aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
AgeCommit message (Collapse)Author
2009-01-28- Markus Moeller introduced two new options to libcurl:Daniel Stenberg
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl to do GSS-style authentication with SOCKS5 proxies. The curl tool got the options called --socks5-gssapi-service and --socks5-gssapi-nec to enable these.
2009-01-26- Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an appDaniel Stenberg
to set desired block size to use for TFTP transfers instead of the default 512 bytes.
2009-01-26wrap line at col 80Daniel Stenberg
2009-01-26- The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag toDaniel Stenberg
disable "rfc4507bis session ticket support". rfc4507bis was later turned into the proper RFC5077 it seems: http://tools.ietf.org/html/rfc5077 The enabled extension concerns the session management. I wonder how often libcurl stops a connection and then resumes a TLS session. also, sending the session data is some overhead. .I suggest that you just use your proposed patch (which explicitly disables TICKET). If someone writes an application with libcurl and openssl who wants to enable the feature, one can do this in the SSL callback. Sharad Gupta brought this to my attention. Peter Sylvester helped me decide on the proper action.
2009-01-26- Alexey Borzov filed bug report #2535504Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2535504) pointing out that realms with quoted quotation marks in HTTP Digest headers didn't work. I've now added test case 1095 that verifies my fix.
2009-01-25- Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.Daniel Stenberg
They basically offer the same thing the NO_PROXY environment variable only offered previously: list a set of host names that shall not use the proxy even if one is specified.
2009-01-21Fixed a couple more locale-dependent toupper conversions, mainly forDan Fandrich
clarity. This does fix one problem that causes ;type=i FTP URLs to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is used (test case 561) Added tests 561 and 1092 through 1094 to test various combinations of ;type= and ;mode= URLs that could potentially fail in the Turkish locale.
2009-01-20- Lisa Xu pointed out that the ssh.obj file was missing from the ↵Daniel Stenberg
lib/Makefile.vc6 file (and thus from the vc8 and vc9 ones too).
2009-01-19700 friendly contributors after the new ones in 7.19.3 were addedDaniel Stenberg
2009-01-19start over on our journey towards 7.19.4...Daniel Stenberg
2009-01-16- Andrew de los Reyes fixed curlbuild.h for "generic" gcc builds on PPC, bothDaniel Stenberg
32 bit and 64 bit.
2009-01-15- Tim Ansell fixed a compiler warning in lib/cookie.cDaniel Stenberg
2009-01-13Grant Erickson fixed timeouts for TFTPDaniel Stenberg
2009-01-13- Michael Wallner fixed a NULL pointer deref when callingDaniel Stenberg
curl_easy_setup(curl, CURLOPT_COOKIELIST, "SESS") on a CURL handle with no cookies data.
2009-01-13Stefan Teleman's curlbuild.h fix for SunPro compilersDaniel Stenberg
2009-01-11changed the wording to possibly make some senseDaniel Stenberg
2009-01-11- Based on bug report #2498665 (http://curl.haxx.se/bug/view.cgi?id=2498665)Daniel Stenberg
by Daniel Black, I've now added magic to the configure script that makes it use pkg-config to detect gnutls details as well if the existing method (using libgnutls-config) fails. While doing this, I cleaned up and unified the pkg-config usage when detecting openssl and nss as well.
2009-01-11credit Karl Moerder properlyDaniel Stenberg
2009-01-11- Karl M brought the patch that creates vc9 Makefiles, and I made 'maketgz'Daniel Stenberg
now use the actual makefile targets to do the VC8 and VC9 makefiles.
2009-01-10- Emil Romanus fixed:Daniel Stenberg
When using the multi interface over HTTP and the server returns a Location header, the running easy handle will get stuck in the CURLM_STATE_PERFORM state, leaving the external event loop stuck waiting for data from the ingoing socket (when using the curl_multi_socket_action stuff). While this bug was pretty hard to find, it seems to require only a one-line fix. The break statement on line 1374 in multi.c caused the function to skip the call to multistate(). How to reproduce this bug? Well, that's another question. evhiperfifo.c in the examples directory chokes on this bug only _sometimes_, probably depending on how fast the URLs are added. One way of testing the bug out is writing to hiper.fifo from more than one source at the same time.
2009-01-08Unified much of the SessionHandle initialization done in Curl_open() andDan Fandrich
curl_easy_reset() by creating Curl_init_userdefined(). This had the side effect of fixing curl_easy_reset() so it now also resets CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
2009-01-07- Rob Crittenden did once again provide an NSS update:Daniel Stenberg
I have to jump through a few hoops now with the NSS library initialization since another part of an application may have already initialized NSS by the time Curl gets invoked. This patch is more careful to only shutdown the NSS library if Curl did the initialization. It also adds in a bit of code to set the default ciphers if the app that call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific ciphers. One might argue that this lets other application developers get lazy and/or they aren't using the NSS API correctly, and you'd be right. But still, this will avoid terribly difficult-to-trace crashes and is generally helpful.
2008-12-31credit BasDaniel Stenberg
2008-12-29 - Phil Lisiecki filed bug report #2413067Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that would cause libcurl to mark a DNS cache entry "in use" eternally if the subsequence TCP connect failed. It would thus never get pruned and refreshed as it should've been.
2008-12-28- Peter Korsgaard fixed building libcurl with "configure --with-sslDaniel Stenberg
--disable-verbose".
2008-12-27libssh2 0.19 became 1.0 insteadDaniel Stenberg
2008-12-22- Given a recent enough libssh2, libcurl can now seek/resume with SFTP evenDaniel Stenberg
on file indexes beyond 2 or 4GB.
2008-12-22- Anthony Bryan provided a set of patches that cleaned up manual language,Daniel Stenberg
corrected spellings and more.
2008-12-20- Igor Novoseltsev fixed a bad situation for the multi_socket() API when doingDaniel Stenberg
pipelining, as libcurl could then easily get confused and A) work on the handle that was not "first in queue" on a pipeline, or even B) tell the app to REMOVE a socket while it was in use by a second handle in a pipeline. Both errors caused hanging or stalling applications.
2008-12-19- curl_multi_timeout() could return a timeout value of 0 even though nothingDaniel Stenberg
was actually ready to get done, as the internal time resolution is higher than the returned millisecond timer. Therefore it could cause applications running on fast processors to do short bursts of busy-loops. curl_multi_timeout() will now only return 0 if the timeout is actually alreay triggered.
2008-12-19- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurlDaniel Stenberg
now has an improved ability to do right when the multi interface (both "regular" and multi_socket) is used for SCP and SFTP transfers. This should result in (much) less busy-loop situations and thus less CPU usage with no speed loss.
2008-12-17- SCP and SFTP with the multi interface had the same flaw: the 'DONE'Daniel Stenberg
operation didn't complete properly if the EAGAIN equivalent was returned but libcurl would simply continue with a half-completed close operation performed. This ruined persistent connection re-use and cause some SSH-protocol errors in general. The correction is unfortunately adding a blocking function - doing it entirely non-blocking should be considered for a better fix.
2008-12-15- libssh2_sftp_last_error() was wrongly used at some places in libcurl whichDaniel Stenberg
made libcurl sometimes not properly abort problematic SFTP transfers.
2008-12-12credit Mark Karpeles for his report and workDaniel Stenberg
2008-12-12Patrick Monnerat fixed a build regression, introduced in 7.19.2, affectingYang Tse
OS/400 compilations with IPv6 enabled.
2008-12-11- Bug report #2416182 titled "crash in ConnectionExists when usingDaniel Stenberg
duphandle+curl_mutli" (http://curl.haxx.se/bug/view.cgi?id=2416182) showed that curl_easy_duphandle() wrongly also copied the pointer to the connection cache, which was plain wrong and caused a segfault if the handle would be used in a different multi handle than the handle it was duplicated from.
2008-12-11- Keshav Krity found out that libcurl failed to deal with dotted IPv6Daniel Stenberg
addresses if they were very long (>39 letters) due to a too strict address validity parser. It now accepts addresses up to 45 bytes long.
2008-12-10- Internet Explorer had a broken HTTP digest authentication before v7 andDaniel Stenberg
there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even comes with an option to work with such broken clients. The difference is only for URLs that contain a query-part (a '?'-letter and text to the right of it). libcurl now supports this quirk, and you enable it by setting the CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or CURLOPT_PROXYAUTH options. They are thus individually controlled to server and proxy.
2008-12-09- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume anyDaniel Stenberg
particular state for the control connection like it did before for implicit FTPS (libcurl assumed such control connections to be encrypted while some FTPS servers such as FileZilla assumes such connections to be clear mode). Use the CURLOPT_USE_SSL option to set your desired level.
2008-12-08- Fred Machado posted about a weird FTP problem on the curl-users list and whenDaniel Stenberg
researching it, it turned out he got a 550 response back from a SIZE command and then I fell over the text in RFC3659 that says: The presence of the 550 error response to a SIZE command MUST NOT be taken by the client as an indication that the file cannot be transferred in the current MODE and TYPE. In other words: the change I did on September 30th 2008 and that has been included in the last two releases were a regression and a bad idea. We MUST NOT take a 550 response from SIZE as a hint that the file doesn't exist.
2008-12-08- Christian Krause filed bug #2221237Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite loop during GSS authentication given some specific conditions. With his patience and great feedback I managed to narrow down the problem and eventually fix it although I can't test any of this myself!
2008-12-03- Igor Novoseltsev filed bug #2351645Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with the multi interface that occured if you removed an easy handle while in progress and the handle was used in a HTTP pipeline.
2008-12-03- Pawel Kierski pointed out a mistake in the cookie code that could lead to aDaniel Stenberg
bad fclose() after a fatal error had occured. (http://curl.haxx.se/bug/view.cgi?id=2382219)
2008-11-24- Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19Daniel Stenberg
function when built to support SCP and SFTP that helps the library to know in which direction a particular libssh2 operation would return EAGAIN so that libcurl knows what socket conditions to wait for before trying the function call again. Previously (and still when using libssh2 0.18 or earlier), libcurl will busy-loop in this situation when the easy interface is used!
2008-11-19- I removed the default use of "Pragma: no-cache" from libcurl when a proxy isDaniel Stenberg
used. It has been used since forever but it was never a good idea to use unless explicitly asked for.
2008-11-19- Christian Krause reported and fixed a memory leak that would occur with HTTPDaniel Stenberg
GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
2008-11-19- Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas gotDaniel Stenberg
when uploading files to a single FTP server using multiple easy handle handles with the multi interface. Occasionally a handle would stall in mysterious ways. The problem turned out to be a side-effect of the ConnectionExists() function's eagerness to re-use a handle for HTTP pipelining so it would select it even if already being in use, due to an inadequate check for its chances of being used for pipelnining.
2008-11-16Christian Krause fixed a build failure when building with gss supportDaniel Stenberg
enabled and FTP disabled.
2008-11-15my recent changesDaniel Stenberg
2008-11-13and we are now on the 7.19.3 roadDaniel Stenberg