aboutsummaryrefslogtreecommitdiff
path: root/CHANGES
AgeCommit message (Collapse)Author
2006-02-23Lots of work and analysis by "xbx___" in bug #1431750Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two different but related bugs: 1) Removing an easy handle from a multi handle before the transfer is done could leave a connection in the connection cache for that handle that is in a state that isn't suitable for re-use. A subsequent re-use could then read from a NULL pointer and segfault. 2) When an easy handle was removed from the multi handle, there could be an outstanding c-ares DNS name resolve request. When the response arrived, it caused havoc since the connection struct it "belonged" to could've been freed already. Now Curl_done() is called when an easy handle is removed from a multi handle pre-maturely (that is, before the transfer was complteted). Curl_done() also makes sure to cancel all (if any) outstanding c-ares requests.
2006-02-21Peter Su added support for SOCKS4 proxies. Enable this by setting the proxyDaniel Stenberg
type to the already provided type CURLPROXY_SOCKS4. I added a --socks4 option that works like the current --socks5 option but instead use the socks4 protocol.
2006-02-19Shmulik Regev fixed an issue with multi-pass authentication and compressedDaniel Stenberg
content when libcurl didn't honor the internal ignorebody flag.
2006-02-18Ulf Härnhammar fixed a format string (printf style) problem in the NegotiateDaniel Stenberg
code. It should however not be the cause of any troubles. He also fixed a few similar problems in the HTTP test server code.
2006-02-16Shmulik Regev provided a fix for the DNS cache when using short life times,Daniel Stenberg
as previously it could be holding on to old cached entries longer than requested.
2006-02-11Karl M added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options thatDaniel Stenberg
an app can use to let libcurl only connect to a remote host and then extract the socket from libcurl. libcurl will then not attempt to do any transfer at all after the connect is done.
2006-02-11Kent Boortz improved the configure check for GnuTLS to properly set LIBSDaniel Stenberg
instead of LDFLAGS.
2006-02-07Philippe Vaucher provided a brilliant piece of test code that show a problemDaniel Stenberg
with re-used FTP connections. If the second request on the same connection was set not to fetch a "body", libcurl could get confused and consider it an attempt to use a dead connection and would go acting mighty strange.
2006-02-01fixed --limit-rateDaniel Stenberg
2006-01-30Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with theDaniel Stenberg
curl tool with --local-port. Plain and simply set the range of ports to bind the local end of connections to. Implemented on to popular demand. Not extensively tested. Please let me know how it works.
2006-01-30Based on an error report by Philippe Vaucher, we no longer count a retriedDaniel Stenberg
connection setup as a follow-redirect. It turns out 1) this fails when a FTP connection is re-setup and 2) it does make the max-redirs counter behave wrong. This fix was not verified since the reporter vanished, but I believe this is the right fix nonetheless.
2006-01-24Michal Marek provided a patch for FTP that makes libcurl continue to try PASVDaniel Stenberg
even after EPSV returned a positive response code, if libcurl failed to connect to the port number the EPSV response said. Obviously some people are going through protocol-sensitive firewalls (or similar) that don't understand EPSV and then they don't allow the second connection unless PASV was used. This also called for a minor fix of test case 238.
2006-01-19Duane Cathey was one of our friends who reported that curl -P [IP]Daniel Stenberg
(CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a "native" IP while it works fine for ipv6-disabled builds! In the process of fixing this, I removed the support for LPRT since I can't think of many reasons to keep doing it and asking on the mailing list didn't reveal anyone else that could either. The code that sends EPRT and PORT is now also a lot simpler than before (IMHO).
2006-01-19Jon Turner pointed out that doing -P [hostname] with curl (built ipv4-only)Daniel Stenberg
didn't work.
2006-01-18reality syncDaniel Stenberg
2006-01-18configure no longer warns on "missing" if the current path contains a spaceDaniel Stenberg
2006-01-16David Shaw finally removed all traces of Gopher and we are now officiallyDaniel Stenberg
not supporting it. It hasn't been functioning for years anyway, so this is just finally stating what already was true. And a cleanup at the same time.
2006-01-15Bryan Henderson turned the 'initialized' variable for curl_global_init()Daniel Stenberg
into a counter, and thus you can now do multiple curl_global_init() and you are then supposed to do the same amount of calls to curl_global_cleanup(). Bryan also updated the docs accordingly.
2006-01-13Andrew Benham fixed a race condition in the test suite that could cause theDaniel Stenberg
test script to kill all processes in the current process group!
2006-01-12Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thruDaniel Stenberg
HTTP proxy.
2006-01-12Michael Jahn fixed ftp over CONNECTDaniel Stenberg
2006-01-10mention the "secret" option as I've got no feedback and it is actually presentDaniel Stenberg
in 7.15.1
2006-01-10When using a bad path over FTP, as in when libcurl couldn't CWD into allDaniel Stenberg
given subdirs, libcurl would still "remember" the full path as if it is the current directory libcurl is in so that the next curl_easy_perform() would get really confused if it tried the same path again - as it would not issue any CWD commands at all, assuming it is already in the "proper" dir. Starting now, a failed CWD command sets a flag that prevents the path to be "remembered" after returning.
2006-01-07Mike Jean fixed so that the second CONNECT when doing FTP over a HTTP proxyDaniel Stenberg
actually used a new connection and not sent the second request on the first socket!
2006-01-06buildconf fixesDaniel Stenberg
2006-01-04Andres Garcia made the TFTP test server build with mingw.Daniel Stenberg
2005-12-16Jean Jacques Drouin pointed out that you could only have a user name orDaniel Stenberg
password of 127 bytes or less embedded in a URL, where actually the code uses a 255 byte buffer for it! Modified now to use the full buffer size.
2005-12-067.15.1 with the now to be announced security flaw fixedDaniel Stenberg
2005-12-01Jamie Newton pointed out that libcurl's file:// code would close() a zeroDaniel Stenberg
file descriptor if given a non-existing file.
2005-11-24Doug Kaufman's set of patches to make curl build fine on DJGPP again usingDaniel Stenberg
configure.
2005-11-17I extended a patch from David Shaw to make libcurl _always_ provide an errorDaniel Stenberg
string in the given error buffer to address the flaw mention on 21 sep 2005.
2005-11-16Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file getDaniel Stenberg
installed on 'make install' time.
2005-11-14Quagmire reported that he needed to raise a NTLM buffer for SSPI to workDaniel Stenberg
properly for a case, and so we did. We raised it even for non-SSPI builds but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
2005-11-14Jan Kunder's debian bug reportDaniel Stenberg
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird error message for when you try to upload a file and the requested directory doesn't exist on the target server.
2005-11-13Debian bug report 338681 by Jan Kunder: make curl better detect and report badDaniel Stenberg
limit-rate units: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return error if a bad unit is used.
2005-11-13Thanks to this nice summary of poll() implementations:Daniel Stenberg
http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote connection closure so we check for that case (too) and re-enable poll for cygwin builds.
2005-11-12Eugene Kotlyarov found out that cygwin's poll() function isn't doing thingsDaniel Stenberg
right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable poll() and use select() on cygwin too (we already do the same choice on Mac OS X)
2005-11-11Dima Barsky patched problem #1348930: the GnuTLS code completely ignoredDaniel Stenberg
client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
2005-11-10David Lang fixed IPv6 support for TFTP!Daniel Stenberg
2005-11-10Introducing range stepping to the curl globbing support. Now you can specifyDaniel Stenberg
step counter by adding :[num] within the brackets when specifying a range.
2005-11-08Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions sinceDaniel Stenberg
we really have no use for reverse lookups of the address. I truly hope these are the last reverse lookups we had lingering in the code!
2005-11-08Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabledDaniel Stenberg
version of libcurl with different Windows versions. Current version of libcurl imports SSPI functions from secur32.dll. However, under Windows NT 4.0 these functions are located in security.dll, under Windows 9x - in secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll just forwards calls to secur32.dll). Dmitry's patch loads proper library dynamically depending on Windows version. Function InitSecurityInterface() is used to obtain pointers to all of SSPI function in one structure. : ----------------------------------------------------------------------
2005-10-31Vilmos Nebehaj improved libcurl's LDAP abilities:Daniel Stenberg
The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-27Nis Jorgensen filed bug report #1338648Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a feature request, but anyway. It pointed out that --max-redirs did not allow it to be set to 0, which then would return an error code on the first Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS set to 0, or -1 for infinity. Added test case 274 to verify.
2005-10-27tommink[at]post.pl reported in bug report #1337723Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload binary data from stdin on Windows if the data contained control-Z (hex 1a) since that is treated as end-of-file when read in text mode. Gisle Vanem pointed out the fix, and I made both -T and --data-binary take advantage of it.
2005-10-27Jaz Fresh pointed out that if you used "-r [number]" as was wrongly describedDaniel Stenberg
in the man page, curl would send an invalid HTTP Range: header. The correct way would be to use "-r [number]-" or even "-r -[number]". Starting now, curl will warn if this is discovered, and automatically append a dash to the range before passing it to libcurl.
2005-10-25multi IP socket description leak with multi interfaceDaniel Stenberg
2005-10-22 Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug reportDaniel Stenberg
#1334338 (http://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL stream from a server and the server requests a "rehandshake", the current code simply returns this as an error. I have no good way to test this, but I've added a crude attempt of dealing with this situation slightly better - it makes a blocking handshake if this happens. Done like this because fixing this the "proper" way (that would handshake asynchronously) will require quite some work and I really need a good way to test this to do such a change.
2005-10-21"Ofer" reported a problem when libcurl re-used a connection and failed to doDaniel Stenberg
it, it could then accidentally actually crash. Presumably, this concerns FTP connections. http://curl.haxx.se/bug/view.cgi?id=1330310
2005-10-21Temprimus improved the MSVC makefile so that the static debug SSL libs areDaniel Stenberg
linked to the executable and not to the libcurld.lib http://curl.haxx.se/bug/view.cgi?id=1326676