aboutsummaryrefslogtreecommitdiff
path: root/RELEASE-NOTES
AgeCommit message (Collapse)Author
2009-01-08Unified much of the SessionHandle initialization done in Curl_open() andDan Fandrich
curl_easy_reset() by creating Curl_init_userdefined(). This had the side effect of fixing curl_easy_reset() so it now also resets CURLOPT_FTP_FILEMETHOD and CURLOPT_SSL_SESSIONID_CACHE
2009-01-07- Rob Crittenden did once again provide an NSS update:Daniel Stenberg
I have to jump through a few hoops now with the NSS library initialization since another part of an application may have already initialized NSS by the time Curl gets invoked. This patch is more careful to only shutdown the NSS library if Curl did the initialization. It also adds in a bit of code to set the default ciphers if the app that call NSS_Init* did not call NSS_SetDomesticPolicy() or set specific ciphers. One might argue that this lets other application developers get lazy and/or they aren't using the NSS API correctly, and you'd be right. But still, this will avoid terribly difficult-to-trace crashes and is generally helpful.
2008-12-31credit BasDaniel Stenberg
2008-12-29 - Phil Lisiecki filed bug report #2413067Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2413067) that identified a problem that would cause libcurl to mark a DNS cache entry "in use" eternally if the subsequence TCP connect failed. It would thus never get pruned and refreshed as it should've been.
2008-12-28- Peter Korsgaard fixed building libcurl with "configure --with-sslDaniel Stenberg
--disable-verbose".
2008-12-27libssh2 0.19 became 1.0 insteadDaniel Stenberg
2008-12-22- Given a recent enough libssh2, libcurl can now seek/resume with SFTP evenDaniel Stenberg
on file indexes beyond 2 or 4GB.
2008-12-22- Anthony Bryan provided a set of patches that cleaned up manual language,Daniel Stenberg
corrected spellings and more.
2008-12-20- Igor Novoseltsev fixed a bad situation for the multi_socket() API when doingDaniel Stenberg
pipelining, as libcurl could then easily get confused and A) work on the handle that was not "first in queue" on a pipeline, or even B) tell the app to REMOVE a socket while it was in use by a second handle in a pipeline. Both errors caused hanging or stalling applications.
2008-12-19- curl_multi_timeout() could return a timeout value of 0 even though nothingDaniel Stenberg
was actually ready to get done, as the internal time resolution is higher than the returned millisecond timer. Therefore it could cause applications running on fast processors to do short bursts of busy-loops. curl_multi_timeout() will now only return 0 if the timeout is actually alreay triggered.
2008-12-19- Using the libssh2 0.19 function libssh2_session_block_directions(), libcurlDaniel Stenberg
now has an improved ability to do right when the multi interface (both "regular" and multi_socket) is used for SCP and SFTP transfers. This should result in (much) less busy-loop situations and thus less CPU usage with no speed loss.
2008-12-17- SCP and SFTP with the multi interface had the same flaw: the 'DONE'Daniel Stenberg
operation didn't complete properly if the EAGAIN equivalent was returned but libcurl would simply continue with a half-completed close operation performed. This ruined persistent connection re-use and cause some SSH-protocol errors in general. The correction is unfortunately adding a blocking function - doing it entirely non-blocking should be considered for a better fix.
2008-12-15- libssh2_sftp_last_error() was wrongly used at some places in libcurl whichDaniel Stenberg
made libcurl sometimes not properly abort problematic SFTP transfers.
2008-12-12credit Mark Karpeles for his report and workDaniel Stenberg
2008-12-12Patrick Monnerat fixed a build regression, introduced in 7.19.2, affectingYang Tse
OS/400 compilations with IPv6 enabled.
2008-12-11- Bug report #2416182 titled "crash in ConnectionExists when usingDaniel Stenberg
duphandle+curl_mutli" (http://curl.haxx.se/bug/view.cgi?id=2416182) showed that curl_easy_duphandle() wrongly also copied the pointer to the connection cache, which was plain wrong and caused a segfault if the handle would be used in a different multi handle than the handle it was duplicated from.
2008-12-11- Keshav Krity found out that libcurl failed to deal with dotted IPv6Daniel Stenberg
addresses if they were very long (>39 letters) due to a too strict address validity parser. It now accepts addresses up to 45 bytes long.
2008-12-10- Internet Explorer had a broken HTTP digest authentication before v7 andDaniel Stenberg
there are servers "out there" that relies on the client doing this broken Digest authentication. Apache even comes with an option to work with such broken clients. The difference is only for URLs that contain a query-part (a '?'-letter and text to the right of it). libcurl now supports this quirk, and you enable it by setting the CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or CURLOPT_PROXYAUTH options. They are thus individually controlled to server and proxy.
2008-12-09- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume anyDaniel Stenberg
particular state for the control connection like it did before for implicit FTPS (libcurl assumed such control connections to be encrypted while some FTPS servers such as FileZilla assumes such connections to be clear mode). Use the CURLOPT_USE_SSL option to set your desired level.
2008-12-08- Fred Machado posted about a weird FTP problem on the curl-users list and whenDaniel Stenberg
researching it, it turned out he got a 550 response back from a SIZE command and then I fell over the text in RFC3659 that says: The presence of the 550 error response to a SIZE command MUST NOT be taken by the client as an indication that the file cannot be transferred in the current MODE and TYPE. In other words: the change I did on September 30th 2008 and that has been included in the last two releases were a regression and a bad idea. We MUST NOT take a 550 response from SIZE as a hint that the file doesn't exist.
2008-12-08- Christian Krause filed bug #2221237Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2221237) that identified an infinite loop during GSS authentication given some specific conditions. With his patience and great feedback I managed to narrow down the problem and eventually fix it although I can't test any of this myself!
2008-12-03- Igor Novoseltsev filed bug #2351645Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2351645) that identified a problem with the multi interface that occured if you removed an easy handle while in progress and the handle was used in a HTTP pipeline.
2008-12-03- Pawel Kierski pointed out a mistake in the cookie code that could lead to aDaniel Stenberg
bad fclose() after a fatal error had occured. (http://curl.haxx.se/bug/view.cgi?id=2382219)
2008-11-24- Based on a patch by Vlad Grachov, libcurl now uses a new libssh2 0.19Daniel Stenberg
function when built to support SCP and SFTP that helps the library to know in which direction a particular libssh2 operation would return EAGAIN so that libcurl knows what socket conditions to wait for before trying the function call again. Previously (and still when using libssh2 0.18 or earlier), libcurl will busy-loop in this situation when the easy interface is used!
2008-11-19- I removed the default use of "Pragma: no-cache" from libcurl when a proxy isDaniel Stenberg
used. It has been used since forever but it was never a good idea to use unless explicitly asked for.
2008-11-19- Christian Krause reported and fixed a memory leak that would occur with HTTPDaniel Stenberg
GSS/kerberos authentication (http://curl.haxx.se/bug/view.cgi?id=2284386)
2008-11-19- Andreas Wurf and Markus Koetter helped me analyze a problem that Andreas gotDaniel Stenberg
when uploading files to a single FTP server using multiple easy handle handles with the multi interface. Occasionally a handle would stall in mysterious ways. The problem turned out to be a side-effect of the ConnectionExists() function's eagerness to re-use a handle for HTTP pipelining so it would select it even if already being in use, due to an inadequate check for its chances of being used for pipelnining.
2008-11-16Christian Krause fixed a build failure when building with gss supportDaniel Stenberg
enabled and FTP disabled.
2008-11-15my recent changesDaniel Stenberg
2008-11-13and we are now on the 7.19.3 roadDaniel Stenberg
2008-11-137.19.2 coming upDaniel Stenberg
2008-11-11- Rainer Canavan filed bug #2255627Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a program using libcurl's multi interface to download a HTTPS page with a libcurl built powered by OpenSSL, would easily get silly and instead hand over SSL details as data instead of the actual HTTP headers and body. This happened because libcurl would consider the connection handshake done too early. This problem was introduced at September 22nd 2008 with my fix of the bug #2107377 The correct fix is now instead done within the GnuTLS-handling code, as both the OpenSSL and the NSS code already deal with this situation in similar fashion. I added test case 560 in an attempt to verify this fix, but unfortunately it didn't trigger it even before this fix!
2008-11-11Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)Yang Tse
Daniel Fandrich noticed that curl_addrinfo was also missing in the build process of other four non-configure platforms. Added now.
2008-11-07The getifaddrs() version of Curl_if2ip() crashed when used on a LinuxDan Fandrich
system with a TEQL load-balancing device configured, which doesn't have an address. Thanks to Adam Sampson for spotting this (bug #2234923).
2008-11-07give credit where credit is dueYang Tse
2008-11-06Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out aYang Tse
problem with MSVC 6 makefile that caused a build failure. It was noted that the curl_addrinfo.obj reference was missing. I took the opportunity to sort the list in which this was missing.
2008-11-05and we're back on square one working on the next release...Daniel Stenberg
2008-11-04oops, use the correct option nameDaniel Stenberg
2008-11-04CURLINFO_FILETIME now works for file:// transfers as wellDaniel Stenberg
2008-11-03Sync up with realityYang Tse
2008-11-01Daniel Johnson reported and fixed ipv4 name resolves when libcurl is builtDaniel Stenberg
with ipv6-enabled c-ares
2008-10-29Fixed a bug that caused a few bytes of garbage to be sent after aDan Fandrich
curl_easy_pause() during a chunky upload. Reported by Steve Roskowski.
2008-10-22fixed language, added the Solaris _REENTRANT thingDaniel Stenberg
2008-10-16- Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that thenDaniel Stenberg
make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding these new options is that they have no problems with the colon separator that the CURLOPT_PROXYUSERPWD option does.
2008-10-15- Pascal Terjan filed bug #2154627Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2154627) which pointed out that libcurl uses strcasecmp() in multiple places where it causes failures when the Turkish locale is used. This is because 'i' and 'I' isn't the same letter so strcasecmp() on those letters are different in Turkish than in English (or just about all other languages). I thus introduced a totally new internal function in libcurl (called Curl_ascii_equal) for doing case insentive comparisons for english-(ascii?) style strings that thus will make "file" and "FILE" match even if the Turkish locale is selected.
2008-10-15credit to John WilkinsonDaniel Stenberg
2008-10-09Fixed the --interface option to work with IPv6 connections on glibcDan Fandrich
systems supporting getifaddrs(). Also fixed a problem where an IPv6 address could be chosen instead of an IPv4 one for --interface when it involved a name lookup.
2008-10-08- Bug #2152270 (http://curl.haxx.se/bug/view.cgi?id=2152270) identified andDaniel Stenberg
fixed a CURLINFO_REDIRECT_URL memory leak and an additional wrong-doing: Any subsequent transfer with a redirect leaks memory, eventually crashing the process potentially. Any subsequent transfer WITHOUT a redirect causes the most recent redirect that DID occur on some previous transfer to still be reported.
2008-10-08- Igor filed bug #2111613 (http://curl.haxx.se/bug/view.cgi?id=2111613) thatDaniel Stenberg
eventually identified a flaw in how the multi_socket interface in some cases missed to call the timeout callback when easy interfaces are removed and added within the same millisecond.
2008-10-08- Igor Novoseltsev brought a patch that introduced two new options toDaniel Stenberg
curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of deprecates the good old CURLOPT_USERPWD since they allow applications to set the user name and password independently and perhaps more importantly allow both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.