Newer
Older
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
History of Changes
- Added the -R/--remote-time option, that uses the remote file's datestamp to
set the local file's datestamp. Thus, when you get a remote file your local
file will get the same time and date. Note that this only works when you use
-o or -O.
- Installed libtool 1.4.1, libtoolized and everything.
Daniel (1 September 2001)
- Heikki Korpela pointed out that I did not ship the proper libtool stuff in
the pre-releases, even though that was my intention. libtoolize has now
been re-run.
- Heikki also patched away the bad use of 'make -C' in the test suite
makefile. make -C is not very portable and is now banned from here.
Version 7.9-pre2
Daniel (31 August 2001)
- I just made a huge internal struct rehaul, and all the big internally used
structs have been renamed, redesigned and stuff have been moved around a bit
to make the source easier to follow, more logically grouped and to hopefully
decrease future bugs. I also hope that this will make new functions to get
easier to add, and make it less likely that we have bugs left like the URL-
free bug from August 23.
Version 7.9-pre1
Daniel (29 August 2001)
- The new cookie code have enabled the brand new '-c/--cookie-jar' option. Use
that to specify the file name in which you want to have all cookies curl
knows of, dumped to. It'll be written using the netscape cookie format.
This is internally done with the new CURLOPT_COOKIEJAR option to libcurl,
which in turn dumps this information when curl_easy_cleanup() is invoked.
There might be reasons to re-consider my choice of putting it there. Perhaps
it is better placed to get done just before *_perform() is done. It is all
of course depending on how you guys want to use this feature...
- Added ftpupload.c in the source examples section, based on source code posted
by Erick Nuwendam.
- Now running libtool CVS branch-1-4 to generate stuff. Should fix problems
on OpenBSD and hopefully on FreeBSD as well!
- Georg Huettenegger modified the curl_formadd() functionality slightly, and
added support for error code 417 when doing form post and using the Expect:
header. Great work!
- Made some tests with cached SSL session IDs, and they seem to work. There
should be a significant speed improvement in the SSL connection phase, but
in my tiny tests it just isn't possible to notice any difference. Like other
caching in libcurl, you must reuse the same handle for the caching to take
effect. SSL session ID caching is done on a per host-name and destination
port number basis.
Set verbose, and you'll get informational tests when libcurl detects and
uses a previous SSL session ID.
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
- Upgraded to automake 1.5 on my development/release machine.
Daniel (27 August 2001)
- Slowly started writing SSL session ID caching code
Daniel (24 August 2001)
- T. Bharath removed compiler warnings on windows and updated the MS project
files.
- Kevin Roth reported two kinds of command line constructs with the new -G that
curl didn't really deal with the way one would like.
- Tim Costello patched away a use of strcasecmp() in the SSL code. We have our
own portable version named strequal() that should be used!
- Tim also pointed out a problem in the lib/Makefile.vc6 file that made it mix
debug object modules causing confusions.
Daniel (23 August 2001)
- T. Bharath accurately found a libcurl bug that would happen when doing a
second invoke of curl_easy_perform() with a new URL when the previous invoke
followed a Location: header.
- Started the improvement work on the cookie engine:
- Now keeps cookies in the same order as the cookie file
- A write to the possibly static string was removed
- Added a function that can output all cookies
- Now supports reading multiple cookie files
- Steve Lhomme corrected a DLL naming issue in the MSVC++ project file.
- Split up the monster function in lib/ftp.c to use more smallish functions to
increase readability and maintainability.
Daniel (21 August 2001)
Daniel Stenberg
committed
- Georg Huettenegger's big patch was applied. Now we have:
o "Expect: 100-continue" support. We will from now on send that header in
all rfc1867-posts, as that makes us abort much faster when the server
rejects our POST. Posting without the Expect: header is still possible in
the standard replace-internal-header style.
o curl_formadd() is a new formpost building function that is introduced to
replace the now deprecated curl_formparse() function. The latter function
will still hang around for a while, but the curl_formadd() is the new way
and correct way to build form posts.
o Documentation has been updated to reflect these changes
These changes are reason enough to name the next curl release 7.9...
- We now convert man pages to HTML pages and include them in the release
archive. For the pleasure of everyone without nroff within reach.
- Andrés García's suggested flushing of the progress meter output stream was
added. It should make the progress meter look better on Windows.
- Troy Engel pointed out a mistake in the configure script that made it fail
on many Red Hat boxes!
Daniel (20 August 2001)
- We need an updated libtool to make a better build environment for OpenBSD
as well as FreeBSD
Version 7.8.1
Daniel Stenberg
committed
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
Daniel (20 August 2001)
- Brad pointed out that we ship two extra libtool files in the tarballs that
we really don't need to! Removing them makes the gz-archive about 60K
smaller!
- Albert Chin brought fixes for the configure script to detect socklen_t
properly as well as moving lots of our custom autoconf macros to
acinclude.m4.
Daniel (19 August 2001)
- Moonesamy improved his -G feature for host names only URLs...
Daniel (17 August 2001)
- Finally cleaned up the kerberos code to use Curl_ prefixes on all global
symbols and to not use global variables.
Version 7.8.1-pre6
Daniel (16 August 2001)
- S. Moonesamy added the -G option to curl, that converts the data specified
with -d to a GET request. Default action when using -d is POST. When -G is
used, the -d specified data will be appended to the URL with a '?'
separator. As suggested previously by Kevin Roth.
- curl-config --libs should now display all linker options required to link
with libcurl. It includes the path and options for libcurl itself.
curl-config --cflags displays the compiler option(s) needed to compile
source files that use libcurl functions. Basically, that sets the include
path correct.
Daniel (15 August 2001)
Daniel Stenberg
committed
- Arkadiusz Miskiewicz pointed out a mistake in how IPv6-style IP-addresses
were parsed and used. (RFC2732-format)
- Bug #12733 over on php.net identified a problem in libcurl that made it core
dump if you used CURLOPT_POST without setting any data to post with
CURLOPT_POSTFIELDS! This is no longer the case. Not using CURLOPT_POSTFIELDS
now equals setting it to no data at all.
- Ramana Mokkapati reported that curl with '-w %{http_code}' didn't work
properly when used for multiple URLs on a single command line. Indeed, the
variable was not reset between the requests. This is now fixed.
- David James fixed the Borland makefile so that libcurl still compiles and
builds with that compiler.
Daniel (14 August 2001)
- Oops. I ruined Nico's socklen_t define in config-vms.h, corrected it now.
- An older item not mentioned here before: CURL_GLOBAL_WIN32 is a define for
windows users to curl_global_init(), that makes libcurl init the winsock
stuff. If libcurl is all socket stuff you do, then allowing it to fiddle
with this is a comfortable shortcut to fame.
Version 7.8.1-pre5
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
Daniel (14 August 2001)
- Nico Baggus provided more feedback from his VMS porting efforts and a few
minor changes were necessary.
- I modified configure.in so that --enable-debug sets more picky gcc options.
I then removed almost all the new warnings that appeared, and by doing so I
corrected the size_t-treated-as-signed problem that has been discussed on
the mailing list previously. I also removed a bunch of the just recently
added #ifdef VMS lines.
- I removed the use of a global variable in the SSL code. It was once
necessary but hasn't been needed since OpenSSL 0.9.4. The old code should
(hopefully) still work if libcurl is built against an ancient version of
OpenSSL.
Daniel (13 August 2001)
- Peter Todd posted a patch that now allows non-file rc1867-style form posts
to be larger than 4K.
Daniel (10 August 2001)
- S. Moonesamy fixed bugs for building debug and SSL lib in VC makefile
Daniel (9 August 2001)
- The redirected error stream was closed before the curl_easy_cleanup() call
was made, and when VERBOSE was enabled, the cleanup function tried to use
the stream. It could lead to a segmentation fault. Also, the stream was
closed even if we looped to get more files. Corrects Dustin Boswell's bug
report #441610
- Now generates the release configure script with autoconf 2.52
Version 7.8.1-pre4
Daniel (8 August 2001)
- curl -E uses a colon to separate a file name from a passphrase. This turned
out really bad for the windows people who wants to include a drive letter in
the file name like "c:\cert.pem". There's now a win32 work-around
implemented that tries work around that, when the colon seems to be used for
this kind of construct.
- Patrick Bihan-Faou introduced CURLOPT_SSL_VERIFYHOST, which makes curl
verify the server's CN field when talking https://. If --cacert is not used,
any failures in matching is only displayed as information (-v).
Daniel (7 August 2001)
- Wrote up nine more test cases, more or less converted from the former test
suite.
Daniel (6 August 2001)
- Heikki Korpela posted a patch that makes 'curl-config --libs' include the
directory in which libcurl itself is installed in. While this wasn't my
initial intention with this option, it makes sense and makes linking with
libcurl easier.
- Stefan Ulrich pointed out to us that other tools and libraries treat file://
URLs with only one slash after the host name slighly different than libcurl
does. Since all the others seem to agree, we better follow them.
- Nico Baggus provided us with a huge set of fixes to make curl compile and
build under OpenVMS.
Version 7.8.1-pre3
Daniel (6 August 2001)
- Jonathan Hseu noticed that you couldn't get a header callback unless you
set CURLOPT_WRITEHEADER to non-NULL, even if you didn't care about that
data. This is now fixed.
Daniel (5 August 2001)
- Sergio Ballestrero provided a patch for reading responses from NCSA httpd
1.5.x servers, as they return really screwed up response headers when asked
for with HTTP 1.1.
- curl_escape() no longer treats already encoded characters in the input
string especially.
Daniel (3 August 2001)
- I replaced the former lib/arpa_telnet.h file with one I wrote myself, to
avoid the BSD annoucement clause of the license in the former file.
- Andrew Francis provided a new version of base64.c to work around the license
boiler plate that came with the previous one. I patched it, but the glory
should go to Andrew for his heads up.
- Tomasz Lacki noticed that when you do repeated transfers with libcurl you
couldn't always reliably change HTTP request. This has now been fixed and a
new libcurl option was added: CURLOPT_HTTPGET, that can force the HTTP
requestr (back) to GET.
- Linus Nielsen Feltzing pointed out that httpsserver.pl wasn't included in
release archives. It should be now.
Daniel (2 August 2001)
- Frank Keeney pointed out a manual mistake for certificate convertions.
- Tomasz Lacki pointed out a problem in the transfer loop that could make the
select() loop use far too much CPU.
- Pawel A. Gajda pointed out an output mistake done when using libcurl's
progress callback.
Daniel (29 June 2001)
- Naveen Noel noticed that the Borland library makefile wasn't updated.
- Nic Roets brought a fix for the certificate verification when using SSL.
Daniel (27 June 2001)
- Made the FTP tests run OK even on machines running curl IPv6-enabled.
- Troy Engel corrected some RPM package details.
Version 7.8.1-pre2
Daniel Stenberg
committed
Daniel (25 June 2001)
- Björn Stenberg correctly identified a problem that occurred when downloading
several files with curl, and using resume. The first file's resume index was
then used for all files, resulting in weird results...
Daniel Stenberg
committed
- Anton Kalmykov provided a fix that makes curl work with form field names
with spaces like when -F is used.
Version 7.8.1-pre1
Daniel (20 June 2001)
- Mike Bytnar provided a fine report that proved that the --with-ssl option
for configure needed tweaking. It no longer searches the default directories
for OpenSSL libs or directories when a specified path is given.
Daniel (19 June 2001)
- When an FTP transfer is cut off during transfer, curl could present a truly
garbaged error message and in worst case dump core. Thanks to detailed
reports from Shawn Poulson we nailed this.
Daniel (12 June 2001)
- Salvador Dávila provided a fix for FTP range downloads.
- Added a few more test cases from the former test suite to the new file
format. We're now at a total of 26 tests.
Daniel (11 June 2001)
- libcurl's version-info was wrong, as noted by both Domenico Andreoli and
David Odin.
Daniel (7 June 2001)
- Jörn fixed the curl_unescape duplicate entry in lib/libcurl.def
- I made SSL certificate failure messages to be more detailed.
Version 7.8
Daniel (7 June 2001)
- SDavila provided a resumed download fix.
Version 7.8-pre4
Daniel (1 June 2001)
- Sterling provided some new PHP examples.
- Changed the CVS hierarchy and the older checkout instruction does no longer
work. We moved the entire source code into a CVS module named 'curl'.
Daniel (31 May 2001)
- CURLOPT_MUTE does not exist anymore. It is still present in the include file
to not cause compiler errors for applications using it, but it isn't used
anywhere in the library.
Version 7.8-pre3
Daniel (31 May 2001)
- Once and for all fixed the _REENTRANT mess for Solaris compiles to present
less warnings.
- Sterling Hughes tirelessly points out and corrects my mistakes...! So,
curl_global_init() now lets the argument flags *SET* what parts to
init. CURL_GLOBAL_DEFAULT makes a nice default, CURL_GLOBAL_ALL inits all
known subsystems and CURL_GLOBAL_NONE inits nothing more than absolutely
necessary. Man page updated accordingly.
- Fixed the strtok.h include file as it wouldn't compile on all platforms!
Daniel (30 May 2001)
- Made libcurl by default act as if CURLOPT_MUTE and CURLOPT_NOPROGRESS were
set TRUE. Set them to FALSE to make libcurl more talkative. The *_MUTE
option is subject for complete removal...
Version 7.8-pre2
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
Daniel (30 May 2001)
- Cris Bailiff wrote a makefile for building Solaris packages.
- Sterling Hughes brought fixes for 'buildconf' (the build-from-CVS tool) and
we discussed and added a few CURL_GLOBAL_* flags in include/curl.h
- Kjetil Jacobsen privately announced his python interface to libcurl,
available at http://pycurl.sourceforge.net/
Daniel (29 May 2001)
- Sterling Hughes fixed a strtok() problem in libcurl. It is not a thread-
safe function. Now configure checks for a thread-safe version, and
lib/strtok.c offers one for the systems that don't come with one included!
- Mettgut Jamalla correctly pointed out that the -# progress bar was written
to stderr even though --stderr redirection was used. This is now corrected.
- I moved out the list of contributors from the curl.1 man page and made a
separate docs/THANKS file. It makes the list easier to find, and made it
easier for me to make a separate web page with that same information.
I really do want all you guys mentioned in there to feel you get the credit
you deserve.
- lib/easy.c didn't compile properly in the 7.8-pre1 due to a silly mistake
Version 7.8-pre1
Daniel (28 May 2001)
- curl-config now supports '--vernum' that outputs a plain hexadecimal version
of the libcurl version number (using 8 bits for each 3 numbers). Version
7.7.4 appears as 070704
- Wrote man pages for curl_global_init and curl_global_cleanup...
- T. Bharath brought news about the usage of the OpenSSL interface that was
not previously taken into consideration and thus caused libcurl to leak
memory. The only somewhat sane approach to fix this dilemma, is adding two
two new functions curl_global_init() and curl_global_cleanup() that should
be called *ONCE* by the application using libcurl. The init should be done
only at startup, no matter how many threads the application is gonna use,
and the cleanup should be called when the application has finished using
libcurl completely.
*** UPGRADE NOTICE ***
If you write applications using libcurl, you really want to use the two
functions mentioned above !!!
I can't say I think this is a very beautiful solution, but as OpenSSL
insists on making lots of stuff on a "global" scope, we're forced to walk
the path they point us to.
- Moving more test cases into the new file format.
Version 7.7.4-pre3
Daniel (23 May 2001)
- Introduced a new file format for storing test cases, and thus I had to
modify all the perl test scripts and more (I added a new one). I have not
"ported" all the old test cases to the new format yet, but it'll come.
The main advantage of this new format is that all test data for each test
case is stored in a single file. It gives a better overview for each test
case and a lot less files.
- Andrés García brought a fix for the netscape/mozilla cookie file parsing
function, as it turns out it doesn't always store the path!
Daniel (22 May 2001)
- As was reported anonymously, when FAILONERROR was used, the httpcode was
not stored properly and thus wasn't possibly to read after a transfer with
the curl_easy_getinfo() function. This is now corrected.
- Installed and made use of the following tool versions:
autoconf 2.50
libtool 1.4
automake 1.4-p1
I wouldn't recommend any developer to try to generate things with older
versions than these. Building from CVS will probably more or less require
at least these versions.
As a result of this, the configure script grew to more than double its
previous size!
Arkadiusz Miskiewicz helped me by pointing out I had to remove my
acinclude.m4 file before I could get it working!
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
Daniel (21 May 2001)
- I made ftps:// work. Added test case 400 to the release archive, as the
first ftps:// test case. Requires stunnel.
- Also made the test cases that runs ssl tests not run if libcurl isn't built
with ssl support.
Daniel (19 May 2001)
- Made the configure not add any extra -L LDFLAGS or -I CPPFLAGS unless they
are actually needed. Albert Chin's and Domenico Andreoli's suggestions
helped out.
Version 7.7.4-pre2
Daniel (18 May 2001)
- Nicer configure-check for the OpenSSL headers, which then sets the proper
variable to have curl-config be good. (Albert Chin provided the fix)
- For systems that don't have theiw own 'strlcat()' libcurl provides its own.
It was now renamed to prevent collides with other libs. (After discussions
with Sterling Hughes and the implications this had on PHP builds.)
Daniel (17 May 2001)
- Colm Buckley posted a detailed bug report on (the debianized) 7.7.3, that
turned out to be a problem with the debian-built 7.7.3-package that
contained files from the 7.7.2 release!
- I added the CURLE_ALREADY_COMPLETE again, but with a fake value, just to
make programs that use it, not fail when compiling against this version of
libcurl.
Daniel (14 May 2001)
- Pawel A. Gajda fixed a problem with resumed transfers on re-used persistent
connections.
Version 7.7.4-pre1
Daniel (14 May 2001)
- Jun-ichiro itojun Hagino fixed FTP PORT for IPv6-enabled libcurl.
- Added the first HTTPS test to the test suite in the release archive.
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
Daniel (12 May 2001)
- Jukka Pihl suggested that if (lib)curl is told to verify the peer's
certificate and the peer can't be verified, it should fail and return a
proper error code. I added a brand new error code named
CURLE_SSL_PEER_CERTIFICATE for this purpose.
Daniel (11 May 2001)
- As was discussed with Frederic Lepied a while ago, I now made libcurl not
return error even though no data was transfered on upload/download resume
when the no transfer is needed. The CURLE_ALREADY_COMPLETE error was removed
from the header file to make any implemenator that uses that to be aware of
the fact that it can't be returned anymore!
- Improved general header-parsing to better allow white spaces and more.
- Rodney Simmons proved the fix I did yesterday was bad and I had to post
another one.
- Ingo Wilken patched away two redirect problems more!
Daniel (10 May 2001)
- Cris Bailiff correctly noted that the space-after-header problem with
Location: is present on several other places in the libcurl sources.
- Ingo Wilken patched away a problem libcurl had when following Location:
headers with an extra space after the colon.
- Rodney Simmons found out that multiple FTP transfers did not treat relative
directories correctly.
Daniel (9 May 2001)
- Getting an FTP file with CURLOPT_NOBODY set (or -I from the command line),
makes curl use the non-standard ftp command "SIZE". If it failed, libcurl
returned error. Starting now, it just don't output the file size instead.
Anonymous bug report.
- stunnel.pm was accidentally left out from the release archive, it is now
added (stunnel is needed to run the https-tests in the test suite)
Daniel (7 May 2001)
- Corrected two minor compiler warnings due to the FILE * to void * conversion
that I missed at two places. Jörn Hartroth brought me patches. Sander Gates
filed a bug report on this.
Version 7.7.3
Daniel (4 May 2001)
- All callback functions now take 'void *' instead of 'FILE *'. This is made
this way to make it more obvious to people that anything can be passed to
them (by using the apropriate option). After discussions with Sterling
Hughes.
Daniel (3 May 2001)
- Cris Bailiff fixed a chunked transfer encoding problem with persistent
connection that made libcurl fail if the persistent connection used mixed
chunked and non-chunked transfers.
- Cris Bailiff fixed a bad treatment of 304-replies, as they would not be
treated as content-length 0 replies but would cause a "hang" until the
server timed-out and closed the connection.
- Brad Burdick found a minor problem in the docs/examples/Makefile.am
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
Daniel (27 April 2001)
- Updated the INTERALS document again. It was lagging a bit. I think I made it
more easy to follow now as well.
- Brad Burdick found a problem with persistent connections when curl received
a "Content-Length: 0" header.
- Giuseppe D'Ambrosio was first out to report that TELNET doesn't work in curl
compiled/built on win32. It seems to work for unixes though!
- Dave Hamilton reported weird problems with CURL/PHP that I really can't
explain at the moment. I'm hoping on some help from the PHP crew.
Daniel (26 April 2001)
- I rewrote the FTP command response function. I had to do it to make ftps
work, as the OpenSSL read()-function didn't work the same way the normal
unix read() does, but it was also a huge performance boost. Previously the
function read one byte at a time, now it reads very large chunks, and it
makes a notable speed difference.
Daniel (25 April 2001)
- Connection re-use when not using a proxy didn't work properly for
non-default port numbers.
Daniel (24 April 2001)
- I've noticed that FTPS doesn't work. We attempt to use ssl even for the
data transfer, which causes the transfer to 'hang'... We need to fix this.
- Improved the test suite to use 'stunnel' to do HTTPS and FTPS testing on
the alredy written perl servers easily.
Daniel (23 April 2001)
- The OpenSSL version string recently modified didn't zero terminate one
of the generated strings properly, which could lead to a crash or simply
weird version string output!
Version 7.7.2
Daniel (22 April 2001)
- Rosimildo da Silva updated the Makefiles for Borland/Windows.
- Eric Rautman pointed out a problem with persistent connections that would
lead to broken Host: headers in the second HTTP request.
Daniel (20 April 2001)
- Added man pages for the curl_strequal() and curl_mprintf() families. Wrote
a 'libcurl overview' man page.
- Spell-fixed some documents.
- S. Moonesamy corrected mistakes in the man page.
- Cris Bailiff fixed the curl_slists options in the perl interface, present
separately in the Curl::easy 1.1.4 package.
Daniel (19 April 2001)
- Linus Nielsen Feltzing removed the decimals from the size variables in the
--write-out output. We hardly ever get fraction of bytes! :-)
Version 7.7.2-pre1
Daniel (19 April 2001)
- Albert Chin provided a configure patch for the AC_SYS_LARGEFILE macro.
Daniel (18 April 2001)
- Input from Michael Mealling made me add --feature to curl-config. It
displays a list of features that have been built-in in the current
libcurl. The currently available features that can be listed are: SSL, KRB4
and IPv6.
- I committed Cris and Georg's perl interface work. They've got callbacks
working and options that receives those slist pointers.
- Puneet Pawaia detected a problem with resumed downloads that use persistent
connections and I made a rather large writeup to correct this. It is
important that all session-data is stored in the connectdata struct and not
in the main struct as this previously did.
Daniel (17 April 2001)
- Frederic Lepied fixed a ftp resumed download problem and introduced a new
error code that lets applications be able to detect when a resumed download
actually didn't download anything since the whole file is already present.
Should this return OK instead?
- I added 'curl-config.in' to the root dir and configure script. Now, a
curl-config script is made when curl is built. The script can be used to
figure out compile time options used when libcurl was built, which in turn
should be options YOU should use to build applications that use libcurl.
This *-config style is not a new idea, but something that has been used
successfully in other (library based) projects.
- Phil Karn pointed out that libcurl wrongly did not always use GMT time zone
for the If-Modified-Since style headers.
- Georg Schwarz pointed out an extra needed #include file needed in src/main.c
for curl to build on Ultrix.
Daniel (11 April 2001)
- Cris Bailiff pointed out two problems that I corrected. First, libcurl's use
of the environment variable HTTP_PROXY in uppercase may become a security
hazard when people use libcurl in a server/cgi situation where the server
sets the HTTP_*-variables according to incoming headers in the HTTP
request. Thus, a "Proxy:"-header would set that environment variable!
Then, invoking curl_easy_perform() without having an URL set caused a crash.
- S. Moonesamy brought a patch that make curl use non-blocking connects on
windows when connection timeout is set, as it allows windows users to set
that timeout!
- Hirotaka Matsuyuki wrote a Ruby interface to libcurl!
- Cris Bailiff, Forrest Cahoon and Georg Horn work on the Perl interface.
- I've written a first shot at a Java interface to libcurl. Many thanks to
Daniel Marell for tirelessly answering to all my basic Java questions. It
works, but it is still very basic.
Daniel (10 April 2001)
- The progress display could get silly when doing multiple file transfers, as
it wasn't properly reset between transfers!
- Discussions with Cris Bailiff who writes a Perl interface to libcurl, made
me add CURLOPT_HEADERFUNCTION. It can be used to set a separate callback
function for writing headers. Previously you could only set a different FILE
* when headers are written from within libcurl.
Daniel (7 April 2001)
- Andrés García fixed a problem in curl_escape() and pointed out a flaw in
the curl_easy_setopt man page.
Daniel (6 April 2001)
- Adjusted the version code to properly display OpenSSL 0.9.6a. They sure
change their version define format often...
- curl_formfree() now accepts a NULL pointer without crashing!
Daniel (3 April 2001)
- Puneet Pawaia pointed out two serious problems. Libcurl would attempt to
read bad memory during situations when an (ftp) connection attempt failed.
Also, the lib/Makefile.vc6 was corrected.
- More investigations in the Location: following code made me realize that
it was not clean enough to work transparantly with persistent and non-
persistent connections. I think I've fixed it now.
Daniel (29 March 2001)
- Georg Horn mailed me some corrections for the Curl::easy perl interface.
- Experimental ftps:// support added. It is basically FTP over SSL for the
control connection. It still makes all data transfers going over unencrypted
connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used
that to verify the functionality.
Daniel (27 March 2001)
- Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried
to get a file from a site and it fails, the SIGALRM would still be sent
after the timeout-time, quite inexpectedly!
- I added an ftp transfer example to docs/examples/ and I also wrote a tiny
example makefile that can be used as a start when building one of the
examples.
- Mohamed Lrhazi reported problems with 7.6.1 and persistent HTTP/1.0
connections (when the server replied a Connection: Keep-Alive) and this
problem was not properly dealt with in 7.7 either. A patch was posted to the
curl-and-php mailing list.
Daniel (24 March 2001)
- Colin Watson reported about a problem and brought a patch that corrected it,
which was about the man page and lines starting with a single quote (') in a
way that gnroff doesn't like.
Daniel (23 March 2001)
- Peter Bray reported correctly that the root makefile used make instead of
$(MAKE) for the test target.
- Corrected the Curl::easy perl interface to use curl_easy_setopt() and not
curl_setopt() which was removed in 7.7!
- S. Moonesamy provided updates on three documents (MANUAL, INSTALL and FAQ).
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
- When following a Location:, libcurl would sometimes write to the URL string
in a way it shouldn't. As the pointer is passed-in to libcurl from an
application, we can't be allowed to write to it. The particular bug report
from 'nk' that brought this up was because he had a read-only URL that then
caused a libcurl crash!
- No longer reads HEAD responses longer than to the last header. Previously,
curl would read the full reply if the connection was a "close" one.
- libcurl did re-use connections way too much. Doing "curl
http://www.{microsoft,ibm}.com" would make it re-use the connection which
made the second request return very odd results.
Daniel (22 March 2001)
- Edin Kadribasic made me aware that curl should not re-send POST requests
when following 302-redirects. I made 302 work like 303 which means curl uses
GET in the following request(s).
- libcurl now reset the "followed-location" counter on each invoke of
curl_easy_perform() as it otherwise would sum up all redirects on the same
connection and thus could reach the maxredirs counter wrongly.
- Jim Drash suggested curl_escape() should not re-encode what already looks
like an encoded sequence and I think that's a fair suggestion.
Daniel (22 March 2001)
- The configure script now fails with an error message if gethostbyname_r() is
detected but it couldn't figure out how to invoke it (what amount of
arguments it is supposed to get). Reports from Andrés García made me aware
of this need.
- Talking with Jim Drash made me finally put the curl_escape and curl_unescape
functions in the curl.h include file and write man pages for them. The
escape function was modified to use the same interface as the unescape one
had.
- No bug reports at all on the latest betas. Release time coming up.
Version 7.7-beta5
Daniel (19 March 2001)
- Georg Ottinger reported problems with using -C together with -L in the sense
that the -C info got lost when it was redirected. I could not repeat this
problem on the 7.7 branch why I leave this for the moment. Test case 39 was
added to do exactly this, and it seems to do right.
- Christian Robottom Reis reported how his 7.7 beta didn't successfully do
form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header
engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT
and POST operations that I need to add support for. Section 8.2.3 in RFC2616
has all the details. Seems to work now!
Daniel (16 March 2001)
- After having experienced another machine break-down, we're back.
- Georg Horn's perl interface Curl::easy is now included in the curl release
archive. The perl/ directory is now present. Please help me with docs,
examples and updates you think fit.
- Made a new php/ directory in the release archive and moved the PHP examples
into a subdirectory in there. Not much PHP info yet, but I plan to. Please
help me here as well!
- Made libcurl return error if a transfer is aborted in the middle of a
"chunk". It actually enables libcurl to discover premature transfer aborts
even if the Content-Length: size is unknown.
Daniel (15 March 2001)
- Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT
option in libcurl. It limits the time curl is allowed to spend in the
connection phase. This differs from -m/--max-time that limits the entire
file transfer operation. Requested by Larry Fahnoe and others.
I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the
item from the TODO.
- Made curl grok IPv6 with HTTP proxies and got everything to compile nicely
again when ENABLE_IPV6 is set.
I need to remake things in the test suite. I can't test the FTP parts with
curl built for IPv6 as it uses a different set of FTP commands then!
- I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was
a report meant for our project. Anyway, it said the .netrc parsing didn't
work as supposed, and as I agreed with Lars, I made the netrc parser use
getpwuid() to figure out the home directory of the effective user and try
that netrc. It still uses the environment variable HOME for those that don't
have that function or if the user doesn't return valid pwd info.
- Edin Kadribaic posted a bug report where he got a crash when a fetch with
user+password in the URL followed a Location: to a second URL (absolute,
without name+password). This bug has been around for a long while and
crashes due to a read at address zero. Fixed now. Wrote test case 38, that
tests this.
- Modified the test suite's httpserver slightly to append all client request
data to its log file so that the test script now better can verify a range
of requests and not only the last one, as it did previously.
- Updated the curl man page with --random-file and --egd-file details.
Version 7.7-beta3
Daniel (14 March 2001)
- Björn Stenberg provided similar fixes as Jörn did and some additional patches
for non-SSL compiles.
- I increased the interface number for libcurl as I've removed the low level
functions from the interface. I also took this opportunity to rename the
Curl_strequal function to curl_strequal and Curl_strnequal to
curl_strnequal, as they're public libcurl functions (even if they're still
undocumented).
This will make older programs not capable of using the new libcurl with
just a drop-in replacement.
- Jörn Hartroth updated stuff for win32 compiles:
o config-win32.h was fixed for socklen_t
o lib/ssluse.c had a bad #endif placement
o lib/file.c was made to compile on win32 again
o lib/Makefile.m32 was updated with the new files
o lib/libcurl.def matches the current interface state
Daniel (13 March 2001)
- It only took an hour or so before Jörn Hartroth found a problem in the
chunked transfer-encoding. Given his fine example-site, I could easily spot
the problem and when I re-read the spec (the part I have pasted in the top
of the http_chunks.h file), I realized I had made my state-machine slightly
wrong and didn't expect/handle the trailing CRLF that comes after the data
in each chunk (and those extra two bytes sure feel wasted).
Had to modify test case 34 to match this as well.
Version 7.7-beta2
Daniel (13 March 2001)
- Added the policy stuff to the curl_easy_setopt man page for the two supported
policies.
- Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies
CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now
supported, and the "least recently used" is used as default if no policy
is chosen.
- Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the
SSL random engine. The random seeding support was also brought to the curl
client with the new options --random-file <file> and --egd-file <file>. I
need some people to really test this to know they work as supposed. Remember
that libcurl now informs (if verbose is on) if the random seed is considered
weak (HTTPS connections).
- Made the chunked transfer-encoding engine detected bad formatted data length
and return error if so (we can't possibly extract sensible data if this is
the case). Added a test case that detects this. Number 36. Now there are 60
test cases.
- Added 5 new libcurl options to curl/curl.h that can be used to control the
persistent connection support in libcurl. They're also documented (fairly
thoroughly) in the curl_easy_setopt.3 man page. Three of them are now
implemented, although not really tested at this point... Anyway, the new
implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT,
CURLOPT_FORBID_REUSE. The ones still left to write code for are:
CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION.
- Made curl (the actual command line tool) use the new libcurl 7.7 persistent
connection support by re-using the same curl handle for every specified file
transfer and after some more test case tweaking we have 100% test case OK.
I made some test cases return HTTP/1.0 now to make sure that works as well.
- Had to add 'Connection: close' to the headers of a bunch of test cases so
that curl behaves "old-style" since the test http server doesn't do multiple
connections... Now I get 100% test case OK.
- The curl.haxx.se site, the main curl mailing list and my personal email are
all dead today due to power blackout in the area where the main servers are
located. Horrible.
- I've made persistance work over a squid HTTP proxy. I find it disturbing
that it uses headers that aren't present in any HTTP standard though
(Proxy-Connection:) and that makes me feel that I'm now on the edge of what
the standard actually defines. I need to get this code excercised on a lot
of different HTTP proxies before I feel safe.
Now I'm facing the problem with my test suite servers (both FTP and HTTP)
not supporting persistent connections and libcurl is doing them now. I have
to fix the test servers to get all the test cases do OK.
Daniel (8 March 2001)
- Guenole Bescon reported that libcurl did output errors to stderr even if
MUTE and NOPROGRESS was set. It turned out to be a bug and happens if
there's an error and no ERRORBUFFER is set. This is now corrected.
Version 7.7-beta1
Daniel (8 March 2001)
- "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've
added two source files and I've run some test downloads that look fine.
- HTTP HEAD works too, even on 1.1 servers.
Daniel (5 March 2001)
- The current 57 test cases now pass OK. It would suggest that libcurl works
using the old-style with one connection per handle. The test suite doesn't
handle multiple connections yet so there are no test cases for this.
- I patched the telnet.c heavily to not use any global variables anymore. It
should make it a lot nicer library-wise.
- The file:// support was modified slightly to use the internal connect-first-
then-do approach.
Daniel (4 March 2001)
- More bugs erased.
Version 7.7-alpha2
Daniel (4 March 2001)
- Now, there's even a basic check that a re-used connection is still alive
before it is assumed so. A few first tests have proven that libcurl will
then re-connect instead of re-use the dead connection!
Daniel (2 March 2001)
- Now they work intermixed as well. Major coolness!
- More fiddling around, my 'tiny' client I have for testing purposes now has
proved to download both FTP and HTTP with persistent connections. They do
not work intermixed yet though.
Daniel (1 March 2001)
- Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that
curl_slist_append() should take a const char * as second argument. It does
now.
Daniel (22 February 2001)
- The persistent connections start to look good for HTTP. On a subsequent
request, it seems that libcurl now can pick an already existing connection
if a suitable one exists, or it opens a new one.