CHANGES

                                  _   _ ____  _     
                              ___| | | |  _ \| |    
                             / __| | | | |_) | |    
                            | (__| |_| |  _ <| |___ 
                             \___|\___/|_| \_\_____|

                                  Changelog

Daniel (14 April 2004)
- Asking for CURL_IPRESOLVE_V6 when ipv6 addresses can't be resolved will
  now cause the resolve function to return NULL immediately. This flaw was
  pointed out by Gisle Vanem.

- Gisle Vanem made curl -4/-6 actually set the desired option to libcurl.

- runtests.pl now has a new option (-p) that will display "interesting" log
  files to stdout in case of a test failure. This is primarily intended to be
  used in the 'full-test' make target that is used by the autobuild tests, as
  we then get a much better chance to understand (remote) test failures based
  on autobuild logs alone.

Daniel (13 April 2004)
- Gisle Vanem made the multi interface work again on Windows even when built
  without ares. Before this, select() would return -1 during the name resolve
  phase since curl_multi_fdset() didn't return any fd_set at all which wasn't
  appreciated!

- curl_easy_duphandle() now duplicates the tcp_nodelay info as well.

Daniel (11 April 2004)
- Applied David Byron's patch for the MSVC libcurl makefile for builds with
  zlib.

Daniel (9 April 2004)
- Dirk Manske improved the timer resolution for CURLINFO_*_TIME, it can now
  be down to usec if the system sypports it.

Daniel (7 April 2004)
- A request that sends "Expect: 100-continue" and gets nothing but a single
  100 response back will now return a CURLE_GOT_NOTHING. Test 158 verifies.

- The strtoofft() macro is now named curlx_strtoofft() to use the curlx_*
  approach fully.

Daniel (6 April 2004)
- Gisle Vanem's fixed bug #927979 reported by Nathan O'Sullivan. The problem
  made libcurl on Windows leak a small amount of memory in each name resolve
  when not used as a DLL.

- New authentication code added, particularly noticable when doing POST or PUT
  with Digest or NTLM. libcurl will now use HEAD to negotiate the
  authentication and when done perform the requested POST. Previously libcurl
  sent POST immediately and expected the server to reply a final status code
  with an error and then libcurl would not send the request-body but instead
  send then next request in the sequence.

  The reason for this change is due to IIS6 barfing on libcurl when we attempt
  to POST with NTLM authentication. The reason for the problems is found in
  RFC2616 section 8.2.3 regarding how servers should deal with the 100
  continue request-header:

        If it responds with a final status code, it MAY close the transport
        connection or it MAY continue to read and discard the rest of the
        request.

  Previous versions of IIS clearly did close the connection in this case,
  while this newer version decided it should "read and discard". That would've
  forced us to send the whole POST (or PUT) data only to have it discarded and
  then be forced to send it again. To avoid that huge penality, we switch to
  using HEAD until we are authenticated and then send the POST.

  The only actual drawback I can think of (except for the odd sites that might
  treat HEAD differently than they would treat POST/PUT when given the same
  URL) is that if you do POST with CURLAUTH_ANY set and the site requires NO
  authentication, libcurl will still use a HEAD in a first round and then do a
  POST.

  If you do a HEAD or a GET on a site using CURLAUTH_ANY, libcurl will send
  an un-authenticated request at once, which then is the only request if the
  site requires no auth.

  Alan Pinstein helped me work out the protocol details by figuring out why
  libcurl failed and what IIS6 expects.

- The --limit-rate logic was corrected and now it works a lot better for
  higher speeds, such as '10m' or similar. Reported in bug report #930249.

- Introducing curlx_tvnow() and curlx_tvdiff() using the new curlx_* fashion.
  #include "timeval.h" from the lib dir to get the protos etc.  Note that
  these are NOT part of the libcurl API. The curl app simply uses the same
  source files as the library does and therefore the file needs to be compiled
  and linked with curl too, not just when creating libcurl.

- lib/strerror.c no longer uses sys_nerr on non-windows platforms since it
  isn't portable enough

Daniel (2 April 2004)
- In the curl_strnqual.3 man page, we now prepend the man3 dir to the file
  name to work better. As pointed out by Robin Kay.

- Andrés García updated the mingw makefiles.

- Dirk Manske fixed a problem I recently added in the progress meter code that
  broke subsecond resolution for CURLINFO_TOTAL_TIME. He also pointed out a
  mistake in the code that produces the final update of the progress meter
  that would often prevent it from actually being updated that final time.

Daniel (1 April 2004)
- Dirk Manske fixed a memory leak that happened when we use ares for name
  resolves and decides to time-out before ares does it. This fix uses the
  brand new ares_cancel() function which is not present in c-ares 1.1.0.

  When told to enable ares, the configure script now checks for presence of
  the ares_cancel function to alert users if they attempt to use a too old
  c-ares library.

Daniel (31 March 2004)
- Roy Shan fixed a flaw that prevented ares name resolve timeouts to occur!

- Dirk Manske found out that libcurl timed out waiting for resolves far too
  easy when libcurl was built to use (c-)ares for name resolving.

- Further Digest fixing and a successful test case 153 now makes me believe
  Mitz Wark's problems are fixed.

- Andres Garcia figured out that test case 63, while working, only proved a
  flaw in libcurl's 'http_proxy' parser when a user name and password is
  provided. The user name was not extracted properly (and 'http' was always
  used as user name).

- Andrés García fixed compiler warnings in our ioctlsocket() usage.

Daniel (30 March 2004)
- Joe Halpin faced problems with the getnameinfo() argument ai_flags and the
  particular bit named 'NI_WITHSCOPEID' on Solaris 9 for Intel.  I've now
  written a configure test that checks for a working NI_WITHSCOPEID
  implemenation. No code uses the result from this test yet, it is still
  experimental. James Carlson wrote in comp.unix.solaris: "It's a bug
  (5006623) -- it's not supported and shouldn't be in the header file."

- I provided Mitz Wark with a first patch in order to fix libcurl's problems
  to re-negotiate Digest authentication (when 'stale=true' is included in the
  response header).

- Roy Shan discovered that the multi interface didn't properly timeout name
  lookups which could make handles get stuck in that state and thus never get
  completed. I've produced a first test patch that attempts to correct this.

- David Byron's patch was appplied to make CURLOPT_FAILONERROR work nicely
  even with authentcations such as NTLM or Digest enabled. Test cases 150, 151
  and 152 were added to verify the functionality.

Daniel (29 March 2004)
- Gisle Vanem updated files for the djgpp/MS-DOS build.

- Andrés García helped me work out a fix for the runtests.pl script to make
  the file:// tests run fine when tested with the mingw-built version of curl.

- Fixed an include issue with netinet/tcp.h on AIX, based on input by Tor.
  This also required a minor fix of the configure script.

- The postit2.c source example used the wrong struct name for the post data.

Daniel (26 March 2004)
- Gisle Vanem improved ipv6 support on windows by making the curl build to use
  the correct getaddrinfo() function.

Daniel (25 March 2004)
- It turned out that AIX, despite having a "thread-safe libc", doesn't offer
  all traditional functions thread-safe. This URL is informative on this
  subject:

    http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
    genprogc/thread_quick_ref.htm

  As a result of this, we now check for three *_r() functions on recent AIX
  versions as well that the URL mentions aren't thread-safe in AIX 5.1.

- renamed curl_strerror.[ch] to strerror.[ch]

- Joe Halpin added CURLOPT_TCP_NODELAY and --tcp-nodelay to make it possible
  for users to disable the Nagle algorthim-usage.

- Tor Arntsen provided some interesting strerror_r() knowledge. glibc has its
  own API which differs from the POSIX one. Daniel adjusted the configure
  script to detect the version in use, and the code now uses the new defines
  accordingly.

- Fixed some build flaws with the new lib/curl_strerror.c source file.

Daniel (24 March 2004)
- Gisle Vanem's fix to replace the bad use of strerror(). This introduces
  Curl_strerror() that attempts to be thread-safe _and_ works on Windows too!

- Tor Arntsen spell-fixed lots of libcurl man pages.

- Tor Arntsen made testcurl.pl work with older perl 5 versions, and Daniel
  made it not use chdir .. to go back, as that isn't very good when you've
  setup a testdir containing symlinks.