| _ _ ____ _ |
| ___| | | | _ \| | |
| / __| | | | |_) | | |
| | (__| |_| | _ <| |___ |
| \___|\___/|_| \_\_____| |
| |
| Changelog |
| |
| Daniel Fandrich (3 May 2009) |
| - Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug |
| report failed to mention that a proxy must be used to reproduce it. |
| |
| Yang Tse (2 May 2009) |
| - Use a build-time configured curl_socklen_t data type instead of socklen_t. |
| |
| Yang Tse (1 May 2009) |
| - Applied David McCreedy's patches "TPF-platform specific changes to various |
| files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the |
| former with minor edits. |
| |
| Daniel Stenberg (30 Apr 2009) |
| - I was going to fix issue #59 in KNOWN_BUGS |
| |
| If the CURLOPT_PORT option is used on an FTP URL like |
| "ftp://example.com/file;type=A" the ";type=A" is stripped off. |
| |
| I added test case 562 to verify, only to find out that I couldn't repeat |
| this bug so I hereby consider it not a bug anymore! |
| |
| Daniel Stenberg (29 Apr 2009) |
| - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219) |
| I've now made TFTP "connections" not being kept for re-use within libcurl. |
| TFTP is UDP-based so the benefit was really low (if even existing) to begin |
| with so instead of tracking down to fix this problem we instead removed the |
| re-use. I also enabled test case 1099 that I wrote a few days ago to verify |
| that this change fixes the reported problem. |
| |
| Daniel Stenberg (28 Apr 2009) |
| - Constantine Sapuntzakis filed bug report #2783090 |
| (http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows |
| we need to grow the SO_SNDBUF buffer somewhat to get really good upload |
| speeds. http://support.microsoft.com/kb/823764 has the details. Friends |
| confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough. |
| |
| - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim |
| Chen pointed out how curl couldn't upload with resume when reading from a |
| pipe. |
| |
| This ended up with the introduction of a new return code for the |
| CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but |
| that libcurl may try to resolve the situation anyway. In our case this means |
| libcurl will attempt to instead read that much data from the stream instead |
| of seeking and that way curl can now upload with resume when data is read |
| from a stream! |
| |
| Daniel Stenberg (26 Apr 2009) |
| - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven |
| Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi |
| interface and provided a patch that fixed the problem! |
| |
| Daniel Stenberg (24 Apr 2009) |
| - Kamil Dudka fixed another NSS-related leak when client certs were used. |
| |
| - Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer |
| Koenig pointed out that the man page didn't tell that the *_proxy |
| environment variables can be specified lower case or UPPER CASE and the |
| lower case takes precedence, |
| |
| Daniel Fandrich (21 Apr 2009) |
| - Added new libcurl source files to Amiga, RiscOS and VC6 build files. |
| |
| Yang Tse (21 Apr 2009) |
| - Moved potential inclusion of system's malloc.h and memory.h header files to |
| setup_once.h. Inclusion of each header file is based on the definition of |
| NEED_MALLOC_H and NEED_MEMORY_H respectively. |
| |
| Renamed libcurl's memory.h to curl_memory.h |
| |
| Daniel Stenberg (20 Apr 2009) |
| - Leanic Lefever reported a crash and did some detailed research on why and |
| how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The |
| conclusion was that if an error is detected and Curl_done() is called for |
| the connection, ftp_done() could at times return another error code that |
| then would take precedence and that new code confused existing logic that |
| works for the first error code (CURLE_SEND_ERROR) only. |
| |
| - Gisle Vanem noticed that --libtool would produce bogus strings at times for |
| OBJECTPOINT options. Now we've introduced a new function - my_setopt_str - |
| within the app for setting plain string options to avoid the risk of this |
| mistake happening. |
| |
| Daniel Stenberg (17 Apr 2009) |
| - Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP |
| proxy. libcurl would then wrongly close the connection after each |
| request. In his case it had the weird side-effect that it killed NTLM auth |
| for the proxy causing an inifinite loop! |
| |
| I added test case 1098 to verify this fix. The test case does however not |
| properly verify that the transfers are done persistently - as I couldn't |
| think of a clever way to achieve it right now - but you need to read the |
| stderr output after a test run to see that it truly did the right thing. |
| |
| Daniel Stenberg (13 Apr 2009) |
| - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin |
| Storsjö pointed out how setting CURLOPT_NOBODY to 0 could be downright |
| confusing as it set the method to either GET or HEAD. The example he showed |
| looked like: |
| |
| curl_easy_setopt(curl, CURLOPT_PUT, 1); |
| curl_easy_setopt(curl, CURLOPT_NOBODY, 0); |
| |
| The new way doesn't alter the method until the request is about to start. If |
| CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is |
| 0 and the request happens to have been set to HEAD, it will then instead be |
| set to GET. I believe this will be less surprising to users, and hopefully |
| not hit any existing users badly. |
| |
| - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned |
| out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue |
| is found in Redhat's bug tracker: |
| https://bugzilla.redhat.com/show_bug.cgi?id=453612 |
| |
| There are still memory leaks present, but they seem to have other reasons. |
| |
| Daniel Fandrich (11 Apr 2009) |
| - Added new libcurl source files to Symbian OS build files. |
| - Improved Symbian support for SSL. |
| |
| Yang Tse (10 Apr 2009) |
| - Daniel Johnson improved the MacOSX-Framework shell script to now perform all |
| the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64 |
| libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later. |
| |
| Yang Tse (8 Apr 2009) |
| - Removed Sun compilers preprocessor block from curlbuild.h.dist, this also |
| removes it from the curlbuild.h file originally distributed by the cURL |
| project as this file is intended for systems not capable of running the |
| configure script. For those who have been building curl out of the source |
| code curl distribution tarball provided by curl.haxx.se the change implies |
| nothing. Previous change in this area committed 2 Apr becomes irrelevant. |
| |
| Daniel Stenberg (6 Apr 2009) |
| - I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success |
| and 1 on fatal errors. Previously it only mentioned non-zero on fatal |
| errors. This is a slight change in meaning, but it follows what we've done |
| elsewhere before and it opens up for LOTS of more useful return codes |
| whenever we can think of them... |
| |
| Yang Tse (2 Apr 2009) |
| - Fix curl_off_t definition for builds done using Sun compilers and a |
| non-configured libcurl. In this case curl_off_t data type was gated |
| to the off_t data type which depends on the _FILE_OFFSET_BITS. This |
| configuration is exactly the unwanted configuration for our curl_off_t |
| data type which must not depend on such setting. This breaks ABI for |
| libcurl libraries built with Sun compilers which were built without |
| having run the configure script with _FILE_OFFSET_BITS different than |
| 64 and using the ILP32 data model. |
| |
| Daniel Stenberg (1 Apr 2009) |
| - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a |
| strdup() call failed. |
| |
| Daniel Fandrich (31 Mar 2009) |
| - Properly return an error code in curl_easy_recv (reported by Jim Freeman). |
| |
| Daniel Stenberg (18 Mar 2009) |
| - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when |
| NSS is used. These ciphers were added in NSS 3.4 and require to be enabled |
| explicitly. |
| |
| Daniel Stenberg (13 Mar 2009) |
| - Use libssh2_version() to present the libssh2 version in case the libssh2 |
| library is found to support it. |
| |
| Yang Tse (12 Mar 2009) |
| - Added missing Curl_read() return code checking in TELNET transfers. |
| |
| - Pierre Brico found and fixed TELNET transfers not being aborted upon |
| a write callback failure. |
| |
| Daniel Stenberg (11 Mar 2009) |
| - Kamil Dudka made the curl tool properly call curl_global_init() before any |
| other libcurl function. |
| |
| Yang Tse (11 Mar 2009) |
| - Added missing TELNET timeout support for Windows builds. This issue was |
| reported by Pierre Brico. |
| |
| Daniel Stenberg (9 Mar 2009) |
| - Frank Hempel found out a bug and provided the fix: |
| |
| curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE |
| option. It only enabled the cookie engine in the destination handle if |
| data->cookies is not NULL (where data is the source handle). In case of a |
| newly initialized handle which just had the cookie support enabled by a |
| curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was |
| still NULL because the setopt-call only appends the value to |
| data->change.cookielist, hence duplicating this handle would not have the |
| cookie engine switched on. |
| |
| We also concluded that the slist-functionality would be suitable for being |
| put in its own module rather than simply hanging out in lib/sendf.c so I |
| created lib/slist.[ch] for them. |
| |
| - Andreas Farber made the 'buildconf' script check for the presence of m4 |
| scripts to make it detect a bad checkout earlier. People with older |
| checkouts who don't do cvs update with the -d option won't get the new dirs |
| and then will get funny outputs that can be a bit hard to understand and |
| fix. |
| |
| Daniel Stenberg (8 Mar 2009) |
| - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the |
| allocation of the memory BIO was not being properly checked. |
| |
| - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places |
| in the gnutls code where we were checking for negative values for errors, |
| when the man pages state that GNUTLS_E_SUCCESS is returned on success and |
| other values indicate error conditions. |
| |
| - Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that |
| curl didn't use sprintf() in a way that is documented to work in POSIX but |
| since we use our own printf() code (from libcurl) that shouldn't be a |
| problem. Nonetheless I modified the code to not rely on such particular |
| features and to not cause further raised eyebrowse with no good reason. |
| |
| Daniel Fandrich (5 Mar 2009) |
| - Expanded the security section of the libcurl-tutorial man page to cover |
| more issues for authors to consider when writing robust libcurl-using |
| applications. |
| |
| Yang Tse (5 Mar 2009) |
| - Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This |
| issue was noticed by Chris Deidun. |
| |
| Daniel Fandrich (4 Mar 2009) |
| - Fixed a problem with m4 quoting in the OpenSSL configure check reported |
| by Daniel Johnson. |
| |
| Daniel Stenberg (3 Mar 2009) |
| - David James brought a patch that make libcurl close (all) dead connections |
| whenever you attempt to open a new connection. |
| |
| 1. After cleaning up a dead connection, "continue" instead of |
| returning FALSE. This ensures that we clean up all dead connections, |
| rather than just cleaning up the first dead connection. |
| 2. Move up the cleanup for dead connections so that it occurs for |
| all connections, rather than just the connections which have the same |
| preferences as our current new connection. |
| |
| Version 7.19.4 (3 March 2009) |
| |
| Daniel Stenberg (3 Mar 2009) |
| - David Kierznowski notified us about a security flaw |
| (http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in |
| which previous libcurl versions (by design) can be tricked to access an |
| arbitrary local/different file instead of a remote one when |
| CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release |
| together this the addition of two new setopt options for controlling this |
| new behavior: |
| |
| o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to |
| follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option |
| excludes the FILE and SCP protocols and thus you nee to explicitly allow |
| them in your app if you really want that behavior. |
| |
| o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch |
| using the primary URL option. This is useful if you want to allow a user or |
| other outsiders control what URL to pass to libcurl and yet not allow all |
| protocols libcurl may have been built to support. |
| |
| Daniel Stenberg (27 Feb 2009) |
| - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and |
| CURLOPT_LOCALPORT were used together (the local port bind failed), and |
| Markus Koetter provided the fix! |
| |
| Daniel Stenberg (25 Feb 2009) |
| - As Daniel Fandrich figured out, we must do the GnuTLS initing in the |
| curl_global_init() function to properly maintain the performing functions |
| thread-safe. We've previously (28 April 2007) moved the init to a later time |
| just to avoid it to fail very early when libgcrypt dislikes the situation, |
| but that move was bad and the fix should rather be in libgcrypt or |
| elsewhere. |
| |
| Daniel Stenberg (24 Feb 2009) |
| - Brian J. Murrell found out that Negotiate proxy authentication didn't work. |
| It happened because the code used the struct for server-based auth all the |
| time for both proxy and server auth which of course was wrong. |
| |
| Daniel Stenberg (23 Feb 2009) |
| - After a bug reported by James Cheng I've made curl_easy_getinfo() for |
| CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return |
| -1 if the sizes aren't know. Previously these returned 0, make it impossible |
| to detect the difference between actually zero and unknown. |
| |
| Yang Tse (23 Feb 2009) |
| - Daniel Johnson provided a shell script that will perform all the steps needed |
| to build a Mac OS X fat ppc/i386 or ppc64/x86_64 libcurl.framework |
| |
| Daniel Stenberg (23 Feb 2009) |
| - I renamed everything in the windows builds files that used the name 'curllib' |
| to the proper 'libcurl' as clearly this caused confusion. |
| |
| Yang Tse (20 Feb 2009) |
| - Do not halt compilation when using VS2008 to build a Windows 2000 target. |
| |
| Daniel Stenberg (20 Feb 2009) |
| - Linus Nielsen Feltzing reported and helped me repeat and fix a problem with |
| FTP with the multi interface: when a transfer fails, like when aborted by a |
| write callback, the control connection was wrongly closed and thus not |
| re-used properly. |
| |
| This change is also an attempt to cleanup the code somewhat in this area, as |
| now the FTP code attempts to keep (better) track on pending responses |
| necessary to get read in ftp_done(). |
| |
| Daniel Stenberg (19 Feb 2009) |
| - Patrik Thunstrom reported a problem and helped me repeat it. It turned out |
| libcurl did a superfluous 1000ms wait when doing SFTP downloads! |
| |
| We read data with libssh2 while doing the "DO" operation for SFTP and then |
| when we were about to start getting data for the actual file part, the |
| "TRANSFER" part, we waited for socket action (in 1000ms) before doing a |
| libssh2-read. But in this case libssh2 had already read and buffered the |
| data so we ended up always just waiting 1000ms before we get working on the |
| data! |
| |
| Patrick Monnerat (18 Feb 2009) |
| - FTP downloads (i.e.: RETR) ending with code 550 now return error |
| CURLE_REMOTE_FILE_NOT_FOUND instead of CURLE_FTP_COULDNT_RETR_FILE. |
| |
| Daniel Stenberg (17 Feb 2009) |
| - Kamil Dudka made NSS-powered builds compile and run again! |
| |
| - A second follow-up change by Andre Guibert de Bruet to fix a related memory |
| leak like that fixed on the 14th. When zlib returns failure, we need to |
| cleanup properly before returning error. |
| |
| - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for |
| plain FTP connections, and it will then allow MKD to fail once and retry the |
| CWD afterwards. This is especially useful if you're doing many simultanoes |
| connections against the same server and they all have this option enabled, |
| as then CWD may first fail but then another connection does MKD before this |
| connection and thus MKD fails but trying CWD works! The numbers can |
| (should?) now be set with the convenience enums now called |
| CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY. |
| |
| Tests has proven that if you're making an application that uploads a set of |
| files to an ftp server, you will get a noticable gain in speed if you're |
| using multiple connections and this option will be then be very useful. |
| |
| Daniel Stenberg (14 Feb 2009) |
| - Andre Guibert de Bruet found and fixed a memory leak in the content encoding |
| code, which could happen on libz errors. |
| |
| Daniel Fandrich (12 Feb 2009) |
| - Added support for Digest and NTLM authentication using GnuTLS. |
| |
| Daniel Stenberg (11 Feb 2009) |
| - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if |
| the condition in the previous request was unmet. This is typically a time |
| condition set with CURLOPT_TIMECONDITION and was previously not possible to |
| reliably figure out. From bug report #2565128 |
| (http://curl.haxx.se/bug/view.cgi?id=2565128) filed by Jocelyn Jaubert. |
| |
| Daniel Fandrich (4 Feb 2009) |
| - Don't add the standard /usr/lib or /usr/include paths to LDFLAGS and CPPFLAGS |
| (respectively) when --with-ssl=/usr is used (patch based on FreeBSD). |
| |
| - Added an explicit buffer limit check in msdosify() (patch based on FreeBSD). |
| This couldn't ever overflow in curl, but might if the code were used |
| elsewhere or under different conditions. |
| |
| Daniel Stenberg (3 Feb 2009) |
| - Hidemoto Nakada provided a small fix that makes it possible to get the |
| CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with |
| CURLOPT_NOBODY set true. |
| |
| Daniel Stenberg (2 Feb 2009) |
| - Patrick Scott found a rather large memory leak when using the multi |
| interface and setting CURLMOPT_MAXCONNECTS to something less than the number |
| of handles you add to the multi handle. All the connections that didn't fit |
| in the cache would not be properly disconnected nor freed! |
| |
| - Craig A West brought us: libcurl now defaults to do CONNECT with HTTP |
| version 1.1 instead of 1.0 like before. This change also introduces the new |
| proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to |
| switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0 |
| option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0. |
| |
| I updated all test cases cases that use CONNECT and I tried to do some using |
| --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run. |
| |
| Daniel Stenberg (31 Jan 2009) |
| - When building with c-ares 1.6.1 (not yet released) or later and IPv6 support |
| enabled, we can now take advantage of its brand new AF_UNSPEC support in |
| ares_gethostbyname(). This makes test case 241 finally run fine for me with |
| this setup since it now parses the "::1 ip6-localhost" line fine in my |
| /etc/hosts file! |
| |
| Daniel Stenberg (30 Jan 2009) |
| - Scott Cantor filed bug report #2550061 |
| (http://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to |
| properly make sure that the VC9 makefiles got included in the latest |
| release. I've now fixed the release script and verified it so next release |
| will hopefully include them properly! |
| |
| Daniel Fandrich (30 Jan 2009) |
| - Fixed --disable-proxy for FTP and SOCKS. Thanks to Daniel Egger for |
| reporting. |
| |
| Yang Tse (29 Jan 2009) |
| - Introduced curl_sspi.c and curl_sspi.h for the implementation of functions |
| Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were |
| named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c |
| Also adjusted socks_sspi.c to remove the link-time dependency on the Windows |
| SSPI library using it now in the same way as it was done in http_ntlm.c. |
| |
| Daniel Stenberg (28 Jan 2009) |
| - Markus Moeller introduced two new options to libcurl: |
| CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl |
| to do GSS-style authentication with SOCKS5 proxies. The curl tool got the |
| options called --socks5-gssapi-service and --socks5-gssapi-nec to enable |
| these. |
| |
| Daniel Stenberg (26 Jan 2009) |
| - Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app |
| to set desired block size to use for TFTP transfers instead of the default |
| 512 bytes. |
| |
| - The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to |
| disable "rfc4507bis session ticket support". rfc4507bis was later turned |
| into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077 |
| |
| The enabled extension concerns the session management. I wonder how often |
| libcurl stops a connection and then resumes a TLS session. also, sending the |
| session data is some overhead. .I suggest that you just use your proposed |
| patch (which explicitly disables TICKET). |
| |
| If someone writes an application with libcurl and openssl who wants to |
| enable the feature, one can do this in the SSL callback. |
| |
| Sharad Gupta brought this to my attention. Peter Sylvester helped me decide |
| on the proper action. |
| |
| - Alexey Borzov filed bug report #2535504 |
| (http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with |
| quoted quotation marks in HTTP Digest headers didn't work. I've now added |
| test case 1095 that verifies my fix. |
| |
| - Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option. |
| They basically offer the same thing the NO_PROXY environment variable only |
| offered previously: list a set of host names that shall not use the proxy |
| even if one is specified. |
| |
| Daniel Fandrich (20 Jan 2009) |
| - Call setlocale() for libtest tests to test the effects of locale-induced |
| libc changes on libcurl. |
| |
| - Fixed a couple more locale-dependent toupper conversions, mainly for |
| clarity. This does fix one problem that causes ;type=i FTP URLs |
| to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is |
| used (test case 561) |
| |
| - Added tests 561 and 1091 through 1094 to test various combinations |
| of ;type= and ;mode= URLs that could potentially fail in the Turkish |
| locale. |
| |
| Daniel Stenberg (20 Jan 2009) |
| - Lisa Xu pointed out that the ssh.obj file was missing from the |
| lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too). |
| |
| Version 7.19.3 (19 January 2009) |
| |
| Daniel Stenberg (16 Jan 2009) |
| - Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, both |
| 32 bit and 64 bit. |
| |
| Daniel Stenberg (15 Jan 2009) |
| - Tim Ansell fixed a compiler warning in lib/cookie.c |
| |
| Daniel Stenberg (14 Jan 2009) |
| - Grant Erickson fixed timeouts for TFTP such that specifying a |
| connect-timeout, a max-time or both options work correctly and as expected |
| by passing the correct boolean value to Curl_timeleft via the |
| 'duringconnect' parameter. |
| |
| With this small change, curl TFTP now behaves as expected (and likely as |
| originally-designed): |
| |
| 1) For non-existent or unreachable dotted IP addresses: |
| |
| a) With no options, follows the default curl 300s timeout... |
| b) With --connect-timeout only, follows that value... |
| c) With --max-time only, follows that value... |
| d) With both --connect-timeout and --max-time, follows the smaller value... |
| |
| and times out with a "curl: (7) Couldn't connect to server" error. |
| |
| 2) For transfers to/from a valid host: |
| |
| a) With no options, follows default curl 300s timeout for the |
| first XRQ/DATA/ACK transaction and the default TFTP 3600s |
| timeout for the remainder of the transfer... |
| |
| b) With --connect-time only, follows that value for the |
| first XRQ/DATA/ACK transaction and the default TFTP 3600s |
| timeout for the remainder of the transfer... |
| |
| c) With --max-time only, follows that value for the first |
| XRQ/DATA/ACK transaction and for the remainder of the |
| transfer... |
| |
| d) With both --connect-timeout and --max-time, follows the former |
| for the first XRQ/DATA/ACK transaction and the latter for the |
| remainder of the transfer... |
| |
| and times out with a "curl: (28) Timeout was reached" error as |
| appropriate. |
| |
| Daniel Stenberg (13 Jan 2009) |
| - Michael Wallner fixed a NULL pointer deref when calling |
| curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no |
| cookies data. |
| |
| - Stefan Teleman brought a patch to fix the default curlbuild.h file for the |
| SunPro compilers. |
| |
| Daniel Stenberg (12 Jan 2009) |
| - Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665) |
| by Daniel Black, I've now added magic to the configure script that makes it |
| use pkg-config to detect gnutls details as well if the existing method |
| (using libgnutls-config) fails. While doing this, I cleaned up and unified |
| the pkg-config usage when detecting openssl and nss as well. |
| |
| Daniel Stenberg (11 Jan 2009) |
| - Karl Moerder brought the patch that creates vc9 Makefiles, and I made |
| 'maketgz' now use the actual makefile targets to do the VC8 and VC9 |
| makefiles. |
| |
| Daniel Stenberg (10 Jan 2009) |
| - Emil Romanus fixed: |
| |
| When using the multi interface over HTTP and the server returns a Location |
| header, the running easy handle will get stuck in the CURLM_STATE_PERFORM |
| state, leaving the external event loop stuck waiting for data from the |
| ingoing socket (when using the curl_multi_socket_action stuff). While this |
| bug was pretty hard to find, it seems to require only a one-line fix. The |
| break statement on line 1374 in multi.c caused the function to skip the call |
| to multistate(). |
| |
| How to reproduce this bug? Well, that's another question. evhiperfifo.c in |
| the examples directory chokes on this bug only _sometimes_, probably |
| depending on how fast the URLs are added. One way of testing the bug out is |
| writing to hiper.fifo from more than one source at the same time. |
| |
| Daniel Fandrich (7 Jan 2009) |
| - Unified much of the SessionHandle initialization done in Curl_open() and |
| curl_easy_reset() by creating Curl_init_userdefined(). This had the side |
| effect of fixing curl_easy_reset() so it now also resets |
| CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE |
| |
| Daniel Stenberg (7 Jan 2009) |
| - Rob Crittenden did once again provide an NSS update: |
| |
| I have to jump through a few hoops now with the NSS library initialization |
| since another part of an application may have already initialized NSS by the |
| time Curl gets invoked. This patch is more careful to only shutdown the NSS |
| library if Curl did the initialization. |
| |
| It also adds in a bit of code to set the default ciphers if the app that |
| call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific |
| ciphers. One might argue that this lets other application developers get |
| lazy and/or they aren't using the NSS API correctly, and you'd be right. |
| But still, this will avoid terribly difficult-to-trace crashes and is |
| generally helpful. |
| |
| Daniel Stenberg (1 Jan 2009) |
| - 'reconf' is removed since we rather have users use 'buildconf' |
| |
| Daniel Stenberg (31 Dec 2008) |
| - Bas Mevissen reported http://curl.haxx.se/bug/view.cgi?id=2479030 pointing |
| out that 'reconf' didn't properly point out the m4 subdirectory when running |
| aclocal. |
| |
| Daniel Stenberg (29 Dec 2008) |
| - Phil Lisiecki filed bug report #2413067 |
| (http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that |
| would cause libcurl to mark a DNS cache entry "in use" eternally if the |
| subsequence TCP connect failed. It would thus never get pruned and refreshed |
| as it should've been. |
| |
| Phil provided his own patch to this problem that while it seemed to work |
| wasn't complete and thus I wrote my own fix to the problem. |
| |
| Daniel Stenberg (28 Dec 2008) |
| - Peter Korsgaard fixed building libcurl with "configure --with-ssl |
| --disable-verbose". |
| |
| - Anthony Bryan fixed more language and spelling flaws in man pages. |
| |
| Daniel Stenberg (22 Dec 2008) |
| - Given a recent enough libssh2, libcurl can now seek/resume with SFTP even |
| on file indexes beyond 2 or 4GB. |
| |
| - Anthony Bryan provided a set of patches that cleaned up manual language, |
| corrected spellings and more. |
| |
| Daniel Stenberg (20 Dec 2008) |
| - Igor Novoseltsev fixed a bad situation for the multi_socket() API when doing |
| pipelining, as libcurl could then easily get confused and A) work on the |
| handle that was not "first in queue" on a pipeline, or even B) tell the app |
| to REMOVE a socket while it was in use by a second handle in a pipeline. Both |
| errors caused hanging or stalling applications. |
| |
| Daniel Stenberg (19 Dec 2008) |
| - curl_multi_timeout() could return a timeout value of 0 even though nothing |
| was actually ready to get done, as the internal time resolution is higher |
| than the returned millisecond timer. Therefore it could cause applications |
| running on fast processors to do short bursts of busy-loops. |
| curl_multi_timeout() will now only return 0 if the timeout is actually |
| alreay triggered. |
| |
| - Using the libssh2 0.19 function libssh2_session_block_directions(), libcurl |
| now has an improved ability to do right when the multi interface (both |
| "regular" and multi_socket) is used for SCP and SFTP transfers. This should |
| result in (much) less busy-loop situations and thus less CPU usage with no |
| speed loss. |
| |
| Daniel Stenberg (17 Dec 2008) |
| - SCP and SFTP with the multi interface had the same flaw: the 'DONE' |
| operation didn't complete properly if the EAGAIN equivalent was returned but |
| libcurl would simply continue with a half-completed close operation |
| performed. This ruined persistent connection re-use and cause some |
| SSH-protocol errors in general. The correction is unfortunately adding a |
| blocking function - doing it entirely non-blocking should be considered for |
| a better fix. |
| |
| Gisle Vanem (16 Dec 2008) |
| - Added the possibility to use the Watt-32 tcp/ip stack under Windows. |
| The change simply involved adding a USE_WATT32 section in the |
| config-win32.h files (under ./lib and ./src). This section disables |
| the use of any Winsock headers. |
| |
| Daniel Stenberg (16 Dec 2008) |
| - libssh2_sftp_last_error() was wrongly used at some places in libcurl which |
| made libcurl sometimes not properly abort problematic SFTP transfers. |
| |
| Daniel Stenberg (12 Dec 2008) |
| - More work with Igor Novoseltsev to first fix the remaining stuff for |
| removing easy handles from multi handles when the easy handle is/was within |
| a HTTP pipeline. His bug report #2351653 |
| (http://curl.haxx.se/bug/view.cgi?id=2351653) was also related and was |
| eventually fixed by a patch by Igor himself. |
| |
| Yang Tse (12 Dec 2008) |
| - Patrick Monnerat fixed a build regression, introduced in 7.19.2, affecting |
| OS/400 compilations with IPv6 enabled. |
| |
| Daniel Stenberg (12 Dec 2008) |
| - Mark Karpeles filed bug report #2416182 titled "crash in ConnectionExists |
| when using duphandle+curl_mutli" |
| (http://curl.haxx.se/bug/view.cgi?id=2416182) which showed that |
| curl_easy_duphandle() wrongly also copied the pointer to the connection |
| cache, which was plain wrong and caused a segfault if the handle would be |
| used in a different multi handle than the handle it was duplicated from. |
| |
| Daniel Stenberg (11 Dec 2008) |
| - Keshav Krity found out that libcurl failed to deal with dotted IPv6 |
| addresses if they were very long (>39 letters) due to a too strict address |
| validity parser. It now accepts addresses up to 45 bytes long. |
| |
| Daniel Stenberg (11 Dec 2008) |
| - Internet Explorer had a broken HTTP digest authentication before v7 and |
| there are servers "out there" that relies on the client doing this broken |
| Digest authentication. Apache even comes with an option to work with such |
| broken clients. |
| |
| The difference is only for URLs that contain a query-part (a '?'-letter and |
| text to the right of it). |
| |
| libcurl now supports this quirk, and you enable it by setting the |
| CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or |
| CURLOPT_PROXYAUTH options. They are thus individually controlled to server |
| and proxy. |
| |
| (note that there's no way to activate this with the curl tool yet) |
| |
| Daniel Fandrich (9 Dec 2008) |
| - Added test cases 1089 and 1090 to test --write-out after a redirect to |
| test a report that the size didn't work, but these test cases pass. |
| |
| - Documented CURLOPT_CONNECT_ONLY as being useful only on HTTP URLs. |
| |
| Daniel Stenberg (9 Dec 2008) |
| - Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any |
| particular state for the control connection like it did before for implicit |
| FTPS (libcurl assumed such control connections to be encrypted while some |
| FTPS servers such as FileZilla assumes such connections to be clear |
| mode). Use the CURLOPT_USE_SSL option to set your desired level. |
| |
| Daniel Stenberg (8 Dec 2008) |
| - Fred Machado posted about a weird FTP problem on the curl-users list and when |
| researching it, it turned out he got a 550 response back from a SIZE command |
| and then I fell over the text in RFC3659 that says: |
| |
| The presence of the 550 error response to a SIZE command MUST NOT be taken |
| by the client as an indication that the file cannot be transferred in the |
| current MODE and TYPE. |
| |
| In other words: the change I did on September 30th 2008 and that has been |
| included in the last two releases were a regression and a bad idea. We MUST |
| NOT take a 550 response from SIZE as a hint that the file doesn't exist. |
| |
| - Christian Krause filed bug #2221237 |
| (http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite |
| loop during GSS authentication given some specific conditions. With his |
| patience and great feedback I managed to narrow down the problem and |
| eventually fix it although I can't test any of this myself! |
| |
| Daniel Fandrich (3 Dec 2008) |
| - Fixed the getifaddrs version of Curl_if2ip to work on systems without IPv6 |
| support (e.g. Minix) |
| |
| Daniel Stenberg (3 Dec 2008) |
| - Igor Novoseltsev filed bug #2351645 |
| (http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with |
| the multi interface that occured if you removed an easy handle while in |
| progress and the handle was used in a HTTP pipeline. |
| |
| - Pawel Kierski pointed out a mistake in the cookie code that could lead to a |
| bad fclose() after a fatal error had occured. |
| (http://curl.haxx.se/bug/view.cgi?id=2382219) |
| |
| Daniel Fandrich (25 Nov 2008) |
| - If a HTTP request is Basic and num is already >=1000, the HTTP test |
| server adds 1 to num to get the data section to return. This allows |
| testing authentication negotiations using the Basic authentication |
| method. |
| |
| - Added tests 1087 and 1088 to test Basic authentication on a redirect |
| with and without --location-trusted |
| |
| Daniel Stenberg (24 Nov 2008) |
| - Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19 |
| function when built to support SCP and SFTP that helps the library to know |
| in which direction a particular libssh2 operation would return EAGAIN so |
| that libcurl knows what socket conditions to wait for before trying the |
| function call again. Previously (and still when using libssh2 0.18 or |
| earlier), libcurl will busy-loop in this situation when the easy interface |
| is used! |
| |
| Daniel Fandrich (20 Nov 2008) |
| - Automatically detect OpenBSD's CA cert bundle. |
| |
| Daniel Stenberg (19 Nov 2008) |
| - I removed the default use of "Pragma: no-cache" from libcurl when a proxy is |
| used. It has been used since forever but it was never a good idea to use |
| unless explicitly asked for. |
| |
| - Josef Wolf's extension that allows a $TESTDIR/gdbinit$testnum file that when |
| you use runtests.pl -g, will be sourced by gdb to allow additional fancy or |
| whatever you see fit |
| |
| - Christian Krause reported and fixed a memory leak that would occur with HTTP |
| GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386) |
| |
| - Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got |
| when uploading files to a single FTP server using multiple easy handle |
| handles with the multi interface. Occasionally a handle would stall in |
| mysterious ways. |
| |
| The problem turned out to be a side-effect of the ConnectionExists() |
| function's eagerness to re-use a handle for HTTP pipelining so it would |
| select it even if already being in use, due to an inadequate check for its |
| chances of being used for pipelnining. |
| |
| Daniel Fandrich (17 Nov 2008) |
| - Added more compiler warning options for gcc 4.3 |
| |
| Yang Tse (17 Nov 2008) |
| - Fix a remaining problem in the inet_pton() runtime configure check. And |
| fix internal Curl_inet_pton() failures to reject certain malformed literals. |
| |
| - Make configure script check if ioctl with the SIOCGIFADDR command can be |
| used, and define HAVE_IOCTL_SIOCGIFADDR if appropriate. |
| |
| Daniel Stenberg (16 Nov 2008) |
| - Christian Krause fixed a build failure when building with gss support |
| enabled and FTP disabled. |
| |
| - Added check for NULL returns from strdup() in src/main.c and lib/formdata.c |
| - reported by Jim Meyering also prevent buffer overflow on MSDOS when you do |
| for example -O on a url with a file name part longer than PATH_MAX letters |
| |
| - lib/nss.c fixes based on the report by Jim Meyering: I went over and added |
| checks for return codes for all calls to malloc and strdup that were |
| missing. I also changed a few malloc(13) to use arrays on the stack and a |
| few malloc(PATH_MAX) to instead use aprintf() to lower memory use. |
| |
| - I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is |
| in use. |
| |
| Daniel Fandrich (14 Nov 2008) |
| - Added .xml as one of the few common file extensions known by the multipart |
| form generator. |
| |
| - Added some #ifdefs around header files and change the EAGAIN test to |
| fix compilation on Cell (reported by Jeff Curley). |
| |
| Yang Tse (14 Nov 2008) |
| - Fixed several configure script issues affecting checks for inet_ntoa_r(), |
| inet_ntop(), inet_pton(), getifaddrs(), fcntl() and getaddrinfo(). |
| |
| Yang Tse (13 Nov 2008) |
| - Refactored configure script detection of functions used to set sockets into |
| non-blocking mode, and decouple function detection from function capability. |
| |