed SSL connections with NSS done with the multi-interface |
| |
| Daniel S (17 Nov 2007) |
| - Michal Marek made the test suite remember what test servers that fail to |
| start so that subsequent tries are simply skipped. |
| |
| - Andres Garcia made the examples build fine on Windows (mingw + msys) when |
| the lib was built staticly. |
| |
| Daniel S (16 Nov 2007) |
| - Ates Goral identified a problem in http.c:add_buffer_send() when a debug |
| callback was used, as it could wrongly pass on a bad size for the outgoing |
| HTTP header. The bad size would be a very large value as it was a wrapped |
| size_t content. This happened when the whole HTTP request failed to get sent |
| in one single send. http://curl.haxx.se/mail/lib-2007-11/0165.html |
| |
| Daniel S (15 Nov 2007) |
| - Fixed yet another remaining problem with doing SFTP directory listings on a |
| re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing |
| list. |
| |
| - Michal Marek fixed the test suite to better deal with the case when the HTTP |
| ipv6 server can't run. |
| |
| Yang Tse (14 Nov 2007) |
| - Fix a variable potential wrapping in add_buffer() when using absolutely |
| huge send buffer sizes. |
| |
| Daniel S (13 Nov 2007) |
| - Fixed a remaining problem with doing SFTP directory listings on a re-used |
| persistent connection. Mentioned by Immanuel Gregoire on the mailing list. |
| |
| Daniel S (12 Nov 2007) |
| - Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was |
| forwarded from the Gentoo bug tracker by Daniel Black and was originally |
| submitted by Robin Johnson, pointed out that libcurl would do bad memory |
| references when it failed and bailed out before the handler thing was |
| setup. My fix is not done like the provided patch does it, but instead I |
| make sure that there's never any chance for a NULL pointer in that struct |
| member. |
| |
| Yang Tse (10 Nov 2007) |
| - Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out |
| that the pollfd struct was being multi defined when using VS2008. This is |
| now fixed in /curl/lib/select.h |
| |
| Daniel S (8 Nov 2007) |
| - Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed |
| out that SFTP requests didn't use persistent connections. Neither did SCP |
| ones. I gave the SSH code a good beating and now both SCP and SFTP should |
| use persistent connections fine. I also did a bunch of indent changes as |
| well as a bug fix for the "keyboard interactive" auth. |
| |
| Dan F (6 Nov 2007) |
| - Improved telnet support by drastically reducing the number of write |
| callbacks needed to pass a buffer to the user. Instead one per byte it |
| is now as little as one per segment. |
| |
| Yang Tse (6 Nov 2007) |
| - Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed |
| out a problem in curl.h when building C++ apps with MSVC. To fix it, the |
| inclusion of header files in curl.h is moved outside of the C++ extern "C" |
| linkage block. |
| |
| Daniel S (1 Nov 2007) |
| - Toby Peterson patched a memory problem in the command line tool that |
| happened when a user had a home dir as an empty string. curl would then do |
| free() on a wrong area. |
| |
| Dan F (1 Nov 2007) |
| - Fixed curl-config --features to not display libz when it wasn't used |
| due to a missing header file. |
| |
| Dan F (31 October 2007) |
| - Fixed the output of curl-config --protocols which showed SCP and SFTP |
| always, except when --without-libssh2 was given |
| |
| - Added test cases 1013 and 1014 to check that curl-config --protocols and |
| curl-config --features matches the output of curl --version |
| |
| Dan F (30 October 2007) |
| - Fixed an OOM problem with file: URLs |
| |
| - Moved Curl_file_connect into the protocol handler struct |
| |
| Dan F (29 October 2007) |
| - Added test case 546 to check that subsequent FTP transfers work after a |
| failed one using the multi interface |
| |
| Daniel S (29 October 2007) |
| - Based on one of those bug reports that are intercepted by a distro's bug |
| tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made |
| curl-config --features and --protocols show the correct output when built |
| with NSS. |
| |
| Version 7.17.1 (29 October 2007) |
| |
| Dan F (25 October 2007) |
| - Added the --static-libs option to curl-config |
| |
| Daniel S (25 October 2007) |
| - Made libcurl built with NSS possible to ignore the peer verification. |
| Previously it would fail if the ca bundle wasn't present, even if the code |
| ignored the verification results. |
| |
| Patrick M (25 October 2007) |
| - Fixed test server to allow null bytes in binary posts. |
| _ Added tests 35, 544 & 545 to check binary data posts, both static (in place) |
| and dynamic (copied). |
| |
| Daniel S (25 October 2007) |
| - Michal Marek fixed the test script to be able to use valgrind even when the |
| lib is built shared with libtool. |
| |
| - Fixed a few memory leaks when the same easy handle is re-used to request |
| URLs with different protocols. FTP and TFTP related leaks. Caught thanks to |
| Dan F's new test cases. |
| |
| Dan F (24 October 2007) |
| - Fixed the test FTP and TFTP servers to support the >10000 test number |
| notation |
| |
| - Added test cases 2000 through 2003 which test multiple protocols using the |
| same easy handle |
| |
| - Fixed the filecheck: make target to work outside the source tree |
| |
| Daniel S (24 October 2007) |
| - Vladimir Lazarenko pointed out that we should do some 'mt' magic when |
| building with VC8 to get the "manifest" embedded to make fine stand-alone |
| binaries. The maketgz and the src/Makefile.vc6 files were adjusted |
| accordingly. |
| |
| Daniel S (23 October 2007) |
| - Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out |
| that libcurl tried to re-use connections a bit too much when using non-SSL |
| protocols tunneled over a HTTP proxy. |
| |
| Daniel S (22 October 2007) |
| - Michal Marek forwarded the bug report |
| https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to |
| FTP that caused memory havoc. His work together with my efforts created two |
| fixes: |
| |
| #1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with |
| at connection cleanup, at which time the struct HandleData could be |
| used by another connection. |
| Also, the unused char *urlpath member is removed from struct FTP. |
| |
| #2 - provide a Curl_reset_reqproto() function that frees |
| data->reqdata.proto.* on connection setup if needed (that is if the |
| SessionHandle was used by a different connection). |
| |
| A long-term goal is of course to somehow get rid of how the reqdata struct |
| is used, as it is too error-prone. |
| |
| - Bug report #1815530 (http://curl.haxx.se/bug/view.cgi?id=1815530) points out |
| that specifying a proxy with a trailing slash didn't work (unless it also |
| contained a port number). |
| |
| Patrick M (15 October 2007) |
| - Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again |
| and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode. |
| |
| Patrick M (12 October 2007) |
| - Added per-protocol callback static tables, replacing callback ptr storage |
| in the connectdata structure by a single handler table ptr. |
| |
| Dan F (11 October 2007) |
| - Fixed the -l option of runtests.pl |
| |
| - Added support for skipping tests based on key words. |
| |
| Daniel S (9 October 2007) |
| - Michal Marek removed the no longer existing return codes from the curl.1 |
| man page. |
| |
| Daniel S (7 October 2007) |
| - Known bug #47, which confused libcurl if doing NTLM auth over a proxy with |
| a response that was larger than 16KB is now improved slightly so that now |
| the restriction at 16KB is for the headers only and it should be a rare |
| situation where the response-headers exceed 16KB. Thus, I consider #47 fixed |
| and the header limitation is now known as known bug #48. |
| |
| Daniel S (5 October 2007) |
| - Michael Wallner made the CULROPT_COOKIELIST option support a new magic |
| string: "FLUSH". Using that will cause libcurl to flush its cookies to the |
| CURLOPT_COOKIEJAR file. |
| |
| - The new file docs/libcurl/ABI describes how we view ABI breakages, soname |
| bumps and what the version number's significance to all that is. |
| |
| Daniel S (4 October 2007) |
| - I enabled test 1009 and made the --local-port use a wide range to reduce the |
| risk of failures. |
| |
| - Kim Rinnewitz reported that --local-port didn't work with TFTP transfers. |
| This happened because the tftp code always uncondionally did a bind() |
| without caring if one already had been done and then it failed. I wrote a |
| test case (1009) to verify this, but it is a bit error-prone since it will |
| have to pick a fixed local port number and since the tests are run on so |
| many different hosts in different situations I'll add it in disabled state. |
| |
| Yang Tse (3 October 2007) |
| - Fixed issue related with the use of ares_timeout() result. |
| |
| Daniel S (3 October 2007) |
| - Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and |
| CURLOPT_OPENSOCKETDATA to set a callback that allows an application to |
| replace the socket() call used by libcurl. It basically allows the app to |
| change address, protocol or whatever of the socket. |
| |
| - I renamed the CURLE_SSL_PEER_CERTIFICATE error code to |
| CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made |
| this return code get used by the previous SSH MD5 fingerprint check in case |
| it fails. |
| |
| - Based on a patch brought by Johnny Luong, libcurl now offers |
| CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both |
| make the SCP or SFTP connection verify the remote host's md5 checksum of the |
| public key before doing a connect, to reduce the risk of a man-in-the-middle |
| attack. |
| |
| Daniel S (2 October 2007) |
| - libcurl now handles chunked-encoded CONNECT responses |
| |
| Daniel S (1 October 2007) |
| - Alex Fishman reported a curl_easy_escape() problem that was made the |
| function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a |
| signed / unsigned mistake in the code. I fixed it and added test case 543 to |
| verify. |
| |
| Daniel S (29 September 2007) |
| - Immanuel Gregoire fixed a problem with persistent transfers over SFTP. |
| |
| Daniel S (28 September 2007) |
| - Adapted the c-ares code to the API change c-ares 1.5.0 brings in the |
| notifier callback(s). |
| |
| Dan F (26 September 2007) |
| - Enabled a few more gcc warnings with --enable-debug. Renamed a few |
| variables to avoid shadowing global declarations. |
| |
| Daniel S (26 September 2007) |
| - Philip Langdale provided the new CURLOPT_POST301 option for |
| curl_easy_setopt() that alters how libcurl functions when following |
| redirects. It makes libcurl obey the RFC2616 when a 301 response is received |
| after a non-GET request is made. Default libcurl behaviour is to change |
| method to GET in the subsequent request (like it does for response code 302 |
| - because that's what many/most browsers do), but with this CURLOPT_POST301 |
| option enabled it will do what the spec says and do the next request using |
| the same method again. I.e keep POST after 301. |
| |
| The curl tool got this option as --post301 |
| |
| Test case 1011 and 1012 were added to verify. |
| |
| - Max Katsev reported that when doing a libcurl FTP request with |
| CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE |
| before it does SIZE which makes it less useful. I walked over the code and |
| made it do this properly, and added test case 542 to verify it. |
| |
| Daniel S (24 September 2007) |
| - Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle |
| URLs ending with a slash properly (it should list the contents of that |
| directory). Test case 351 brought back and also test 1010 was added. |
| |
| Daniel S (21 September 2007) |
| - Mark Davies fixed Negotiate authentication over proxy, and also introduced |
| the --proxy-negotiate command line option to allow a user to explicitly |
| select it. |
| |
| Daniel S (19 September 2007) |
| - Rob Crittenden provided an NSS update with the following highlights: |
| |
| o It looks for the NSS database first in the environment variable SSL_DIR, |
| then in /etc/pki/nssdb, then it initializes with no database if neither of |
| those exist. |
| |
| o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be |
| loaded, including the ca-bundle. If it is not available then only |
| certificates already in the NSS database are used. |
| |
| o Tries to detect whether a file or nickname is being passed in so the right |
| thing is done |
| |
| o Added a bit of code to make the output more like the OpenSSL module, |
| including displaying the certificate information when connecting in |
| verbose mode |
| |
| o Improved handling of certificate errors (expired, untrusted, etc) |
| |
| The libnsspem.so PKCS#11 module is currently only available in Fedora |
| 8/rawhide. Work will be done soon to upstream it. The NSS module will work |
| with or without it, all that changes is the source of the certificates and |
| keys. |
| |
| Daniel S (18 September 2007) |
| - Immanuel Gregoire pointed out that public key SSH auth failed if no |
| public/private key was specified and there was no HOME environment variable, |
| and then it didn't continue to try the other auth methods. Now it will |
| instead try to get the files id_dsa.pub and id_dsa from the current |
| directory if none of the two conditions were met. |
| |
| Dan F (17 September 2007) |
| - Added hooks to the test suite to make it possible to test a curl running |
| on a remote host. |
| |
| - Changed some FTP tests to validate the format of the PORT and EPRT commands |
| sent by curl, if not the addresses themselves. |
| |
| Daniel S (15 September 2007) |
| - Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP |
| proxies for FTP urls. |
| |
| - Günter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3 |
| support on Windows. |
| |
| Dan F (13 September 2007) |
| - Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and |
| fixed some AC_SUBST configure entries. |
| |
| Version 7.17.0 (13 September 2007) |
| |
| Daniel S (12 September 2007) |
| - Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed |
| out a problem with doing an empty upload over FTP on a re-used connection. |
| I added test case 541 to reproduce it and to verify the fix. |
| |
| - I noticed while writing test 541 that the FTP code wrongly did a CWD on the |
| second transfer as it didn't store and remember the "" path from the |
| previous transfer so it would instead CWD to the entry path as stored. This |
| worked, but did a superfluous command. Thus, test case 541 now also verifies |
| this fix. |
| |
| Dan F (5 September 2007) |
| - Added test case 1007 to test permission problem when uploading with TFTP |
| (to validate bug #1790403). |
| |
| - TFTP now reports the "not defined" TFTP error code 0 as an error, |
| not success. |
| |
| Daniel S (5 September 2007) |
| - Continued the work on a fix for #1779054 |
| (http://curl.haxx.se/bug/view.cgi?id=1779054). My previous fix from August |
| 24 was not complete (either) but could accidentally "forget" parts of a |
| server response which led to faulty server response time-out errors. |
| |
| Dan F (5 September 2007) |
| - Minix doesn't support getsockopt on UDP sockets or send/recv on TCP |
| sockets. |
| |
| Dan F (31 August 2007) |
| - Made some of the error strings returned by the *strerror functions more |
| generic, and more consistent with each other. |
| |
| - Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants, |
| creating macros for backward compatibility: |
| |
| CURLFTPSSL_NONE => CURLUSESSL_NONE |
| CURLFTPSSL_TRY => CURLUSESSL_TRY |
| CURLFTPSSL_CONTROL => CURLUSESSL_CONTROL |
| CURLFTPSSL_ALL => CURLUSESSL_ALL |
| CURLFTPSSL_LAST => CURLUSESSL_LAST |
| |
| Dan F (30 August 2007) |
| - Renamed several libcurl error codes and options to make them more general |
| and allow reuse by multiple protocols. Several unused error codes were |
| removed. In all cases, macros were added to preserve source (and binary) |
| compatibility with the old names. These macros are subject to removal at |
| a future date, but probably not before 2009. An application can be |
| tested to see if it is using any obsolete code by compiling it with the |
| CURL_NO_OLDIES macro defined. |
| |
| The following unused error codes were removed: |
| |
| CURLE_BAD_CALLING_ORDER |
| CURLE_BAD_PASSWORD_ENTERED |
| CURLE_FTP_CANT_RECONNECT |
| CURLE_FTP_COULDNT_GET_SIZE |
| CURLE_FTP_COULDNT_SET_ASCII |
| CURLE_FTP_USER_PASSWORD_INCORRECT |
| CURLE_FTP_WEIRD_USER_REPLY |
| CURLE_FTP_WRITE_ERROR |
| CURLE_LIBRARY_NOT_FOUND |
| CURLE_MALFORMAT_USER |
| CURLE_OBSOLETE |
| CURLE_SHARE_IN_USE |
| CURLE_URL_MALFORMAT_USER |
| |
| The following error codes were renamed: |
| |
| CURLE_FTP_ACCESS_DENIED => CURLE_REMOTE_ACCESS_DENIED |
| CURLE_FTP_COULDNT_SET_BINARY => CURLE_FTP_COULDNT_SET_TYPE |
| CURLE_FTP_SSL_FAILED => CURLE_USE_SSL_FAILED |
| CURLE_FTP_QUOTE_ERROR => CURLE_QUOTE_ERROR |
| CURLE_TFTP_DISKFULL => CURLE_REMOTE_DISK_FULL |
| CURLE_TFTP_EXISTS => CURLE_REMOTE_FILE_EXISTS |
| CURLE_HTTP_RANGE_ERROR => CURLE_RANGE_ERROR |
| |
| The following options were renamed: |
| |
| CURLOPT_SSLKEYPASSWD => CURLOPT_KEYPASSWD |
| CURLOPT_FTPAPPEND => CURLOPT_APPEND |
| CURLOPT_FTPLISTONLY => CURLOPT_DIRLISTONLY |
| CURLOPT_FTP_SSL => CURLOPT_USE_SSL |
| |
| A few more changes will take place with the next SONAME bump of the |
| library. These are documented in docs/TODO |
| |
| - Documented some newer error codes in libcurl-error(3) |
| |
| - Added more accurate error code returns from SFTP operations. Added test |
| case 615 to test an SFTP upload failure. |
| |
| Dan F (28 August 2007) |
| - Some minor internal type and const changes based on a splint scan. |
| |
| Daniel S (24 August 2007) |
| - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed |
| out that libcurl didn't deal with large responses from server commands, when |
| the single response was consisting of multiple lines but of a total size of |
| 16KB or more. Dan Fandrich improved the ftp test script and provided test |
| case 1006 to repeat the problem, and I fixed the code to make sure this new |
| test case runs fine. |
| |
| Patrick M (23 August 2007) |
| - OS/400 port: new files lib/config-os400.h lib/setup-os400.h packages/OS400/*. |
| See packages/OS400/README.OS400. |
| |
| Daniel S (23 August 2007) |
| - Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointed |
| out that doing first a file:// upload and then an FTP upload crashed libcurl |
| or at best caused furious valgrind complaints. Fixed now! |
| |
| Daniel S (22 August 2007) |
| - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed |
| out that libcurl didn't deal with very long (>16K) FTP server response lines |
| properly. Starting now, libcurl will chop them off (thus the client app will |
| not get the full line) but survive and deal with them fine otherwise. Test |
| case 1003 was added to verify this. |
| |
| Daniel S (20 August 2007) |
| - Based on a patch by Christian Vogt, the FTP code now sets the upcoming |
| download transfer size much earlier to be possible to get read with |
| CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible. This is very much in a |
| similar spirit to the HTTP size change from August 11 2007. |
| |
| Daniel S (18 August 2007) |
| - Robson Braga Araujo filed bug report #1776232 |
| (http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling |
| Curl_client_write(), passing on a const string that the caller may not |
| modify and yet it does (on some platforms). |
| |
| - Robson Braga Araujo filed bug report #1776235 |
| (http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY |
| on a directory would do a "SIZE (null)" request. This is now fixed and test |
| case 1000 was added to verify. |
| |
| Daniel S (17 August 2007) |
| - Song Ma provided a patch that cures a problem libcurl has when doing resume |
| HTTP PUT using Digest authentication. Test case 5320 and 5322 were also |
| added to verify the functionality. |
| |
| Daniel S (14 August 2007) |
| - Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag |
| NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't |
| UNICODE encode the strings it packs into the NTLM authenticate packet. |
| |
| Daniel S (11 August 2007) |
| - Allen Pulsifer provided a patch that makes libcurl set the expected download |
| size earlier when doing HTTP downloads, so that applications and the |
| progress meter etc know get the info earlier in the flow than before. |
| |
| - Patrick Monnerat modified the LDAP code and approach in curl. Starting now, |
| the configure script checks for openldap and friends and we link with those |
| libs just like we link all other third party libraries, and we no longer |
| dlopen() those libraries. Our private header file lib/ldap.h was renamed to |
| lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) |
| just before this commit, just in case. |
| |
| Dan F (8 August 2007) |
| - Song Ma noted a zlib memory leak in the illegal compressed header |
| countermeasures code path. |
| |
| Daniel S (4 August 2007) |
| - Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on |
| non-ASCII systems. |
| |
| Daniel S (3 August 2007) |
| - I cut out support for libssh2 versions older than 0.16 to make our code a |
| lot simpler, and to avoid getting trouble with the LIBSSH2_APINO define |
| that 1) didn't work properly since it was >32 bits and 2) is removed in |
| libssh2 0.16... |
| |
| Daniel S (2 August 2007) |
| - Scott Cantor filed bug report #1766320 |
| (http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl |
| code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and |
| CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be |
| passed in as longs, and that makes a difference on 64 bit architectures. |
| |
| - Dmitriy Sergeyev reported a regression: resumed file:// transfers broke |
| after 7.16.2. This is much due to the different treatment file:// gets |
| internally, but now I added test 231 to make it less likely to happen again |
| without us noticing! |
| |
| Daniel S (1 August 2007) |
| - Patrick Monnerat and I modified libcurl so that now it *copies* all strings |
| passed to it with curl_easy_setopt()! Previously it has always just refered |
| to the data, forcing the user to keep the data around until libcurl is done |
| with it. That is now history and libcurl will instead clone the given |
| strings and keep private copies. This is also part of Patrick Monnerat's |
| OS/400 port. |
| |
| Due to this being a somewhat interesting change API wise, I've decided to |
| bump the version of the upcoming release to 7.17.0. Older applications will |
| of course not notice this change nor do they have to care, but new |
| applications can be written to take advantage of this. |
| |
| - Greg Morse reported a problem with POSTing using ANYAUTH to a server |
| requiring NTLM, and he provided test code and a test server and we worked |
| out a bug fix. We failed to count sent body data at times, which then caused |
| internal confusions when libcurl tried to send the rest of the data in order |
| to maintain the same connection alive. |
| |
| Daniel S (31 July 2007) |
| - Peter O'Gorman pointed out (and fixed) that the non-blocking check in |
| configure made libcurl use blocking sockets on AIX 4 and 5, while that |
| wasn't the intention. |
| |
| Daniel S (29 July 2007) |
| - Jayesh A Shah filed bug report #1759542 |
| (http://curl.haxx.se/bug/view.cgi?id=1759542) identifying a rather serious |
| problem with FTPS: libcurl closed the data connection socket and then later |
| in the flow it would call the SSL layer to do SSL shutdown which then would |
| use a socket that had already been closed - so if the application had opened |
| a new one in the mean time, libcurl could send gibberish that way! I worked |
| with Greg Zavertnik to properly diagnose and fix this. The fix affects code |
| for all SSL libraries we support, but it has only been truly verified to |
| work fine for the OpenSSL version. The others have only been code reviewed. |
| |
| Daniel S (23 July 2007) |
| - Implemented the parts of Patrick Monnerat's OS/400 patch that introduces |
| support for the OS/400 Secure Sockets Layer library. |
| |
| Dan F (23 July 2007) |
| - Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed |
| some few internal identifiers to avoid conflicts, which could be useful on |
| other platforms. |
| |
| Daniel S (22 July 2007) |
| - HTTP Digest bug fix by Chris Flerackers: |
| |
| Scenario |
| |
| - Perfoming a POST request with body |
| - With authentication (only Digest) |
| - Re-using a connection |
| |
| libcurl would send a HTTP POST with an Authorization header but without |
| body. Our server would return 400 Bad Request in that case (because |
| authentication passed, but the body was empty). |
| |
| Cause |
| |
| 1) http_digest.c -> Curl_output_digest |
| - Updates allocptr.userpwd/allocptr.proxyuserpwd *only* if d->nonce is |
| filled in (and no errors) |
| - authp->done = TRUE if d->nonce is filled in |
| 2) http.c -> Curl_http |
| - *Always* uses allocptr.userpwd/allocptr.proxyuserpwd if not NULL |
| 3) http.c -> Curl_http, Curl_http_output_auth |
| |
| So what happens is that Curl_output_digest cannot yet update the |
| Authorization header (allocptr.userpwd) which results in authhost->done=0 -> |
| authhost->multi=1 -> conn->bits.authneg = TRUE. The body is not |
| added. *However*, allocptr.userpwd is still used when building the request |
| |
| - Added test case 354 that makes a simple FTP retrieval without password, which |
| verifies the bug fix in #1757328. |
| |
| Daniel S (21 July 2007) |
| - To allow more flexibility in FTP test cases, I've removed the enforced states |
| from the test server code as they served no real purpose. The test server |
| is here to serve for the test cases, not to attempt to function as a real |
| server! While at it, I modified test case 141 to better test and verify |
| curl -I on a single FTP file. |
| |
| Daniel S (20 July 2007) |
| - James Housley fixed the SFTP PWD command to work. |
| |
| - Ralf S. Engelschall filed bug report #1757328 |
| (http://curl.haxx.se/bug/view.cgi?id=1757328) and submitted a patch. It |
| turns out we broke login to FTP servers that don't require (nor understand) |
| PASS after the USER command. The breakage was done as part of the krb5 |
| commit so a krb-using person needs to verify that the current version now |
| works or if we need to fix it (in a different way of course). |
| |
| Dan F (17 July 2007) |
| - Fixed test cases 613 and 614 by improving the log postprocessor to handle |
| a new directory listing format that newer libssh2's can provide. This |
| is probably NOT sufficient to handle all directory listing formats that |
| server's can provide, and should be revisited. |
| |
| Daniel S (17 July 2007) |
| - Daniel Johnson fixed a bug in how libssh2_session_last_error() was used, in |
| two places. |
| |
| - Jofell Gallardo posted a libcurl log using FTP that exposed a bug which made |
| a control connection that was deemed "dead" to yet be re-used in a following |
| request. |
| |
| Daniel S (13 July 2007) |
| - Colin Hogben filed bug report #1750274 |
| (http://curl.haxx.se/bug/view.cgi?id=1750274) and submitted a patch for the |
| case where libcurl did a connect attempt to a non-listening port and didn't |
| provide a human readable error string back. |
| |
| - Daniel Cater fixes: |
| 1 - made 'make vc8' work on windows. |
| 2 - made libcurl itself built with CURL_NO_OLDIES defined (which doesn't |
| define the symbols for backwards source compatibility) |
| 3 - updated libcurl-errors.3 |
| 4 - added CURL_DISABLE_TFTP to docs/INSTALL |
| |
| Daniel S (12 July 2007) |
| - Made the krb5 code build with Heimdal's GSSAPI lib. |
| |
| Dan F (12 July 2007) |
| - Compile most of the example apps in docs/examples when doing a 'make check'. |
| Fixed some compile warnings and errors in those examples. |
| |
| - Removed the example program ftp3rdparty.c since libcurl doesn't support |
| 3rd party FTP transfers any longer. |
| |
| Daniel S (12 July 2007) |
| - Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation |
| could in fact get stuck in an endless loop. |
| |
| - Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation: |
| fail to connect if there is no Common Name field found in the remote cert. |
| We should deprecate the support for this set to 1 anyway soon, since the |
| feature is pointless and most likely never really used by anyone. |
| |
| Daniel S (11 July 2007) |
| - Shmulik Regev fixed a bug with transfer-encoding skipping during the 407 |
| error pages for proxy authentication. |
| |
| - Giancarlo Formicuccia reported and fixed a problem with a closed connection |
| to a proxy during CONNECT auth negotiation. |
| |
| Dan F (10 July 2007) |
| - Fixed a curl memory leak reported by Song Ma with a modified version |
| of the patch he suggested. Added his test case as test289 to verify. |
| |
| - Force the time zone to GMT in the cookie tests in case the user is |
| using one of the so-called 'right' time zones that take into account |
| leap seconds, which causes the tests to fail (as reported by |
| Daniel Black in bug report #1745964). |
| |
| Version 7.16.4 (10 July 2007) |
| |
| Daniel S (10 July 2007) |
| - Kees Cook notified us about a security flaw |
| (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to |
| properly reject some outdated or not yet valid server certificates when |
| built with GnuTLS. Kees also provided the patch. |
| |
| James H (5 July 2007) |
| - Gavrie Philipson provided a patch that will use a more specific error |
| message for an scp:// upload failure. If libssh2 has his matching |
| patch, then the error message return by the server will be used instead |
| of a more generic error. |
| |
| Daniel S (1 July 2007) |
| - Thomas J. Moore provided a patch that introduces Kerberos5 support in |
| libcurl. This also makes the options change name to --krb (from --krb4) and |
| CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still |
| |
| - Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5 |
| proxy. |
| |
| Daniel S (27 June 2007) |
| - James Housley: Add two new options for the SFTP/SCP/FILE protocols: |
| CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the |
| premissions for files and directories created on the remote |
| server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and |
| CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755 |
| |
| - I corrected the 10-at-a-time.c example and applied a patch for it by James |
| Bursa. |
| |
| Daniel S (26 June 2007) |
| - Robert Iakobashvili re-arranged the internal hash code to work with a custom |
| hash function for different hashes, and also expanded the default size for |
| the socket hash table used in multi handles to greatly enhance speed when |
| very many connections are added and the socket API is used. |
| |
| - James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory |
| listings as well |
| |
| Daniel S (25 June 2007) |
| - Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or |
| chunked encoding (that also lacks "Connection: close"). It now simply |
| assumes that the connection WILL be closed to signal the end, as that is how |
| RFC2616 section 4.4 point #5 says we should behave. |
| |
| Version 7.16.3 (25 June 2007) |
| |
| Daniel S (23 June 2007) |
| - As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and |
| http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do |
| no-body requests on FTP files on re-used connections properly, or at least |
| it didn't provide the info back in the header callback properly in the |
| subsequent requests. |
| |
| Daniel S (21 June 2007) |
| - Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker |
| tool reports and it was indeed a legitimate one and it is one fixed. It was |
| a use of a share without doing the proper locking first. |
| |
| Daniel S (20 June 2007) |
| - Adam Piggott filed bug report #1740263 |
| (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when |
| getting a large amount of URLs with curl, they were fetched slower and |
| slower... which turned out to be because the --libcurl data collecting which |
| wrongly always was enabled, but no longer is... |
| |
| Daniel S (18 June 2007) |
| - Robson Braga Araujo filed bug report #1739100 |
| (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl |
| could not actually list the contents of the root directory of a given FTP |
| server if the login directory isn't root. I fixed the problem and added |
| three test cases (one is disabled for now since I identified KNOWN_BUGS #44, |
| we cannot use --ftp-method nocwd and list ftp directories). |
| |
| Daniel S (14 June 2007) |
| - Shmulik Regev: |
| |
| I've encountered (and hopefully fixed) a problem involving proxy CONNECT |
| requests and easy handles state management. The problem isn't simple to |
| reproduce since it depends on socket state. It only manifests itself when |
| working with non-blocking sockets. |
| |
| Here is the scenario: |
| |
| 1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and |
| calls Curl_protocol_connect |
| |
| 2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function |
| returns and conn->bits.tunnel_connecting is TRUE |
| |
| 3. when the call to Curl_protocol_connect returns the protocol_connect flag |
| is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which |
| isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT |
| should be used. |
| |
| I discovered this while performing an HTTPS request through a proxy (squid) |
| on my local network. The problem caused openssl to fail as it read the proxy |
| response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL |
| handshake (the exact openssl error was 'wrong ssl version' but this isn't |
| very important) |
| |
| - Dave Vasilevsky filed bug report #1736875 |
| (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan |
| Fandrich mentioned a related build problem on the libcurl mailing list: |
| http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same |
| reason: the definitions of the POLL* defines and the pollfd struct in the |
| libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H. |
| |
| Daniel S (13 June 2007) |
| - Tom Regner provided a patch and worked together with James Housley, so now |
| CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP |
| ones. |
| |
| - Rich Rauenzahn filed bug report #1733119 |
| (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the |
| fix. The problem is that for 64bit HPUX builds, several socket-related |
| functions would still assume int (32 bit) arguments and not socklen_t (64 |
| bit) ones. |
| |
| Daniel S (12 June 2007) |
| - James Housley brought his revamped SSH code that is state-machine driven to |
| really take advantage of the now totally non-blocking libssh2 (in CVS). |
| |
| Dan F (8 June 2007) |
| - Incorporated Daniel Black's test706 and test707 SOCKS test cases. |
| |
| - Fixed a few problems when starting the SOCKS server. |
| |
| - Reverted some recent changes to runtests.pl that weren't compatible with |
| perl 5.0. |
| |
| - Fixed the test harness so that it actually kills the ssh being used as |
| the SOCKS server. |
| |
| Daniel S (6 June 2007) |
| - -s/--silent can now be used to toggle off the silence again if used a second |
| time. |
| |
| Daniel S (5 June 2007) |
| - Added Daniel Black's work that adds the first few SOCKS test cases. I also |
| fixed two minor SOCKS problems to make the test cases run fine. |
| |
| Daniel S (31 May 2007) |
| - Feng Tu made (lib)curl support "upload" resuming work for file:// URLs. |
| |
| Daniel S (30 May 2007) |
| - I modified the 10-at-a-time.c example to transfer 500 downloads in parallel |
| with a c-ares enabled build only to find that it crashed miserably, and this |
| was due to some select()isms left in the code. This was due to API |
| restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no |
| longer the case so now libcurl runs much better with c-ares and the multi |
| interface with > 1024 file descriptors in use. |
| |
| Extra note: starting now we require c-ares 1.4.0 for asynchronous name |
| resolves. |
| |
| - Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting |
| the maximum size of the connection cache maximum size of the multi handle. |
| |
| Daniel S (27 May 2007) |
| - When working with a problem Stefan Becker had, I found an off-by-one buffer |
| overwrite in Curl_select(). While fixing it, I also improved its performance |
| somewhat by changing calloc to malloc and breaking out of a loop earlier |
| (when possible). |
| |
| Daniel S (25 May 2007) |
| - Rob Crittenden fixed bug #1705802 |
| (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel |
| Black identifying several FTP-SSL test cases fail when we build libcurl with |
| NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS. |
| |
| Daniel S (24 May 2007) |
| - Song Ma filed bug report #1724016 |
| (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading |
| glob-ranges for TFTP was broken in CVS. Fixed now. |
| |
| - 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194) |
| pointed out that the warnf() function in the curl tool didn't properly deal |
| with the cases when excessively long words were used in the string to chop |
| up. |
| |
| Daniel S (22 May 2007) |
| - Andre Guibert de Bruet fixed a memory leak in the function that verifies the |
| peer's name in the SSL certificate when built for OpenSSL. The leak happens |
| for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN |
| name from UTF8. He also fixed a leak when PKCS #12 parsing failed. |
| |
| Daniel S (18 May 2007) |
| - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report |
| #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the |
| transfer-related info "variables" were indeed overwritten with zeroes |
| wrongly and have now been adjusted. The upload size still isn't accurate. |
| |
| Daniel S (17 May 2007) |
| - Feng Tu pointed out a division by zero error in the TFTP connect timeout |
| code for timeouts less than five seconds, and also provided a fix for it. |
| Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392) |
| |
| Dan F (16 May 2007) |
| - Added support for compiling under Minix 3.1.3 using ACK. |
| |
| Dan F (14 May 2007) |
| - Added SFTP directory listing test case 613. |
| |
| - Added support for quote commands before a transfer using SFTP and test |
| case 614. |
| |
| - Changed the post-quote commands to occur after the transferred file is |
| closed. |
| |
| - Allow SFTP quote commands chmod, chown, chgrp to set a value of 0. |
| |
| Dan F (9 May 2007) |
| - Kristian Gunstone fixed a problem where overwriting an uploaded file with |
| sftp didn't truncate it first, which would corrupt the file if the new |
| file was shorter than the old. |
| |
| Dan F (8 May 2007) |
| - Added FTPS test cases 406 and 407 |
| |
| Daniel S (8 May 2007) |
| - CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is |
| because I just made SCP uploads return this value if the file size of |
| the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to |
| reflect this news, and a define for the old name was added to the public |
| header file. |
| |
| Daniel S (7 May 2007) |
| - James Bursa fixed a bug in the multi handle code that made the connection |
| cache grow a bit too much, beyond the normal 4 * easy_handles. |
| |
| Daniel S (2 May 2007) |
| - Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0 |
| when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is |
| not very nice if the client wants to be able to use _either_ a HTTP 1.1 |
| server or one within the aliases list... so starting now, libcurl will |
| simply consider 200-alias matches the to be HTTP 1.0 compliant. |
| |
| - Tobias Rundström reported a problem they experienced with xmms2 and recent |
| libcurls, which turned out to be the 25-nov-2006 change which treats HTTP |
| responses without Content-Length or chunked encoding as without bodies. We |
| now added the conditional that the above mentioned response is only without |
| body if the response is HTTP 1.1. |
| |
| - Jeff Pohlmeyer improved the hiperfifo.c example to use the |
| CURLMOPT_TIMERFUNCTION callback option. |
| |
| - Set the timeout for easy handles to expire really soon after addition or |
| when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform, |
| to make applications using only curl_multi_socket() to properly function |
| when adding easy handles "on the fly". Bug report and test app provided by |
| Michael Wallner. |
| |
| Dan F (30 April 2007) |
| - Improved the test harness to allow running test servers on other than |
| the default port numbers, allowing more than one test suite to run |
| simultaneously on the same host. |
| |
| Daniel S (28 April 2007) |
| - Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before, |
| since it then inits libgcrypt and libgcrypt is being evil and EXITS the |
| application if it fails to get a fine random seed. That's really not a nice |
| thing to do by a library. |
| |
| - Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had |
| been removed from a multi handle, and then fixed another flaw that prevented |
| curl_easy_duphandle() to work even after the first fix - the handle was |
| still marked as using the multi interface. |
| |
| Daniel S (26 April 2007) |
| - Peter O'Gorman found a problem with SCP downloads when the downloaded file |
| was 16385 bytes (16K+1) and it turned out we didn't properly always "suck |
| out" all data from libssh2. The effect being that libcurl would hang on the |
| socket waiting for data when libssh2 had in fact already read it all... |
| |
| Dan F (25 April 2007) |
| - Added support in runtests.pl for "!n" test numbers to disable individual |
| tests. Changed -t to only keep log files around when -k is specified, |
| to have the same behaviour as without -t. |
| |
| Daniel S (25 April 2007) |
| - Sonia Subramanian brought our attention to a problem that happens if you set |
| the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection |
| in the connection cache is closed to make room for the new one when you call |
| curl_easy_perform(). It would then wrongly free range-related data in the |
| connection close funtion. |
| |
| Yang Tse (25 April 2007) |
| - Steve Little fixed compilation on VMS 64-bit mode |
| |
| Daniel S (24 April 2007) |
| - Robert Iakobashvili made the 'master_buffer' get allocated first once it is |
| can/will be used as it then makes the common cases save 16KB of data for each |
| easy handle that isn't used for pipelining. |
| |
| Dan F (23 April 2007) |
| - Added <postcheck> support to the test harness. |
| |
| - Added tests 610-612 to test more SFTP post-quote commands. |
| |
| Daniel S (22 April 2007) |
| - Song Ma's warning if -r/--range is given with a "bad" range, also noted in |
| the man page now. |
| |
| - Daniel Black filed bug #1705177 |
| (http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl |
| --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS |
| was found and used. |
| |
| Daniel S (21 April 2007) |
| - Daniel Black filed bug #1704675 |
| (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free |
| problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on |
| closedown after a failure and a bad #ifdef for NSS when closing down SSL. |
| |
| Yang Tse (20 April 2007) |
| - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of |
| Curl_socket_ready(), Curl_poll() and Curl_select() when these are called |
| with a zero timeout or a timeout value indicating a blocking call should |
| be performed. |
| |
| Daniel S (18 April 2007) |
| - James Housley made SFTP uploads use libssh2's non-blocking API |
| |
| - Prevent the internal progress meter from updating more frequently than once |
| per second. |
| |
| Dan F (17 April 2007) |
| - Added test cases 296, 297 and 298 to test --ftp-method handling |
| |
| Daniel S (16 April 2007) |
| - Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a |
| function that deprecates the curl_multi_socket() function. Using the new |
| function the application tell libcurl what action that was found in the |
| socket that it passes in. This gives a significant performance boost as it |
| allows libcurl to avoid a call to poll()/select() for every call to |
| curl_multi_socket*(). |
| |
| I added a define in the public curl/multi.h header file that will make your |
| existing application automatically use curl_multi_socket_action() instead of |
| curl_multi_socket() when you recompile. But of course you'll get better |
| performance if you adjust your code manually and actually pass in the |
| correct action bitmask to this function. |
| |
| Daniel S (14 April 2007) |
| - Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test |
| suite to make stunnel run better in some (most?) environments. |
| |
| Dan F (13 April 2007) |
| - Added test cases 294 and 295 to test --ftp-account handling |
| |
| - Improved handling of out of memory in ftp. |
| |
| Yang Tse (13 April 2007) |
| - Fix test case 534 which started to fail 2007-04-13 due to the existance |
| of a new host on the net with the same silly domain the test was using |
| for a host which was supposed not to exist. |
| |
| Daniel S (12 April 2007) |
| - Song Ma found a memory leak in the if2ip code if you pass in an interface |
| name longer than the name field of the ifreq struct (typically 6 bytes), as |
| then it wouldn't close the used dummy socket. Bug #1698974 |
| (http://curl.haxx.se/bug/view.cgi?id=1698974) |
| |
| Version 7.16.2 (11 April 2007) |
| |
| Yang Tse (10 April 2007) |
| - Ravi Pratap provided some fixes for HTTP pipelining |
| |
| - configure script will ignore --enable-sspi option for non-native Windows. |
| |
| Daniel S (9 April 2007) |
| - Nick Zitzmann did ssh.c cleanups |
| |
| Daniel S (3 April 2007) |
| - Rob Jones fixed better #ifdef'ing for a bunch of #include lines. |
| |
| Daniel S (2 April 2007) |
| - Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The |
| accepted commands are as follows: |
| |
| chgrp (gid) (path) |
| Changes the group ID of the file or directory at (path) to (gid). (gid) |
| must be a number. |
| |
| chmod (perms) (path) |
| Changes the permissions of the file or directory at (path) to |
| (perms). (perms) must be a number in the format used by the chmod Unix |
| command. |
| |
| chown (uid) (path) |
| Changes the user ID of the file or directory at (path) to (uid). (uid) |
| must be a number. |
| |
| ln (source) (dest) |
| Creates a symbolic link at (dest) that points to the file located at |
| (source). |
| |
| mkdir (path) |
| Creates a new directory at (path). |
| |
| rename (source) (dest) |
| Moves the file or directory at (source) to (dest). |
| |
| rm (path) |
| Deletes the file located at (path). |
| |
| rmdir (path) |
| Deletes the directory located at (path). This command will raise an error |
| if the directory is not empty. |
| |
| symlink (source) (dest) |
| Same as ln. |
| |
| Daniel S (1 April 2007) |
| - Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many |
| easy handles are added to a multi handle, by avoiding the looping over all |
| the handles to find which one to remove. |
| |
| - Matt Kraai provided a patch that makes curl build on QNX 6 fine again. |
| |
| Daniel S (31 March 2007) |
| - Fixed several minor issues detected by the coverity.com scanner. |
| |
| - "Pixel" fixed a problem that appeared when you used -f with user+password |
| embedded in the URL. |
| |
| Dan F (29 March 2007) |
| - Don't tear down the ftp connection if the maximum filesize was exceeded |
| and added tests 290 and 291 to check. |
| |
| - Added ftps upload and SSL required tests 401 and 402. |
| |
| - Send an EOF message before closing an SCP channel, as recommended by |
| RFC4254. Enable libssh2 tracing when ssh debugging is turned on. |
| |
| Yang Tse (27 March 2007) |
| - Internal function Curl_select() renamed to Curl_socket_ready() |
| |
| New Internal wrapper function Curl_select() around select (2), it |
| uses poll() when a fine poll() is available, so now libcurl can be |
| built without select() support at all if a fine poll() is available. |
| |
| Daniel S (25 March 2007) |
| - Daniel Johnson fixed multi code to traverse the easy handle list properly. |
| A left-over bug from the February 21 fix. |
| |
| Dan F (23 March 2007) |
| - Added --pubkey option to curl and made --key also work for SCP/SFTP, |
| plus made --pass work on an SSH private key as well. |
| |
| - Changed the test harness to attempt to gracefully shut down servers |
| before resorting to the kill -9 hammer. |
| |
| - Added test harness infrastructure to support scp/sftp tests, using |
| OpenSSH as the server. |
| |
| - Fixed a memory leak when specifying a proxy with a file: URL. |
| |
| Yang Tse (20 March 2007) |
| - Fixed: When a signal was caught awaiting for an event using Curl_select() |
| or Curl_poll() with a non-zero timeout both functions would restart the |
| specified timeout. This could even lead to the extreme case that if a |
| signal arrived with a frecuency lower to the specified timeout neither |
| function would ever exit. |
| |
| Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in |
| Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR |
| defined both functions will return as soon as a signal is caught. Use it |
| at your own risk, all calls to these functions in the library should be |
| revisited and checked before fully supporting this feature. |
| |
| Yang Tse (19 March 2007) |
| - Bryan Henderson fixed the progress function so that it can get called more |
| frequently allowing same calling frecuency for the client progress callback. |
| |
| Dan F (15 March 2007) |
| - Various memory leaks plugged and NULL pointer fixes made in the ssh code. |
| |
| Daniel (15 March 2007) |
| - Nick made the curl tool accept globbing ranges that only is one number, i.e |
| you can now use [1-1] without curl complaining. |
| |
| Daniel (10 March 2007) |
| - Eygene Ryabinkin: |
| |
| The problem is the following: when we're calling Curl_done and it decides to |
| keep the connection opened ('left intact'), then the caller is not notified |
| that the connection was done via the NULLifying of the pointer, so some easy |
| handle is keeping the pointer to this connection. |
| |
| Later ConnectionExists can select such connection for reuse even if we're |
| not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is |
| false and we can reuse this connection for another easy handle. But thus the |
| connection will be shared between two easy handles if the handle that wants |
| to take the ownership is not the same as was not notified of the connection |
| was done in Curl_done. And when some of these easy handles will get their |
| connection really freed the another one will still keep the pointer. |
| |
| My fix was rather trivial: I just added the NULLification to the 'else' |
| branch in the Curl_done. My tests with Git and ElectricFence showed no |
| problems both for HTTP pulling and cloning. Repository size is about 250 Mb, |
| so it was a considerable amount of Curl's work. |
| |
| Dan F (9 March 2007) |
| - Updated the test harness to add a new "crypto" feature check and updated the |
| appropriate test case to use it. For now, this is treated the same as the |
| "SSL" feature because curl doesn't list it separately. |
| |
| Daniel (9 March 2007) |
| - Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6. |
| |
| - Robert A. Monat improved the maketgz and VC6/8 generating to set the correct |
| machine type too. |
| |
| - Justin Fletcher fixed a file descriptor leak in the curl tool when trying to |
| upload a file it couldn't open. Bug #1676581 |
| (http://curl.haxx.se/bug/view.cgi?id=1676581) |
| |
| Dan F (9 March 2007) |
| - Updated the test harness to check for protocol support before running each |
| test, fixing KNOWN_BUGS #11. |
| |
| Dan F (7 March 2007) |
| - Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test |
| harness. It is very limited as it supports only ftps:// URLs with |
| --ftp-ssl-control specified, which implicitly encrypts the control |
| channel but not the data channels. That allows stunnel to be used with |
| an unmodified ftp server in exactly the same way that the test https |
| server is set up. |
| |
| Dan F (7 March 2007) |
| - Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and |
| unencrypted data connections. |
| |
| Dan F (6 March 2007) |
| - Fixed a couple of improper pointer uses detected by valgrind in test |
| cases 181 & 216. |
| |
| Daniel (2 March 2007) |
| - Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8 |
| makefiles that are included in the source release archives, generated from |
| the Makefile.vc6 files by the maketgz script. I also modified the root |
| Makefile to have a VC variable that defaults to vc6 but can be overridden to |
| allow it to be used for vc8 as well. Like this: |
| |
| nmake VC=vc8 vc |
| |
| Daniel (27 February 2007) |
| - Hang Kin Lau found and fixed: When I use libcurl to connect to an https |
| server through a proxy and have the remote https server port set using the |
| CURLOPT_PORT option, protocol gets reset to http from https after the first |
| request. |
| |
| User defined URL was modified internally by libcurl and subsequent reuse of |
| the easy handle may lead to connection using a different protocol (if not |
| originally http). |
| |
| I found that libcurl hardcoded the protocol to "http" when it tries to |
| regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as |
| follows and it's working fine so far |
| |
| Daniel (25 February 2007) |
| - Adam D. Moss made the HTTP CONNECT procedure less blocking when used from |
| the multi interface. Note that it still does a part of the connection in a |
| blocking manner. |
| |
| Daniel (23 February 2007) |
| - Added warning outputs if the command line uses more than one of the options |
| -v, --trace and --trace-ascii, since it could really confuse the user. |
| Clarified this fact in the man page. |
| |
| Daniel (21 February 2007) |
| - Ravi Pratap provided work on libcurl making pipelining more robust and |
| fixing some bugs: |
| o Don't mix GET and POST requests in a pipeline |
| o Fix the order in which requests are dispatched from the pipeline |
| o Fixed several curl bugs with pipelining when the server is returning |
| chunked encoding: |
| * Added states to chunked parsing for final CRLF |
| * Rewind buffer after parsing chunk with data remaining |
| * Moved chunked header initializing to a spot just before receiving |
| headers |
| |
| Daniel (20 February 2007) |
| - Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle |
| active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command |
| line option. |
| |
| Daniel (19 February 2007) |
| - Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl. |
| |
| - Shmulik Regev found a memory leak in re-used HTTPS connections, at least |
| when the multi interface was used. |
| |
| - Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and |
| 5). |
| |
| Daniel (18 February 2007) |
| - Jeff Pohlmeyer identified two problems: first a rather obscure problem with |
| the multi interface and connection re-use that could make a |
| curl_multi_remove_handle() ruin a pointer in another handle. |
| |
| The second problem was less of an actual problem but more of minor quirk: |
| the re-using of connections wasn't properly checking if the connection was |
| marked for closure. |
| |
| Daniel (16 February 2007) |
| - Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting |
| CURLOPT_RANGE back to no range on an easy handle when using FTP. |
| |
| Dan F (14 February 2007) |
| - Fixed curl-config --libs so it doesn't list unnecessary libraries (and |
| therefore introduce unnecessary dependencies) when it's not needed. |
| Also, don't bother adding a library path of /usr/lib |
| |
| Daniel (13 February 2007) |
| - The default password for anonymous FTP connections is now changed to be |
| "ftp@example.com". |
| |
| - Robert A. Monat made libcurl build fine with VC2005 - it doesn't have |
| gmtime_r() like the older VC versions. He also made use of some machine- |
| specific defines to differentiate the "OS" define. |
| |
| Daniel (12 February 2007) |
| - Rob Crittenden added support for NSS (Network Security Service) for the |
| SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/ |
| |
| This is the fourth supported library for TLS/SSL that libcurl supports! |
| |
| - Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent |
| to the debug callback. |
| |
| - Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and |
| CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's |
| internal decoding of content or transfer encoded content. This may be |
| preferable in cases where you use libcurl for proxy purposes or similar. The |
| command line tool got a --raw option to disable both at once. |
| |
| - release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP |
| define set to hold the exact date and time of when the tarball was built, as |
| a human readable string using the UTC time zone. |
| |
| - Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle |
| that has an easy handle present in the "closure" list pending closure. |
| |
| Daniel (6 February 2007) |
| - Regular file downloads wiht SFTP and SCP are now done using the non-blocking |
| API of libssh2, if the libssh2 headers seem to support them. This will make |
| SCP and SFTP much more responsive and better libcurl citizens when used with |
| the multi interface etc. |
| |
| Daniel (5 February 2007) |
| - Michael Wallner added support for CURLOPT_TIMEOUT_MS and |
| CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with |
| millisecond resolution. The only restriction to that is the alarm() |
| (sometimes) used to abort name resolves as that uses full seconds. I fixed |
| the FTP response timeout part of the patch. |
| |
| Internally we now count and keep the timeouts in milliseconds but it also |
| means we multiply set timeouts with 1000. The effect of this is that no |
| timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which |
| equals 24.86 days. We probably couldn't before either since the code did |
| *1000 on the timeout values on several places already. |
| |
| Daniel (3 February 2007) |
| - Yang Tse fixed the cookie expiry date in several test cases that started to |
| fail since they used "1 feb 2007"... |
| |
| - Manfred Schwarb reported that socks5 support was broken and help us pinpoint |
| the problem. The code now tries harder to use httproxy and proxy where |
| apppropriate, as not all proxies are HTTP... |
| |
| Version 7.16.1 (29 January 2007) |
| |
| Daniel (29 January 2007) |
| - Michael Wallner reported that when doing a CONNECT with a custom User-Agent |
| header, you got _two_ User-Agent headers in the CONNECT request...! Added |
| test case 287 to verify the fix. |
| |
| Daniel (28 January 2007) |
| - curl_easy_reset() now resets the CA bundle path correctly. |
| |
| - David McCreedy fixed the Curl command line tool for HTTP on non-ASCII |
| platforms. |
| |
| Daniel (25 January 2007) |
| - Added the --libcurl [file] option to curl. Append this option to any |
| ordinary curl command line, and you will get a libcurl-using source code |
| written to the file that does the equivalent operation of what your command |
| line operation does! |
| |
| Dan F (24 January 2007) |
| - Fixed a dangling pointer problem that prevented the http_proxy environment |
| variable from being properly used in many cases (and caused test case 63 |
| to fail). |
| |
| Daniel (23 January 2007) |
| - David McCreedy did NTLM changes mainly for non-ASCII platforms: |
| |
| #1 |
| There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT |
| defined. I noticed this while testing various configurations. Line 867 of |
| the current http_ntlm.c is a closing bracket for an if/else pair that only |
| gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket |
| wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was |
| defined. Lines 198 and 140 of my patch wraps that closing bracket in an |
| #ifdef USE_NTLM2SESSION. |
| |
| #2 |
| I noticed several picky compiler warnings when DEBUG_ME is defined. I've |
| fixed them with casting. By the way, DEBUG_ME was a huge help in |
| understanding this code. |
| |
| #3 |
| Hopefully the last non-ASCII conversion patch for libcurl in a while. I |
| changed the "NTLMSSP" literal to hex since this signature must always be in |
| ASCII. |
| |
| Conversion code was strategically added where necessary. And the |
| Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c |
| creates are NOT translated on non-ASCII platforms. |
| |
| Dan F (22 January 2007) |
| - Converted (most of) the test data files into genuine XML. A handful still |
| are not, due mainly to the lack of support for XML character entities |
| (e.g. & => & ). This will make it easier to validate test files using |
| tools like xmllint, as well as to edit and view them using XML tools. |
| |
| Daniel (16 January 2007) |
| - Armel Asselin improved libcurl to behave a lot better when an easy handle |
| doing an FTP transfer is removed from a multi handle before completion. The |
| fix also fixed the "alive counter" to be correct on "premature removal" for |
| all protocols. |
| |
| Dan F (16 January 2007) |
| - Fixed a small memory leak in tftp uploads discovered by curl's memory leak |
| detector. Also changed tftp downloads to URL-unescape the downloaded |
| file name. |
| |
| Daniel (14 January 2007) |
| - David McCreedy provided libcurl changes for doing HTTP communication on |
| non-ASCII platforms. It does add some complexity, most notably with more |
| #ifdefs, but I want to see this supported added and I can't see how we can |
| add it without the extra stuff added. |
| |
| - Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present, |
| libcurl would crash when trying to read a NULL pointer. |
| |
| Daniel (12 January 2007) |
| - Toby Peterson found a nasty bug that prevented (lib)curl from properly |
| downloading (most) things that were larger than 4GB on 32 bit systems. Matt |
| Witherspoon helped as narrow down the problem. |
| |
| Daniel (5 January 2007) |
| - Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to |
| curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it |
| will make libcurl shutdown SSL/TLS after the authentication is done on a |
| FTP-SSL operation. |
| |
| Daniel (4 January 2007) |
| - David McCreedy made changes to allow base64 encoding/decoding to work on |
| non-ASCII platforms. |
| |
| Daniel (3 January 2007) |
| - Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store |
| downloaded data in two buffers, just to be able to deal with a special HTTP |
| pipelining case. That is now only activated for pipelined transfers. In |
| Matt's case, it showed as a considerable performance difference, |
| |
| Daniel (2 January 2007) |
| - Victor Snezhko helped us fix bug report #1603712 |
| (http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate |
| (CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken |
| on Windows (since 7.16.0, but that's when they were introduced as previous |
| to that the limiting logic was made in the application only and not in the |
| library). It was actually also broken on select()-based systems (as apposed |
| to poll()) but we haven't had any such reports. We now use select(), Sleep() |
| or delay() properly to sleep a while without waiting for anything input or |
| output when the rate limiting is activated with the easy interface. |
| |
| - Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs |
| to get built static. It has been mentioned before and was again brought to |
| our attention by Nathanael Nerode who filed debian bug report #405226 |
| (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226). |
| |