diff options
| -rw-r--r-- | CHANGES | 5 | ||||
| -rw-r--r-- | RELEASE-NOTES | 3 | ||||
| -rw-r--r-- | lib/url.c | 3 |
3 files changed, 9 insertions, 2 deletions
@@ -7,6 +7,11 @@ Changelog Daniel Stenberg (11 Dec 2008) +- Keshav Krity found out that libcurl failed to deal with dotted IPv6 + addresses if they were very long (>39 letters) due to a too strict address + validity parser. It now accepts addresses up to 45 bytes long. + +Daniel Stenberg (11 Dec 2008) - Internet Explorer had a broken HTTP digest authentication before v7 and there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even comes with an option to work with such diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 06e3893d5..da0d98ba9 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -27,6 +27,7 @@ This release includes the following bugfixes: o GSS authentication infinite loop problem o 550 response from SIZE no longer treated as missing file o ftps:// control connections now use explicit protection level + o dotted IPv6 addresses longer than 39 bytes failed This release includes the following known bugs: @@ -37,6 +38,6 @@ advice from friends like these: Yang Tse, Daniel Fandrich, Jim Meyering, Christian Krause, Andreas Wurf, Markus Koetter, Josef Wolf, Vlad Grachov, Pawel Kierski, Igor Novoseltsev, - Fred Machado, Ken Hirsch + Fred Machado, Ken Hirsch, Keshav Krity Thanks! (and sorry if I forgot to mention someone) @@ -3724,7 +3724,8 @@ static CURLcode parse_remote_port(struct SessionHandle *data, char *portptr; char endbracket; - if((1 == sscanf(conn->host.name, "[%*39[0123456789abcdefABCDEF:.%]%c", &endbracket)) && + if((1 == sscanf(conn->host.name, "[%*45[0123456789abcdefABCDEF:.%]%c", + &endbracket)) && (']' == endbracket)) { /* this is a RFC2732-style specified IP-address */ conn->bits.ipv6_ip = TRUE; |