CHANGES

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

                                  Changelog

Daniel Stenberg (15 Apr 2010)
- Rainer Canavan filed bug report #2987196 that identified libcurl doing
  unnecesary reverse name lookups in many cases when built to use IPv4 and
  getaddrinfo(). The logic for ipv6 is now used for ipv4 too.

  (http://curl.haxx.se/bug/view.cgi?id=2963679)

Version 7.20.1 (14 April 2010)

Daniel Stenberg (9 Apr 2010)
- Prefixing the FTP quote commands with an asterisk really only worked for the
  postquote actions. This is now fixed and test case 227 has been extended to
  verify.

Kamil Dudka (4 Apr 2010)
- Eliminated a race condition in Curl_resolv_timeout().

- Refactorized interface of Curl_ssl_recv()/Curl_ssl_send().

- libcurl-NSS now provides more accurate messages and error codes in case of
  client certificate problem.  Either during connection, or transfer phase.

Daniel Stenberg (1 Apr 2010)
- Matt Wixson found and fixed a bug in the SCP/SFTP area where the code
  treated a 0 return code from libssh2 to be the same as EAGAIN while in
  reality it isn't. The problem caused a hang in SFTP transfers from a
  MessageWay server.

Daniel Stenberg (28 Mar 2010)
- Ben Greear: If you pass a URL to pop3 that does not contain a message ID as
  part of the URL, it would previously ask for 'INBOX' which just causes the
  pop3 server to return an error.
    
  Now libcurl treats en empty message ID as a request for LIST (list of pop3
  message IDs).  User's code could then parse this and download individual
  messages as desired.

Daniel Stenberg (27 Mar 2010)
- Ben Greear brought a patch that from now on allows all protocols to specify
  name and user within the URL, in the same manner HTTP and FTP have been
  allowed to in the past - although far from all of the libcurl supported
  protocls actually have that feature in their URL definition spec.

Daniel Stenberg (26 Mar 2010)
- Ben Greear brought code that makes the rate limiting code for the easy
  interface a bit smoother as it introduces sub-second sleeps during it and it
  also takes the buffer sizes into account.

Daniel Stenberg (24 Mar 2010)
- Bob Richmond: There's an annoying situation where libcurl will read new HTTP
  response data from a socket, then check if it's a timeout if one is set. If
  the last packet received constitutes the end of the response body, libcurl
  still treats it as a timeout condition and reports a message like:

  "Operation timed out after 3000 milliseconds with 876 out of 876 bytes 
  received"

  It should only a timeout if the timer lapsed and we DIDN'T receive the end
  of the response body yet.

- Christopher Conroy fixed a problem with RTSP and GET_PARAMETER reported
  to us by Massimo Callegari. There's a new test case 572 that verifies this
  now.

- The 'ares' subtree has been removed from the source repository. It was
  always a separate project that sort of piggybacked on the curl project since
  the dawn of times and now the time has come for it to go stand on its own
  legs and continue living its own life. All details on c-ares and its new
  source code repository is found at http://c-ares.haxx.se/

Daniel Stenberg (23 Mar 2010)
- Kenny To filed the bug report #2963679 with patch to fix a problem he
  experienced with doing multi interface HTTP POST over a proxy using
  PROXYTUNNEL. He found a case where it would connect fine but bits.tcpconnect
  was not set correct so libcurl didn't work properly.

  (http://curl.haxx.se/bug/view.cgi?id=2963679)

- Akos Pasztory filed debian bug report #572276
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572276 mentioning a problem
  with a resource that returns chunked-encoded _and_ with a Content-Length
  and libcurl failed to properly ignore the latter information.

- Hauke Duden provided an example program that made the multi interface crash.
  His example simply used the multi interface and did first one FTP transfer
  and after completion it used a second easy handle and did another FTP
  transfer on the same FTP server.

  This triggered a bug in the "delayed easy handle kill" system that curl
  uses: when an FTP connection is left alive it must keep an easy handle
  around internally - only for the purpose of having an easy handle when it
  later disconnects it. The code assumed that when the easy handle was removed
  and an internal reference was made, that version could be killed later on
  when a new easy handle came using the same connection. This was wrong as
  Hauke's example showed that the removed handle wasn't killed for real until
  later. This caused a double close attempt => segfault.

Daniel Stenberg (22 Mar 2010)
- Thomas Lopatic fixed the alarm()-based DNS timeout:

  Looking at the code of Curl_resolv_timeout() in hostip.c, I think that in
  case of a timeout, the signal handler for SIGALRM never gets removed. I
  think that in my case it gets executed at some point later on when execution
  has long left Curl_resolv_timeout() or even the cURL library.
  
  The code that is jumped to with siglongjmp() simply sets the error message
  to "name lookup timed out" and then returns with CURLRESOLV_ERROR. I guess
  that instead of simply returning without cleaning up, the code should have a
  goto that jumps to the spot right after the call to Curl_resolv().

Kamil Dudka (22 Mar 2010)
- Douglas Steinwand contributed a patch fixing insufficient initialization in
  Curl_clone_ssl_config()

Daniel Stenberg (21 Mar 2010)
- Ben Greear improved TFTP: the error code returning and the treatment
  of TSIZE == 0 when uploading.

- We've switched from CVS to git. See http://curl.haxx.se/source.html

Kamil Dudka (19 Mar 2010)
- Improved Curl_read() to not ignore the error returned from Curl_ssl_recv().

Daniel Stenberg (15 Mar 2010)
- Constantine Sapuntzakis brought a patch:

  The problem mentioned on Dec 10 2009
  (http://curl.haxx.se/bug/view.cgi?id=2905220) was only partially fixed.
  Partially because an easy handle can be associated with many connections in
  the cache (e.g. if there is a redirect during the lifetime of the easy
  handle).  The previous patch only cleaned up the first one. The new fix now
  removes the easy handle from all connections, not just the first one.

Daniel Stenberg (6 Mar 2010)
- Ben Greear brought a patch that fixed the rate limiting logic for TFTP when
  the easy interface was used.

Daniel Stenberg (5 Mar 2010)
- Daniel Johnson provided fixes for building curl with the clang compiler.

Yang Tse (5 Mar 2010)
- Constantine Sapuntzakis detected and fixed a double free in builds done
  with threaded resolver enabled (Windows default configuration) that would
  get triggered when a curl handle is closed while doing DNS resolution.

Daniel Stenberg (2 Mar 2010)
- [Daniel Johnson] I've been trying to build libcurl with clang on Darwin and
  ran into some issues with the GSSAPI tests in configure.ac. The tests first
  try to determine the include dirs and libs and set CPPFLAGS and LIBS
  accordingly. It then checks for the headers and finally sets LIBS a second
  time, causing the libs to be included twice. The first setting of LIBS seems
  redundant and should be left out, since the first part is otherwise just
  about finding headers.

  My second issue is that 'krb5-config --libs gssapi' on Darwin is less than
  useless and returns junk that, while it happens to work with gcc, causes
  clang to choke. For example, --libs returns $CFLAGS along with the libs,
  which is really retarded. Simply setting 'LIBS="$LIBS -lgssapi_krb5
  -lresolv"' on Darwin is sufficient.

- Based on patch provided by Jacob Moshenko, the transfer logic now properly
  makes sure that when using sub-second timeouts, there's no final bad 1000ms
  wait. Previously, a sub-second timeout would often make the elapsed time end
  up the time rounded up to the nearest second (e.g. 1s for 200ms timeout)

- Andrei Benea filed bug report #2956698 and pointed out that the
  CURLOPT_CERTINFO feature leaked memory due to a missing OpenSSL function
  call. He provided the patch to fix it too.

  http://curl.haxx.se/bug/view.cgi?id=2956698

- Markus Duft pointed out in bug #2961796 that even though Interix has a
  poll() function it doesn't quite work the way we want it so we must disable
  it, and he also provided a patch for it.

  http://curl.haxx.se/bug/view.cgi?id=2961796

- Made the pingpong timeout code properly deal with the response timeout AND
  the global timeout if set. Also, as was reported in the bug report #2956437
  by Ryan Chan, the time stamp to use as basis for the per command timeout was
  not set properly in the DONE phase for FTP (and not for SMTP) so I fixed
  that just now. This was a regression compared to 7.19.7 due to the
  conversion of FTP code over to the generic pingpong concepts.

  http://curl.haxx.se/bug/view.cgi?id=2956437

Daniel Stenberg (1 Mar 2010)
- Ben Greear provided an update for TFTP that fixes upload.

- Wesley Miaw reported bug #2958179 which identified a case of looping during
  OpenSSL based SSL handshaking even though the multi interface was used and
  there was no good reason for it.