aboutsummaryrefslogtreecommitdiff
path: root/CHANGES
AgeCommit message (Collapse)Author
2009-02-12Added support for Digest and NTLM authentication using GnuTLS.Dan Fandrich
2009-02-12credit Jocelyn Jaubert for his bug report and associated workDaniel Stenberg
2009-02-11- CURLINFO_CONDITION_UNMET was added to allow an application to get to know ifDaniel Stenberg
the condition in the previous request was unmet. This is typically a time condition set with CURLOPT_TIMECONDITION and was previously not possible to reliably figure out. From bug report #2565128 (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-05Added an explicit buffer limit check in msdosify() (patch based on FreeBSD).Dan Fandrich
This couldn't ever overflow in curl, but might if the code were used elsewhere or under different conditions.
2009-02-04Don't add the standard /usr/lib or /usr/include paths to LDFLAGS and CPPFLAGSDan Fandrich
(respectively) when --with-ssl=/usr is used (patch based on FreeBSD).
2009-02-03- Hidemoto Nakada provided a small fix that makes it possible to get theDaniel Stenberg
CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with CURLOPT_NOBODY set true.
2009-02-02- Patrick Scott found a rather large memory leak when using the multiDaniel Stenberg
interface and setting CURLMOPT_MAXCONNECTS to something less than the number of handles you add to the multi handle. All the connections that didn't fit in the cache would not be properly disconnected nor freed!
2009-02-02- Craig A West brought us: libcurl now defaults to do CONNECT with HTTPDaniel Stenberg
version 1.1 instead of 1.0 like before. This change also introduces the new proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0 option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0. I updated all test cases cases that use CONNECT and I tried to do some using --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
2009-01-31- When building with c-ares 1.6.1 (not yet released) or later and IPv6 supportDaniel Stenberg
enabled, we can now take advantage of its brand new AF_UNSPEC support in ares_gethostbyname(). This makes test case 241 finally run fine for me wtih this setup since it now parses the "::1 ip6-localhost" line fine in my /etc/hosts file!
2009-01-31- Scott Cantor filed bug report #2550061Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2550061) mentioning that I failed to properly make sure that the VC9 makefiles got included in the latest release. I've now fixed the release script and verified it so next release will hopefully include them properly!
2009-01-30Fixed --disable-proxy for FTP and SOCKS. Thanks to Daniel Egger for reportingDan Fandrich
the problem.
2009-01-29Introduced curl_sspi.c and curl_sspi.h for the implementation of functionsYang Tse
Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c Also adjusted socks_sspi.c to remove the link-time dependency on the Windows SSPI library using it now in the same way as it was done in http_ntlm.c.
2009-01-28- Markus Moeller introduced two new options to libcurl:Daniel Stenberg
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl to do GSS-style authentication with SOCKS5 proxies. The curl tool got the options called --socks5-gssapi-service and --socks5-gssapi-nec to enable these.
2009-01-26- Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an appDaniel Stenberg
to set desired block size to use for TFTP transfers instead of the default 512 bytes.
2009-01-26- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag toDaniel Stenberg
disable "rfc4507bis session ticket support". rfc4507bis was later turned into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077 The enabled extension concerns the session management. I wonder how often libcurl stops a connection and then resumes a TLS session. also, sending the session data is some overhead. .I suggest that you just use your proposed patch (which explicitly disables TICKET). If someone writes an application with libcurl and openssl who wants to enable the feature, one can do this in the SSL callback. Sharad Gupta brought this to my attention. Peter Sylvester helped me decide on the proper action.
2009-01-26- Alexey Borzov filed bug report #2535504Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with quoted quotation marks in HTTP Digest headers didn't work. I've now added test case 1095 that verifies my fix.
2009-01-25- Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.Daniel Stenberg
They basically offer the same thing the NO_PROXY environment variable only offered previously: list a set of host names that shall not use the proxy even if one is specified.
2009-01-21Fixed a couple more locale-dependent toupper conversions, mainly forDan Fandrich
clarity. This does fix one problem that causes ;type=i FTP URLs to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is used (test case 561) Added tests 561 and 1092 through 1094 to test various combinations of ;type= and ;mode= URLs that could potentially fail in the Turkish locale.
2009-01-20- Lisa Xu pointed out that the ssh.obj file was missing from the ↵Daniel Stenberg
lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too).
2009-01-19time to releaseDaniel Stenberg
2009-01-16- Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, bothDaniel Stenberg
32 bit and 64 bit.
2009-01-15- Tim Ansell fixed a compiler warning in lib/cookie.cDaniel Stenberg
2009-01-13Grant Erickson fixed timeouts for TFTPDaniel Stenberg
2009-01-13- Michael Wallner fixed a NULL pointer deref when callingDaniel Stenberg
curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no cookies data.
2009-01-13- Stefan Teleman brought a patch to fix the default curlbuild.h file for theDaniel Stenberg
SunPro compilers.
2009-01-11- Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665)Daniel Stenberg
by Daniel Black, I've now added magic to the configure script that makes it use pkg-config to detect gnutls details as well if the existing method (using libgnutls-config) fails. While doing this, I cleaned up and unified the pkg-config usage when detecting openssl and nss as well.
2009-01-11credit Karl Moerder properlyDaniel Stenberg
2009-01-11- Karl M brought the patch that creates vc9 Makefiles, and I made 'maketgz'Daniel Stenberg
now use the actual makefile targets to do the VC8 and VC9 makefiles.
2009-01-10- Emil Romanus fixed:Daniel Stenberg
When using the multi interface over HTTP and the server returns a Location header, the running easy handle will get stuck in the CURLM_STATE_PERFORM state, leaving the external event loop stuck waiting for data from the ingoing socket (when using the curl_multi_socket_action stuff). While this bug was pretty hard to find, it seems to require only a one-line fix. The break statement on line 1374 in multi.c caused the function to skip the call to multistate(). How to reproduce this bug? Well, that's another question. evhiperfifo.c in the examples directory chokes on this bug only _sometimes_, probably depending on how fast the URLs are added. One way of testing the bug out is writing to hiper.fifo from more than one source at the same time.
2009-01-08Unified much of the SessionHandle initialization done in Curl_open() andDan Fandrich
curl_easy_reset() by creating Curl_init_userdefined(). This had the side effect of fixing curl_easy_reset() so it now also resets CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
2009-01-07- Rob Crittenden did once again provide an NSS update:Daniel Stenberg
I have to jump through a few hoops now with the NSS library initialization since another part of an application may have already initialized NSS by the time Curl gets invoked. This patch is more careful to only shutdown the NSS library if Curl did the initialization. It also adds in a bit of code to set the default ciphers if the app that call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific ciphers. One might argue that this lets other application developers get lazy and/or they aren't using the NSS API correctly, and you'd be right. But still, this will avoid terribly difficult-to-trace crashes and is generally helpful.
2009-01-01- 'reconf' is removed since we rather have users use 'buildconf'Daniel Stenberg
2008-12-31- Bas Mevissen reported http://curl.haxx.se/bug/view.cgi?id=2479030 pointingDaniel Stenberg
out that 'reconf' didn't properly point out the m4 subdirectory when running aclocal.
2008-12-29 - Phil Lisiecki filed bug report #2413067Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that would cause libcurl to mark a DNS cache entry "in use" eternally if the subsequence TCP connect failed. It would thus never get pruned and refreshed as it should've been.
2008-12-28- Peter Korsgaard fixed building libcurl with "configure --with-sslDaniel Stenberg
--disable-verbose".
2008-12-22- Given a recent enough libssh2, libcurl can now seek/resume with SFTP evenDaniel Stenberg
on file indexes beyond 2 or 4GB.
2008-12-22- Anthony Bryan provided a set of patches that cleaned up manual language,Daniel Stenberg
corrected spellings and more.
2008-12-20- Igor Novoseltsev fixed a bad situation for the multi_socket() API when doingDaniel Stenberg
pipelining, as libcurl could then easily get confused and A) work on the handle that was not "first in queue" on a pipeline, or even B) tell the app to REMOVE a socket while it was in use by a second handle in a pipeline. Both errors caused hanging or stalling applications.
2008-12-19- curl_multi_timeout() could return a timeout value of 0 even though nothingDaniel Stenberg
was actually ready to get done, as the internal time resolution is higher than the returned millisecond timer. Therefore it could cause applications running on fast processors to do short bursts of busy-loops. curl_multi_timeout() will now only return 0 if the timeout is actually alreay triggered.
2008-12-19- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurlDaniel Stenberg
now has an improved ability to do right when the multi interface (both "regular" and multi_socket) is used for SCP and SFTP transfers. This should result in (much) less busy-loop situations and thus less CPU usage with no speed loss.
2008-12-17- SCP and SFTP with the multi interface had the same flaw: the 'DONE'Daniel Stenberg
operation didn't complete properly if the EAGAIN equivalent was returned but libcurl would simply continue with a half-completed close operation performed. This ruined persistent connection re-use and cause some SSH-protocol errors in general. The correction is unfortunately adding a blocking function - doing it entirely non-blocking should be considered for a better fix.
2008-12-16Added the use of Watt-32 tcp/ip stack for Win32 targets.Gisle Vanem
2008-12-15- libssh2_sftp_last_error() was wrongly used at some places in libcurl whichDaniel Stenberg
made libcurl sometimes not properly abort problematic SFTP transfers.
2008-12-12- More work with Igor Novoseltsev to first fix the remaining stuff forDaniel Stenberg
removing easy handles from multi handles when the easy handle is/was within a HTTP pipeline. His bug report #2351653 (http://curl.haxx.se/bug/view.cgi?id=2351653) was also related and was eventually fixed by a patch by Igor himself.
2008-12-12credit Mark Karpeles for his report and workDaniel Stenberg
2008-12-12Patrick Monnerat fixed a build regression, introduced in 7.19.2, affectingYang Tse
OS/400 compilations with IPv6 enabled.
2008-12-11- Bug report #2416182 titled "crash in ConnectionExists when usingDaniel Stenberg
duphandle+curl_mutli" (http://curl.haxx.se/bug/view.cgi?id=2416182) showed that curl_easy_duphandle() wrongly also copied the pointer to the connection cache, which was plain wrong and caused a segfault if the handle would be used in a different multi handle than the handle it was duplicated from.
2008-12-11- Keshav Krity found out that libcurl failed to deal with dotted IPv6Daniel Stenberg
addresses if they were very long (>39 letters) due to a too strict address validity parser. It now accepts addresses up to 45 bytes long.
2008-12-10- Internet Explorer had a broken HTTP digest authentication before v7 andDaniel Stenberg
there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even comes with an option to work with such broken clients. The difference is only for URLs that contain a query-part (a '?'-letter and text to the right of it). libcurl now supports this quirk, and you enable it by setting the CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or CURLOPT_PROXYAUTH options. They are thus individually controlled to server and proxy.
2008-12-09Added test cases 1089 and 1090 to test --write-out after a redirect toDan Fandrich
test a report that the size didn't work, but these test cases pass.