CHANGES

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Daniel Fandrich (25 Nov 2008)
- If a HTTP request is Basic and num is already >=1000, the HTTP test
  server adds 1 to num to get the data section to return. This allows
  testing authentication negotiations using the Basic authentication
  method.

- Added tests 1087 and 1088 to test Basic authentication on a redirect
  with and without --location-trusted

Daniel Stenberg (24 Nov 2008)
- Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19
  function when built to support SCP and SFTP that helps the library to know
  in which direction a particular libssh2 operation would return EAGAIN so
  that libcurl knows what socket conditions to wait for before trying the
  function call again. Previously (and still when using libssh2 0.18 or
  earlier), libcurl will busy-loop in this situation when the easy interface
  is used!

Daniel Fandrich (20 Nov 2008)
- Automatically detect OpenBSD's CA cert bundle.

Daniel Stenberg (19 Nov 2008)
- I removed the default use of "Pragma: no-cache" from libcurl when a proxy is
  used. It has been used since forever but it was never a good idea to use
  unless explicitly asked for.

- Josef Wolf's extension that allows a $TESTDIR/gdbinit$testnum file that when
  you use runtests.pl -g, will be sourced by gdb to allow additional fancy or
  whatever you see fit

- Christian Krause reported and fixed a memory leak that would occur with HTTP
  GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)

- Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas got
  when uploading files to a single FTP server using multiple easy handle
  handles with the multi interface. Occasionally a handle would stall in
  mysterious ways.

  The problem turned out to be a side-effect of the ConnectionExists()
  function's eagerness to re-use a handle for HTTP pipelining so it would
  select it even if already being in use, due to an inadequate check for its
  chances of being used for pipelnining.

Daniel Fandrich (17 Nov 2008)
- Added more compiler warning options for gcc 4.3

Yang Tse (17 Nov 2008)
- Fix a remaining problem in the inet_pton() runtime configure check. And
  fix internal Curl_inet_pton() failures to reject certain malformed literals.

- Make configure script check if ioctl with the SIOCGIFADDR command can be
  used, and define HAVE_IOCTL_SIOCGIFADDR if appropriate.

Daniel Stenberg (16 Nov 2008)
- Christian Krause fixed a build failure when building with gss support
  enabled and FTP disabled.

- Added check for NULL returns from strdup() in src/main.c and lib/formdata.c
  - reported by Jim Meyering also prevent buffer overflow on MSDOS when you do
  for example -O on a url with a file name part longer than PATH_MAX letters

- lib/nss.c fixes based on the report by Jim Meyering: I went over and added
  checks for return codes for all calls to malloc and strdup that were
  missing. I also changed a few malloc(13) to use arrays on the stack and a
  few malloc(PATH_MAX) to instead use aprintf() to lower memory use.

- I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is
  in use.

Daniel Fandrich (14 Nov 2008)
- Added .xml as one of the few common file extensions known by the multipart
  form generator.

- Added some #ifdefs around header files and change the EAGAIN test to
  fix compilation on Cell (reported by Jeff Curley).

Yang Tse (14 Nov 2008)
- Fixed several configure script issues affecting checks for inet_ntoa_r(),
  inet_ntop(), inet_pton(), getifaddrs(), fcntl() and getaddrinfo().

Yang Tse (13 Nov 2008)
- Refactored configure script detection of functions used to set sockets into
  non-blocking mode, and decouple function detection from function capability.

Version 7.19.2 (13 November 2008)

Michal Marek (13 Nov 2008)
- Fixed a potential data loss in Curl_client_write() when the transfer is
  paused.

Daniel Stenberg (11 Nov 2008)
- Rainer Canavan filed bug #2255627
  (http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
  program using libcurl's multi interface to download a HTTPS page with a
  libcurl built powered by OpenSSL, would easily get silly and instead hand
  over SSL details as data instead of the actual HTTP headers and body. This
  happened because libcurl would consider the connection handshake done too
  early. This problem was introduced at September 22nd 2008 with my fix of the
  bug #2107377

  The correct fix is now instead done within the GnuTLS-handling code, as both
  the OpenSSL and the NSS code already deal with this situation in similar
  fashion. I added test case 560 in an attempt to verify this fix, but
  unfortunately it didn't trigger it even before this fix!

Yang Tse (11 Nov 2008)
- Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)
  Daniel Fandrich noticed that curl_addrinfo was also missing in the build
  process of other four non-configure platforms. Added now.

Daniel Fandrich (7 Nov 2008)
- The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
  system with a TEQL load-balancing device configured, which doesn't
  have an address.  Thanks to Adam Sampson for spotting this (bug #2234923).

Yang Tse (6 Nov 2008)
- Merged existing IPv4 and IPv6 Curl_ip2addr functions into a single one
  which now also takes a protocol address family argument.

- Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
  problem with MSVC 6 makefile that caused a build failure. It was noted that
  the curl_addrinfo.obj reference was missing. I took the opportunity to sort
  the list in which this was missing. Issue submitted by John Wilkinson.

Version 7.19.1 (5 November 2008)

Daniel Stenberg (4 Nov 2008)
- CURLINFO_FILETIME now works for file:// transfers as well

Daniel Stenberg (3 Nov 2008)
- Bug #2218480 (http://curl.haxx.se/bug/view.cgi?id=2218480) pointed out a
  problem with my CURLINFO_PRIMARY_IP fix from October 7th that caused a NULL
  pointer read. I also took the opportunity to clean up this logic (storing of
  the connection's IP address) somewhat as we had it stored in two different
  places and ways previously and they are now unified.

Yang Tse (3 Nov 2008)
- Fix undersized IPv6 address internal buffer. IPv6 address strings longer
  than 35 characters would be truncated.

Daniel Stenberg (2 Nov 2008)
- Daniel Johnson reported and fixed:

  When c-ares isn't enabled, libcurl by default calls getaddrinfo with family
  set to PF_UNSPEC which causes getaddrinfo to return all available addresses,
  both IPv4 and IPv6. Libcurl then tries each one until it can connect. If the
  net connection doesn't support IPv6, libcurl can still fall back to IPv4.

  However, since c-ares doesn't support PF_UNSPEC, when it's used it defaults
  to using family=PF_INET6 and therefore only returns IPv6 addresses when AAAA
  records are available, even if IPv4 addresses are also available. The effect
  is that since my ISP doesn't do IPv6, libcurl can't connect at all to a site
  that has AAAA records. It will work if I explicitly use CURL_IPRESOLVE_V4 or
  --ipv4 with the curl tool. I discovered this when curl would fail to connect
  to seemingly random sites. It turns out they weren't random, they were sites
  with AAAA records.

  So now libcurl defaults to PF_INET... until c-ares has been tought to offer
  both.

Yang Tse (31 Oct 2008)
- Tests 558 and 559 are stabilized. These two tests were initially introduced
  to aid in the location of a seg-fault which was only triggered on non-debug
  builds done with the icc 9.1 Intel compiler. Test 558 does not trigger the
  problem, but test 559 does trigger it. As of today, it isn't yet absolutely
  clear if it is a compiler optimizer issue or a memory corruption one.

Yang Tse (30 Oct 2008)
- Use our Curl_addrinfo structure definition to handle address info data even
  when a system addrinfo struct is available. Provide and use a wrapper around
  systems getaddrinfo function, Curl_getaddrinfo_ex which returns a pointer to
  a list of dynamically allocated Curl_addrinfo structs.

  Configure will check freeaddrinfo and getaddrinfo functions and define
  preprocessor symbols HAVE_FREEADDRINFO and HAVE_GETADDRINFO when appropriate.

Daniel Fandrich (29 Oct 2008)
- Fixed a bug that caused a few bytes of garbage to be sent after a
  curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.

Daniel Fandrich (28 Oct 2008)
- Changed the "resolve" test precheck program to verify that an IPv6 socket
  can be created before resolving the IPv6 name.  In the context of running
  a test, it doesn't make sense to run an IPv6 test when a host is resolvable
  but IPv6 isn't usable.  This should fix failures of test 1085 on hosts with
  library and DNS support for IPv6 but where actual use of IPv6 has been
  administratively disabled.

Daniel Fandrich (24 Oct 2008)
- Added experimental support for zlib and OpenSSL on Symbian OS.

Daniel Fandrich (21 Oct 2008)