aboutsummaryrefslogtreecommitdiff
path: root/CHANGES
AgeCommit message (Collapse)Author
2005-12-067.15.1 with the now to be announced security flaw fixedDaniel Stenberg
2005-12-01Jamie Newton pointed out that libcurl's file:// code would close() a zeroDaniel Stenberg
file descriptor if given a non-existing file.
2005-11-24Doug Kaufman's set of patches to make curl build fine on DJGPP again usingDaniel Stenberg
configure.
2005-11-17I extended a patch from David Shaw to make libcurl _always_ provide an errorDaniel Stenberg
string in the given error buffer to address the flaw mention on 21 sep 2005.
2005-11-16Applied Albert Chin's patch that makes the libcurl.pc pkgconfig file getDaniel Stenberg
installed on 'make install' time.
2005-11-14Quagmire reported that he needed to raise a NTLM buffer for SSPI to workDaniel Stenberg
properly for a case, and so we did. We raised it even for non-SSPI builds but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
2005-11-14Jan Kunder's debian bug reportDaniel Stenberg
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338680 identified a weird error message for when you try to upload a file and the requested directory doesn't exist on the target server.
2005-11-13Debian bug report 338681 by Jan Kunder: make curl better detect and report badDaniel Stenberg
limit-rate units: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338681 Now curl will return error if a bad unit is used.
2005-11-13Thanks to this nice summary of poll() implementations:Daniel Stenberg
http://www.greenend.org.uk/rjk/2001/06/poll.html and further tests by Eugene Kotlyarov, we now know that cygwin's poll returns only POLLHUP on remote connection closure so we check for that case (too) and re-enable poll for cygwin builds.
2005-11-12Eugene Kotlyarov found out that cygwin's poll() function isn't doing thingsDaniel Stenberg
right: http://curl.haxx.se/mail/archive-2005-11/0045.html so we now disable poll() and use select() on cygwin too (we already do the same choice on Mac OS X)
2005-11-11Dima Barsky patched problem #1348930: the GnuTLS code completely ignoredDaniel Stenberg
client certificates! (http://curl.haxx.se/bug/view.cgi?id=1348930).
2005-11-10David Lang fixed IPv6 support for TFTP!Daniel Stenberg
2005-11-10Introducing range stepping to the curl globbing support. Now you can specifyDaniel Stenberg
step counter by adding :[num] within the brackets when specifying a range.
2005-11-08Removed the use of AI_CANONNAME in the IPv6-enabled resolver functions sinceDaniel Stenberg
we really have no use for reverse lookups of the address. I truly hope these are the last reverse lookups we had lingering in the code!
2005-11-08Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabledDaniel Stenberg
version of libcurl with different Windows versions. Current version of libcurl imports SSPI functions from secur32.dll. However, under Windows NT 4.0 these functions are located in security.dll, under Windows 9x - in secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll just forwards calls to secur32.dll). Dmitry's patch loads proper library dynamically depending on Windows version. Function InitSecurityInterface() is used to obtain pointers to all of SSPI function in one structure. : ----------------------------------------------------------------------
2005-10-31Vilmos Nebehaj improved libcurl's LDAP abilities:Daniel Stenberg
The LDAP code in libcurl can't handle LDAP servers of LDAPv3 nor binary attributes in LDAP objects. So, I made a quick patch to address these problems. The solution is simple: if we connect to an LDAP server, first try LDAPv3 (which is the preferred protocol as of now) and then fall back to LDAPv2. In case of binary attributes, we first convert them to base64, just like the openldap client does. It uses ldap_get_values_len() instead of ldap_get_values() to be able to retrieve binary attributes correctly. I defined the necessary LDAP macros in lib/ldap.c to be able to compile libcurl without the presence of libldap
2005-10-27Nis Jorgensen filed bug report #1338648Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1338648) which really is more of a feature request, but anyway. It pointed out that --max-redirs did not allow it to be set to 0, which then would return an error code on the first Location: found. Based on Nis' patch, now libcurl supports CURLOPT_MAXREDIRS set to 0, or -1 for infinity. Added test case 274 to verify.
2005-10-27tommink[at]post.pl reported in bug report #1337723Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1337723) that curl could not upload binary data from stdin on Windows if the data contained control-Z (hex 1a) since that is treated as end-of-file when read in text mode. Gisle Vanem pointed out the fix, and I made both -T and --data-binary take advantage of it.
2005-10-27Jaz Fresh pointed out that if you used "-r [number]" as was wrongly describedDaniel Stenberg
in the man page, curl would send an invalid HTTP Range: header. The correct way would be to use "-r [number]-" or even "-r -[number]". Starting now, curl will warn if this is discovered, and automatically append a dash to the range before passing it to libcurl.
2005-10-25multi IP socket description leak with multi interfaceDaniel Stenberg
2005-10-22 Dima Barsky reported a problem with GnuTLS-enabled libcurl in bug reportDaniel Stenberg
#1334338 (http://curl.haxx.se/bug/view.cgi?id=1334338). When reading an SSL stream from a server and the server requests a "rehandshake", the current code simply returns this as an error. I have no good way to test this, but I've added a crude attempt of dealing with this situation slightly better - it makes a blocking handshake if this happens. Done like this because fixing this the "proper" way (that would handshake asynchronously) will require quite some work and I really need a good way to test this to do such a change.
2005-10-21"Ofer" reported a problem when libcurl re-used a connection and failed to doDaniel Stenberg
it, it could then accidentally actually crash. Presumably, this concerns FTP connections. http://curl.haxx.se/bug/view.cgi?id=1330310
2005-10-21Temprimus improved the MSVC makefile so that the static debug SSL libs areDaniel Stenberg
linked to the executable and not to the libcurld.lib http://curl.haxx.se/bug/view.cgi?id=1326676
2005-10-21Bradford Bruce made the windows resolver code properly returnDaniel Stenberg
CURLE_COULDNT_RESOLVE_PROXY and CURLE_COULDNT_RESOLVE_HOST on resolving errors (as documented).
2005-10-20Dave Dribin made libcurl understand and handle cases when the serverDaniel Stenberg
(wrongly) sends *two* WWW-Authenticate headers for Digest. While this should never happen in a sane world, libcurl previously got into an infinite loop when this occurred. Dave added test 273 to verify this.
2005-10-20Temprimus improved the MSVC makefile: "makes a build option available so ifDaniel Stenberg
you set rtlibcfg=static for the make, then it would build with /MT. The default behaviour is /MD (the original)." http://curl.haxx.se/bug/view.cgi?id=1326665
2005-10-14Reverted the LIBCURL_VERSION_NUM change from October 6. As Dave DribinDaniel Stenberg
reported, the define is used by the configure script and is assumed to use the 0xYYXXZZ format. This made "curl-config --vernum" fail in the 7.15.0 release version.
2005-10-137.15.0 timeDaniel Stenberg
2005-10-05mention the recent fixesDaniel Stenberg
2005-10-04Michael Wallner reported that the date parser had wrong offset stored forDaniel Stenberg
the MEST and CEST time zones.
2005-09-27David Yan brought the Content-Range reportDaniel Stenberg
2005-09-27An anonymous submitter filed bug #1299181Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1299181) that identified a silly problem with Content-Range: headers with the 'bytes' keyword written in a different case than all lowercase! It would cause a segfault!
2005-09-27TJ Saunders of the proftpd project identified and pointed out problems withDaniel Stenberg
the modified FTPS negotiation change of August 19 2005. Thus, we revert the change back to pre-7.14.1 status.
2005-09-21three debian bug reports addressedDaniel Stenberg
2005-09-19Dmitry Bartsevich made the SSPI support work on Windows 9x as wellDaniel Stenberg
2005-09-16recent changesDaniel Stenberg
2005-09-16added URLs to bug reportsDaniel Stenberg
2005-09-06Now curl warns if an unknown variable is used in the -w/--writeout argument.Daniel Stenberg
2005-09-04mention the recent improvementsDaniel Stenberg
2005-09-02John Kelly added TFTP support to libcurl. A bunch of new error codes wasDaniel Stenberg
added. TODO: add them to docs. add TFTP server to test suite. add TFTP to list of protocols whereever those are mentioned.
2005-09-017.14.1 coming right upDaniel Stenberg
2005-08-29Kevin Lussier pointed out a problem with curllib.dspDaniel Stenberg
2005-08-29Igor Polyakov fixed a rather nasty problem with the threaded name resolverDaniel Stenberg
for Windows, that could lead to an Access Violation when the multi interface was used due to an issue with how the resolver thread was and was not terminated.
2005-08-29Simon Josefson brought GNU GSS supportDaniel Stenberg
2005-08-24Toby Peterson added CURLOPT_IGNORE_CONTENT_LENGTH to the library, accessibleDaniel Stenberg
from the command line tool with --ignore-content-length. This will make it easier to download files from Apache 1.x (and similar) servers that are still having problems serving files larger than 2 or 4 GB. When this option is enabled, curl will simply have to wait for the server to close the connection to signal end of transfer. I wrote test case 269 that runs a simple test that this works.
2005-08-24valgrind version 3 renames the --logfile command line option to --log-file...Daniel Stenberg
2005-08-24Fixed CA cert verification using GnuTLS with the default bundle, whichDaniel Stenberg
previously failed due to GnuTLS not allowing x509 v1 CA certs by default.
2005-08-19Norbert Novotny had problems with FTPS and he helped me work out a patchDaniel Stenberg
that made curl run fine in his end. The key was to make sure we do the SSL/TLS negotiation immediately after the TCP connect is done and not after a few other commands have been sent like we did previously. I don't consider this change necessary to obey the standards, I think this server is pickier than what the specs allow it to be, but I can't see how this modified libcurl code can add any problems to those who are interpreting the standards more liberally.
2005-08-17- Jeff Pohlmeyer found out that if you ask libcurl to load a cookiefile (withDaniel Stenberg
CURLOPT_COOKIEFILE), add a cookie (with CURLOPT_COOKIELIST), tell it to write the result to a given cookie jar and then never actually call curl_easy_perform() - the given file(s) to read was never read but the output file was written and thus it caused a "funny" result. - While doing some tests for the bug above, I noticed that Firefox generates large numbers (for the expire time) in the cookies.txt file and libcurl didn't treat them properly. Now it does.
2005-08-15recent changesDaniel Stenberg