aboutsummaryrefslogtreecommitdiff
path: root/CHANGES
AgeCommit message (Collapse)Author
2007-10-03Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION andDaniel Stenberg
CURLOPT_OPENSOCKETDATA to set a callback that allows an application to replace the socket() call used by libcurl. It basically allows the app to change address, protocol or whatever of the socket. (I also did some whitespace indent/cleanups in lib/url.c which kind of hides some of these changes, sorry for mixing those in.)
2007-10-03I renamed the CURLE_SSL_PEER_CERTIFICATE error code toDaniel Stenberg
CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made this return code get used by the previous SSH MD5 fingerprint check in case it fails.
2007-10-03Based on a patch brought by Johnny Luong, libcurl now offersDaniel Stenberg
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make the SCP or SFTP connection verify the remote host's md5 checksum of the public key before doing a connect, to reduce the risk of a man-in-the-middle attack.
2007-10-02known bug #46: chunked-encoded CONNECT responses from a http proxy now works.Daniel Stenberg
Added test case 1008 to verify. Note that #47 is still there.
2007-09-30Alex Fishman reported a curl_easy_escape() problem that was made theDaniel Stenberg
function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a signed / unsigned mistake in the code. I fixed it and added test case 543 to verify.
2007-09-29Immanuel Gregoire fixed a problem with persistent transfers over SFTP - theDaniel Stenberg
previous proto struct was kept.
2007-09-28Adapted the c-ares code to the API change c-ares 1.5.0 brings in theDaniel Stenberg
notifier callback(s).
2007-09-27Enabled a few more gcc warnings with --enable-debug. Renamed a fewDan Fandrich
variables to avoid shadowing global declarations.
2007-09-26Philip Langdale provided the new CURLOPT_POST301 option forDaniel Stenberg
curl_easy_setopt() that alters how libcurl functions when following redirects. It makes libcurl obey the RFC2616 when a 301 response is received after a non-GET request is made. Default libcurl behaviour is to change method to GET in the subsequent request (like it does for response code 302 - because that's what many/most browsers do), but with this CURLOPT_POST301 option enabled it will do what the spec says and do the next request using the same method again. I.e keep POST after 301. The curl tool got this option as --post301 Test case 1011 and 1012 were added to verify.
2007-09-26Max Katsev reported that when doing a libcurl FTP request withDaniel Stenberg
CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE before it does SIZE which makes it less useful. I walked over the code and made it do this properly, and added test case 542 to verify it.
2007-09-24Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handleDaniel Stenberg
URLs ending with a slash properly (it should list the contents of that directory). Test case 351 brought back and also test 1010 was added.
2007-09-21Mark Davies fixed Negotiate authentication over proxy, and also introducedDaniel Stenberg
the --proxy-negotiate command line option to allow a user to explicitly select it.
2007-09-20Immanuel Gregoire is the manDaniel Stenberg
2007-09-18Rob Crittenden provided an NSS update with the following highlights:Daniel Stenberg
o It looks for the NSS database first in the environment variable SSL_DIR, then in /etc/pki/nssdb, then it initializes with no database if neither of those exist. o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be loaded, including the ca-bundle. If it is not available then only certificates already in the NSS database are used. o Tries to detect whether a file or nickname is being passed in so the right thing is done o Added a bit of code to make the output more like the OpenSSL module, including displaying the certificate information when connecting in verbose mode o Improved handling of certificate errors (expired, untrusted, etc) The libnsspem.so PKCS#11 module is currently only available in Fedora 8/rawhide. Work will be done soon to upstream it. The NSS module will work with or without it, all that changes is the source of the certificates and keys.
2007-09-18Immanuel pointed out that public key SSH auth failed if no public/privateDaniel Stenberg
key was specified and there was no HOME environment variable, and then it didn't continue to try the other auth methods. Now it will instead try to get the files id_dsa.pub and id_dsa from the current directory if none of the two conditions were met.
2007-09-17Changed some FTP tests to validate the format of the PORT and EPRT commandsDan Fandrich
sent by curl, if not the addresses themselves.
2007-09-15Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTPDaniel Stenberg
proxies for FTP urls.
2007-09-14Added LDAPS, SCP and SFTP to curl-config --protocols. Removed andDan Fandrich
fixed some AC_SUBST configure entries.
2007-09-13Version 7.17.0 (13 September 2007)Daniel Stenberg
2007-09-11Daniel S (12 September 2007)Daniel Stenberg
- Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed out a problem with doing an empty upload over FTP on a re-used connection. I added test case 541 to reproduce it and to verify the fix. - I noticed while writing test 541 that the FTP code wrongly did a CWD on the second transfer as it didn't store and remember the "" path from the previous transfer so it would instead CWD to the entry path as stored. This worked, but did a superfluous command. Thus, test case 541 now also verifies this fix.
2007-09-07TFTP now reports the "not defined" TFTP error code 0 as an error,Dan Fandrich
not success.
2007-09-07Added test case 1007 to test permission problem when uploading with TFTPDan Fandrich
(to validate bug #1790403).
2007-09-05Curl_GetFTPResponse() now checks and properly deals with the fact that theDaniel Stenberg
underlying ftp_readresp() function has a separate "cache" where there might in fact be leftover data...
2007-09-05Minix doesn't support getsockopt on UDP sockets or send/recv on TCPDan Fandrich
sockets.
2007-08-31Renamed the CURLE_FTP_SSL_FAILED error code to CURLE_USE_SSL_FAILED.Dan Fandrich
Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants, creating macros for backward compatibility.
2007-08-31Made some of the error strings returned by the *strerror functions moreDan Fandrich
generic, and more consistent with each other.
2007-08-30Added more accurate error code returns from SFTP operations. Added testDan Fandrich
case 615 to test an SFTP upload failure.
2007-08-30Renamed several libcurl error codes and options to make them more generalDan Fandrich
and allow reuse by multiple protocols. Several unused error codes were removed. In all cases, macros were added to preserve source (and binary) compatibility with the old names. These macros are subject to removal at a future date, but probably not before 2009. An application can be tested to see if it is using any obsolete code by compiling it with the CURL_NO_OLDIES macro defined. Documented some newer error codes in libcurl-error(3)
2007-08-24Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointedDaniel Stenberg
out that libcurl didn't deal with large responses from server commands, when the single response was consisting of multiple lines but of a total size of 16KB or more. Dan Fandrich improved the ftp test script and provided test case 1006 to repeat the problem, and I fixed the code to make sure this new test case runs fine.
2007-08-23Porting library to OS/400Patrick Monnerat
2007-08-22Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointedDaniel Stenberg
out that doing first a file:// upload and then an FTP upload crashed libcurl or at best caused furious valgrind complaints. Fixed now by making sure we free and clear the file-specific struct properly when done with it.
2007-08-22Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointedDaniel Stenberg
out that libcurl didn't deal with very long (>16K) FTP server response lines properly. Starting now, libcurl will chop them off (thus the client app will not get the full line) but survive and deal with them fine otherwise. Test case 1003 was added to verify this.
2007-08-20Based on a patch by Christian Vogt, the FTP code now sets the upcomingDaniel Stenberg
download transfer size much earlier to be possible to get read with CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible.
2007-08-17- Robson Braga Araujo filed bug report #1776232Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling Curl_client_write(), passing on a const string that the caller may not modify and yet it does (on some platforms).
2007-08-17Robson Braga Araujo filed bug report #1776235Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY on a directory would do a "SIZE (null)" request. This is now fixed and test case 1000 was added to verify.
2007-08-17Song Ma provided a patch that cures a problem libcurl has when doing resumeDaniel Stenberg
HTTP PUT using Digest authentication. Test case 5320 and 5322 were also added to verify the functionality.
2007-08-14Andrew Wansink provided an NTLM bugfix: in the case the server sets the flagDaniel Stenberg
NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't unicode encode the strings it packs into the NTLM authenticate packet.
2007-08-11Allen Pulsifer provided a patch that makes libcurl set the expected downloadDaniel Stenberg
size earlier when doing HTTP downloads, so that applications and the progress meter etc know get the info earlier in the flow than before.
2007-08-11Patrick Monnerat modified the LDAP code and approach in curl. Starting now,Daniel Stenberg
the configure script checks for openldap and friends and we link with those libs just like we link all other third party libraries, and we no longer dlopen() those libraries. Our private header file lib/ldap.h was renamed to lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix) just before this commit, just in case.
2007-08-08Song Ma noted a zlib memory leak in the illegal compressed headerDan Fandrich
countermeasures code path.
2007-08-04Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work onDaniel Stenberg
non-ASCII systems.
2007-08-02Scott Cantor filed bug report #1766320Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be passed in as longs, and that makes a difference on 64 bit architectures.
2007-08-02Dmitriy Sergeyev reported a regression: resumed file:// transfers brokeDaniel Stenberg
after 7.16.2. This is much due to the different treatment file:// gets internally, but now I added test 231 to make it less likely to happen again without us noticing!
2007-08-01Patrick Monnerat and I modified libcurl so that now it *copies* all stringsDaniel Stenberg
passed to it with curl_easy_setopt()! Previously it has always just refered to the data, forcing the user to keep the data around until libcurl is done with it. That is now history and libcurl will instead clone the given strings and keep private copies.
2007-08-01Greg Morse reported a problem with POSTing using ANYAUTH to a server requiringDaniel Stenberg
NTLM, and he provided test code and a test server and we worked out a bug fix. We failed to count sent body data at times, which then caused internal confusions when libcurl tried to send the rest of the data in order to maintain the same connection alive. (and then I did some minor reformatting of code in lib/http.c)
2007-07-30Peter O'Gorman pointed out (and fixed) that the non-blocking check inDaniel Stenberg
configure made libcurl use blocking sockets on AIX 4 and 5, while that wasn't the intention.
2007-07-30give credit to Greg ZavertnikDaniel Stenberg
2007-07-29Bug report #1759542 (http://curl.haxx.se/bug/view.cgi?id=1759542). A bad useDaniel Stenberg
of a socket after it has been closed, when the FTP-SSL data connection is taken down.
2007-07-23Implemented the parts of Patrick Monnerat's OS/400 patch that introducesDaniel Stenberg
support for the OS/400 Secure Sockets Layer library
2007-07-23Implemented only the parts of Patrick Monnerat's OS/400 patch that renamedDan Fandrich
some few internal identifiers to avoid conflicts, which could be useful on other platforms.