Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-04-02 | Added the curl_easy_recv return code fix | Dan Fandrich | |
2009-04-01 | - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a | Daniel Stenberg | |
strdup() call failed. | |||
2009-03-31 | Properly return an error code in curl_easy_recv (reported by Jim Freeman). | Dan Fandrich | |
2009-03-29 | some minor Makefile tweaks. | Gunter Knauf | |
2009-03-20 | Gary Maxwell helped us clarify that CURLOPT_SHARE specificly needs the locking | Daniel Stenberg | |
functions if the easy handles are used in multiple threads | |||
2009-03-20 | removed useless comment | Daniel Stenberg | |
2009-03-18 | Add a link to "Potential Errors Passing CRT Objects Across DLL Boundaries" | Yang Tse | |
2009-03-18 | - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when | Daniel Stenberg | |
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled explicitly. | |||
2009-03-18 | minor fix | Daniel Stenberg | |
2009-03-15 | If CURL_DISABLE_PROXY is defined, we must allow socks_sspi.c to call | Gisle Vanem | |
Curl_blockread_all(). It is needed in code inside USE_WINDOWS_SSPI. | |||
2009-03-13 | we use libssh2_version() now if available | Daniel Stenberg | |
2009-03-13 | - Use libssh2_version() to present the libssh2 version in case the libssh2 | Daniel Stenberg | |
library is found to support it. | |||
2009-03-12 | Fix TELNET transfers not being aborted upon write callback failures | Yang Tse | |
2009-03-12 | Add Curl_read() return code checking | Yang Tse | |
2009-03-11 | Oops, make the memory magic debug stuff done before global init too just to | Daniel Stenberg | |
catch them all. The memory debug stuff is not in the public API anyway. | |||
2009-03-11 | - Kamil Dudka made the curl tool properly call curl_global_init() before any | Daniel Stenberg | |
other libcurl function. | |||
2009-03-11 | update the embedded copyright year | Daniel Stenberg | |
2009-03-11 | s/u_long/unsigned long/ | Yang Tse | |
2009-03-11 | fix previous commit misplaced break statement | Yang Tse | |
2009-03-11 | Added TELNET timeout support for Windows builds | Yang Tse | |
2009-03-10 | Moved 7.19.2 and older entries from CHANGES to CHANGES.0 (the latter is not | Daniel Stenberg | |
shipped in release archives but is only in CVS) | |||
2009-03-09 | - Frank Hempel found out a bug and provided the fix: | Daniel Stenberg | |
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE option. It only enabled the cookie engine in the destination handle if data->cookies is not NULL (where data is the source handle). In case of a newly initialized handle which just had the cookie support enabled by a curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was still NULL because the setopt-call only appends the value to data->change.cookielist, hence duplicating this handle would not have the cookie engine switched on. We also concluded that the slist-functionality would be suitable for being put in its own module rather than simply hanging out in lib/sendf.c so I created lib/slist.[ch] for them. | |||
2009-03-09 | - Andreas Farber made the 'buildconf' script check for the presence of m4 | Daniel Stenberg | |
scripts to make it detect a bad checkout earlier. People with older checkouts who don't do cvs update with the -d option won't get the new dirs and then will get funny outputs that can be a bit hard to understand and fix. | |||
2009-03-09 | Avoid a compile warning in --disable-proxy case | Dan Fandrich | |
2009-03-08 | - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the | Daniel Stenberg | |
allocation of the memory BIO was not being properly checked. | |||
2009-03-08 | - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places | Daniel Stenberg | |
in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and other values indicate error conditions. | |||
2009-03-08 | Andre Guibert de Bruet fixed a typo in the error message | Daniel Stenberg | |
2009-03-08 | - Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that | Daniel Stenberg | |
curl didn't use sprintf() in a way that is documented to work in POSIX but since we use our own printf() code (from libcurl) that shouldn't be a problem. Nonetheless I modified the code to not rely on such particular features and to not cause further raised eyebrowse with no good reason. | |||
2009-03-05 | Expanded the security section of the libcurl-tutorial man page to cover | Dan Fandrich | |
more issues for authors to consider when writing robust libcurl-using applications. | |||
2009-03-05 | Fix NTLM authentication memory leak on SSPI enabled Windows builds | Yang Tse | |
2009-03-04 | Fixed a problem with m4 quoting in the OpenSSL configure check reported | Dan Fandrich | |
by Daniel Johnson. | |||
2009-03-03 | Added test 1097 to verify the bug Axel Kuhn epidox posted on March 3 2009 | Daniel Stenberg | |
on curl-users, it is also added to DISABLED since I don't have time to work on it further right now. | |||
2009-03-03 | - David James brought a patch that make libcurl close (all) dead connections | Daniel Stenberg | |
whenever you attempt to open a new connection. | |||
2009-03-03 | 15 additional contributor from the 7.19.4 RELEASE-NOTES | Daniel Stenberg | |
2009-03-03 | Gah! We can't have 'curl' added here since even though it removes the curl | Daniel Stenberg | |
binary it also removes the include/curl subdir! | |||
2009-03-03 | Options CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS, and associated ↵ | Patrick Monnerat | |
definitions added to RPG binding | |||
2009-03-02 | start over on the journey towards 7.19.5 | Daniel Stenberg | |
2009-03-02 | - David Kierznowski notified us about a security flaw | Daniel Stenberg | |
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in which previous libcurl versions (by design) can be tricked to access an arbitrary local/different file instead of a remote one when CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release together this the addition of two new setopt options for controlling this new behavior: o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option excludes the FILE and SCP protocols and thus you nee to explicitly allow them in your app if you really want that behavior. o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch using the primary URL option. This is useful if you want to allow a user or other outsiders control what URL to pass to libcurl and yet not allow all protocols libcurl may have been built to support. | |||
2009-03-02 | 7.19.4 won't get anything else | Daniel Stenberg | |
2009-03-02 | the Eiffel binding | Daniel Stenberg | |
2009-03-01 | nothing more left for 7.19.4, the issue #216 is moved to 7.19.5 since we're | Daniel Stenberg | |
too close to release now | |||
2009-02-28 | for portability reasons: s/inet_pton/Curl_inet_pton/ | Yang Tse | |
2009-02-28 | fix compiler warning | Yang Tse | |
2009-02-27 | mention the '-o -' trick | Daniel Stenberg | |
2009-02-27 | 217 - Dan Fandrich's "GnuTLS initialization thread safety" | Daniel Stenberg | |
218 - Senthil Raja Velu's "CURLOPT_LOCALPORT option broken", patch by Markus Koetter Both are now committed | |||
2009-02-27 | - Senthil Raja Velu reported a problem when CURLOPT_INTERFACE and | Daniel Stenberg | |
CURLOPT_LOCALPORT were used together (the local port bind failed), and Markus Koetter provided the fix! | |||
2009-02-27 | Indentation fixes, untabify and related whitespace-cleanup. No code changed. | Daniel Stenberg | |
2009-02-25 | corrected and clarified the top comment | Daniel Stenberg | |
2009-02-25 | - As Daniel Fandrich figured out, we must do the GnuTLS initing in the | Daniel Stenberg | |
curl_global_init() function to properly maintain the performing functions thread-safe. We've previously (28 April 2007) moved the init to a later time just to avoid it to fail very early when libgcrypt dislikes the situation, but that move was bad and the fix should rather be in libgcrypt or elsewhere. | |||
2009-02-24 | improved | Daniel Stenberg | |