aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
AgeCommit message (Collapse)Author
2005-03-03new VB bindingDaniel Stenberg
2005-03-03mention buffer overflows fixedDaniel Stenberg
2005-02-18Ralph Mitchell reported a flaw when you used a proxy with auth, and youDaniel Stenberg
requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem.
2005-02-18socket leak, mingw buildDaniel Stenberg
2005-02-16Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"Daniel Stenberg
that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send.
2005-02-11Removed all uses of strftime() since it uses the localised version of theDaniel Stenberg
week day names and month names and servers don't like that.
2005-02-10valgrind stuff for test suite, vms build and moreDaniel Stenberg
2005-02-01and we start over againDaniel Stenberg
2005-02-017.13 coming upDaniel Stenberg
2005-01-28Stephen More pointed out that CURLOPT_FTPPORT and the -P option didn't workDaniel Stenberg
when built ipv6-enabled. I've now made a fix for it. Writing test cases for custom port strings turned too tricky so unfortunately there's none.
2005-01-25Ian Ford asked about support for the FTP command ACCT, and I discovered it isDaniel Stenberg
present in RFC959... so now (lib)curl supports it as well. --ftp-account and CURLOPT_FTP_ACCOUNT set the account string. (The server may ask for an account string after PASS have been sent away. The client responds with "ACCT [account string]".) Added test case 228 and 229 to verify the functionality. Updated the test FTP server to support ACCT somewhat.
2005-01-25new web mirrorDaniel Stenberg
2005-01-23two options lessDaniel Stenberg
2005-01-21FTP third transfer support overhaul. See CHANGES for details.Daniel Stenberg
2005-01-20Philippe Hameau found out that -Q "+[command]" didn't work, although some codeDaniel Stenberg
was written for it. I fixed and added test case 227 to verify it. The curl.1 man page didn't mention the '+' so I added it.
2005-01-19today's proxy fixesDaniel Stenberg
2005-01-18Cody Jones' enhanced version of Samuel Díaz García's MSVC makefile patch.Daniel Stenberg
2005-01-17mention the name-prefix protocol guess thingDaniel Stenberg
2005-01-13Inspired by Martijn Koster's patch and example source atDaniel Stenberg
http://www.greenhills.co.uk/mak/gentoo/curl-eintr-bug.c, I now made the select() and poll() calls properly loop if they return -1 and errno is EINTR. glibc docs for this is found here: http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html This last link says BSD doesn't have this "effect". Will there be a problem if we do this unconditionally? S: ----------------------------------------------------------------------
2005-01-11Dan Torop cleaned up a few no longer used variables from David Phillips'Daniel Stenberg
select() overhaul fix.
2005-01-11Cyrill Osterwalder posted a detailed analysis about a bug that occurs whenDaniel Stenberg
using a custom Host: header and curl fails to send a request on a re-used persistent connection and thus creates a new connection and resends it. It then sent two Host: headers. Cyrill's analysis was posted here: http://curl.haxx.se/mail/archive-2005-01/0022.html
2005-01-10Bruce Mitchener identified (bug report #1099640) the never-ending SOCKS5Daniel Stenberg
problem with the version byte and the check for bad versions. Bruce has lots of clues on this, and based on his suggestion I've now removed the check of that byte since it seems to be able to contain 1 or 5.
2005-01-10edited wordingDaniel Stenberg
2005-01-10Pavel Orehov reported memory problems with the multi interface in bug reportDaniel Stenberg
#1098843. In short, a shared DNS cache was setup for a multi handle and when the shared cache was deleted before the individual easy handles, the latter cleanups caused read/writes to already freed memory.
2005-01-10Hzhijun reported a memory leak in the SSL certificate code, that leaked theDaniel Stenberg
remote certificate name when it didn't match the used host name.
2005-01-07three recent bug fixesDaniel Stenberg
2005-01-05recent eventsDaniel Stenberg
2004-12-25--protocols, license, src/config.h.inDaniel Stenberg
2004-12-23recent changesDaniel Stenberg
and Merry Christmas!
2004-12-20and we start all over againDaniel Stenberg
2004-12-19clarified a few changesDaniel Stenberg
2004-12-18Samuel Listopad added support for PKCS12 formatted certificates.Daniel Stenberg
2004-12-16several windows large-file fixesDaniel Stenberg
2004-12-16Dinar in bug report #1086121, found a file handle leak when a multipartDaniel Stenberg
formpost (including a file upload part) was aborted before the whole file was sent.
2004-12-15yet another mirror!Daniel Stenberg
2004-12-15fixed how backslashes are treated in glob stringsDaniel Stenberg
2004-12-14Harshal Pradhan fixed changing username/password on a persitent HTTPDaniel Stenberg
connection.
2004-12-13large file file:// resumes on windowsDaniel Stenberg
2004-12-11HTTP IPv6 support added to the test suiteDaniel Stenberg
2004-12-10username and IPv6 numerical address URL parser fixDaniel Stenberg
2004-12-10configure and curl-config fixesDaniel Stenberg
2004-12-07Rene Bernhardt found and fixed a buffer overrun in the NTLM code, whereDaniel Stenberg
libcurl always and unconditionally overwrote a stack-based array with 3 zero bytes. I edited the fix to make it less likely to occur again (and added a comment explaining the reason to the buffer size).
2004-12-05Dan Fandrich added the --disable-cookies option to configure to buildDaniel Stenberg
libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar.
2004-12-05Richard Atterer fixed libcurl's way of dealing with the EPSVDaniel Stenberg
response. Previously, libcurl would re-resolve the host name with the new port number and attempt to connect to that, while it should use the IP from the control channel. This bug made it hard to EPSV from an FTP server with multiple IP addresses!
2004-12-03credit where credit is dueDaniel Stenberg
2004-12-03Bug report #1078066: when a chunked transfer was pre-maturely closed exactlyDaniel Stenberg
at a chunk boundary it was not considered an error and thus went unnoticed. Added test case 207 to verify.
2004-11-30recent changesDaniel Stenberg
2004-11-29--disable-epsv when connecting to an IPv6 ftp serverDaniel Stenberg
2004-11-29spellDaniel Stenberg
2004-11-26progress meter newlineDaniel Stenberg