CHANGES

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Daniel Stenberg (8 Oct 2008)
- Igor Novoseltsev brought a patch that introduced two new options to
  curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  deprecates the good old CURLOPT_USERPWD since they allow applications to set
  the user name and password independently and perhaps more importantly allow
  both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.

Daniel Fandrich (7 Oct 2008)
- Changed the handling of read/write errors in Curl_perform() to allow a
  a fresh connection to be made in such cases and the request retransmitted.
  This should fix test case 160.  Added test case 1079 in an attempt to
  test a similar connection dropping scenario, but as a race condition, it's
  hard to test reliably.

- Created test cases 1080 and 1081 to reproduce a problem of
  CURLINFO_REDIRECT_URL leaking memory and returning incorrect results when
  two URLs are requested. Reported by vmpdemo in bug #2152270

Daniel Stenberg (7 Oct 2008)
- Fixed CURLINFO_PRIMARY_IP: When libcurl created a connection to host A then
  the app re-used the handle to do a connection to host B and then again
  re-used the handle to host A, it would not update the info with host A's IP
  address (due to the connection being re-used) but it would instead report
  the info from host B.

Yang Tse (7 Oct 2008)
- Added --enable-optimize configure option to enable and disable compiler
  optimizations to allow decoupled setting from --enable-debug.

Yang Tse (2 Oct 2008)
- Added --enable-warnings configure option to enable and disable strict
  compiler warnings to allow decoupled setting from --enable-debug.

  runtests.pl will now run with picky compiler warnings enabled unless
  explicitly disabled.
  
Daniel Fandrich (1 Oct 2008)
- "make clean" now cleans out the docs and tests directories, too.

Daniel Stenberg (30 Sep 2008)
- The libcurl FTP code now returns CURLE_REMOTE_FILE_NOT_FOUND error when SIZE
  gets a 550 response back for the cases where a download (or NOBODY) is
  wanted. It still allows a 550 as response if the SIZE is used as part of an
  upload process (like if resuming an upload is requested and the file isn't
  there before the upload). I also modified the FTP test server and a few test
  cases accordingly to match this modified behavior.

Daniel Stenberg (29 Sep 2008)
- Daniel Egger provided a patch that allows you to disable proxy support in
  libcurl to somewhat reduce the size of the binary. Run configure
  --disable-proxy.
  
Daniel Fandrich (29 Sep 2008)
- Moved all signal-based name resolution timeout handling into a single new
  Curl_resolv_timeout function to reduce coupling.

Daniel Stenberg (29 Sep 2008)
- Ian Lynagh provided a patch that now makes CURLOPT_RANGE work fine for SFTP
  downloads!

- Maxim Ivanov filed bug report #2107803
  (http://curl.haxx.se/bug/view.cgi?id=2107803) "no CURLINFO_REDIRECT_URL in
  multi mode" together with a patch that fixed the problem.
  
Daniel Stenberg (25 Sep 2008)
- Emanuele Bovisio submitted bug report #2126435. We fixed the HTTP Digest
  auth code to not behave badly when getting a blank realm with
  realm="". http://curl.haxx.se/bug/view.cgi?id=2126435

Daniel Fandrich (23 Sep 2008)
- Make sure not to dereference the wrong UrlState proto union member when
  switching from one protocol to another in a single request (e.g.
  redirecting from HTTP to FTP as in test 1055) by resetting
  state.expect100header before every request.

Daniel Stenberg (23 Sep 2008)
- Introducing Jamie Lokier's function for date to epoch conversion used in the
  date parser function. This makes our function less dependent on system-
  provided functions and instead we do all the magic ourselves. We also no
  longer depend on the TZ environment variable. Switching to our own converter
  has some side-effect and they are noted here for future reference (taken
  from a mail by mr Lokier):

  time_t is not measured in seconds in the ANSI C standard - or even counted
  uniformly - weird platforms can use other numeric representations of dates
  in time_t - hence the difftime() function.

  On POSIX time_t is measured in UTC seconds, which means not including leap
  seconds.  But it's mentioned in a few places that some old POSIX-ish
  environments include leap seconds in their time_t counts...

  I'm pretty sure [the new implementation is] correct on anything truly POSIX.
  And it's obviously a lot less dependent on platform quirks and corner cases
  in many ways than the mktime() version.

- Rob Crittenden brought a patch to "add some locking for thread-safety to NSS
  implementation".

Daniel Stenberg (22 Sep 2008)
- Made the SOCKS code use the new Curl_read_plain() function to fix the bug
  Markus Moeller reported: http://curl.haxx.se/mail/archive-2008-09/0016.html

- recv() errors other than those equal to EAGAIN now cause proper
  CURLE_RECV_ERROR to get returned. This made test case 160 fail so I've now
  disabled it until we can figure out another way to exercise that logic.

- Michael Goffioul filed bug report #2107377 "Problem with multi + GnuTLS +
  proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi
  interface using program didn't work when built with GnuTLS and a CONNECT
  request was done over a proxy (basically test 502 over a proxy to a HTTPS
  site). It turned out the ssl connect function would get called twice which
  caused the second call to fail.

Daniel Fandrich (22 Sep 2008)
- Fixed test 539 to handle an out of memory condition that shows up now
  that memdebug.h is included in the test programs.

Yang Tse (20 Sep 2008)
- Fix regression in configure script which affected OpenSSL builds on MSYS.

Yang Tse (19 Sep 2008)
- configure script now checks availability of the alarm() function.

Daniel Fandrich (18 Sep 2008)
- Don't bother to install a SIGALRM handler unless alarm() is available.
  Also, leave the existing SIGALRM handler alone if the timeout is too small
  to handle.

Daniel Fandrich (17 Sep 2008)
- Removed reference to curl-ca-bundle.crt in the host verification failure
  error message.

Yang Tse (17 Sep 2008)
- Improve configure detection of gethostname(), localtime_r(), strstr(),
  getservbyport_r(), gethostbyaddr_r() and gethostbyname_r().

Yang Tse (14 Sep 2008)
- Improve configure detection of strcasecmp(), strcasestr(), strcmpi(),
  stricmp(), strlcat(), strncasecmp(), strncmpi() and strnicmp().

Yang Tse (13 Sep 2008)
- Disable tracking of fdopen() calls in the low-level memory leak tracking
  code when fdopen() is not available, to avoid compiler error.

Yang Tse (12 Sep 2008)
- Further adjust detection of strerror_r() in the configure process, and
  ensure that errno is not modified inside Curl_strerror().

Yang Tse (10 Sep 2008)
- Improve detection of gmtime_r(), strtoll(), sigaction(), strtok_r(),
  strdup() and ftruncate() in the configure process.

Daniel Fandrich (9 Sep 2008)
- Mike Revi discovered some swapped speed switches documented in the curl man
  page.

- Checked in some documentation and code improvements and fixes that I
  discovered in the FreeBSD ports system.

Daniel Stenberg (8 Sep 2008)
- Dmitry Kurochkin patched a problem: I have found bug in pipelining through
  proxy. I have a transparent proxy. When running with http_proxy environment
  variable not set my test completes fine (it goes through transparent
  proxy). When I set http_proxy variable my test hangs after the first
  downloaded is complete. Looks like the second handle never gets out from
  WAITDO state.

  The fix: It makes checkPendPipeline move 1 handler from pend pipe to send
  pipe if pipelining is not supported by server but there are no handles in
  send and recv pipes.

- Stefan Krause pointed out that libcurl would wrongly send away cookies to
  sites in cases where the cookie clearly has a very old expiry date. The
  condition was simply that libcurl's date parser would fail to convert the
  date and it would then count as a (timed-based) match. Starting now, a
  missed date due to an unsupported date format or date range will now cause
  the cookie to not match.

Daniel Fandrich (5 Sep 2008)
- Improved the logic that decides whether to use HTTP 1.1 features or not in a
  request.  Setting a specific version with CURLOPT_HTTP_VERSION overrides
  all other checks, but otherwise, a 1.0 request will be made if the server
  is known to support only 1.0 because it previously responded so and the
  connection was kept alive, or a response to a previous request on this handle
  came back as 1.0. The latter could take place in cases like redirection or
  authentication where several requests have to be made before the operation
  is complete.  If any one of the servers in a redirection chain supports only
  1.0, then remaining requests will be sent in 1.0 mode.

- Detect cases where an upload must be sent chunked and the server supports
  only HTTP 1.0 and return CURLE_UPLOAD_FAILED.