- Pascal Terjan filed bug #2154627

                                  Changelog

Daniel Stenberg (15 Oct 2008)

- Pascal Terjan filed bug #2154627

  (http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl

  uses strcasecmp() in multiple places where it causes failures when the

  Turkish locale is used. This is because 'i' and 'I' isn't the same letter so

  strcasecmp() on those letters are different in Turkish than in English (or

  just about all other languages). I thus introduced a totally new internal

  function in libcurl (called Curl_ascii_equal) for doing case insentive

  comparisons for english-(ascii?) style strings that thus will make "file"

  and "FILE" match even if the Turkish locale is selected.

Daniel Fandrich (15 Oct 2008)

- A <precheck> command is considered to have failed if it returns a non-zero

  return code.  This way, if the precheck command can't be run at all for

 o CURLINFO_PRIMARY_IP fixed for persistent connection re-use cases

 o remove_handle/add_handle multi interface timer callback flaw

 o CURLINFO_REDIRECT_URL memory leak and wrong-doing

 o case insensitive matching works in Turkish too

This release includes the following known bugs:

 Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,

 Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden,

 Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger,

 Igor Novoseltsev, John Wilkinson

 Igor Novoseltsev, John Wilkinson, Pascal Terjan

        Thanks! (and sorry if I forgot to mention someone)

185 - CURLOPT_PROXYUSER etc

186 - strcasecmp in Turkish

188 -

            whatptr++;

          }

          if(strequal("path", name)) {

          if(Curl_ascii_equal("path", name)) {

            co->path=strdup(whatptr);

            if(!co->path) {

              badcookie = TRUE; /* out of memory bad */

              break;

            }

          }

          else if(strequal("domain", name)) {

          else if(Curl_ascii_equal("domain", name)) {

            /* note that this name may or may not have a preceeding dot, but

               we don't care about that, we treat the names the same anyway */

              }

            }

          }

          else if(strequal("version", name)) {

          else if(Curl_ascii_equal("version", name)) {

            co->version=strdup(whatptr);

            if(!co->version) {

              badcookie = TRUE;

              break;

            }

          }

          else if(strequal("max-age", name)) {

          else if(Curl_ascii_equal("max-age", name)) {

            /* Defined in RFC2109:

               Optional.  The Max-Age attribute defines the lifetime of the

              atoi((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0]) +

              (long)now;

          }

          else if(strequal("expires", name)) {

          else if(Curl_ascii_equal("expires", name)) {

            co->expirestr=strdup(whatptr);

            if(!co->expirestr) {

              badcookie = TRUE;

      else {

        if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]",

                  what)) {

          if(strequal("secure", what)) {

          if(Curl_ascii_equal("secure", what)) {

            co->secure = TRUE;

          }

          else if (strequal("httponly", what)) {

          else if (Curl_ascii_equal("httponly", what)) {

            co->httponly = TRUE;

          }

          /* else,

           As far as I can see, it is set to true when the cookie says

           .domain.com and to false when the domain is complete www.domain.com

        */

        co->tailmatch=(bool)strequal(ptr, "TRUE"); /* store information */

        co->tailmatch=(bool)Curl_ascii_equal(ptr, "TRUE"); /* store information */

        break;

      case 2:

        /* It turns out, that sometimes the file format allows the path

        fields++; /* add a field and fall down to secure */

        /* FALLTHROUGH */

      case 3:

        co->secure = (bool)strequal(ptr, "TRUE");

        co->secure = (bool)Curl_ascii_equal(ptr, "TRUE");

        break;

      case 4:

        co->expires = curlx_strtoofft(ptr, NULL, 10);

  clist = c->cookies;

  replace_old = FALSE;

  while(clist) {

    if(strequal(clist->name, co->name)) {

    if(Curl_ascii_equal(clist->name, co->name)) {

      /* the names are identical */

      if(clist->domain && co->domain) {

        if(strequal(clist->domain, co->domain))

        if(Curl_ascii_equal(clist->domain, co->domain))

          /* The domains are identical */

          replace_old=TRUE;

      }

        /* the domains were identical */

        if(clist->path && co->path) {

          if(strequal(clist->path, co->path)) {

          if(Curl_ascii_equal(clist->path, co->path)) {

            replace_old = TRUE;

          }

          else

      /* now check if the domain is correct */

      if(!co->domain ||

         (co->tailmatch && tailmatch(co->domain, host)) ||

         (!co->tailmatch && strequal(host, co->domain)) ) {

         (!co->tailmatch && Curl_ascii_equal(host, co->domain)) ) {

        /* the right part of the host matches the domain stuff in the

           cookie data */

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

#define curlx_getenv curl_getenv

#define curlx_strequal curl_strequal

#define curlx_strnequal curl_strnequal

#define curlx_ascii_equal Curl_ascii_equal

#define curlx_mvsnprintf curl_mvsnprintf

#define curlx_msnprintf curl_msnprintf

#define curlx_maprintf curl_maprintf