Skip to content
CHANGES 86 KiB
Newer Older
Daniel Stenberg's avatar
Daniel Stenberg committed
                                  _   _ ____  _     
                              ___| | | |  _ \| |    
                             / __| | | | |_) | |    
                            | (__| |_| |  _ <| |___ 
                             \___|\___/|_| \_\_____|

Daniel Stenberg's avatar
Daniel Stenberg committed
                                  Changelog

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (10 June)
- Daniel Kouril added HTTP Negotiate authentication support, as defined in the
  IETF draft draft-brezak-spnego-http-04.txt. In use already by various
  Microsoft web applications. CURLOPT_HTTPNEGOTIATE and --negotiate are the
  new family members.

Daniel Stenberg's avatar
Daniel Stenberg committed
- A missing ending bracket (']') while doing URL globbing could lead to a
  segfault. While fixing this, I also introduced better error reporting in the
  globbing code. (All this is application code outside libcurl.)

Daniel (6 June)
- David Orrell found out that sending a huge GET request over HTTPS could
  make libcurl fail and return an error code.

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (2 June)
Daniel Stenberg's avatar
Daniel Stenberg committed
- Richard Bramante found out that "Content-Length: 0" was not properly used by
  libcurl if the response-headers indicated that the connection would be
  closed.

- David Byron's patch was applied, that makes the --progress-bar take the
  local size into account when doing resumed downloads.

Daniel Stenberg's avatar
Daniel Stenberg committed
- Feedback from Serge Semashko made me change the error message returned when
  CURLE_HTTP_RETURNED_ERROR is returned.

- Anonymous in bug report #745122 pointed out that we should really be using
  SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
  implementations.

Daniel (27 May)
- Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
  the sys/select.h header file so including it unconditionally in curl/multi.h
  is not a good thing. Now we check for HPUX and avoid using that header on
  such systems.

- Rudy Koento experienced problems with curl's recent habit of POSTing data in
  two separate send() calls, first the headers and then the data. I've now
  made a fix that for static and known content that is less than 100K in size,
  everything is now sent in one single system call again. This is also better
  for network performance reasons.

- I modified the main makefile to not build the test suite and a few other
  unnecessary things by default. Now, the test suite is built when 'make test'
  is run.  This reduces build time for those who don't care for the test
  suite, and it also reduces confusion for people using platforms where the
  test suite build fails!

Daniel (26 May)
- Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
  which is now corrected.

- Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
  proxy a little too much like as if it was a http proxy.

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (23 May)
- Ricardo Cadime found a socket leak when listing directories without
  contents. Test cases 144 and 145 were added to verify the fix.

- Rudy Koento found yet another problem when a HTTP server returns only a
  single-line of contents without any headers at all. libcurl then failed to
  count the data, thus returning error 52 "no contents". Test case 66 was
  added to verify that we now do right.

Version 7.10.6-pre1 (23 May 2003)

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (23 May)
- Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.

Daniel (22 May)
- David Remahl set up a test-server for me providing Digest authentication,
  and I wrote the first working code that support it. The test suite was
  modified slightly as well to work better for it and --digest was added to
  the command line options (and CURLOPT_HTTPDIGEST to the library)...  RFC2617
  has all the gory details.

Daniel Stenberg's avatar
Daniel Stenberg committed
- David Balazic pointed out that curl_unescape() didn't check that %-codes
  were correctly followed by two hexadecimal digits when it unescape strings.
  Now, we do the check and only %XX codes are unescaped if the X letters are
  hexadecimals.

- Gisle Vanem made curl build with djgpp on DOS.

- Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
  shown with curl -M.

Daniel (20 May)
- Gisle Vanem provided a fix that makes libcurl more conservative, not
  expecting h_aliases of the hostent struct to always be non-NULL.

Daniel (19 May)
- As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
  supports user name and password in the proxy environment variables. Added
  test case 63 to verify this.

Daniel Stenberg's avatar
Daniel Stenberg committed
Version 7.10.5 (19 May 2003)

Daniel (15 May)
- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
  a very common type inet_addr() returns.

Daniel (14 May)
- George Comninos provided a fix that calls the progress meter when waiting
  for FTP command responses take >1 second. It'll make applications more
  "responsive" even when dealing with very slow ftp servers.

Daniel (12 May)
- George Comninos pointed out that libcurl uploads had two quirks:
   o when using FTP PORT command, it used blocking sockets!
   o it could loop a long time without doing progress meter updates
  Both items are fixed now.

Daniel (9 May)
- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
  set to "".  This frees the application from having to know which encodings
  the library supports.

- Dan Fandrich pointed out we had three unnecessary files in CVS that is
  generated with libtoolize, so they're now removed and libtoolize is invoked
  accordingly in the buildconf script.

- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
  given name is a network interface gave a real performance penalty on Linux,
  so now we more appropriately first check if it is an IP number and if so
  we don't check for a network interface with that name.

- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
  to use EPRT and LPRT before the traditional PORT command. The command line
  tool sets this option with '--disable-eprt'.

Version 7.10.5-pre2 (6 May 2003)

Daniel (6 May)
- Kevin Delafield reported another case where we didn't correctly check for
  EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.

Daniel (4 May)
- Ben Greear noticed that the check for 'writable argv' exited the configure
  script when run for cross-compiling, which wasn't nice. Now it'll default to
  no and output a warning about the fact that it was not checked for.

Daniel (2 May)
- Added test case 62 and fixed some more on the cookie sending with a custom
  Host: header set.

Daniel (1 May)
- Andy Cedilnik fixed a few compiler warnings.

- Made the "SSL read error: 5" error message more verbose, by adding code that
  queries the OpenSSL library to fill in the error buffer.

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (30 Apr)
- Added sys/select.h include in the curl/multi.h file, after having been
  reminded about this by Rich Gray.

- I made each test set its own server requirements, thus abandoning the
  previous system where the test number implied what server(s) to use for a
  specific test.

Daniel Stenberg's avatar
Daniel Stenberg committed
- David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
  that libcurl now uses one CWD command for each path part. A bunch of test
  cases were fixed to work accordingly.

- Cookie fixes:

  A. Save domains in jars like Mozilla does. It means all domains set in
     Set-Cookie: headers are dot-prefixed.
  B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
     (the second column).
  C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
     both domains with too few dots or domains that are outside the currently
     operating server host's domain.
  D. Set the path part by default to the one used in the request, if none was
     set in the Set-Cookie line.

  To make item C really good, I also made libcurl notice custom Host: headers
  and extract the host name set in there and use that as the host name for the
  site we're getting the cookies from. This allows user to specify a site's
  IP-address, but still be able to receive and send its cookies properly if
  you provide a valid Host: name for the site.
Daniel Stenberg's avatar
Daniel Stenberg committed

Daniel (29 Apr)
- Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
  when using the multi interface (too).

Version 7.10.5-pre1 (23 Apr 2003)

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (23 Apr)
- Upgraded to libtool 1.5.

Daniel Stenberg's avatar
Daniel Stenberg committed
Daniel (22 Apr)
- Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
Loading full blame...