CHANGES

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Daniel (15 November 2004)
- To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
  num_redirects support to the -w writeout option for the command line tool.

- Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
  documented.
  
Daniel (12 November 2004)
- Gisle Vanem modigied the MSVC and Netware makefiles to build without
  libcurl.def

- Dan Fandrich added the --disable-crypto-auth option to configure to allow
  libcurl to build without Digest support. (I figure it should also explicitly
  disable Negotiate and NTLM.)

-                 *** Modified Behaviour Alert ***

  Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.

  Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
  CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
  a zero byte POST. Added test case 515 to verify this.

  Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
  to verify this.

  CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
  Setting it to zero simply says this is a zero byte POST.

  When providing POST data with a read callback, setting the size up front
  is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.

Daniel (11 November 2004)
- Dan Fandrich added --disable-verbose to the configure script to allow builds
  without verbose strings in the code, to save some 12KB space. Makes sense
  only for systems with very little memory resources.

- Jeff Phillips found out that a date string with a year beyond 2038 could
  crash the new date parser on systems with 32bit time_t. We now check for
  this case and deal with it.

Daniel (10 November 2004)
- I installed Heimdal on my Debian box (using the debian package) and noticed
  that configure --with-gssapi failed to create a nice build. Fixed now.

Daniel (9 November 2004)
- Gisle Vanem marked all external function calls with CURL_EXTERN so that now
  the Windows, Netware and other builds no longer need libcurl.def or similar
  files.

Daniel (8 November 2004)
- Made the configure script check for tld.h if libidn was detected, since
  libidn 0.3.X didn't have such a header and we don't work with anything
  before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
  of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
  Barrette-LaPierre helped pointing this out.

- Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
  environment where stderr is closed the -v output will still be sent to file
  descriptor 2 which then might be the network socket handle! Now we have a
  weird hack instead that attempts to make sure that file descriptor 2 is
  opened (with a call to pipe()) before libcurl is called to do the transfer.
  configure now checks for pipe() and systems without pipe don't get the weird
  hack done.

Daniel (5 November 2004)
- Tim Sneddon made libcurl send no more than 64K in a single first chunk when
  doing a huge POST on VMS, as this is a system limitation. Default on general
  systems is 100K.

Daniel (4 November 2004)
- Andres Garcia made it build on mingw againa, my --retry code broke the build.

Daniel (2 November 2004)
- Added --retry-max-time that allows a maximum time that may not have been
  reached for a retry to be made. If not set there is no maximum time, only
  the amount of retries set with --retry.

- Paul Nolan provided a patch to make libcurl build nicely on Windows CE.

Daniel (1 November 2004)
- When cross-compiling, the configure script no longer attempts to use
  pkg-config on the build host in order to detect OpenSSL compiler options.

Daniel (27 October 2004)
- Dan Fandrich:

  An improvement to the gzip handling of libcurl. There were two problems with
  the old version: it was possible for a malicious gzip file to cause libcurl
  to leak memory, as a buffer was malloced to hold the header and never freed
  if the header ended with no file contents.  The second problem is that the
  64 KiB decompression buffer was allocated on the stack, which caused
  unexpectedly high stack usage and overflowed the stack on some systems
  (someone complained about that in the mailing list about a year ago).

  Both problems are fixed by this patch. The first one is fixed when a recent
  (1.2) version of zlib is used, as it takes care of gzip header parsing
  itself.  A check for the version number is done at run-time and libcurl uses
  that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
  can be commented out to save some code space if libcurl is guaranteed to be
  using a 1.2 version of zlib.

  The second problem is solved by dynamically allocating the memory buffer
  instead of storing it on the stack. The allocation/free is done for every
  incoming packet, which is suboptimal, but should be dwarfed by the actual
  decompression computation.
 
  I've also factored out some common code between deflate and gzip to reduce
  the code footprint somewhat.  I've tested the gzip code on a few test files
  and I tried deflate using the freshmeat.net server, and it all looks OK. I
  didn't try running it with valgrind, however.

- Added a --retry option to curl that takes a numerical option for the number
  of times the operation should be retried. It is retried if a transient error
  is detected or if a timeout occurred. By default, it will first wait one
  second between the retries and then double the delay time between each retry
  until the delay time is ten minutes which then will be the delay time
  between all forthcoming retries. You can set a static delay time with
  "--retry-delay [num]" where [num] is the number of seconds to wait between
  each retry.

Daniel (25 October 2004)
- Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
  file that was already completely downloaded caused an error, while it
  doesn't if you don't use --fail! I added test case 194 to verify the fix.
  Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
  libcurl v8 due to all the kludges needed to support it.

- Mohun Biswas found out that formposting a zero-byte file didn't work very
  good. I fixed.

Daniel (19 October 2004)
- Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
  with both source and destination being the same host. It can be useful if
  you want to move a file on a server or similar.

- Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
  out how many new connects a previous transfer required.

  I added %{num_connects} to the curl tool and added test case 192 and 193
  to verify the new code.

Daniel (18 October 2004)
- Peter Wullinger pointed out that curl should call setlocale() properly to
  initiate the specific language operations, to make the IDN stuff work
  better.

Version 7.12.2 (18 October 2004)

Daniel (16 October 2004)
- Alexander Krasnostavsky made the CURLOPT_FTP_CREATE_MISSING_DIRS option work
  fine even for third party transfers.

- runekl at opoint.com found out (and provided a fix) that libcurl leaked
  memory for cookies with the "max-age" field set.

Gisle (16 October 2004)
- Issue 50 in TODO-RELEASE; Added Traian Nicolescu's patches for threaded
  resolver on Windows. Plugged some potential handle and memory leaks.

Daniel (14 October 2004)
- Eric Vergnaud pointed out that libcurl didn't treat ?-letters in the user
  name and password fields properly in URLs, like
  ftp://us?er:pass?word@site.com/. Added test 191 to verify the fix.

Daniel (11 October 2004)
- libcurl now uses SO_NOSIGPIPE for systems that support it (Mac OS X 10.2 or
  later is one) to inhibit the SIGPIPE signal when writing to a socket while
  the peer dies. The same effect is provide by the MSG_NOSIGNAL parameter to
  send() on other systems. Alan Pinstein verified the fix.

Daniel (10 October 2004)
- Systems with 64bit longs no longeruse strtoll() or our strtoll- replacement
  to parse 64 bit numbers. strtol() works fine. Added a configure check to
  detect if [constant]LL works and if so, use that in the strtoll replacement
  code to work around compiler warnings reported by Andy Cedilnik.

Gisle (6 October 2004)
- For USE_LIBIDN builds: Added Top-Level-Domain (TLD) check of host-name
  used in fix_hostname(). Checks if characters in 'host->name' (indirectly
  via 'ace_hostname') are legal according to the TLD tables in libidn.

Daniel (6 October 2004)
- Chih-Chung Chang reported that if you use CURLOPT_RESUME_FROM and enabled
  CURLOPT_FOLLOWLOCATION, libcurl reported error if a redirect happened even
  if the new URL would provide the resumed file. Test case 188 added to verify
  the fix (together with existing test 99).

- Dan Fandrich fixed a configure flaw for systems that need both nsl and socket
  libs to use gethostbyname().

- Removed tabs and trailing whitespace from lots of source files.