aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
AgeCommit message (Collapse)Author
2008-02-25- Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option thatDaniel Stenberg
forces it to prefer SSLv3.
2008-02-23- Sam Listopad provided a patch in feature-request #1900014Daniel Stenberg
http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to use OpenSSL) support a full chain of certificates in a given PKCS12 certificate.
2008-02-22- Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory modelDaniel Stenberg
options as the lib/Makefile.vc6 already did.
2008-02-21- Zmey Petroff found a crash when libcurl accessed a NULL pointer, whichDaniel Stenberg
happened if you set the connection cache size to 1 and for example failed to login to an FTP site. Bug report #1896698 (http://curl.haxx.se/bug/view.cgi?id=1896698)
2008-02-20- Fixed test case 405 to not fail when libcurl is built with GnuTLSDaniel Stenberg
2008-02-20- Based on initial work done by Gautam Kachroo to address a bug, we now keepDaniel Stenberg
better control at the exact state of the connection's SSL status so that we know exactly when it has completed the SSL negotiation or not so that there won't be accidental re-uses of connections that are wrongly believed to be in SSL-completed-negotiate state.
2008-02-20- We no longer support setting the CURLOPT_URL option from inside a callbackDaniel Stenberg
such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location: following. The patch that introduced this feature was done for 7.11.0, but this code and functionality has been broken since about 7.15.4 (March 2006) with the introduction of non-blocking OpenSSL "connects". It was a hack to begin with and since it doesn't work and hasn't worked correctly for a long time and nobody has even noticed, I consider it a very suitable subject for plain removal. And so it was done.
2008-02-18- We're no longer providing a very old ca-bundle in the curl tarball. You canDaniel Stenberg
get a fresh one downloaded and created with 'make ca-bundle' or you can get one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh new one extracted from Mozilla's recent list of ca certs. The configure option --with-ca-bundle now lets you specify what file to use as default ca bundle for your build. If not specified, the configure script will check a few known standard places for a global ca cert to use.
2008-02-17- Jerome Muffat-Meridol helped me fix Curl_done() to close the currentDaniel Stenberg
connection by force when it was called before the entire request is completed, simply because we can't know if the connection really can be re-used safely at that point.
2008-02-15- Made the gnutls code path not even try to get the server cert if no peerDaniel Stenberg
verification is requested. Previously it would even return failure if gnutls failed to get the server cert even though no verification was asked for. - Fix my Curl_timeleft() leftover mistake in the gnutls code
2008-02-15new mirror and mirror recount after cleansingDaniel Stenberg
2008-02-15- Pooyan McSporran found and fixed a flaw where you first would do a normalDaniel Stenberg
http request and then you'd reuse the handle and replace the Accept: header, as then libcurl would send two Accept: headers!
2008-02-10Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) pointsYang Tse
out and provides test program that demonstrates that libcurl might not set error description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded name resolver builds. Fixed now.
2008-02-08- Mike Hommey filed and fixed bug report #1889856Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl layer, cleaning-up and reinitializing curl ends up with https requests failing with "ASN1 parser: Element was not found" errors. Obviously a regression added in 7.16.3.
2008-02-08Günter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle andDaniel Stenberg
creates a suitable ca-bundle.crt file in PEM format for use with curl. The recommended way to run it is to use 'make ca-bundle' in the build tree root.
2008-02-07- Refactored a lot of timeout code into a few functions in an attempt to makeDaniel Stenberg
them all use the same (hopefully correct) logic to make it less error-prone and easier to introduce library-wide where it should be used.
2008-02-06Fix problem in strdup replacement when dealing with absolutely huge strings.Yang Tse
2008-01-31- Niklas Angebrand made the cookie support in libcurl properly deal with theDaniel Stenberg
"HttpOnly" feature introduced by Microsoft and apparently also supported by Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly is now supported when received from servers in HTTP headers, when written to cookie jars and when read from existing cookie jars.
2008-01-29- Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previouslyDaniel Stenberg
crash!
2008-01-29- Michal Marek fixed minor mistake in test case 553 that prevented it fromDaniel Stenberg
working on other IP-addresses or port numbers.
2008-01-28start over on 7.18.1Daniel Stenberg
2008-01-25- Kevin Reed filed bug report #1879375Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any proxy authentication and the proxy replies with an auth (like NTLM) and then closes the connection after that initial informational response. libcurl would not properly re-initialize the connection to the proxy and continue the auth negotiation like supposed. It does now however, as it will now detect if one or more authentication methods were available and asked for, and will thus retry the connection and continue from there. - I made the progress callback get called properly during proxy CONNECT.
2008-01-24and Igor Franchuk is his name!Daniel Stenberg
2008-01-23"Igor" pointed out that CURLOPT_COOKIELIST set to "ALL" leaked memory, and soDaniel Stenberg
did "SESS". Fixed now.
2008-01-21Dmitry Kurochkin removed the cancelled state for pipelining, as we agreedDaniel Stenberg
that it is bad anyway. Starting now, removing a handle that is in used in a pipeline will break the pipeline - it'll be set back up again but still...
2008-01-20Judson provided an example, and the added mirror adds the countDaniel Stenberg
2008-01-20http://curl.very-clever.com/ is a new mirror in Nuremberg, GermanyDaniel Stenberg
2008-01-18Lau Hang Kin found and fixed a problem with the multi interface when doingDaniel Stenberg
CONNECT over a proxy. curl_multi_fdset() didn't report back the socket properly during that state, due to a missing case in the switch in the multi_getsock() function.
2008-01-17curl-java 0.2.1Daniel Stenberg
2008-01-16Nathan Coulter's patch that makes runtests.pl respect the PATH when figuringDaniel Stenberg
out what valgrind to run.
2008-01-16fix handling of out of memory in the command line tool that afectedYang Tse
data url encoded HTTP POSTs when reading it from a file.
2008-01-16Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support thatDaniel Stenberg
previously had a number of flaws, perhaps most notably when an application fired up N transfers at once as then they wouldn't pipeline at all that nicely as anyone would think... Test case 530 was also updated to take the improved functionality into account.
2008-01-15Calls to Curl_failf() are not supposed to provide a trailing newline as theDaniel Stenberg
function itself adds that. Fixed on 50 or something strings!
2008-01-14Joe Malicki filed bug report #1871269Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang- problem that occurred when doing a large HTTP POST request with the response-body read from a callback.
2008-01-12I re-arranged the curl --help output. All the options are now sorted onDaniel Stenberg
their long option names and all descriptions are one-liners.
2008-01-12Eric Landes provided the patch (edited by me) that introduces theDaniel Stenberg
--keepalive-time to curl to set the keepalive probe interval. I also took the opportunity to rename the recently added no-keep-alive option to no-keepalive to keep a consistent naming and to avoid getting two dashes in these option names. Eric also provided an update to the man page for the new option.
2008-01-11Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way itDaniel Stenberg
already worked for FTP:// URLs
2008-01-10Michal Marek made curl-config --libs not include /usr/lib64 in the outputDaniel Stenberg
(it already before skipped /usr/lib). /usr/lib64 is the default library directory on many 64bit systems and it's unlikely that anyone would use the path privately on systems where it's not.
2008-01-10Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allowDaniel Stenberg
libcurl to seek in a given input stream. This is particularly important when doing upload resumes when there's already a huge part of the file present remotely. Before, and still if this callback isn't used, libcurl will read and through away the entire file up to the point to where the resuming begins (which of course can be a slow opereration depending on file size, I/O bandwidth and more). This new function will also be preferred to get used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when doing multi-stage HTTP auth with POST/PUT.
2008-01-10Nikitinskit Dmitriy filed bug report #1868255Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies and fixes a problem with parsing WWW-Authenticate: headers with additional spaces in the line that the parser wasn't written to deal with.
2008-01-08Introducing curl_easy_pause() and new magic return codes for both the readDaniel Stenberg
and the write callbacks that now can make a connection's reading and/or writing get paused.
2008-01-06Jeff Johnson filed bug report #1863171Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that libcurl's date parser didn't accept a +1300 time zone which actually is used fairly often (like New Zealand's Dailight Savings Time), so I modified the parser to now accept up to and including -1400 to +1400.
2008-01-05Based on further discussion on curl-library, I reverted yesterday's SOCKS5Daniel Stenberg
code to instead introduce support for a new proxy type called CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy instead of IP address and there's thus no longer any need for a new curl_easy_setopt() option. The default SOCKS5 proxy is again back to sending the IP address to the proxy. The new curl command line option for enabling sending host name to a SOCKS5 proxy is now --socks5-hostname.
2008-01-05Added Daniel Egger and extended the --no-keep-alive descriptionDaniel Stenberg
2008-01-04Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let theDaniel Stenberg
proxy do the host name resolving and only if --socks5ip (or CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and pass on the IP address only to the proxy.
2008-01-02I removed the socklen_t use from the public curl/curl.h header and insteadDaniel Stenberg
made it an unsigned int. The type was only used in the curl_sockaddr struct definition (only used by the curl_opensocket_callback). On all platforms I could find information about, socklen_t is 32 unsigned bits large so I don't think this will break the API or ABI. The main reason for this change is of course for all the platforms that don't have a socklen_t definition in their headers to build fine again. Providing our own configure magic and custom definition of socklen_t on those systems proved to work but was a lot of cruft, code and extra magic needed - when this very small change of type seems harmless and still solves the missing socklen_t problem.
2008-01-02Richard Atterer brought a patch that added support for SOCKS4a proxies, whichDaniel Stenberg
is an inofficial PROXY4 variant that sends the hostname to the proxy instead of the resolved address (which is already supported by SOCKS5). --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can now be set to CURLPROXY_SOCKS4A as well.
2008-01-01Mohun Biswas pointed out that --libcurl generated a source code with an intDaniel Stenberg
function but without a return statement. While fixing that, I also took care about adding some better comments for the generated code.
2007-12-26Dmitry Kurochkin mentioned a flawDaniel Stenberg
(http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which failed to set the bits.proxy variable properly when an environment variable told libcurl to use a http proxy.
2007-12-24Gary Maxwell filed bug report #1856628Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the (small) memory leak in the SSL session ID caching code. It happened when a previous entry in the cache was re-used.