Newer
Older
- Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
is built with the FBopenssl libraries. curl_version_info() now returns
info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
with the MIT GSS-library (the Heimdal one still works too).
Daniel (16 September)
- Doing PUT with --digest failed, as reported in bug report #805853.
- Using --anyauth that picked NTLM, and then a redirect closed the connection
and took curl to a second NTLM page made curl fail. Bug report #806328
identified the problem, test case 90 was added to verify the fix.
- codemastr brought a patch for ares to make the Windows portions of it work
properly on NT4. I uploaded a new diff and updated the docs on where to get
it etc.
- Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
cached DNS entry even though it may be in use, which caused "random" memory
to get overwritten and thus "random" crashes.
Daniel (12 September)
- Based on a bug report by David Kimdon, I made the runtests.pl script clear
all possible proxy environment variables before the tests are run.
Daniel Stenberg
committed
- By default, easy handles within a multi handle now share DNS cache.
- Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
Microsoft's "Negotiate" authentication as well.
Daniel (11 September)
- A zero-length proxy string confused FTP transfers.
- Bjorn Reese found a case with an uninitialized pointer, only present when
built for ares.
Version 7.10.8-pre1 (8 September 2003)
Daniel (7 September)
- Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
the problem.
Daniel (5 September)
- Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
- De-macrofied the lib/hash.c source code somewhat.
Daniel (4 September)
- CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
Mueller-Tolk's patch,
Early (4 September)
- Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
requirements on the FTP server's ability to respond to individual commands
without placing global requirements on transfer or connect time. Files
affected:
- include/curl/curl.h
Added option CURLOPT_FTP_RESPONSE_TIMEOUT
- lib/ftp.c
Added branch inside Curl_GetFTPResponse to check for
data->set.ftp_response_timeout
- lib/url.c
Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
- lib/urldata.h
Added ftp_response_timeout to struct UserDefined
Daniel (3 September)
- Peter Pentchev found and fixed two problems in the test suite's web server
code, that made it segfault at times.
- Jörg Mueller-Tolk improved the proxy user+password handling, especially
when providing a blank password.
Daniel (2 September)
- Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
and similar to work.
Daniel (1 September)
- Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
- Jeff Pohlmeyer added a proper error message for non-resolving hosts when
using ares for lookups.
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
Daniel (25 August)
- John McGowan reported that curl -k still failed if the HTTPS server's CN
field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
set to 1, and libcurl failed if the CN was missing. Starting now, having it
set to 1 will simply output a warning if no CN could be obtained (as having
a mismatch is OK).
Daniel (21 August)
- Vincent Sanders provided a fix for name resolving when linked with uClibc.
Daniel (20 August)
- Gerd v. Egidy provided a patch that makes libcurl store the FTP response
code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
returns that data. The option is therefore now also known as
CURLINFO_RESPONSE_CODE.
- Antoine Calando found a segfault when doing multi-part/formpost using
the multi interface.
- Antoine Calando pointed out that curl_multi_info_read() didn't set the
msgs_in_queue to 0 properly when returning NULL.
Daniel (19 August)
- I made curl support multiple -T options, as well as -T "{file1,file2}"
style globbing. One -T for each URL is supported.
- Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
multi interface when trying a non-existing host name.
- Made the libcurl printf code support long longs if available.
- Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
in curl_global_cleanup().
Daniel (17 August)
- Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
them get the internal defaults restored. Previously this could cause a
segfault. We should aim at having all pointer-related options get restored
to default/safe values when set to NULL.
Version 7.10.7 (15 August 2003)
Daniel (14 August)
- I modified the memdebug system to return failure on memory allocation
functions after a set amount of successful ones. This enables us to test
out-of-memory situations in a controlled manner and we can make sure that
curl/libcurl behaves good in those.
This made me find and fix several spots where we did not cleanup properly
when bailing out due to errors (low memory).
- Corrected test case 74. Made using -o with bad #[num] codes complain and
bail out. Made #[num] support numbers larger than 9 as well. Added test
case 86 for a proper range globbing test as well.
Version 7.10.7-pre4 (12 August 2003)
Daniel (12 August)
- curl_version_info() now returns a flag if libcurl was built with asynch DNS
support, and this is now also displayed with 'curl -V'.
- Added a few new man pages to the docs/libcurl dir: curl_share_init,
curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
Daniel (11 August)
- Mike Cherepov made the local binding code work for Windows, which makes
the option CURLOPT_INTERFACE work on Windows as well.
- Vincent Sanders updated the fopen.c example code a lot.
- --proxy-ntlm is now supported by the curl tool. It forces the proxy
authentication to be made using NTLM. It does not yet work for HTTPS over
proxies (or other proxy-tunneling options). Test case 81 and 82 do some
simple initial ntlm testing.
- Found and fixed a minor memory leak on re-used connections with
proxy-authentication.
- I removed -@ and -Z as valid short options. They were very rarely used (@
wasn't even documented).
- Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
but is for the proxy connection only, and HTTPAUTH is for the remote host.
- Fixed loading of cookies with blank contents from a cookie jar. Also made the
cookie functions inform on added and skipped cookies (for cookie debugging).
Version 7.10.7-pre3 (8 August 2003)
- Applied David Byron's fix for file:// URLs with drive letters included.
- I added the --ftp-create-dirs to the client code, which activates Early's
CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
it. Added the option to the curl.1 man page too. Added the option to the
curl_easy_setopt.3 man page too.
Daniel (7 August)
- Test case 60 failed on ia64 and AMD Opteron. Fixed now.
- Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
debian bug tracker). Added test case 74 to verify the fix and to discover if
this breaks in the future.
Version 7.10.7-pre2 (6 August 2003)
Daniel (5 August)
- Duncan Wilcox helped me verify that the latest incarnation of my ares patch
builds fine on Mac OS X (see the new lib/README.ares) file for all details.
- Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
bug report to the libcurl list, both identifying a problem with FTP
persistent connections and how the dir hierarchy was not properly reset
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
between files.
- David Byron's thoughts on a fixed Makefile in tests/ were applied.
- Jan Sundin reported a case where curl ignored a cookie that browsers don't,
which turned up to be due to the number of dots in the 'domain'. I've now
made curl follow the the original netscape cookie spec less strict on that
part.
Daniel (4 August)
- Dirk Manske added cookie support for the experimental, hidden and still
undocumented share feature!
- Mark Fletcher provided an excellent bug report that identified a problem
with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
properly ignore the body contents of 3XX response that included the
Location: header.
Early (6 August)
- Added option CURLOPT_FTP_CREATE_MISSING_DIRS
This option will force the target file's path to be created if it
does not already exist on the remote system.
Files affected:
- include/curl/curl.h
Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- lib/ftp.c
Added function ftp_mkd, which issues a MKD command
Added function ftp_force_cwd, which attempts a CWD,
and does a MKD and retries the CWD if the original CWD
fails
Modified ftp_perform() to call its change directory function
through a pointer. The pointer points to ftp_cwd by default,
and is modified to point to ftp_force_cwd IFF
data->set.ftp_create_missing_dirs is not 0.
- lib/url.c
Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
- lib/urldata.h
Added ftp_create_missing_dirs to struct UserDefined
- Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
present to do the time comparison, it would fail.
Files affected:
- lib/ftp.c
In ftp_perform(), the call to ftp_getfiletime() used to be followed
by
if (result)
return result;
And then by the code that actually did the time comparison.
The code that did the comparison handled the case where the filetime
was not available (as indicated by info.filetime < 0 or set.timevalue
< 0), so I replaced the if (result) return result with a switch(result)
that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
normal time comparison.
Daniel (3 August)
- When proxy authentication is used in a CONNECT request (as used for all SSL
connects and otherwise enforced tunnel-thru-proxy requests), the same
authentication header is also wrongly sent to the remote host.
This is a rather significant info leak. I've fixed it now and mailed a patch
and warning to the mailing lists.
Daniel (1 August)
- David Byron provided a patch to make 7.10.6 build correctly with the
compressed hugehelp.c source file.
Version 7.10.7-pre1 (31 July 2003)
Daniel (30 July)
- Jörg Müller-Tolk updated the VC makefile.
- Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
style like other faked HTTP headers when NOBODY and HEADER are used. I
updated two corresponding test cases too.
- Marty Kuhrt pointed out a compilation problem on VMS due to my having
changed a type from long to time_t, and I'm now changing it back to work
more portably...
He also indicated that distributing the src/hugehelp.c in a compressed state
like I accidentally did may not be the smartest move... I've now fixed the
distribute procedure to automatically generate an uncompressed version when I
make release archives.
Daniel (29 July)
- Gisle Vanem brought changes to the mkhelp script for the generation of the
compressed help text on some platforms.
Version 7.10.6 (28 July 2003)
Daniel (28 July)
- François Pons brought a patch that once again made curl deal with ftp and
"double slash" as indicating the root directory. In the RFC1738-fix of April
30, that ability was removed (since it is not the "right" way). So, starting
now we can list the root dir of an ftp server both these ways:
curl ftp://server.com/%2f as well as
curl ftp://server.com//
Daniel (24 July)
- Henry Bland pointed out that we included sys/resource.h without good reason
in several source files. Without it included, QNX builds better...
- Andrés García updated the mingw makefiles.
Daniel (23 July)
- Tracy Boehrer experienced DNS cache problems and did some nice debugging
and tracking which made it easy for me to correct the problem and Tracy
could verify that it did cure the problem! When re-using a connection we
now make sure we don't re-use the 'connect_addr' struct.
- Daniel Kouril corrected the GSS-Negotiate code.
- Juan F. Codagnone provided fixes to allow curl to build fine on Windows
again.
Daniel (22 July)
- Edited the curl/curl.h include file to build on Windows properly.
Daniel (21 July)
- Moved the proxy credentials from the SessionHandle struct to the connectdata
struct, to make multiple proxy connections with differerent user names work.
- Adjusted the NTLM code to support proxy functionality.
- Made the krb4 stuff compile with the user+password fields moved.
Daniel (20 July)
- David Gardner pointed out in bug report 770755 that using the FTP command
CWD with a blank argument is a bad idea and I made libcurl skip empty path
segments starting now.
Daniel (18 July)
- Cris pointed out that my fix on July 16th didn't work fully. His pointing
out this (and his patch) also made me realize that we have a very similar
bug in the FTP connection re-use code. We must store a separate user and
password field for each connection we keep (at least for FTP and HTTP+NTLM
connections, so I made us do this unconditionally).
- Since NTLM authenticates connections instead of single requests, I had to
re-arrange how we store the NTLM data and I had to improve the test suite to
finally work properly with persistency to make the NTLM tests run fine
again. This also forced me to have to update lots of HTTP test cases.
Daniel (16 July)
- Cris Bailiff's bug report 768275 pointed out that using Basic auth with
wrong user+password caused an endless loop. Fixed now. He also found out that
we didn't properly authenticate connections with NTLM. Fixed too.
- Dan Winship provided fixes for the NTLM code.
Daniel (5 July)
- Doug Kaufman provided additional fixes for the DOS port.
- Rick Richardson pointed out that using setvbuf() to achieve non-buffering
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
on output is no-good for SCO Xenix and other unixes. We switched over to
using plain fflush() instead.
- Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
the configure script, and I had to change some build stuff to make the new
way work.
- Peter Sylvester's patch was applied that introduces the following:
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
anything but CURLE_OK is returned, that will also be returned by libcurl
all the way back. If this function changes the CURLOPT_URL, libcurl will
detect this and instead go use the new URL.
CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
with CURLOPT_SSL_CTX_FUNCTION.
Daniel (1 July)
- David Byron provided a patch that allows a client to quit the test suite's
HTTP server.
- Gisle Vanem found and patched a lib handle leak in the ldap code.
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
Daniel (25 June)
- More NTLM-improvements. Less code. Smaller packets back and forth.
Daniel (23 June)
- Eric Glass provided us with a better doc on NTLM details, and I added more
comments and clarified the current code more. Using the new knowledge, we
should be able to make the NTLM stuff work even better.
Eric's original URL: http://davenport.sourceforge.net/ntlm.html
Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
- Fixed the minor compile problems pre3 had if built without GSSAPI and/or
SSL.
Version 7.10.6-pre3 (19 June 2003)
Daniel (19 June)
- Made curl use curl_free() on memory returned by curl_getenv(), as this
should theoreticly make it possibly to build and run curl and libcurl with
different memory allocation schemes with no problems.
Daniel (18 June)
- Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
include a better comment in the top for the gzip compressed version.
Daniel (17 June)
- CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
type(s) you want to use. If more than one is set, libcurl will use one of
the selected one and the one it considers is more secure. Test case 67 and
68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
fetches, and test case 69 and 70 were added for testing authentication
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
"picking". --anyauth is the new command line tool option, and I also added
--basic for completeness (that's the default type).
- Fixed the runtests.pl script to use the info provided by the new curl -V
output.
- --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
is meant to be a generic debug conditional.
- curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
indicate that the library was built with CURLDEBUG set.
- Ralph Mitchell found out that some web applications very badly uses white
spaces in Location: redirects, and apparently IE is a browser (the only
one?) that supports this abomination. Based on Ralph's patch, I added code
that now attempts to replace white spaces with the proper "%20" or "+".
Test case 40 and 42 were added to verify my changes.
- curl -V now also outputs a list of features the available library offers (if
any).
- The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
support.
- David Orrell reported that libcurl still crashed when sending HUGE requests
over HTTPS... I fixed.
Version 7.10.6-pre2 (16 June 2003)
Daniel (16 June)
- curl_version_info() now returns bitmasked information weather NTLM and
GSSNEGOTIATE are supported, since it is doomed to vary on different
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
- I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
that is present, and only use our own MD5-code if it isn't.
Daniel (13 June)
- More NTLM help, fixes and patches from Cris Bailiff.
- Marty Kuhrt brought include fixes for making VMS builds warning-free.
Daniel (12 June)
- NTLM authentication works somewhat against the test servers provided by
Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
were added for this. NTLM-support requires OpenSSL.
- Dan Fandrich provided a patch, that granted that gzip and libz are available
at build-time, compresses the hugehelp text in the curl command line and
uncompresses it at request. Saves some ~60K in the final output executable.
Daniel (11 June)
- Long day of fighting the NTLM demons.
- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
and pick method. Supported ones currently are:
CURLAUTH_BASIC - default selection
CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
CURLAUTH_GSSNEGOTIATE
- Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
Microsoft web applications. --negotiate is the new family member. To take
advantage of this, you need one of these packages:
o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
o GSSAPI from Globus http://www.globus.org/
o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
- A missing ending bracket (']') while doing URL globbing could lead to a
segfault. While fixing this, I also introduced better error reporting in the
globbing code. (All this is application code outside libcurl.)
Daniel (6 June)
- David Orrell found out that sending a huge GET request over HTTPS could
make libcurl fail and return an error code.
- Richard Bramante found out that "Content-Length: 0" was not properly used by
libcurl if the response-headers indicated that the connection would be
closed.
- David Byron's patch was applied, that makes the --progress-bar take the
local size into account when doing resumed downloads.
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
- Feedback from Serge Semashko made me change the error message returned when
CURLE_HTTP_RETURNED_ERROR is returned.
- Anonymous in bug report #745122 pointed out that we should really be using
SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
implementations.
Daniel (27 May)
- Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
the sys/select.h header file so including it unconditionally in curl/multi.h
is not a good thing. Now we check for HPUX and avoid using that header on
such systems.
- Rudy Koento experienced problems with curl's recent habit of POSTing data in
two separate send() calls, first the headers and then the data. I've now
made a fix that for static and known content that is less than 100K in size,
everything is now sent in one single system call again. This is also better
for network performance reasons.
- I modified the main makefile to not build the test suite and a few other
unnecessary things by default. Now, the test suite is built when 'make test'
is run. This reduces build time for those who don't care for the test
suite, and it also reduces confusion for people using platforms where the
test suite build fails!
Daniel (26 May)
- Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
which is now corrected.
- Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
proxy a little too much like as if it was a http proxy.
Daniel (23 May)
- Ricardo Cadime found a socket leak when listing directories without
contents. Test cases 144 and 145 were added to verify the fix.
- Rudy Koento found yet another problem when a HTTP server returns only a
single-line of contents without any headers at all. libcurl then failed to
count the data, thus returning error 52 "no contents". Test case 66 was
added to verify that we now do right.
Version 7.10.6-pre1 (23 May 2003)
Daniel (23 May)
- Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
Daniel (22 May)
- David Remahl set up a test-server for me providing Digest authentication,
and I wrote the first working code that support it. The test suite was
modified slightly as well to work better for it and --digest was added to
the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
has all the gory details.
- David Balazic pointed out that curl_unescape() didn't check that %-codes
were correctly followed by two hexadecimal digits when it unescape strings.
Now, we do the check and only %XX codes are unescaped if the X letters are
hexadecimals.
- Gisle Vanem made curl build with djgpp on DOS.
- Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
shown with curl -M.
Daniel (20 May)
- Gisle Vanem provided a fix that makes libcurl more conservative, not
expecting h_aliases of the hostent struct to always be non-NULL.
Daniel (19 May)
- As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
supports user name and password in the proxy environment variables. Added
test case 63 to verify this.
Version 7.10.5 (19 May 2003)
Daniel (15 May)
- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
a very common type inet_addr() returns.
Daniel (14 May)
- George Comninos provided a fix that calls the progress meter when waiting
for FTP command responses take >1 second. It'll make applications more
"responsive" even when dealing with very slow ftp servers.
Daniel (12 May)
- George Comninos pointed out that libcurl uploads had two quirks:
o when using FTP PORT command, it used blocking sockets!
o it could loop a long time without doing progress meter updates
Both items are fixed now.
Daniel (9 May)
- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
set to "". This frees the application from having to know which encodings
the library supports.
- Dan Fandrich pointed out we had three unnecessary files in CVS that is
generated with libtoolize, so they're now removed and libtoolize is invoked
accordingly in the buildconf script.
- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
given name is a network interface gave a real performance penalty on Linux,
so now we more appropriately first check if it is an IP number and if so
we don't check for a network interface with that name.
- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
to use EPRT and LPRT before the traditional PORT command. The command line
tool sets this option with '--disable-eprt'.
Version 7.10.5-pre2 (6 May 2003)
Daniel (6 May)
- Kevin Delafield reported another case where we didn't correctly check for
EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
Daniel (4 May)
- Ben Greear noticed that the check for 'writable argv' exited the configure
script when run for cross-compiling, which wasn't nice. Now it'll default to
no and output a warning about the fact that it was not checked for.
Daniel (2 May)
- Added test case 62 and fixed some more on the cookie sending with a custom
Host: header set.
Daniel (1 May)
- Andy Cedilnik fixed a few compiler warnings.
- Made the "SSL read error: 5" error message more verbose, by adding code that
queries the OpenSSL library to fill in the error buffer.
- Added sys/select.h include in the curl/multi.h file, after having been
reminded about this by Rich Gray.
- I made each test set its own server requirements, thus abandoning the
previous system where the test number implied what server(s) to use for a
specific test.
- David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
that libcurl now uses one CWD command for each path part. A bunch of test
cases were fixed to work accordingly.
- Cookie fixes:
A. Save domains in jars like Mozilla does. It means all domains set in
Set-Cookie: headers are dot-prefixed.
B. Save and use the 'tailmatch' field in the Mozilla/Netscape cookie jars
(the second column).
C. Reject cookies using illegal domains in the Set-Cookie: line. Concerns
both domains with too few dots or domains that are outside the currently
operating server host's domain.
D. Set the path part by default to the one used in the request, if none was
set in the Set-Cookie line.
To make item C really good, I also made libcurl notice custom Host: headers
and extract the host name set in there and use that as the host name for the
site we're getting the cookies from. This allows user to specify a site's
IP-address, but still be able to receive and send its cookies properly if
you provide a valid Host: name for the site.
Daniel (29 Apr)
- Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
when using the multi interface (too).
Version 7.10.5-pre1 (23 Apr 2003)
Daniel (22 Apr)
- Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
return CURLE_OK no matter what happens.
- Dan Fandrich fixed some gzip decompression bugs and flaws.
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
Daniel (16 Apr)
- Fixed minor typo in man page, reported in the Debian bug tracker.
Daniel (15 Apr)
- Fixed some FTP tests in the test suite that failed on my Solaris host, due
to the config.h not being included before the system headers. When done that
way, it did get a mixed sense of if big files are supported or not and then
stat() and fstat() (as used in test case 505) got confused and failed to
return a proper file size.
- Formposting a file using a .html suffix is now properly set to Content-Type: text/html.
Daniel (14 Apr)
- Fixed the SSL error handling to return proper SSL error messages again, they
broke in 7.10.4. I also attempt to track down CA cert problems and then
return the CURLE_SSL_CACERT error code.
- The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
a fairly big and explanatory error message. Kevin Roth helped me out with
the wording.
Daniel (11 Apr)
- Nic Hines provided a second patch for gzip decompression, and fixed a bug
when deflate or gzip contents were downloaded using chunked encoding.
- Dan Fandrich made libcurl support automatic decompression of gzip contents
(as an addition to the previous deflate support).
- I made the CWD command during FTP session consider all 2xy codes to be OK
responses.
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
Daniel (10 Apr)
- Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
after the host name, but still had "?" and parameters appended, as in
"http://hostname.com?foobar=moo", were not properly parsed by libcurl.
Daniel (9 Apr)
- Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
for HTTP. This then made -z work for ftp transfers too. Added test case 139
and 140 for verifying this.
- Getting the file date of an ftp file used the wrong time zone when
displayed. It is supposedly always GMT. Added test case 141 for this.
- Made the test suite's FTP server support MDTM.
- The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
CURLINFO_HEADER_IN data as well. The most notable effect from this is that
using curl -v, you get to see the incoming "headers" as well. This is
perhaps most useful when doing ftp.
Daniel (8 Apr)
- James Bursa fixed a flaw in the Content-Type extraction code, which missed
the first letter if no space followed the colon.
- Magnus Nilsson pointed out that share.c was missing in the MSVC project
file.
Daniel (6 Apr)
- Ryan Weaver provided a patch that makes the CA cert bundle not get installed
anymore when 'configure --without-ssl' has been used.
Daniel (4 Apr)
- Martijn Broenland found another cases where a server application didn't
like the boundary string used by curl when doing a multi-part/formpost. We
modified the boundary string to look like the one IE uses, as this is
probably gonna make curl work with more applications.
Daniel (3 Apr)
- Kevin Roth reported that a bunch of tests fails on cygwin. One set fails
when using perl 5.8 (and they run fine with perl 5.6), and another set
failed because of an artifact in the test suite's FTP server that I
corrected. It turned out the FTP server code was still having a file opened
while the main test script removed it and invoked the HTTP server that
attempted to create the same file name of the file the FTP server kept open.
This operation works fine on unix, but not on cygwin.
Version 7.10.4 (2 Apr 2003)
Daniel (1 Apr)
- Added test case 505 to exercise FTP upload with rename done with libcurl,
and for that I had to extend the test suite's FTP server to deal with the
RNFR and RNTO commands.
Daniel (31 Mar)
- Even more SSL config check modifications after Richard's testing.
Version 7.10.4-pre6 (31 Mar 2003)
- More fixes for the SSL session ID cache checks when SSL configs are changed
between connections. Based on tests and talks with Richard Bramante.
- Guillaume Cottenceau provided a patch that added CURLOPT_UNRESTRICTED_AUTH.
When enabled, it will prevent libcurl from limiting to which host it sends
user+password to when following locations. By default, libcurl only sends
name and password to the original host used in the first URL, but with this
option set it will send the auth info to all hosts it follows location
headers to. The new tool command line option for this is named
"--location-trusted".
- Frankie Fong reported a problem with libcurl if you re-used an easy handle
with a proxy, and you first made a https:// connection to a host and then
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
switched to a http:// one to the same host. libcurl would then wrongly re-use
the same connection for it and fail to get the second URL properly
Daniel (29 Mar)
- Dan Shearer's fix that makes curl complain if invoked with nothing but "curl
-O" was applied.
Daniel (26 Mar)
- Bryan Kemp was friendly enough to lend me an account on his Redhat 9 box and
I could fix the configure problems on redhat 8.1 and 9 in no time thanks to
this. Thanks a bunch Bryan!
Daniel (25 Mar)
- Renamed configure.in to configure.ac
Version 7.10.4-pre5 (25 Mar 2003)
Daniel (25 Mar)
- Richard Bramante provided a fix for a handle re-use problem seen when you
change options on an SSL-enabled connection between requests. Previously,
changing peer verification or host verification and similar things was not
taken into account when a connection were checked for re-use and thus
enabling stricter check between requests on a re-used connection made no
difference and the connection would thus be used erroneously.
Daniel (24 Mar)
- Götz Babin-Ebell pointed out that the ca-bundle.crt file contained a
certificate from Trustcenter that was a demo certificate only that was never
Daniel (21 Mar)
- Life is a mystery. Within a time period of 17 hours, Tim Pope and Michael
Churchill filed one bug report each, both identifying problems with a second
transfer when doing persistent transfers re-using a connection. Tim's one is
#706624, labeled "Multiple uploads per handle fail" and Michael's #707003
"Does not send Authorization: header when reusing connection". I could track
both down to the same piece of logic and it turned out libcurl was not using
new settings properly when re-using an existing connection. This concerned
both uploading and downloading and involved exactly those pieces these two
reports identified. This code has been this faulty since the day I
introduced persistent connection support in libcurl, more than 2 years ago.
Daniel (20 Mar 2003)
- Five year anniversary. Today five years ago, the first ever curl release saw
the light of day.
Daniel (17 Mar)
- Andy Cedilnik corrected flaws in some libcurl example-usage sources.
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
Daniel (16 Mar)
- Juan F. Codagnone reported that the fix from March 2nd was incomplete.
- Added code to the configure.in to check for select() argument types. I've
not made any code use the results just yet though.
Daniel (15 Mar)
- Gisle Vanem provided two patches to build better on Windows.
- Adjusted the test suite code to better make sure that the server(s) required
for a specific test is properly started before the test case is attempted.
Many tests now run a lot faster than before.
Daniel (14 Mar)
- Another configure.in adjustment made the configure detect functions properly
on HPUX now.
Daniel (13 Mar)
- Philippe Raoult fixed pre4-compile quirks for FreeBSD.
Version 7.10.4-pre4 (13 Mar 2003)
Daniel (13 Mar)
- Added a backup-check for functions that aren't found by AC_CHECK_FUNCS()
as I believe some checks on HPUX need this. At least some of the info given
to us by Rick Jones seemed to indicate this.
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
Daniel (12 Mar)
- Thomas Tonino found out that if you used the curl tool to do PUT operations
as in 'curl www.foo.com/dir/ -T file' and the file name included for example
space or other characters that don't belong in URLs, curl did not properly
URL encode them before using them in the URL.
- Added an option to configure called --enable-libgcc that simply adds -lgcc
to the LIBS variable, as this seems to be a common problem.
- I modified the configure.in file, so that the headers are now checked in an
order of "viality". We must also make sure to use the "default headers"
parameter to AC_CHECK_HEADERS() so that headers are checked with the proper
prerequisites included (i.e all the major and generally important header
files are included there by default). This might be what we need for various
Sun, HP, AIX and Tru64 systems to behave good again on the header check
front.
- Rick Jones pointed out a few compiler warnings on HP-UX that I addressed.
- I made the configure --help output nicer by using AC_HELP_STRING() a lot
more.
Daniel Stenberg
committed
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
Daniel (11 Mar)
- Christophe Demory fixed the socket sending code to work better on HP-UX
when sending data to a socket that would block. It then returns EAGAIN, not
EWOULDBLOCK.
- Richard Gorton improved the seeding function for systems without a good
and reliable random source.
- Richard Gorton fixed a few warnings that popped up when you built curl
using the Sun compiler on a 64bit SPARC platform.
- Martin C. Martin fixed a case where a connect failure using the multi
interface didn't produce a human readable error string.
Daniel (10 Mar)
- Reverted ltmain.sh back to libtool 1.4.2 status again, as the 1.4.3 version
broke the build on numerous platforms. It seems that libtool 1.4.3 puts some
requirements on what versions of the other tools (autoconf + automake) that
I am not familiar with and thus I couldn't fulfill at this point.
Yes, this is more than mildly frustrating.
Daniel (7 Mar)
- Run libtoolize version 1.4.3.
Version 7.10.4-pre3 (4 Mar 2003)
Daniel Stenberg
committed
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
Daniel (3 Mar)
- Added share.obj to the VC6 and Borland libcurl makefiles.
- Troels Walsted Hansen found and investigated a problem with libcurl on AIX,
presumably only on 4.3 or later. gethostbyname_r() is not returning data
that is possible to "keep" and cache the way libcurl does. But instead these
versions of AIX uses a gethostbyname() that works thread-safely we can
instead use the ordinary gethostbyname() and our pack_hostent() approach to
achieve what we want. The configure script now attempts to detect AIX 4.3 or
later to adjust for this.
Daniel (2 Mar)
- Juan F. Codagnone found a problem introduced in 7.10.3 when you first did a
POST and then back to a GET using the same easy handle.
Daniel (28 Feb)
- Removed the strequal and strnequal defines from curl/curl.h header. They
were never meant for the public header anyway. Philippe Raoult brought it
up.
- James Bursa fixed the RISC OS build.
Daniel (27 Feb)
- Avery Fay pointed out the very misleading curl_multi_info_read man page, and
I updated it to become more accurate.
- Salvatore Sorrentino found a problem with FTP downloading that turned out to
be his FTP server returning size zero (0 bytes) when SIZE was used on a file
while being in BINARY mode. We now make a second check for the actual size
by scanning the RETR reply anyway, even if the SIZE command returned 0.
Daniel (26 Feb)
- Kyle Sallee reported a case where he would do a transfer that didn't update
the progress meter properly. It turned out to be a case where libcurl would
loop a little too eagerly in the transfer loop, which isn't really good for
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
Version 7.10.4-pre2 (24 Feb 2003)
Daniel (24 Feb)
- Kjetil Jacobsen found out that setting CURLOPT_MAXCONNECTS to a value higher
than 5 could cause a segfault.
- I believe I fixed the 'Expect: 100-continue' behavior that has been broken
for a while (I think since my change dated Dec 10 2002). When this header is
used, libcurl should wait for a HTTP 100 (or timeout) before sending the
post/put data.
Daniel (14 Feb)
- Matthew Clarke provided some info what to modify to make curl build
flawlessly on AIX 3.2.5.
- Martin C. Martin found and fixed a problem in the multi interface when
running on Windows and trying to connect to a port without a listener.
Daniel (13 Feb)
- Christopher R. Palmer fixed Curl_base64_encode() to deal with zeroes in the
data to encode.
- Jean-Philippe added the first code that enables the 'share' system. This
should now enable sharing of DNS data between two curl easy handles.
- Incorporated Nico Baggus' fixes to again compile flawlessly on VMS.
- James Bursa corrected a bad comment in the public include file curl/multi.h
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
- Peter Forret reported one of those error:00000000 cases in libcurl again
when connecting to a HTTPS site, and this time I did discover some oddities
in how curl reports SSL errors back. It could miss showing the actual error.
Version 7.10.4-pre1 (3 Feb 2003)
Daniel (3 Feb)
- Removed things in the docs saying capath doesn't work on Windows, as Julian
Noble told us it works fine.
Daniel (31 Jan)
- Kevin Roth fixed the zlib build stuff in the Mingw32 makefile.
Daniel (30 Jan)
- Kevin Roth found out that curl on Windows always checked for the CA cert
bundle using the environment variable and the path scan, even though
-k/--insecure was used.
- Hamish Mackenzie pointed out that curl only did strict host name verifying
if capath or cainfo was used. Now it'll always do it unless -k / --insecure
is used!
- Pavel Cenek pointed out that the Content-Type extraction was done wrongly
as the full string was not fetched. Added test case 57 to verify that curl
does it right now.
Daniel (29 Jan)
- Jamie Wilkinson provided a patch that now makes curl attempt to clear out
"sensitive" command line arguments so that they don't appear in ps outputs
(only on platforms that allow writing to argv[]).