| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixed in 7.21.6 - April 22 2011
Changes:
Added --tr-encoding and CURLOPT_TRANSFER_ENCODING
Bugfixes:
curl-config: fix --version
curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
use HTTPS properly after CONNECT
SFTP: close file before post quote operations
Fixed in 7.21.5 - April 17 2011
Changes:
SOCKOPTFUNCTION: callback can say already-connected
Added --netrc-file
Added (new) support for cyassl
TSL-SRP: enabled with OpenSSL
Added CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION
Bugfixes:
nss: avoid memory leak on SSL connection failure
nss: do not ignore failure of SSL handshake
multi: better failed connect handling when using FTP, SMTP, POP3 and IMAP
runtests.pl: fix pid number concatenation that prevented it from killing the correct process at times
PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD
multi: close connection on timeout
IMAP in multi mode does SSL connections non-blocking
honours the --disable-ldaps configure option
Force setopt constants written by --libcurl to be long
ssh_connect: treat libssh2 return code better
SFTP upload could stall the state machine when the multi_socket API was used
SFTP and SCP could leak memory when used with the multi interface and the connection was closed
Added missing file to repair the MSVC makefiles
Fixed detection of recvfrom arguments on Android/bionic
GSS: handle reuse fix
transfer: avoid insane conversion of time_t
nss: do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases
SMTP-multi: non-blocking connect
SFTP-multi: set cselect for sftp and scp to fix "stall" risk
configure: removed wrongly claimed default paths
pop3: fixed torture tests to succeed
symbols-in-versions: many corrections
if a HTTP request gets retried because the connection was dead, rewind if any data was sent as part of it
only probe for working ipv6 once and then re-use that info for further requests
requests that are asked to bound to a local interface/port will no longer wrongly re-use connections that aren't
libcurl.m4: Add missing quotes in AC_LINK_IFELSE
progress output: don't print the last update on a separate line
POP3: the command to send is STLS, not STARTTLS
POP3: PASS command was not sent after upgrade to TLS
configure: fix libtool warning
nss: allow to use multiple client certificates for a single host
HTTP pipelining: Fix handling of zero-length responses
Don't list NTLM in curl-config when HTTP is disabled
curl_easy_setopt.3: CURLOPT_RESOLVE typo version
OpenSSL: build fine with no-sslv2 versions
checkconnection: don't call with NULL pointer with RTSP and multi interface
Borland makefile updates
configure: libssh2 link fix without pkg-config
certinfo crash
CCC crash
|
|
|
|
This release includes the following changes:
o CURLINFO_FTP_ENTRY_PATH now supports SFTP
o introduced new framework for unit-testing
o IDN: use win32 API if told to
o ares: ask for both IPv4 and IPv6 addresses
o HTTP: do Negotiate authentication using SSPI on windows
o Windows build: alternative makefile
o TLS-SRP: support added when using GnuTLS
This release includes the following bugfixes:
o SMTP: add brackets for MAIL FROM
o ossl_seed: no more RAND_screen (on Windows)
o multi: connect fail => use next IP address
o use the timeout when using multiple IP addresses similar to how
the easy interface does it
o cookies: tricked dotcounter fixed
o pubkey_show: allocate buffer to fit any-size result
o Curl_nss_connect: avoid PATH_MAX
o Curl_do: avoid using stale conn pointer
o tftpd test server: avoid buffer overflow report from glibc
o nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
o nss: fix a bug in handling of CURLOPT_CAPATH
o CMake: Use upstream CheckTypeSize module
o OpenSSL get_cert_chain: support larger data sets
o SCP/SFTP transfers: acknowledge speedcheck
o GnuTLS builds: fix memory leak
o connect problem: use UDP correctly
o Borland C++ makefile tweaks
o OpenSSL: improved error message on SSL_CTX_new failures
o HTTP: memory leak on multiple Location:
o ares_query_completed_cb: don't touch invalid data
o ares: memory leak fix
o mk-ca-bundle: use new cacert url
o Curl_gmtime: added a portable gmtime and check for NULL
o curl.1: typo in -v description
o CURLOPT_SOCKOPTFUNCTION: return proper error code
o --keepalive-time: warn if not supported properly
o file: add support for CURLOPT_TIMECONDITION
o nss: avoid memory leaks and failure of NSS shutdown
o multi: fix CURLM_STATE_TOOFAST for multi_socket
|
|
|
|
Changes:
* Added --noconfigure switch to testcurl.pl
* Added --xattr option
* Added CURLOPT_RESOLVE and --resolve
* Added CURLAUTH_ONLY
* Added version-check.pl to the examples dir
Bugfixes:
* check for libcurl features for some command line options
* Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
* http_chunks: remove debug output
* URL-parsing: consider ? a divider
* SSH: avoid using the libssh2_ prefix
* SSH: use libssh2_session_handshake() to work on win64
* ftp: prevent server from hanging on closed data connection
when stopping a transfer before the end of the full transfer
(ranges)
* LDAP: detect non-binary attributes properly
* ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
* gnutls->handshake: improved timeout handling
* security: Pass the right parameter to init
* krb5: Use GSS_ERROR to check for error
* TFTP: resend the correct data
* configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
* GnuTLS: now detects socket errors on Windows
* symbols-in-versions: updated en masse
* added a couple examples that were missing from the tar ball
* Curl_send/recv_plain: return errno on failure
* Curl_wait_for_resolv (for c-ares): correct timeout
* ossl_connect_common: detect connection re-use
* configure: Prevent link errors with --librtmp
* openldap: use remote port in URL passed to ldap_init_fd()
* url: provide dead_connection flag in Curl_handler::disconnect
* lots of compiler warning fixes
* ssh: fix a download resume point calculation
* fix getinfo CURLINFO_LOCAL* for reused connections
* multi: the returned running handles conuter could turn negative
* multi: only ever consider pipelining for connections doing HTTP(S)
|
|
Changes:
* curl -T: ignore file size of special files
* Added GOPHER protocol support
* Added mk-ca-bundle.vbs script
* c-ares build now requires c-ares >= 1.6.0
Bugfixes:
* --remote-header-name security vulnerability fixed
* multi: support the timeouts correctly, fixes known bug #62
* multi: use timeouts properly for MAX_RECV/SEND_SPEED
* negotiation: Wrong proxy authorization
* multi: avoid sending multiple complete messages
* cmdline: make -F type= accept ;charset=
* RESUME_FROM: clarify what ftp uploads do
* http: handle trailer headers in all chunked responses
* Curl_is_connected: use correct errno
* Added SSPI build to Watcom makefile
* progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
* linking problem on Fedora 13
* Link curl and the test apps with -lrt explicitly when necessary
* chunky parser: only rewind stream internally if needed
* remote-header-name: don't output filename when NULL
* Curl_timeleft: avoid returning "no timeout" by mistake
* timeout: use the correct start value as offset
* FTP: fix wrong timeout trigger
* buildconf got better output on failures
* rtsp: avoid SIGSEGV on malformed header
* LDAP: Support for tunnelling queries through HTTP proxy
* configure's --enable-werror had a bashism
* test565: Don't hardcode IP:PORT
* configure: check for gcrypt if using GnuTLS
* configure: don't enable RTMP if the lib detect fails
* curl_easy_duphandle: clone the c-ares handle correctly
* MacOSX-Framework: updates for Snowleopard
* support URL containing colon without trailing port number
* parsedate: allow time specified without seconds
* curl_easy_escape: don't escape "unreserved" characters
* SFTP: avoid downloading negative sizes
* Lots of GSS/KRB FTP fixes
* TFTP: Work around tftpd-hpa upload bug
* libcurl.m4: several fixes
* HTTP: remove special case for 416
* examples: use example.com in example URLs
* globbing: fix crash on unballanced open brace
* cmake: build fixed
|
|
changes: bugfixes
|
|
|
|
changes:
added the --proto and -proto-redir options
new configure option --enable-threaded-resolver
improve TELNET ability with libcurl
added support for PolarSSL
added support for FTP wildcard matching and downloads
added support for RTMP
added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and CURLINFO_LOCAL_PORT
|
|
|
|
Version 7.20.0 (9 February 2010)
Daniel Stenberg (9 Feb 2010)
- When downloading compressed content over HTTP and the app asked libcurl to
automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
wrongly provide the callback with more data than the maximum documented
amount. An application could thus get tricked into badness if the maximum
limit was trusted to be enforced by libcurl itself (as it is documented).
This is further detailed and explained in the libcurl security advisory
20100209 at
http://curl.haxx.se/docs/adv_20100209.html
Daniel Fandrich (3 Feb 2010)
- Changed the Watcom makefiles to make them easier to keep in sync with
Makefile.inc since that can't be included directly.
Yang Tse (2 Feb 2010)
- Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
symbol will not be available when building with CURL_NO_OLDIES defined. Use
of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0
Daniel Stenberg (1 Feb 2010)
- Using the multi_socket API, it turns out at times it seemed to "forget"
connections (which caused a hang). It turned out to be an existing (7.19.7)
bug in libcurl (that's been around for a long time) and it happened like
this:
The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
then set it to timeout in 1 millisecond so libcurl will tell the app about
it.
The app's timeout fires off that there's a timeout, the app calls libcurl as
we so often document it:
do {
res = curl_multi_socket_action(... TIMEOUT ...);
} while(CURLM_CALL_MULTI_PERFORM == res);
And this is the problem number one:
When curl_multi_socket_action() is called with no specific handle, but only
a timeout-action, it will *only* perform actions within libcurl that are
marked to run at this time. In this case, the request would go from INIT to
CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
again, there's no timer set for this handle so it remains in the CONNECT
state. The CONNECT state is a transitional state in libcurl so it reports no
sockets there, and thus libcurl never tells the app anything more about that
easy handle/connection.
libcurl _does_ set a 1ms timeout for the handle at the end of
multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
is instant the new job is not ready to run at that point (and there's no
code that makes libcurl call the app to update the timout for this new
timeout). It will simply rely on that some other timeout will trigger later
on or that something else will update the timeout callback. This makes the
bug fairly hard to repeat.
The fix made to adress this issue:
We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
benefit that this goes in line with my long-term wishes to get rid of the
CURLM_CALL_MULTI_PERFORM all together from the public API.
The downside of this fix, is that the counter we return in 'running_handles'
in several of our public functions then gets a slightly new and possibly
confusing behavior during times:
If an app adds a handle that fails to connect (very quickly) it may just
as well never appear as a 'running_handle' with this fix. Previously it
would first bump the counter only to get it decreased again at next call.
Even I have used that change in handle counter to signal "end of a
transfer". The only *good* way to find the end of a individual transfer
is calling curl_multi_info_read() to see if it returns one.
Of course, if the app previously did the looping before it checked the
counter, it really shouldn't be any new effect.
Yang Tse (26 Jan 2010)
- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
relative to the asynchronous DNS lookups, along with with some integration
adjustments I have done are finally committed to CVS.
Currently these enhancements will benefit builds done using c-ares on any
platform as well as Windows builds using the default threaded resolver.
This release does not make generally available POSIX threaded DNS lookups
yet. There is no configure option to enable this feature yet. It is possible
to experimantally try this feature running configure with compiler flags that
make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
are required to link and properly use pthread_* functions on each platform.
Daniel Stenberg (26 Jan 2010)
- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
proxy that cannot be resolved when using c-ares. This matches the behaviour
when not using c-ares.
Bj
- Added a new flag: -J/--remote-header-name. This option tells the
-O/--remote-name option to use the server-specified Content-Disposition
filename instead of extracting a filename from the URL.
Daniel Stenberg (21 Jan 2010)
- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
libcurl options for controlling what to get and how to receive posssibly
interleaved RTP data.
Daniel Stenberg (20 Jan 2010)
- As was pointed out on the http-state mailing list, the order of cookies in a
HTTP Cookie: header _needs_ to be sorted on the path length in the cases
where two cookies using the same name are set more than once using
(overlapping) paths. Realizing this, identically named cookies must be
sorted correctly. But detecting only identically named cookies and take care
of them individually is harder than just to blindly and unconditionally sort
all cookies based on their path lengths. All major browsers also already do
this, so this makes our behavior one step closer to them in the cookie area.
Test case 8 was the only one that broke due to this change and I updated it
accordingly.
Daniel Stenberg (19 Jan 2010)
- David McCreedy brought a fix and a new test case (129) to make libcurl work
again when downloading files over FTP using ASCII and it turns out that the
final size of the file is not the same as the initial size the server
reported. This is very common since servers don't take the newline
conversions into account.
Kamil Dudka (14 Jan 2010)
- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
being properly detected under certain circumstances. It had been caused by
strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
distinguishes among empty and non-existent environment variable in that case.
Daniel Stenberg (12 Jan 2010)
- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
transfers: curl_multi_fdset() would return -1 and not set and file
descriptors several times during a transfer of a single file. It turned out
to be due to two different flaws now fixed. Gil's excellent recipe helped me
nail this.
Daniel Stenberg (11 Jan 2010)
- Made sure that the progress callback is repeatedly called at a regular
interval even during very slow connects.
- The tests/runtests.pl script now checks to see if the test case that runs is
present in the tests/data/Makefile.am and outputs a notice message on the
screen if not. Each test file has to be included in that Makefile.am to get
included in release archives and forgetting to add files there is a common
mistake. This is an attempt to make it harder to forget.
Daniel Stenberg (9 Jan 2010)
- Johan van Selst found and fixed a OpenSSL session ref count leak:
ossl_connect_step3() increments an SSL session handle reference counter on
each call. When sessions are re-used this reference counter may be
incremented many times, but it will be decremented only once when done (by
Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
if this reference count remains positive. When a session is re-used the
reference counter should be corrected by explicitly calling
SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
introducing a memory leak.
(http://curl.haxx.se/bug/view.cgi?id=2926284)
Daniel Stenberg (7 Jan 2010)
- Make sure the progress callback is called repeatedly even during very slow
name resolves when c-ares is used for resolving.
Claes Jakobsson (6 Jan 2010)
- Julien Chaffraix fixed so that the fragment part in an URL is not sent
to the server anymore.
Kamil Dudka (3 Jan 2010)
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().
Daniel Stenberg (2 Jan 2010)
- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
option names are still working but the new ones are the ones listed and
documented.
Daniel Stenberg (1 Jan 2010)
- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
command is a special "hack" used by the drftpd server, but even though it is
a custom extension I've deemed it fine to add to libcurl since this server
seems to survive and people keep using it and want libcurl to support
it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
usable from the curl tool with --ftp-pret. Using this option on a server
that doesn't support this command will make libcurl fail.
I added test cases 1107 and 1108 to verify the functionality.
The PRET command is documented at
http://www.drftpd.org/index.php/Distributed_PASV
Yang Tse (30 Dec 2009)
- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
with the patch and testing.
Daniel Stenberg (26 Dec 2009)
- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
headers work correctly even on FreeBSD systems before v8.
(http://curl.haxx.se/bug/view.cgi?id=2916915)
Daniel Stenberg (17 Dec 2009)
- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
available.
- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
was a bit too quick and broke test case 1101 with that change. The order of
some of the setups is sensitive. I now changed it slightly again to make
sure we do them in this order:
1 - parse URL and figure out what protocol is used in the URL
2 - prepend protocol:// to URL if missing
3 - parse name+password off URL, which needs to know what protocol is used
(since only some allows for name+password in the URL)
4 - figure out if a proxy should be used set by an option
5 - if no proxy option, check proxy environment variables
6 - run the protocol-specific setup function, which needs to have the proxy
already set
Daniel Stenberg (15 Dec 2009)
- Jon Nelson found a regression that turned out to be a flaw in how libcurl
detects and uses proxies based on the environment variables. If the proxy
was given as an explicit option it worked, but due to the setup order
mistake proxies would not be used fine for a few protocols when picked up
from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
test case 1106 that verifies this functionality.
(http://curl.haxx.se/bug/view.cgi?id=2913886)
Daniel Stenberg (12 Dec 2009)
- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
and SMTPS) are now supported. The current state may not yet be solid, but
the foundation is in place and the test suite has some initial support for
these protocols. Work will now persue to make them nice libcurl citizens
until release.
The work with supporting these new protocols was sponsored by
networking4all.com - thanks!
Daniel Stenberg (10 Dec 2009)
- Siegfried Gyuricsko found out that the curl manual said --retry would retry
on FTP errors in the transient 5xx range. Transient FTP errors are in the
4xx range. The code itself only tried on 5xx errors that occured _at login_.
Now the retry code retries on all FTP transfer failures that ended with a
4xx response.
(http://curl.haxx.se/bug/view.cgi?id=2911279)
- Constantine Sapuntzakis figured out a case which would lead to libcurl
accessing alredy freed memory and thus crash when using HTTPS (with
OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
of cleaning things up. I fixed it.
(http://curl.haxx.se/bug/view.cgi?id=2905220)
Daniel Stenberg (7 Dec 2009)
- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
with unknown size. Previously it was only used for posts with a known size
larger than 1024 bytes.
Daniel Stenberg (1 Dec 2009)
- If the Expect: 100-continue header has been set by the application through
curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
data->state.expect100header accordingly - the current code (in 7.19.7 at
least) doesn't handle this properly. Martin Storsjo provided the fix!
Yang Tse (28 Nov 2009)
- Added Diffie-Hellman parameters to several test harness certificate files in
PEM format. Required by several stunnel versions used by our test harness.
Daniel Stenberg (28 Nov 2009)
- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
rework patch that now integrates TFTP properly into libcurl so that it can
be used non-blocking with the multi interface and more. BLKSIZE also works.
The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
the command line.
Daniel Stenberg (26 Nov 2009)
- Extended and fixed the change I did on Dec 11 for the the progress
meter/callback during FTP command/response sequences. It turned out it was
really lame before and now the progress meter SHOULD get called at least
once per second.
Daniel Stenberg (23 Nov 2009)
- Bjorn Augustsson reported a bug which made curl not report any problems even
though it failed to write a very small download to disk (done in a single
fwrite call). It turned out to be because fwrite() returned success, but
there was insufficient error-checking for the fclose() call which tricked
curl to believe things were fine.
Yang Tse (23 Nov 2009)
- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
finer granularity control when generating src and lib makefiles.
Yang Tse (22 Nov 2009)
- I modified configure to force removal of the curlbuild.h file included in
distribution tarballs for use by non-configure systems. As intended, this
would get overwriten when doing in-tree builds. But VPATH builds would end
having two curlbuild.h files, one in the source tree and another in the
build tree. With the modification I introduced 5 Nov 2009 this could become
an issue when running libcurl's test suite.
Daniel Stenberg (20 Nov 2009)
- Constantine Sapuntzakis identified a write after close, as the sockets were
closed by libcurl before the SSL lib were shutdown and they may write to its
socket. Detected to at least happen with OpenSSL builds.
- Jad Chamcham pointed out a bug with connection re-use. If a connection had
CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
same proxy with the tunnel option disabled would still wrongly re-use that
previous connection and the outcome would only be badness.
Yang Tse (18 Nov 2009)
- I modified the memory tracking system to make it intolerant with zero sized
malloc(), calloc() and realloc() function calls.
Daniel Stenberg (17 Nov 2009)
- Constantine Sapuntzakis provided another fix for the DNS cache that could
end up with entries that wouldn't time-out:
1. Set up a first web server that redirects (307) to a http://server:port
that's down
2. Have curl connect to the first web server using curl multi
After the curl_easy_cleanup call, there will be curl dns entries hanging
around with in_use != 0.
(http://curl.haxx.se/bug/view.cgi?id=2891591)
- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
its pkg-config file. So -Wl stuff ended up in the .pc file, which is really
bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)
Kamil Dudka (15 Nov 2009)
- David Byron improved the configure script to use pkg-config to find OpenSSL
(and in particular the list of required libraries) even if a path is given
as argument to --with-ssl
Yang Tse (15 Nov 2009)
- I removed enable-thread / disable-thread configure option. These were only
placebo options. The library is always built as thread safe as possible on
every system.
Claes Jakobsson (14 Nov 2009)
- curl-config now accepts '--configure' to see what arguments was
passed to the configure script when building curl.
Daniel Stenberg (14 Nov 2009)
- Claes Jakobsson restored the configure functionality to detect NSS when
--with-nss is set but not "yes".
I think we can still improve that to check for pkg-config in that path etc,
but at least this patch brings back the same functionality we had before.
- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
the client certificate. It also disable the key name test as some engines
can select a private key/cert automatically (When there is only one key
and/or certificate on the hardware device used by the engine)
Yang Tse (14 Nov 2009)
- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
won't be reused unless protection level for peer and host verification match.
I refactored how preprocessor symbol _THREAD_SAFE definition is done.
Kamil Dudka (12 Nov 2009)
- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
closed NSPR descriptor. The issue was hard to find, reported several times
before and always closed unresolved. More info at the RH bug:
https://bugzilla.redhat.com/534176
- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
a broken TLS server. However it does not happen if SSL version is selected
manually. The approach was originally taken from PSM. Kaspar Brand helped me
to complete the patch. Original bug reports:
https://bugzilla.redhat.com/525496
https://bugzilla.redhat.com/527771
Yang Tse (12 Nov 2009)
- I modified configure script to make the getaddrinfo function check also
verify if the function is thread safe.
Yang Tse (11 Nov 2009)
- Marco Maggi reported that compilation failed when configured --with-gssapi
and GNU GSS installed due to a missing mutual exclusion of header files in
the Kerberos 5 code path. He also verified that my patch worked for him.
Daniel Stenberg (11 Nov 2009)
- Constantine Sapuntzakis posted bug #2891595
(http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
in the DNS cache would linger too long if the request that added it was in
use that long. He also provided the patch that now makes libcurl capable of
still doing a request while the DNS hash entry may get timed out.
- Christian Schmitz noticed that the progress meter/callback was not properly
used during the FTP connection phase (after the actual TCP connect), while
it of course should be. I also made the speed check get called correctly so
that really slow servers will trigger that properly too.
Kamil Dudka (5 Nov 2009)
- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
in non-blocking mode.
Yang Tse (5 Nov 2009)
- I removed leading 'curl' path on the 'curlbuild.h' include statement in
curl.h, adjusting auto-makefiles include path, to enhance portability to
OS's without an orthogonal directory tree structure such as OS/400.
Daniel Stenberg (4 Nov 2009)
- I fixed several problems with the transfer progress meter. It showed the
wrong percentage for small files, most notable for <1000 bytes and could
easily end up showing more than 100% at the end. It also didn't show any
percentage, transfer size or estimated transfer times when transferring
less than 100 bytes.
|
|
which is security critical
|
|
|
|
changes:
--T. is now for non-blocking uploading from stdin
-SYST handling on FTP for OS/400 FTP server cases
-libcurl refuses to read a single HTTP header longer than 100K
-added the --crlfile option to curl
+bugfices
|
|
From Matthias Pfaller.
|
|
(this prevented pkgsrc wrappers from doing their work)
|
|
Version 7.19.6 (12 August 2009)
Daniel Stenberg (12 Aug 2009)
- Carsten Lange reported a bug and provided a patch for TFTP upload and the
sending of the TSIZE option. I don't like fixing bugs just hours before
a release, but since it was broken and the patch fixes this for him I decided
to get it in anyway.
Daniel Stenberg (11 Aug 2009)
- Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
verification of cert names etc. This made an error show up in the OpenSSL-
specific code where it would attempt to match the CN field even if a
subjectAltName exists that doesn't match. This is now fixed and verified
in test 311.
- Benbuck Nason posted the bug report #2835196
(http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
warnings when mixing ints and bools.
Daniel Fandrich (10 Aug 2009)
- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.
Daniel Fandrich (9 Aug 2009)
- Fixed some memory leaks in the command-line tool that caused most of the
torture tests to fail.
Daniel Stenberg (2 Aug 2009)
- Curt Bogmine reported a problem with SNI enabled on a particular server. We
should introduce an option to disable SNI, but as we're in feature freeze
now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
option for SNI, or are we simply not using it?
Daniel Stenberg (1 Aug 2009)
- Scott Cantor posted the bug report #2829955
(http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
verification flaw found and exploited by Moxie Marlinspike. The presentation
he did at Black Hat is available here:
https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
Apparently at least one CA allowed a subjectAltName or CN that contain a
zero byte, and thus clients that assumed they would never have zero bytes
were exploited to OK a certificate that didn't actually match the site. Like
if the name in the cert was "example.com\0theatualsite.com", libcurl would
happily verify that cert for example.com.
libcurl now better uses the length of the extracted name, not using the zero
termination for getting the string length.
This fixing only made and needed in OpenSSL interfacing code.
- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
only in some OpenSSL installs - like on Windows) isn't thread-safe and we
agreed that moving it to the global_init() function is a decent way to deal
with this situation.
- Alexander Beedie provided the patch for a noproxy problem: If I have set
CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
could still end up using a proxy if a proxy environment variable was set.
Daniel Stenberg (27 Jul 2009)
- All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
send when using FTP, as a sign that libcurl shall simply ignore the response
from the server instead of treating it as an error. Not treating a 400+ FTP
response code as an error means that failed commands will not abort the
chain of commands, nor will they cause the connection to get disconnected.
Daniel Stenberg (26 Jul 2009)
- Johan van Selst posted bug report #2825989
(http://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
provided the solution too: to use OpenSSL_add_all_algorithms() in addition
to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
OpenSSL 0.9.5
Daniel Stenberg (23 Jul 2009)
- Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
They introduce known_host support for SSH keys to libcurl. See docs for
details. Note that this feature depends on a new enough libssh2 version, to
be supported in libssh2 1.2 and later (or current git repo at this time).
Michal Marek (22 Jul 2009)
- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
(https://bugzilla.novell.com/523919). When looking at the code, I found that
also the ptr pointer can leak.
Kamil Dudka (20 Jul 2009)
- Claes Jakobsson improved the support for client certificates handling in
NSS-powered libcurl. Now the client certificates can be selected
automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
slots is no more performed. It used to cause problems with HW tokens.
- Fixed reference counting for NSS client certificates. Now the PEM reader
module should be always properly unloaded on Curl_nss_cleanup(). If the
unload fails though, libcurl will try to reuse the already loaded instance.
Daniel Fandrich (15 Jul 2009)
- Added nonblock.c to the non-automake makefiles (note that the dependencies
in the Watcom makefiles aren't quite correct).
Michal Marek (15 Jul 2009)
- Changed the description of CURLINFO_OS_ERRNO to make it clear that the
errno is not reset on success.
Guenter Knauf (14 Jul 2009)
- renamed generated config.h to curl_config.h to avoid any future clashes
with config.h from other projects.
Daniel Stenberg (9 Jul 2009)
- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
setting a file descriptor non-blocking. Used by the functionality Eric
himself brough on June 15th.
Daniel Stenberg (8 Jul 2009)
- Constantine Sapuntzakis posted bug report #2813123
(http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
problem:
Url A is accessed using auth. Url A redirects to Url B (on a different
server0. Url B reuses a persistent connection. Url B has auth, even though
it's on a different server.
Note: if Url B does not reuse a persistent connection, auth is not sent.
reason:
data->state.first_host is not initialized becuase Curl_http_connect is not
called when a connection is reused.
Solution:
move initialization of data->state.first_host to Curl_http. No code before
Curl_http uses data->state.first_host anyway.
Guenter Knauf (4 Jul 2009)
- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
couple of both IPv4 and IPv6 autobuilds.
Daniel Stenberg (29 Jun 2009)
- Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
range if given colon-separated after the host name/address part. Like
"192.168.0.1:2000-10000"
- Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
don't know how they got wrong in the first place, but using this output
format makes it possible to quite easily separate the string into an array
of multiple items.
Daniel Fandrich (16 June 2009)
- Added a few more compiler warning options for gcc.
Daniel Stenberg (16 Jun 2009)
- Reuven Wachtfogel made curl -o - properly produce a binary output on windows
(no newline translations). Use -B/--use-ascii if you rather get the ascii
approach.
Michal Marek (16 Jun 2009)
- When doing non-anonymous ftp via http proxies and the password is not
provided in the url, add it there (squid needs this).
Daniel Stenberg (15 Jun 2009)
- Eric Wong's patch:
This allows curl(1) to be used as a client-side tunnel for arbitrary stream
protocols by abusing chunked transfer encoding in both the HTTP request and
HTTP response. This requires server support for sending a response while a
request is still being read, of course.
If attempting to read from stdin returns EAGAIN, then we pause our sender.
This leaves curl to attempt to read from the socket while reading from stdin
(and thus sending) is paused.
This change was needed to allow successfully tunneling the git protocol over
HTTP (--no-buffer is needed, as well).
Patrick Monnerat (15 Jun 2009)
- Replaced use of standard C library rand()/srand() by our own pseudo-random
number generator.
Yang Tse (11 Jun 2009)
- I adapted testcurl script to allow building test harness programs when
cross-compiling for a *-*-mingw* host.
Daniel Stenberg (10 Jun 2009)
- Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
contributed a range of patches to fix them.
Yang Tse (10 Jun 2009)
- I introduced configure script option --enable-curldebug which now allows
the decoupled enabling or disabling of the curl debug memory tracking
feature from the --enable-debug option which no longer controls this.
curl --version will list 'Debug' feature for debug enabled builds, and
will list 'TrackMemory' feature for curl debug memory tracking capable
builds. These features are independent and can be controlled when running
the configure script. When --enable-debug is given both features will be
enabled, unless some restriction prevents memory tracking from being used.
Internally, definition of preprocessor symbol DEBUGBUILD restricts code
which is only compiled for debug enabled builds. And symbol CURLDEBUG is
used to differentiate code which is _only_ used for memory tracking.
Yang Tse (9 Jun 2009)
- Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
initializing the fread callback pointer and this triggered a compiler
warning, also provided a friendly suggestion on how to fix it.
Daniel Stenberg (8 Jun 2009)
- Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
issue with client certs that caused issues like segfaults.
http://curl.haxx.se/mail/lib-2009-05/0316.html
- Triggered by bug report #2798852 and the patch in there, I fixed configure
to detect gnutls build options with pkg-config only and not libgnutls-config
anymore since GnuTLS has stopped distributing that tool. If an explicit path
is given to configure, we will instead guess on how to link and use that
lib. I did not use the patch from the bug report.
Yang Tse (8 Jun 2009)
- Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
included from Makefile.inc, and provided docs\INSTALL VxWorks section.
- I removed buildconf.bat from release and daily snapshot archives. This
file is only for CVS tree checkout builds.
Daniel Stenberg (8 Jun 2009)
- Eric Wong fixed --no-buffer to actually switch off output buffering. Been
broken since 7.19.0
Bill Hoffman (6 Jun 2009)
- Added some cmake docs and fixed socklen_t in the build.
Yang Tse (5 Jun 2009)
- John E. Malmberg provided VMS specific patch: "This fixes an existing bug
in urlglob.c where it was not converting the Curl Unix exit code to a VMS
DCL compatible exit code. This fix required the enhancement described next.
This also adds an enhancement to main.c so that when curl is run under a
Unix shell like Bash on VMS, it will return the standard Unix exit codes
and messages." And another patch for docs/examples.
I introduced os-specific.c and os-specific.h for use in curl tool code
and adjusted John E. Malmberg's patch placement to use these new files
as an effort to prevent main.c from growing ad infinitum. Code already
existing in main.c which is OS specific should be moved into these files.
Daniel Stenberg (4 June 2009)
- Setting the Content-Length: header from your app when you do a POST or PUT
is almost always a VERY BAD IDEA. Yet there are still apps out there doing
this, and now recently it triggered a bug/side-effect in libcurl as when
libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
knows it will just get a 401/407 back. If the app then replaced the
Content-Length header, it caused the server to wait for input that libcurl
wouldn't send. Aaron Oneal reported this problem in bug report #2799008
(http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.
Yang Tse (4 Jun 2009)
- Igor Novoseltsev provided patches and information, that after some
adjustments to better fit curl's way of doing things, have resulted
in the posibility of building libcurl for VxWorks.
Daniel Fandrich (2 June 2009)
- Checked in a Google Android make file. To use it, you must first
create a config.h file by running configure in the Android environment,
which doesn't seem to be easy to do. If no easy way can be found, a
static config-android.h may need to be created and checked in to the
libcurl source tree.
Daniel Stenberg (1 June 2009)
- Claes Jakobsson fixed the configure script to better find and use NSS
without pkg-config.
Yang Tse (1 Jun 2009)
- John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
out that the configure script was failing to detect the timeval struct on
VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
taking place in socket.h instead of time.h. I have adjusted configure
script to also include this header when checking struct timeval.
Daniel Stenberg (27 May 2009)
- Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
fine with Nokia 5th edition 1.0 SDK for Symbian.
- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
for a failure properly.
- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
the auth credentials back in 7.19.0 and earlier while now you have to set ""
to get the same effect. His patch brings back the ability to use NULL.
- Claes Jakobsson fixed libcurl-NSS to build fine even without the
PK11_CreateGenericObject() function.
Daniel Stenberg (25 May 2009)
- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
out that the cookie parser would leak memory when it parses cookies that are
received with domain, path etc set multiple times in the same header. While
such a cookie is questionable, they occur in the wild and libcurl no longer
leaks memory for them. I added such a header to test case 8.
Daniel Fandrich (22 May 2009)
- Removed some obsolete digest code that caused a valgrind error in test 551.
Daniel Fandrich (20 May 2009)
- Added "non-existing host" test keywords to make it easy to skip those
tests on machines that have broken DNS configurations (such as
those configured to use OpenDNS).
Daniel Stenberg (19 May 2009)
- Kamil Dudka brought the patch from the Redhat bug entry
https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
a bad file descriptor when closing down the FTP data connection. Caolan
McNamara seems to be the original author of it.
|
|
|
|
Version 7.19.5 (18 May 2009)
Daniel Stenberg (17 May 2009)
- James Bursa posted a patch to the mailing list that fixed a problem with
no_proxy which made it not skip the proxy if the URL entered contained a
user name. I added test case 1101 to verify.
Daniel Stenberg (11 May 2009)
- Balint Szilakszi reported a memory leak when libcurl did gzip decompression
of streams that had some parts (legitimately) missing. We now provide and use
a proper cleanup function for the content encoding submodule.
http://curl.haxx.se/mail/lib-2009-05/0092.html
- Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12
If an incorrect password is given while loading a private key, libcurl ends
up in an infinite loop consuming memory. The bug is critical.
- I fixed the problem with doing NTLM, POST and then following a 302 redirect,
as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
curl-library). The transfer was mistakenly marked to get more data to send
but since it didn't actually have that, it just hung there...
Daniel Stenberg (10 May 2009)
- Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
byte in the digest code.
Yang Tse (9 May 2009)
- Removed DOS and TPF package's subdirectory Makefile.am, it was only used
to include some files in the distribution tarball serving no other purpose.
Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST
of the Makefile in the parent subdirectory.
Yang Tse (8 May 2009)
- Changed host name literal in several tests to one under the haxx.se domain.
- Renamed vc6 workspace and project files to avoid filename clash when used
for conversion to later VS versions.
Daniel Stenberg (8 May 2009)
- Constantine Sapuntzakis fixed bug report #2784055
(http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
connect to SOCKS proxies when using the multi interface. It turned out to
almost not work at all previously. We need to wait for the TCP connect to
be properly verified before doing the SOCKS magic.
There's still a flaw in the FTP code for this.
Daniel Stenberg (7 May 2009)
- Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
well. See change 28 Apr 2009.
Yang Tse (7 May 2009)
- Fixed an issue affecting FTP transfers, introduced with the transfer.c
patch committed May 4.
Daniel Stenberg (7 May 2009)
- Man page *roff problems fixed thanks to input from Colin Watson. Problems
reported in the Debian package.
- Vijay G filed bug report #2723236
(http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
libcurl's TFTP code and its lack of dealing with the OACK packet.
Yang Tse (5 May 2009)
- Fixed the --ftp-port address of test #251 to the CLIENTIP address, and
reverted the change affecting test suite harness committed 4 May.
Daniel Stenberg (5 May 2009)
- Inspired by Michael Smith's session id fix for OpenSSL, I did the
corresponding fix in the GnuTLS code: make sure to store the new session id
in case the previous re-used one is rejected.
Daniel Stenberg (4 May 2009)
- Michael Smith posted bug report #2786255
(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
libcurl did not deal with SSL session ids properly if the server rejected a
re-use of one. Starting now, it will forget the rejected one and remember
the new. This change was for OpenSSL only, it is likely that other SSL lib
code needs similar fixes.
Yang Tse (4 May 2009)
- Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
1) On non-ASCII platforms not all of the protocol portions of the PUT are
being translated to ASCII. 2) On all platforms the line endings of part of
the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or
data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV).
- Applied David McCreedy's patch to fix test suite harness to allow test FTP
server and client on different machines, providing FTP client address when
running the FTP test server.
Daniel Fandrich (3 May 2009)
- Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug
report failed to mention that a proxy must be used to reproduce it.
Yang Tse (2 May 2009)
- Use a build-time configured curl_socklen_t data type instead of socklen_t.
Yang Tse (1 May 2009)
- Applied David McCreedy's patches "TPF-platform specific changes to various
files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the
former with minor edits.
Daniel Stenberg (30 Apr 2009)
- I was going to fix issue #59 in KNOWN_BUGS
If the CURLOPT_PORT option is used on an FTP URL like
"ftp://example.com/file;type=A" the ";type=A" is stripped off.
I added test case 562 to verify, only to find out that I couldn't repeat
this bug so I hereby consider it not a bug anymore!
Daniel Stenberg (29 Apr 2009)
- Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
I've now made TFTP "connections" not being kept for re-use within libcurl.
TFTP is UDP-based so the benefit was really low (if even existing) to begin
with so instead of tracking down to fix this problem we instead removed the
re-use. I also enabled test case 1099 that I wrote a few days ago to verify
that this change fixes the reported problem.
Daniel Stenberg (28 Apr 2009)
- Constantine Sapuntzakis filed bug report #2783090
(http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
we need to grow the SO_SNDBUF buffer somewhat to get really good upload
speeds. http://support.microsoft.com/kb/823764 has the details. Friends
confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.
- Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
Chen pointed out how curl couldn't upload with resume when reading from a
pipe.
This ended up with the introduction of a new return code for the
CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
that libcurl may try to resolve the situation anyway. In our case this means
libcurl will attempt to instead read that much data from the stream instead
of seeking and that way curl can now upload with resume when data is read
from a stream!
Daniel Stenberg (26 Apr 2009)
- Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
interface and provided a patch that fixed the problem!
Daniel Stenberg (24 Apr 2009)
- Kamil Dudka fixed another NSS-related leak when client certs were used.
- Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer
Koenig pointed out that the man page didn't tell that the *_proxy
environment variables can be specified lower case or UPPER CASE and the
lower case takes precedence,
Daniel Fandrich (21 Apr 2009)
- Added new libcurl source files to Amiga, RiscOS and VC6 build files.
Yang Tse (21 Apr 2009)
- Moved potential inclusion of system's malloc.h and memory.h header files to
setup_once.h. Inclusion of each header file is based on the definition of
NEED_MALLOC_H and NEED_MEMORY_H respectively.
Renamed libcurl's memory.h to curl_memory.h
Daniel Stenberg (20 Apr 2009)
- Leanic Lefever reported a crash and did some detailed research on why and
how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
conclusion was that if an error is detected and Curl_done() is called for
the connection, ftp_done() could at times return another error code that
then would take precedence and that new code confused existing logic that
works for the first error code (CURLE_SEND_ERROR) only.
- Gisle Vanem noticed that --libtool would produce bogus strings at times for
OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
within the app for setting plain string options to avoid the risk of this
mistake happening.
Daniel Stenberg (17 Apr 2009)
- Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
proxy. libcurl would then wrongly close the connection after each
request. In his case it had the weird side-effect that it killed NTLM auth
for the proxy causing an inifinite loop!
I added test case 1098 to verify this fix. The test case does however not
properly verify that the transfers are done persistently - as I couldn't
think of a clever way to achieve it right now - but you need to read the
stderr output after a test run to see that it truly did the right thing.
Daniel Stenberg (13 Apr 2009)
- bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
Storsj
confusing as it set the method to either GET or HEAD. The example he showed
looked like:
curl_easy_setopt(curl, CURLOPT_PUT, 1);
curl_easy_setopt(curl, CURLOPT_NOBODY, 0);
The new way doesn't alter the method until the request is about to start. If
CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
0 and the request happens to have been set to HEAD, it will then instead be
set to GET. I believe this will be less surprising to users, and hopefully
not hit any existing users badly.
- Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
is found in Redhat's bug tracker:
https://bugzilla.redhat.com/show_bug.cgi?id=453612
There are still memory leaks present, but they seem to have other reasons.
Daniel Fandrich (11 Apr 2009)
- Added new libcurl source files to Symbian OS build files.
- Improved Symbian support for SSL.
Yang Tse (10 Apr 2009)
- Daniel Johnson improved the MacOSX-Framework shell script to now perform all
the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later.
Yang Tse (8 Apr 2009)
- Removed Sun compilers preprocessor block from curlbuild.h.dist, this also
removes it from the curlbuild.h file originally distributed by the cURL
project as this file is intended for systems not capable of running the
configure script. For those who have been building curl out of the source
code curl distribution tarball provided by curl.haxx.se the change implies
nothing. Previous change in this area committed 2 Apr becomes irrelevant.
Daniel Stenberg (6 Apr 2009)
- I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success
and 1 on fatal errors. Previously it only mentioned non-zero on fatal
errors. This is a slight change in meaning, but it follows what we've done
elsewhere before and it opens up for LOTS of more useful return codes
whenever we can think of them...
Yang Tse (2 Apr 2009)
- Fix curl_off_t definition for builds done using Sun compilers and a
non-configured libcurl. In this case curl_off_t data type was gated
to the off_t data type which depends on the _FILE_OFFSET_BITS. This
configuration is exactly the unwanted configuration for our curl_off_t
data type which must not depend on such setting. This breaks ABI for
libcurl libraries built with Sun compilers which were built without
having run the configure script with _FILE_OFFSET_BITS different than
64 and using the ILP32 data model.
Daniel Stenberg (1 Apr 2009)
- Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
strdup() call failed.
Daniel Fandrich (31 Mar 2009)
- Properly return an error code in curl_easy_recv (reported by Jim Freeman).
Daniel Stenberg (18 Mar 2009)
- Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
explicitly.
Daniel Stenberg (13 Mar 2009)
- Use libssh2_version() to present the libssh2 version in case the libssh2
library is found to support it.
Yang Tse (12 Mar 2009)
- Added missing Curl_read() return code checking in TELNET transfers.
- Pierre Brico found and fixed TELNET transfers not being aborted upon
a write callback failure.
Daniel Stenberg (11 Mar 2009)
- Kamil Dudka made the curl tool properly call curl_global_init() before any
other libcurl function.
Yang Tse (11 Mar 2009)
- Added missing TELNET timeout support for Windows builds. This issue was
reported by Pierre Brico.
Daniel Stenberg (9 Mar 2009)
- Frank Hempel found out a bug and provided the fix:
curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
option. It only enabled the cookie engine in the destination handle if
data->cookies is not NULL (where data is the source handle). In case of a
newly initialized handle which just had the cookie support enabled by a
curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
still NULL because the setopt-call only appends the value to
data->change.cookielist, hence duplicating this handle would not have the
cookie engine switched on.
We also concluded that the slist-functionality would be suitable for being
put in its own module rather than simply hanging out in lib/sendf.c so I
created lib/slist.[ch] for them.
- Andreas Farber made the 'buildconf' script check for the presence of m4
scripts to make it detect a bad checkout earlier. People with older
checkouts who don't do cvs update with the -d option won't get the new dirs
and then will get funny outputs that can be a bit hard to understand and
fix.
Daniel Stenberg (8 Mar 2009)
- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
allocation of the memory BIO was not being properly checked.
- Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
in the gnutls code where we were checking for negative values for errors,
when the man pages state that GNUTLS_E_SUCCESS is returned on success and
other values indicate error conditions.
- Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that
curl didn't use sprintf() in a way that is documented to work in POSIX but
since we use our own printf() code (from libcurl) that shouldn't be a
problem. Nonetheless I modified the code to not rely on such particular
features and to not cause further raised eyebrowse with no good reason.
Daniel Fandrich (5 Mar 2009)
- Expanded the security section of the libcurl-tutorial man page to cover
more issues for authors to consider when writing robust libcurl-using
applications.
Yang Tse (5 Mar 2009)
- Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This
issue was noticed by Chris Deidun.
Daniel Fandrich (4 Mar 2009)
- Fixed a problem with m4 quoting in the OpenSSL configure check reported
by Daniel Johnson.
Daniel Stenberg (3 Mar 2009)
- David James brought a patch that make libcurl close (all) dead connections
whenever you attempt to open a new connection.
1. After cleaning up a dead connection, "continue" instead of
returning FALSE. This ensures that we clean up all dead connections,
rather than just cleaning up the first dead connection.
2. Move up the cleanup for dead connections so that it occurs for
all connections, rather than just the connections which have the same
preferences as our current new connection.
|
|
|
|
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
|
|
Changes:
- Added CURLOPT_NOPROXY and the corresponding --noproxy
- the OpenSSL-specific code disables TICKET (rfc5077) which is enabled
by default in openssl 0.9.8j
- Added CURLOPT_TFTP_BLKSIZE
- Added CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC -
with the corresponding curl options --socks5-gssapi-service and
--socks5-gssapi-nec
- Improved IPv6 support when built with with c-ares >= 1.6.1
- Added CURLPROXY_HTTP_1_0 and --proxy1.0
- Added docs/libcurl/symbols-in-versions
- Added CURLINFO_CONDITION_UNMET
- Added support for Digest and NTLM authentication using GnuTLS
- CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry the CWD
even when MKD fails
- GnuTLS initing moved to curl_global_init()
- Added CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS
Bugfixes:
- missing ssh.obj in VS makefiles
- FTP ;type=i URLs now work with CURLOPT_PROXY_TRANSFER_MODE in
Turkish locale
- realms with quoted quotation marks in HTTP Digest headers
- VC9 makefiles are now really included
- multi interface memory leak with CURLMOPT_MAXCONNECTS set
- CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
CURLOPT_NOBODY set true
- memory leak on some libz errors for content encodings
- NSS-enabled build is repaired
- superfluous wait in SFTP downloads removed
- FTP with the multi interface no longer kills the control connection
as easily on transfer failures
- compilation halting when using VS2008 to build a Windows 2000 target
- ease creation of libcurl Mac OS X Framework
- CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD
are -1 if unknown
- Negotiate proxy authentication
- CURLOPT_INTERFACE and CURLOPT_LOCALPORT used together
This update fixes the security problem reported in CVE-2009-0037.
|
|
This release adds CURLAUTH_DIGEST_IE and vc9 makefiles and has
around 30 bugfixes.
|
|
|
|
7.19.2
Three added regressions in 7.19.1 have been fixed: a build failure
when using the MSVC 6 makefile, a crash when using --interface name
on Linux, and multi interface downloading HTTPS pages with libcurl
built powered by OpenSSL.
7.19.1
CURLOPT_CERTINFO, CURLINFO_CERTINFO, CURLOPT_POSTREDIR, CURLOPT_USERNAME,
CURLOPT_PASSWORD, CURLOPT_PROXYUSERNAME, and CURLOPT_PROXYPASSWORD
were added. 24 bugs were fixed.
7.19.0
Some new libcurl options, new Boolean options handling in the curl
tool, and around 40 bugfixes.
7.18.2
This release adds CURLFORM_STREAM, CURLINFO_REDIRECT_URL, and the
two new functions curl_easy_send() and curl_easy_recv(). libcurl
now supports CURLOPT_NOBODY over SFTP, and curl now runs on Symbian
OS. At least 21 described bugfixes were made.
7.18.1
This release adds support for HttpOnly cookies. It no longer
distributes or installs a CA cert bundle. SSLv2 is now disabled by
default. Resumed transfers work with SFTP. At least 23 described
bugfixes were made.
|
|
Some files are generated during install, and cannot be cleaned by an
unprivileged user.
|
|
prevents 'configure' from detecting non-Pkgsrc libldap.so (and, worse, linking with both a system libssl.so via system libldap.so, and also a Pkgsrc libssl.so directly. Euw...)
|
|
|
|
|
|
on NetBSD 3.x. PR pkg/38331. PKGREVISION++.
Ok: joerg
|
|
use the same strategy than python uses: PRIVILEGED_STAGES+=clean.
|
|
(suggested by Todd Kover in PR pkg/36144)
-propagate the krb dependency through bl3 if necessary
-bump PKGREVISION
|
|
per PR pkg/36144
(just compile-tested because I don't have a Kerberos installation)
|
|
security/libssh2 package.
Changes:
o --data-urlencode
o CURLOPT_PROXY_TRANSFER_MODE
o --no-keepalive - now curl does connections with keep-alive enabled by
default
o --socks4a added (proxy type CURLPROXY_SOCKS4A for libcurl)
o --socks5-hostname added (CURLPROXY_SOCKS5_HOSTNAME for libcurl)
o curl_easy_pause()
o CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA
o --keepalive-time
o curl --help output was re-ordered
This release includes the following bugfixes:
o curl-config --features and --protocols show the correct output when built
with NSS, and also when SCP, SFTP and libz are not available
o free problem in the curl tool for users with empty home dir
o curl.h version 7.17.1 problem when building C++ apps with MSVC
o SFTP and SCP use persistent connections
o segfault on bad URL
o variable wrapping when using absolutely huge send buffer sizes
o variable wrapping when using debug callback and the HTTP request wasn't sent
in one go
o SSL connections with NSS done with the multi-interface
o setting a share no longer activates cookies
o Negotiate now works on auth and proxy simultanouesly
o support HTTP Digest nonces up to 1023 letters
o resumed ftp upload no longer requires the read callback to return full
buffers
o no longer default-appends ;type= on FTP URLs thru proxies
o SSL session id caching
o POST with callback over proxy requiring NTLM or Digest
o Expect: 100-continue flaw on re-used connection with POSTs
o build fix for MSVC 9.0 (VS2008)
o Windows curl builds failed file truncation when retry downloading
o SSL session ID cache memory leak
o bad connection re-use check with environment variable-activated proxy use
o --libcurl now generates a return statement as well
o socklen_t is no longer used in the public includes
o time zone offsets from -1400 to +1400 are now accepted by the date parser
o allows more spaces in WWW/Proxy-Authenticate: headers
o curl-config --libs skips /usr/lib64
o range support for file:// transfers
o libcurl hang with huge POST request and request-body read from callback
o removed extra newlines from many error messages
o improved pipelining
o improved OOM handling for data url encoded HTTP POSTs when read from a file
o test suite could pick wrong tool(s) if more than one existed in the PATH
o curl_multi_fdset() failed to return socket while doing CONNECT over proxy
o curl_multi_remove_handle() on a handle that is in used for a pipeline now
break that pipeline
o CURLOPT_COOKIELIST memory leaks
o progress meter/callback during http proxy CONNECT requests
o auth for http proxy when the proxy closes connection after first response
|
|
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
|
|
From Zafer Aydogan in PR 37340.
|
|
Version 7.17.1 (29 October 2007)
Dan F (25 October 2007)
- Added the --static-libs option to curl-config
Daniel S (25 October 2007)
- Made libcurl built with NSS possible to ignore the peer verification.
Previously it would fail if the ca bundle wasn't present, even if the code
ignored the verification results.
Patrick M (25 October 2007)
- Fixed test server to allow null bytes in binary posts.
_ Added tests 35, 544 & 545 to check binary data posts, both static (in place)
and dynamic (copied).
Daniel S (25 October 2007)
- Michal Marek fixed the test script to be able to use valgrind even when the
lib is built shared with libtool.
- Fixed a few memory leaks when the same easy handle is re-used to request
URLs with different protocols. FTP and TFTP related leaks. Caught thanks to
Dan F's new test cases.
Dan F (24 October 2007)
- Fixed the test FTP and TFTP servers to support the >10000 test number
notation
- Added test cases 2000 through 2003 which test multiple protocols using the
same easy handle
- Fixed the filecheck: make target to work outside the source tree
Daniel S (24 October 2007)
- Vladimir Lazarenko pointed out that we should do some 'mt' magic when
building with VC8 to get the "manifest" embedded to make fine stand-alone
binaries. The maketgz and the src/Makefile.vc6 files were adjusted
accordingly.
Daniel S (23 October 2007)
- Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out
that libcurl tried to re-use connections a bit too much when using non-SSL
protocols tunneled over a HTTP proxy.
Daniel S (22 October 2007)
- Michal Marek forwarded the bug report
https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
FTP that caused memory havoc. His work together with my efforts created two
fixes:
#1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
at connection cleanup, at which time the struct HandleData could be
used by another connection.
Also, the unused char *urlpath member is removed from struct FTP.
#2 - provide a Curl_reset_reqproto() function that frees
data->reqdata.proto.* on connection setup if needed (that is if the
SessionHandle was used by a different connection).
A long-term goal is of course to somehow get rid of how the reqdata struct
is used, as it is too error-prone.
- Bug report #1815530 (http://curl.haxx.se/bug/view.cgi?id=1815530) points out
that specifying a proxy with a trailing slash didn't work (unless it also
contained a port number).
Patrick M (15 October 2007)
- Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again
and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode.
Patrick M (12 October 2007)
- Added per-protocol callback static tables, replacing callback ptr storage
in the connectdata structure by a single handler table ptr.
Dan F (11 October 2007)
- Fixed the -l option of runtests.pl
- Added support for skipping tests based on key words.
Daniel S (9 October 2007)
- Michal Marek removed the no longer existing return codes from the curl.1
man page.
Daniel S (7 October 2007)
- Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
a response that was larger than 16KB is now improved slightly so that now
the restriction at 16KB is for the headers only and it should be a rare
situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
and the header limitation is now known as known bug #48.
Daniel S (5 October 2007)
- Michael Wallner made the CULROPT_COOKIELIST option support a new magic
string: "FLUSH". Using that will cause libcurl to flush its cookies to the
CURLOPT_COOKIEJAR file.
- The new file docs/libcurl/ABI describes how we view ABI breakages, soname
bumps and what the version number's significance to all that is.
Daniel S (4 October 2007)
- I enabled test 1009 and made the --local-port use a wide range to reduce the
risk of failures.
- Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
This happened because the tftp code always uncondionally did a bind()
without caring if one already had been done and then it failed. I wrote a
test case (1009) to verify this, but it is a bit error-prone since it will
have to pick a fixed local port number and since the tests are run on so
many different hosts in different situations I'll add it in disabled state.
Yang Tse (3 October 2007)
- Fixed issue related with the use of ares_timeout() result.
Daniel S (3 October 2007)
- Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
CURLOPT_OPENSOCKETDATA to set a callback that allows an application to
replace the socket() call used by libcurl. It basically allows the app to
change address, protocol or whatever of the socket.
- I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made
this return code get used by the previous SSH MD5 fingerprint check in case
it fails.
- Based on a patch brought by Johnny Luong, libcurl now offers
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
make the SCP or SFTP connection verify the remote host's md5 checksum of the
public key before doing a connect, to reduce the risk of a man-in-the-middle
attack.
Daniel S (2 October 2007)
- libcurl now handles chunked-encoded CONNECT responses
Daniel S (1 October 2007)
- Alex Fishman reported a curl_easy_escape() problem that was made the
function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
signed / unsigned mistake in the code. I fixed it and added test case 543 to
verify.
Daniel S (29 September 2007)
- Immanuel Gregoire fixed a problem with persistent transfers over SFTP.
Daniel S (28 September 2007)
- Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
notifier callback(s).
Dan F (26 September 2007)
- Enabled a few more gcc warnings with --enable-debug. Renamed a few
variables to avoid shadowing global declarations.
Daniel S (26 September 2007)
- Philip Langdale provided the new CURLOPT_POST301 option for
curl_easy_setopt() that alters how libcurl functions when following
redirects. It makes libcurl obey the RFC2616 when a 301 response is received
after a non-GET request is made. Default libcurl behaviour is to change
method to GET in the subsequent request (like it does for response code 302
- because that's what many/most browsers do), but with this CURLOPT_POST301
option enabled it will do what the spec says and do the next request using
the same method again. I.e keep POST after 301.
The curl tool got this option as --post301
Test case 1011 and 1012 were added to verify.
- Max Katsev reported that when doing a libcurl FTP request with
CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
before it does SIZE which makes it less useful. I walked over the code and
made it do this properly, and added test case 542 to verify it.
Daniel S (24 September 2007)
- Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
URLs ending with a slash properly (it should list the contents of that
directory). Test case 351 brought back and also test 1010 was added.
Daniel S (21 September 2007)
- Mark Davies fixed Negotiate authentication over proxy, and also introduced
the --proxy-negotiate command line option to allow a user to explicitly
select it.
Daniel S (19 September 2007)
- Rob Crittenden provided an NSS update with the following highlights:
o It looks for the NSS database first in the environment variable SSL_DIR,
then in /etc/pki/nssdb, then it initializes with no database if neither of
those exist.
o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
loaded, including the ca-bundle. If it is not available then only
certificates already in the NSS database are used.
o Tries to detect whether a file or nickname is being passed in so the right
thing is done
o Added a bit of code to make the output more like the OpenSSL module,
including displaying the certificate information when connecting in
verbose mode
o Improved handling of certificate errors (expired, untrusted, etc)
The libnsspem.so PKCS#11 module is currently only available in Fedora
8/rawhide. Work will be done soon to upstream it. The NSS module will work
with or without it, all that changes is the source of the certificates and
keys.
Daniel S (18 September 2007)
- Immanuel Gregoire pointed out that public key SSH auth failed if no
public/private key was specified and there was no HOME environment variable,
and then it didn't continue to try the other auth methods. Now it will
instead try to get the files id_dsa.pub and id_dsa from the current
directory if none of the two conditions were met.
Dan F (17 September 2007)
- Added hooks to the test suite to make it possible to test a curl running
on a remote host.
- Changed some FTP tests to validate the format of the PORT and EPRT commands
sent by curl, if not the addresses themselves.
Daniel S (15 September 2007)
- Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
proxies for FTP urls.
- Günter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3
support on Windows.
Dan F (13 September 2007)
- Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
fixed some AC_SUBST configure entries.
|
|
Changes:
* support for OS/400 Secure Sockets Layer library
* curl_easy_setopt() now allocates strings passed to it
* SCP and SFTP support now requires libssh2 0.16 or later
* LDAP libraries are now linked "regularly" and not with dlopen
* HTTP transfers have the download size info "available" earlier
* FTP transfers have the download size info "available" earlier
* builds and runs on OS/400
* several error codes and options were marked as obsolete and subject to future removal (set CURL_NO_OLDIES to see if your application is using them)
* SFTP errors can return more specific error codes
Bugfixes:
* test cases 31, 46, 61, 506, 517 now work in time zones that use leap seconds
* problem with closed proxy connection during HTTP CONNECT auth negotiation
* transfer-encoding skipping didn't ignore the 407 response bodies properly
* CURLOPT_SSL_VERIFYHOST set to 1
* CONNECT endless loop
* krb5 support builds with Heimdal
* added returned error string for connection refused case
* re-use of dead FTP control connections
* login to FTP servers that don't require (nor understand) PASS after the USER command
* bad free of memory from libssh2
* the SFTP PWD command works
* HTTP Digest auth on a re-used connection
* FTPS data connection close
* AIX 4 and 5 get to use non-blocking sockets
* small POST with NTLM
* resumed file:// transfers
* CURLOPT_DNS_CACHE_TIMEOUT and CURLOPT_DNS_USE_GLOBAL_CACHE are 64 bit "clean"
* memory leak when handling compressed data streams from broken servers
* no NTLM unicode response
* resume HTTP PUT using Digest authentication
* FTP NOBODY requests on directories sent "SIZE (null)"
* FTP NOBODY request on file crash
* excessively long FTP server responses and response lines
* file:// upload then FTP:// upload crash
* TFTP error 0 is no longer treated as success
* uploading empty file over FTP on re-used connection
* superfluous CWD command on re-used FTP connections without subdirs used
|
|
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
|
|
Version 7.16.4 (10 July 2007)
Daniel S (10 July 2007)
- Kees Cook notified us about a security flaw
(http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
properly reject some outdated or not yet valid server certificates when
built with GnuTLS. Kees also provided the patch.
James H (5 July 2007)
- Gavrie Philipson provided a patch that will use a more specific error
message for an scp:// upload failure. If libssh2 has his matching
patch, then the error message return by the server will be used instead
of a more generic error.
Daniel S (1 July 2007)
- Thomas J. Moore provided a patch that introduces Kerberos5 support in
libcurl. This also makes the options change name to --krb (from --krb4) and
CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
- Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
proxy.
Daniel S (27 June 2007)
- James Housley: Add two new options for the SFTP/SCP/FILE protocols:
CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
premissions for files and directories created on the remote
server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
- I corrected the 10-at-a-time.c example and applied a patch for it by James
Bursa.
Daniel S (26 June 2007)
- Robert Iakobashvili re-arranged the internal hash code to work with a custom
hash function for different hashes, and also expanded the default size for
the socket hash table used in multi handles to greatly enhance speed when
very many connections are added and the socket API is used.
- James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
listings as well
Daniel S (25 June 2007)
- Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
chunked encoding (that also lacks "Connection: close"). It now simply
assumes that the connection WILL be closed to signal the end, as that is how
RFC2616 section 4.4 point #5 says we should behave.
|
|
Version 7.16.3 (25 June 2007)
Daniel S (23 June 2007)
- As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and
http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
no-body requests on FTP files on re-used connections properly, or at least
it didn't provide the info back in the header callback properly in the
subsequent requests.
Daniel S (21 June 2007)
- Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker
tool reports and it was indeed a legitimate one and it is one fixed. It was
a use of a share without doing the proper locking first.
Daniel S (20 June 2007)
- Adam Piggott filed bug report #1740263
(http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
getting a large amount of URLs with curl, they were fetched slower and
slower... which turned out to be because the --libcurl data collecting which
wrongly always was enabled, but no longer is...
Daniel S (18 June 2007)
- Robson Braga Araujo filed bug report #1739100
(http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
could not actually list the contents of the root directory of a given FTP
server if the login directory isn't root. I fixed the problem and added
three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
we cannot use --ftp-method nocwd and list ftp directories).
Daniel S (14 June 2007)
- Shmulik Regev:
I've encountered (and hopefully fixed) a problem involving proxy CONNECT
requests and easy handles state management. The problem isn't simple to
reproduce since it depends on socket state. It only manifests itself when
working with non-blocking sockets.
Here is the scenario:
1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
calls Curl_protocol_connect
2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
returns and conn->bits.tunnel_connecting is TRUE
3. when the call to Curl_protocol_connect returns the protocol_connect flag
is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT
should be used.
I discovered this while performing an HTTPS request through a proxy (squid)
on my local network. The problem caused openssl to fail as it read the proxy
response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
handshake (the exact openssl error was 'wrong ssl version' but this isn't
very important)
- Dave Vasilevsky filed bug report #1736875
(http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
Fandrich mentioned a related build problem on the libcurl mailing list:
http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
reason: the definitions of the POLL* defines and the pollfd struct in the
libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.
Daniel S (13 June 2007)
- Tom Regner provided a patch and worked together with James Housley, so now
CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
ones.
- Rich Rauenzahn filed bug report #1733119
(http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
fix. The problem is that for 64bit HPUX builds, several socket-related
functions would still assume int (32 bit) arguments and not socklen_t (64
bit) ones.
Daniel S (12 June 2007)
- James Housley brought his revamped SSH code that is state-machine driven to
really take advantage of the now totally non-blocking libssh2 (in CVS).
Dan F (8 June 2007)
- Incorporated Daniel Black's test706 and test707 SOCKS test cases.
- Fixed a few problems when starting the SOCKS server.
- Reverted some recent changes to runtests.pl that weren't compatible with
perl 5.0.
- Fixed the test harness so that it actually kills the ssh being used as
the SOCKS server.
Daniel S (6 June 2007)
- -s/--silent can now be used to toggle off the silence again if used a second
time.
Daniel S (5 June 2007)
- Added Daniel Black's work that adds the first few SOCKS test cases. I also
fixed two minor SOCKS problems to make the test cases run fine.
Daniel S (31 May 2007)
- Feng Tu made (lib)curl support "upload" resuming work for file:// URLs.
Daniel S (30 May 2007)
- I modified the 10-at-a-time.c example to transfer 500 downloads in parallel
with a c-ares enabled build only to find that it crashed miserably, and this
was due to some select()isms left in the code. This was due to API
restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no
longer the case so now libcurl runs much better with c-ares and the multi
interface with > 1024 file descriptors in use.
Extra note: starting now we require c-ares 1.4.0 for asynchronous name
resolves.
- Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
the maximum size of the connection cache maximum size of the multi handle.
Daniel S (27 May 2007)
- When working with a problem Stefan Becker had, I found an off-by-one buffer
overwrite in Curl_select(). While fixing it, I also improved its performance
somewhat by changing calloc to malloc and breaking out of a loop earlier
(when possible).
Daniel S (25 May 2007)
- Rob Crittenden fixed bug #1705802
(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
Daniel S (24 May 2007)
- Song Ma filed bug report #1724016
(http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
glob-ranges for TFTP was broken in CVS. Fixed now.
- 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194)
pointed out that the warnf() function in the curl tool didn't properly deal
with the cases when excessively long words were used in the string to chop
up.
Daniel S (22 May 2007)
- Andre Guibert de Bruet fixed a memory leak in the function that verifies the
peer's name in the SSL certificate when built for OpenSSL. The leak happens
for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
Daniel S (18 May 2007)
- Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
#1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
transfer-related info "variables" were indeed overwritten with zeroes
wrongly and have now been adjusted. The upload size still isn't accurate.
Daniel S (17 May 2007)
- Feng Tu pointed out a division by zero error in the TFTP connect timeout
code for timeouts less than five seconds, and also provided a fix for it.
Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392)
Dan F (16 May 2007)
- Added support for compiling under Minix 3.1.3 using ACK.
Dan F (14 May 2007)
- Added SFTP directory listing test case 613.
- Added support for quote commands before a transfer using SFTP and test
case 614.
- Changed the post-quote commands to occur after the transferred file is
closed.
- Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.
Dan F (9 May 2007)
- Kristian Gunstone fixed a problem where overwriting an uploaded file with
sftp didn't truncate it first, which would corrupt the file if the new
file was shorter than the old.
Dan F (8 May 2007)
- Added FTPS test cases 406 and 407
Daniel S (8 May 2007)
- CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is
because I just made SCP uploads return this value if the file size of
the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
reflect this news, and a define for the old name was added to the public
header file.
Daniel S (7 May 2007)
- James Bursa fixed a bug in the multi handle code that made the connection
cache grow a bit too much, beyond the normal 4 * easy_handles.
Daniel S (2 May 2007)
- Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
not very nice if the client wants to be able to use _either_ a HTTP 1.1
server or one within the aliases list... so starting now, libcurl will
simply consider 200-alias matches the to be HTTP 1.0 compliant.
- Tobias Rundström reported a problem they experienced with xmms2 and recent
libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
responses without Content-Length or chunked encoding as without bodies. We
now added the conditional that the above mentioned response is only without
body if the response is HTTP 1.1.
- Jeff Pohlmeyer improved the hiperfifo.c example to use the
CURLMOPT_TIMERFUNCTION callback option.
- Set the timeout for easy handles to expire really soon after addition or
when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
to make applications using only curl_multi_socket() to properly function
when adding easy handles "on the fly". Bug report and test app provided by
Michael Wallner.
Dan F (30 April 2007)
- Improved the test harness to allow running test servers on other than
the default port numbers, allowing more than one test suite to run
simultaneously on the same host.
Daniel S (28 April 2007)
- Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
since it then inits libgcrypt and libgcrypt is being evil and EXITS the
application if it fails to get a fine random seed. That's really not a nice
thing to do by a library.
- Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
been removed from a multi handle, and then fixed another flaw that prevented
curl_easy_duphandle() to work even after the first fix - the handle was
still marked as using the multi interface.
Daniel S (26 April 2007)
- Peter O'Gorman found a problem with SCP downloads when the downloaded file
was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
out" all data from libssh2. The effect being that libcurl would hang on the
socket waiting for data when libssh2 had in fact already read it all...
Dan F (25 April 2007)
- Added support in runtests.pl for "!n" test numbers to disable individual
tests. Changed -t to only keep log files around when -k is specified,
to have the same behaviour as without -t.
Daniel S (25 April 2007)
- Sonia Subramanian brought our attention to a problem that happens if you set
the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
in the connection cache is closed to make room for the new one when you call
curl_easy_perform(). It would then wrongly free range-related data in the
connection close funtion.
Yang Tse (25 April 2007)
- Steve Little fixed compilation on VMS 64-bit mode
Daniel S (24 April 2007)
- Robert Iakobashvili made the 'master_buffer' get allocated first once it is
can/will be used as it then makes the common cases save 16KB of data for each
easy handle that isn't used for pipelining.
Dan F (23 April 2007)
- Added <postcheck> support to the test harness.
- Added tests 610-612 to test more SFTP post-quote commands.
Daniel S (22 April 2007)
- Song Ma's warning if -r/--range is given with a "bad" range, also noted in
the man page now.
- Daniel Black filed bug #1705177
(http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl
--with-gnutl outputs a warning about SSL not being enabled even though GnuTLS
was found and used.
Daniel S (21 April 2007)
- Daniel Black filed bug #1704675
(http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free
problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on
closedown after a failure and a bad #ifdef for NSS when closing down SSL.
Yang Tse (20 April 2007)
- Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
with a zero timeout or a timeout value indicating a blocking call should
be performed.
Daniel S (18 April 2007)
- James Housley made SFTP uploads use libssh2's non-blocking API
- Prevent the internal progress meter from updating more frequently than once
per second.
Dan F (17 April 2007)
- Added test cases 296, 297 and 298 to test --ftp-method handling
Daniel S (16 April 2007)
- Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
function that deprecates the curl_multi_socket() function. Using the new
function the application tell libcurl what action that was found in the
socket that it passes in. This gives a significant performance boost as it
allows libcurl to avoid a call to poll()/select() for every call to
curl_multi_socket*().
I added a define in the public curl/multi.h header file that will make your
existing application automatically use curl_multi_socket_action() instead of
curl_multi_socket() when you recompile. But of course you'll get better
performance if you adjust your code manually and actually pass in the
correct action bitmask to this function.
Daniel S (14 April 2007)
- Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test
suite to make stunnel run better in some (most?) environments.
Dan F (13 April 2007)
- Added test cases 294 and 295 to test --ftp-account handling
- Improved handling of out of memory in ftp.
Yang Tse (13 April 2007)
- Fix test case 534 which started to fail 2007-04-13 due to the existance
of a new host on the net with the same silly domain the test was using
for a host which was supposed not to exist.
Daniel S (12 April 2007)
- Song Ma found a memory leak in the if2ip code if you pass in an interface
name longer than the name field of the ifreq struct (typically 6 bytes), as
then it wouldn't close the used dummy socket. Bug #1698974
(http://curl.haxx.se/bug/view.cgi?id=1698974)
|
|
Version 7.16.2 (11 April 2007)
Yang Tse (10 April 2007)
- Ravi Pratap provided some fixes for HTTP pipelining
- configure script will ignore --enable-sspi option for non-native Windows.
Daniel S (9 April 2007)
- Nick Zitzmann did ssh.c cleanups
Daniel S (3 April 2007)
- Rob Jones fixed better #ifdef'ing for a bunch of #include lines.
Daniel S (2 April 2007)
- Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The
accepted commands are as follows:
chgrp (gid) (path)
Changes the group ID of the file or directory at (path) to (gid). (gid)
must be a number.
chmod (perms) (path)
Changes the permissions of the file or directory at (path) to
(perms). (perms) must be a number in the format used by the chmod Unix
command.
chown (uid) (path)
Changes the user ID of the file or directory at (path) to (uid). (uid)
must be a number.
ln (source) (dest)
Creates a symbolic link at (dest) that points to the file located at
(source).
mkdir (path)
Creates a new directory at (path).
rename (source) (dest)
Moves the file or directory at (source) to (dest).
rm (path)
Deletes the file located at (path).
rmdir (path)
Deletes the directory located at (path). This command will raise an error
if the directory is not empty.
symlink (source) (dest)
Same as ln.
Daniel S (1 April 2007)
- Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
easy handles are added to a multi handle, by avoiding the looping over all
the handles to find which one to remove.
- Matt Kraai provided a patch that makes curl build on QNX 6 fine again.
Daniel S (31 March 2007)
- Fixed several minor issues detected by the coverity.com scanner.
- "Pixel" fixed a problem that appeared when you used -f with user+password
embedded in the URL.
Dan F (29 March 2007)
- Don't tear down the ftp connection if the maximum filesize was exceeded
and added tests 290 and 291 to check.
- Added ftps upload and SSL required tests 401 and 402.
- Send an EOF message before closing an SCP channel, as recommended by
RFC4254. Enable libssh2 tracing when ssh debugging is turned on.
Yang Tse (27 March 2007)
- Internal function Curl_select() renamed to Curl_socket_ready()
New Internal wrapper function Curl_select() around select (2), it
uses poll() when a fine poll() is available, so now libcurl can be
built without select() support at all if a fine poll() is available.
Daniel S (25 March 2007)
- Daniel Johnson fixed multi code to traverse the easy handle list properly.
A left-over bug from the February 21 fix.
Dan F (23 March 2007)
- Added --pubkey option to curl and made --key also work for SCP/SFTP,
plus made --pass work on an SSH private key as well.
- Changed the test harness to attempt to gracefully shut down servers
before resorting to the kill -9 hammer.
- Added test harness infrastructure to support scp/sftp tests, using
OpenSSH as the server.
- Fixed a memory leak when specifying a proxy with a file: URL.
Yang Tse (20 March 2007)
- Fixed: When a signal was caught awaiting for an event using Curl_select()
or Curl_poll() with a non-zero timeout both functions would restart the
specified timeout. This could even lead to the extreme case that if a
signal arrived with a frecuency lower to the specified timeout neither
function would ever exit.
Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in
Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR
defined both functions will return as soon as a signal is caught. Use it
at your own risk, all calls to these functions in the library should be
revisited and checked before fully supporting this feature.
Yang Tse (19 March 2007)
- Bryan Henderson fixed the progress function so that it can get called more
frequently allowing same calling frecuency for the client progress callback.
Dan F (15 March 2007)
- Various memory leaks plugged and NULL pointer fixes made in the ssh code.
Daniel (15 March 2007)
- Nick made the curl tool accept globbing ranges that only is one number, i.e
you can now use [1-1] without curl complaining.
Daniel (10 March 2007)
- Eygene Ryabinkin:
The problem is the following: when we're calling Curl_done and it decides to
keep the connection opened ('left intact'), then the caller is not notified
that the connection was done via the NULLifying of the pointer, so some easy
handle is keeping the pointer to this connection.
Later ConnectionExists can select such connection for reuse even if we're
not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is
false and we can reuse this connection for another easy handle. But thus the
connection will be shared between two easy handles if the handle that wants
to take the ownership is not the same as was not notified of the connection
was done in Curl_done. And when some of these easy handles will get their
connection really freed the another one will still keep the pointer.
My fix was rather trivial: I just added the NULLification to the 'else'
branch in the Curl_done. My tests with Git and ElectricFence showed no
problems both for HTTP pulling and cloning. Repository size is about 250 Mb,
so it was a considerable amount of Curl's work.
Dan F (9 March 2007)
- Updated the test harness to add a new "crypto" feature check and updated the
appropriate test case to use it. For now, this is treated the same as the
"SSL" feature because curl doesn't list it separately.
Daniel (9 March 2007)
- Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6.
- Robert A. Monat improved the maketgz and VC6/8 generating to set the correct
machine type too.
- Justin Fletcher fixed a file descriptor leak in the curl tool when trying to
upload a file it couldn't open. Bug #1676581
(http://curl.haxx.se/bug/view.cgi?id=1676581)
Dan F (9 March 2007)
- Updated the test harness to check for protocol support before running each
test, fixing KNOWN_BUGS #11.
Dan F (7 March 2007)
- Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test
harness. It is very limited as it supports only ftps:// URLs with
--ftp-ssl-control specified, which implicitly encrypts the control
channel but not the data channels. That allows stunnel to be used with
an unmodified ftp server in exactly the same way that the test https
server is set up.
Dan F (7 March 2007)
- Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and
unencrypted data connections.
Dan F (6 March 2007)
- Fixed a couple of improper pointer uses detected by valgrind in test
cases 181 & 216.
Daniel (2 March 2007)
- Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8
makefiles that are included in the source release archives, generated from
the Makefile.vc6 files by the maketgz script. I also modified the root
Makefile to have a VC variable that defaults to vc6 but can be overridden to
allow it to be used for vc8 as well. Like this:
nmake VC=vc8 vc
Daniel (27 February 2007)
- Hang Kin Lau found and fixed: When I use libcurl to connect to an https
server through a proxy and have the remote https server port set using the
CURLOPT_PORT option, protocol gets reset to http from https after the first
request.
User defined URL was modified internally by libcurl and subsequent reuse of
the easy handle may lead to connection using a different protocol (if not
originally http).
I found that libcurl hardcoded the protocol to "http" when it tries to
regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as
follows and it's working fine so far
Daniel (25 February 2007)
- Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
the multi interface. Note that it still does a part of the connection in a
blocking manner.
Daniel (23 February 2007)
- Added warning outputs if the command line uses more than one of the options
-v, --trace and --trace-ascii, since it could really confuse the user.
Clarified this fact in the man page.
Daniel (21 February 2007)
- Ravi Pratap provided work on libcurl making pipelining more robust and
fixing some bugs:
o Don't mix GET and POST requests in a pipeline
o Fix the order in which requests are dispatched from the pipeline
o Fixed several curl bugs with pipelining when the server is returning
chunked encoding:
* Added states to chunked parsing for final CRLF
* Rewind buffer after parsing chunk with data remaining
* Moved chunked header initializing to a spot just before receiving
headers
Daniel (20 February 2007)
- Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle
active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command
line option.
Daniel (19 February 2007)
- Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl.
- Shmulik Regev found a memory leak in re-used HTTPS connections, at least
when the multi interface was used.
- Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
5).
Daniel (18 February 2007)
- Jeff Pohlmeyer identified two problems: first a rather obscure problem with
the multi interface and connection re-use that could make a
curl_multi_remove_handle() ruin a pointer in another handle.
The second problem was less of an actual problem but more of minor quirk:
the re-using of connections wasn't properly checking if the connection was
marked for closure.
Daniel (16 February 2007)
- Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
CURLOPT_RANGE back to no range on an easy handle when using FTP.
Dan F (14 February 2007)
- Fixed curl-config --libs so it doesn't list unnecessary libraries (and
therefore introduce unnecessary dependencies) when it's not needed.
Also, don't bother adding a library path of /usr/lib
Daniel (13 February 2007)
- The default password for anonymous FTP connections is now changed to be
"ftp@example.com".
- Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
gmtime_r() like the older VC versions. He also made use of some machine-
specific defines to differentiate the "OS" define.
Daniel (12 February 2007)
- Rob Crittenden added support for NSS (Network Security Service) for the
SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
This is the fourth supported library for TLS/SSL that libcurl supports!
- Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
to the debug callback.
- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
internal decoding of content or transfer encoded content. This may be
preferable in cases where you use libcurl for proxy purposes or similar. The
command line tool got a --raw option to disable both at once.
- release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
define set to hold the exact date and time of when the tarball was built, as
a human readable string using the UTC time zone.
- Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
that has an easy handle present in the "closure" list pending closure.
Daniel (6 February 2007)
- Regular file downloads wiht SFTP and SCP are now done using the non-blocking
API of libssh2, if the libssh2 headers seem to support them. This will make
SCP and SFTP much more responsive and better libcurl citizens when used with
the multi interface etc.
Daniel (5 February 2007)
- Michael Wallner added support for CURLOPT_TIMEOUT_MS and
CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
millisecond resolution. The only restriction to that is the alarm()
(sometimes) used to abort name resolves as that uses full seconds. I fixed
the FTP response timeout part of the patch.
Internally we now count and keep the timeouts in milliseconds but it also
means we multiply set timeouts with 1000. The effect of this is that no
timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
equals 24.86 days. We probably couldn't before either since the code did
*1000 on the timeout values on several places already.
Daniel (3 February 2007)
- Yang Tse fixed the cookie expiry date in several test cases that started to
fail since they used "1 feb 2007"...
- Manfred Schwarb reported that socks5 support was broken and help us pinpoint
the problem. The code now tries harder to use httproxy and proxy where
apppropriate, as not all proxies are HTTP...
|
|
Package info: scp support not enabled (libssh2 is not packaged).
Version 7.16.1 (29 January 2007)
Daniel (29 January 2007)
- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
header, you got _two_ User-Agent headers in the CONNECT request...! Added
test case 287 to verify the fix.
Daniel (28 January 2007)
- curl_easy_reset() now resets the CA bundle path correctly.
- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
platforms.
Daniel (25 January 2007)
- Added the --libcurl [file] option to curl. Append this option to any
ordinary curl command line, and you will get a libcurl-using source code
written to the file that does the equivalent operation of what your command
line operation does!
Dan F (24 January 2007)
- Fixed a dangling pointer problem that prevented the http_proxy environment
variable from being properly used in many cases (and caused test case 63
to fail).
Daniel (23 January 2007)
- David McCreedy did NTLM changes mainly for non-ASCII platforms:
#1
There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
defined. I noticed this while testing various configurations. Line 867 of
the current http_ntlm.c is a closing bracket for an if/else pair that only
gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket
wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
defined. Lines 198 and 140 of my patch wraps that closing bracket in an
#ifdef USE_NTLM2SESSION.
#2
I noticed several picky compiler warnings when DEBUG_ME is defined. I've
fixed them with casting. By the way, DEBUG_ME was a huge help in
understanding this code.
#3
Hopefully the last non-ASCII conversion patch for libcurl in a while. I
changed the "NTLMSSP" literal to hex since this signature must always be in
ASCII.
Conversion code was strategically added where necessary. And the
Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
creates are NOT translated on non-ASCII platforms.
Dan F (22 January 2007)
- Converted (most of) the test data files into genuine XML. A handful still
are not, due mainly to the lack of support for XML character entities
(e.g. & => & ). This will make it easier to validate test files using
tools like xmllint, as well as to edit and view them using XML tools.
Daniel (16 January 2007)
- Armel Asselin improved libcurl to behave a lot better when an easy handle
doing an FTP transfer is removed from a multi handle before completion. The
fix also fixed the "alive counter" to be correct on "premature removal" for
all protocols.
Dan F (16 January 2007)
- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
detector. Also changed tftp downloads to URL-unescape the downloaded
file name.
Daniel (14 January 2007)
- David McCreedy provided libcurl changes for doing HTTP communication on
non-ASCII platforms. It does add some complexity, most notably with more
#ifdefs, but I want to see this supported added and I can't see how we can
add it without the extra stuff added.
- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
libcurl would crash when trying to read a NULL pointer.
Daniel (12 January 2007)
- Toby Peterson found a nasty bug that prevented (lib)curl from properly
downloading (most) things that were larger than 4GB on 32 bit systems. Matt
Witherspoon helped as narrow down the problem.
Daniel (5 January 2007)
- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
will make libcurl shutdown SSL/TLS after the authentication is done on a
FTP-SSL operation.
Daniel (4 January 2007)
- David McCreedy made changes to allow base64 encoding/decoding to work on
non-ASCII platforms.
Daniel (3 January 2007)
- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
downloaded data in two buffers, just to be able to deal with a special HTTP
pipelining case. That is now only activated for pipelined transfers. In
Matt's case, it showed as a considerable performance difference,
Daniel (2 January 2007)
- Victor Snezhko helped us fix bug report #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
(CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
on Windows (since 7.16.0, but that's when they were introduced as previous
to that the limiting logic was made in the application only and not in the
library). It was actually also broken on select()-based systems (as apposed
to poll()) but we haven't had any such reports. We now use select(), Sleep()
or delay() properly to sleep a while without waiting for anything input or
output when the rate limiting is activated with the easy interface.
- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
to get built static. It has been mentioned before and was again brought to
our attention by Nathanael Nerode who filed debian bug report #405226
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).
Daniel (29 December 2006)
- Make curl_easy_duphandle() set the magic number in the new handle.
Daniel (22 December 2006)
- Robert Foreman provided a prime example snippet showing how libcurl would
get confused and not acknowledge the 'no_proxy' variable properly once it
had used the proxy and you re-used the same easy handle. I made sure the
proxy name is properly stored in the connect struct rather than the
sessionhandle/easy struct.
- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
variable to point to when it should be a socklen_t.
- When setting a proxy with environment variables and (for example) running
'curl [URL]' with a URL without a protocol prefix, curl would not send a
correct request as it failed to add the protocol prefix.
Daniel (21 December 2006)
- Robson Braga Araujo reported bug #1618359
(http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
enters an infinite loop, while curl 7.16.1-20061218 does one additional
unnecessary request.
Fix: During the "Major overhaul introducing http pipelining support and
shared connection cache within the multi handle." change, headerbytecount
was moved to live in the Curl_transfer_keeper structure. But that structure
is reset in the Transfer method, losing the information that we had about
the header size. This patch moves it back to the connectdata struct.
Daniel (16 December 2006)
- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
during certain conditions when GnuTLS is used.
Daniel (11 December 2006)
- Alexey Simak found out that when doing FTP with the multi interface and
something went wrong like it got a bad response code back from the server,
libcurl would leak memory. Added test case 538 to verify the fix.
I also noted that the connection would get cached in that case, which
doesn't make sense since it cannot be re-use when the authentication has
failed. I fixed that issue too at the same time, and also that the path
would be "remembered" in vain for cases where the connection was about to
get closed.
Daniel (6 December 2006)
- Sebastien Willemijns reported bug #1603712
(http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
getting cut off prematurely when --limit-rate is used. While I found no such
problems in my tests nor in my reading of the code, I found that the
--limit-rate code was severly flawed (since it was moved into the lib, since
7.15.5) when used with the easy interface and it didn't work as documented
so I reworked it somewhat and now it works for my tests.
Daniel (5 December 2006)
- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
passing a curl_off_t argument to the Curl_read_rewind() function which takes
an size_t argument. Curl_read_rewind() also had debug code left in it and it
was put in a different source file with no good reason when only used from
one single spot.
- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
no code present in the library that receives the option. Since it was not
possible to use, we know that no current users exist and thus we simply
removed it from the docs and made the code always use the default path of
the code.
- Jared Lundell filed bug report #1604956
(http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
will always internally use no less than 1 entry in the connection cache.
- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
the 7.16.0 release.
- Martin Skinner brought back bug report #1230118 to haunt us once again.
(http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
properly for all input dates on Windows. It was mostly seen on some TZ time
zones using DST. Luckily, Martin also provided a fix.
- Alexey Simak filed bug report #1600447
(http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
FTP connections don't work with the multi interface. The problem is here
that the multi interface state machine has a state during which it can wait
for the data connection to connect, but the active connection is not done in
the same step in the sequence as the passive one is so it doesn't quite work
for active. The active FTP code still use a blocking function to allow the
remote server to connect.
The fix (work-around is a better word) for this problem is to set the
boolean prematurely that the data connection is completed, so that the "wait
for connect" phase ends at once.
The proper fix, left for the future, is of course to make the active FTP
case to act in a non-blocking way too.
- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
HTTP upload was disconnected:
"What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
setting *only* POLLHUP on poll() when the conditions in my previous mail
occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
basically what was happening, is poll() was returning immediately (with
POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
POLLOUT was set. This still caused Curl_readwrite() to be called, which
quickly returned. Then the transfer() loop kept continuing at full speed
forever."
Daniel (1 December 2006)
- Toon Verwaest reported that there are servers that send the Content-Range:
header in a third, not suppported by libcurl, format and we agreed that we
could make the parser more forgiving to accept all the three found
variations.
Daniel (25 November 2006)
- Venkat Akella found out that libcurl did not like HTTP responses that simply
responded with a single status line and no headers nor body. Starting now, a
HTTP response on a persistent connection (i.e not set to be closed after the
response has been taken care of) must have Content-Length or chunked
encoding set, or libcurl will simply assume that there is no body.
To my horror I learned that we had no less than 57(!) test cases that did bad
HTTP responses like this, and even the test http server (sws) responded badly
when queried by the test system if it is the test system. So although the
actual fix for the problem was tiny, going through all the newly failing test
cases got really painful and boring.
Daniel (24 November 2006)
- James Housley did lots of work and introduced SFTP downloads.
Daniel (13 November 2006)
- Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
out a stack overwrite (and the corresponding fix) on 64bit Windows when
dealing with HTTP chunked encoding.
Daniel (9 November 2006)
- Nir Soffer updated libcurl.framework.make:
o fix symlinks, should link to Versions, not to ./Versions
o indentation improvments
- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
2006. It turned out we wrongly assumed that the connection cache was present
when tearing down a connection.
- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
multi interface, but I could also repeat it doing multiple sequential ones
with the easy interface. Using Ciprian's test case, I could fix it.
Daniel (8 November 2006)
- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
SSL handshake. This is now stopped.
Daniel (7 November 2006)
- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
wrong error message in the error message buffer.
Daniel (3 November 2006)
- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
KNOWN_BUGS #25, which happens when a proxy closes the connection when
libcurl has sent CONNECT, as part of an authentication negotiation. Starting
now, libcurl will re-connect accordingly and continue the authentication as
it should.
Daniel (2 November 2006)
- James Housley brought support for SCP transfers, based on the libssh2 library
for the actual network protocol stuff.
Added these new curl_easy_setopt() options:
CURLOPT_SSH_AUTH_TYPES
CURLOPT_SSH_PUBLIC_KEYFILE
CURLOPT_SSH_PRIVATE_KEYFILE
|
|
but not "libidn".
This fixes PR pkg/35358.
|
|
increase its BUILDLINK_ABI_DEPENDS, and bump PKGREVISIONs
of dependencies.
Sorry for not finding this earlier.
|
|
|
|
Version 7.16.0 (30 October 2006)
Daniel (25 October 2006)
- Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
case when 401 or 407 are returned, *IF* no auth credentials have been given.
The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
and 407 cases when auth credentials is given, but we've now covered this
somewhat more.
You might get some amounts of headers transferred before this situation is
detected, like for when a "100-continue" is received as a response to a
POST/PUT and a 401 or 407 is received immediately afterwards.
Added test 281 to verify this change.
Daniel (23 October 2006)
- Ravi Pratap provided a major update with pipelining fixes. We also no longer
re-use connections (for pipelining) before the name resolving is done.
Daniel (21 October 2006)
- Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
the single test applications' link and dependences, so that you easier can
override those from the command line when using make.
- Armel Asselin separated CA cert verification problems from problems with
reading the (local) CA cert file to let users easier pinpoint the actual
problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
Daniel (18 October 2006)
- Removed the "protocol-guessing" for URLs with host names starting with FTPS
or TELNET since they are practically non-existant. This leaves us with only
three different prefixes that would assume the protocol is anything but
HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".
Daniel (17 October 2006)
- Bug report #1579171 pointed out code flaws detected with "prefast", and they
were 1 - a too small memory clear with memset() in the threaded resolver and
2 - a range of potentially bad uses of the ctype family of is*() functions
such as isdigit(), isalnum(), isprint() and more. The latter made me switch
to using our own set of these functions/macros using uppercase letters, and
with some extra set of crazy typecasts to avoid mistakingly passing in
negative numbers to the underlying is*() functions.
- With Jeff Pohlmeyer's help, I fixed the expire timer when using
curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
options now work fine with curl_multi_socket() as well.
Daniel (16 October 2006)
- Added a check in configure that simply tries to run a program (not when
cross-compiling) in order to detect problems with run-time libraries that
otherwise would occur when the sizeof tests for curl_off_t would run and
thus be much more confusing to users. The check of course should run after
all lib-checks are done and before any other test is used that would run an
executable built for testing-purposes.
Dan F (13 October 2006)
- The tagging of application/x-www-form-urlencoded POST body data sent
to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
included as part of the header). A message was also added to the
command line tool to show when data is being sent, enabled when
--verbose is used.
Daniel (12 October 2006)
- Starting now, adding an easy handle to a multi stack that was already added
to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.
- Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
and while doing so it became apparent that the current timeout system for
the socket API really was a bit awkward since it become quite some work to
be sure we have the correct timeout set.
Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
callback the app can set to get to know when the general timeout time
changes and thus for an application like hiperfifo.c it makes everything a
lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
good old libcurl tradition.
Jeff has also updated the hiperfifo.c example code to use this news.
Daniel (9 October 2006)
- Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
case 535 and it now runs fine. Again a problem with the pipelining code not
taking all possible (error) conditions into account.
Daniel (6 October 2006)
- Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
test case 533 and the test now runs fine.
Daniel (4 October 2006)
- Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
but that worked nicely in 7.15.5. I converted it into test case 532 and
fixed the problem.
Daniel (29 September 2006)
- Removed a few other no-longer present options from the header file.
- Support for FTP third party transfers was removed. Here's why:
o The recent multi interface changes broke it and the design of the 3rd party
transfers made it very hard to fix the problems
o It was still blocking and thus nasty for the multi interface
o It was a lot of extra code for a very rarely used feature
o It didn't use the same code as for "plain" FTP transfers, so it didn't work
fine for IPv6 and it didn't properly re-use connections and more
o There's nobody around who's willing to work on and improve the existing
code
This does not mean that third party transfers are banned forever, only that
they need to be done better if they are to be re-added in the future.
The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
options from the command line tool. For this reason, I also bumped the
version info for the lib.
Daniel (28 September 2006)
- Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
would crash if a bad function sequence was used when shutting down after
using the multi interface (i.e using easy_cleanup after multi_cleanup) so
precautions have been added to make sure it doesn't any more - test case 529
was added to verify.
Daniel (27 September 2006)
- The URL in the cookie jar file is now changed since it was giving a 404.
Reported by Timothy Stone. The new URL will take the visitor to a curl web
site mirror with the document.
Daniel (24 September 2006)
- Bernard Leak fixed configure --with-gssapi-libs.
- Cory Nelson made libcurl use the WSAPoll() function if built for Windows
Vista (_WIN32_WINNT >= 0x0600)
Daniel (23 September 2006)
- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
encrypt the control connection and use the data connection "plain".
- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
as it now will read the full data sent from servers. The SOCKS-related code
was also moved to the new lib/socks.c source file.
Daniel (21 September 2006)
- Added test case 531 in an attempt to repeat bug report #1561470
(http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
FTP upload fails with the multi interface. It did not, but I made a failed
upload still assume the control connection to be fine.
Daniel (20 September 2006)
- Armel Asselin fixed problems when you gave a proxy URL with user name and
empty password or no password at all. Test case 278 and 279 were added to
verify.
Daniel (12 September 2006)
- Added docs/examples/10-at-a-time.c by Michael Wallner
- Added docs/examples/hiperfifo.c by Jeff Pohlmeyer
Daniel (11 September 2006)
- Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
handle that is part of a multi handle first removes the handle from the
stack.
- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
session-ID re-use on demand since there obviously are broken servers out
there that misbehave with session-IDs used.
- Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
problem with it (SIGSEGV-style). It clearly showed that the existing
socket-state and state-difference function wasn't good enough so I rewrote
it and could then re-run Jeff's program without any crash. The previous
version clearly could miss to tell the application when a handle changed
from using one socket to using another.
While I was at it (as I could use this as a means to track this problem
down), I've now added a 'magic' number to the easy handle struct that is
inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
we can use internally to detect that an easy handle seems to be fine, or at
least not closed or freed (freeing in debug builds fill the area with 0x13
bytes but in normal builds we can of course not assume any particular data
in the freed areas).
Daniel (9 September 2006)
- Michele Bini fixed how the hostname is put in NTLM packages. As servers
don't expect fully qualified names we need to cut them off at the first dot.
- Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
of them can be completetly removed though...
Daniel (6 September 2006)
- Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
handle will be attempted to get pipelined instead of done in parallell as
they are performed otherwise.
As a side-effect from this work, connections are now shared between all easy
handles within a multi handle, so if you use N easy handles for transfers,
each of them can pick up and re-use a connection that was previously used by
any of the handles, be it the same or one of the others.
This separation of the tight relationship between connections and easy
handles is most noticable when you close easy handles that have been used in
a multi handle and check amount of used memory or watch the debug output, as
there are times when libcurl will keep the easy handle around for a while
longer to be able to close it properly. Like for sending QUIT to close down
an FTP connection.
This is a major change.
Daniel (4 September 2006)
- Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
patch that while not fixing things very nicely, it does make the SOCKS5
proxy connection slightly better as it now acknowledges the timeout for
connection and it no longer segfaults in the case when SOCKS requires
authentication and you did not specify username:password.
Daniel (31 August 2006)
- Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
name resolves. It could get stuck in the wrong state.
Gisle (29 August 2006)
- Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
compiler now uses the same config.dos file (renamed to config.h by
make). libcurl now builds fine using Watcom and Metaware's High-C
using the Watt-32 tcp/ip-stack.
Daniel (29 August 2006)
- David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
allow applications to set their own socket options.
Daniel (25 August 2006)
- Armel Asselin reported that the 'running_handles' counter wasn't updated
properly if you removed a "live" handle from a multi handle with
curl_multi_remove_handle().
Daniel (22 August 2006)
- David McCreedy fixed a remaining mistake from the August 19 TYPE change.
- Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
code when doing pure ipv6 EPRT connections.
Daniel (19 August 2006)
- Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
command on subsequent requests on a re-used connection unless it has to.
- Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
files in the root directory.
- Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
send the whole request at once, even though the Expect: header was disabled
by the application. An effect of this change is also that small (< 1024
bytes) POSTs are now always sent without Expect: header since we deem it
more costly to bother about that than the risk that we send the data in
vain.
Daniel (9 August 2006)
- Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
in the command sequence as it would have run if there would've been a
transfer.
Daniel (8 August 2006)
- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
on a persistent connection and allowed the first to use that header, you
could not disable it for the second request.
Daniel (7 August 2006)
- Domenico Andreolfound a quick build error which happened because
src/config.h.in was not a proper duplcate of lib/config.h.in which it
should've been and this was due to the maketgz script not doing the cp
properly.
|
|
|
|
|
|
Version 7.15.5 (7 August 2006)
Daniel (2 August 2006)
- Mark Lentczner fixed how libcurl was not properly doing chunked encoding
if the header "Transfer-Encoding: chunked" was set by the application.
http://curl.haxx.se/bug/view.cgi?id=1531838
Daniel (1 August 2006)
- Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
an unknown error number on glibc systems.
http://curl.haxx.se/bug/view.cgi?id=1532289
Daniel (31 July 2006)
- *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
prototypes: they both now provide the number of running handles back to the
calling function. It makes the functions resemble the good old
curl_multi_perform() more and provides a nice way to know when the multi
handle goes empty.
ALERT2: don't use the curl_multi_socket*() functionality in anything
production-like until I say it's somewhat settled, as I suspect there might
be some further API changes before I'm done...
Daniel (28 July 2006)
- Yves Lejeune fixed so that replacing Content-Type: when doing multipart
formposts work exactly the way you want it (and the way you'd assume it
works).
Daniel (27 July 2006)
- David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
control and data connection, as the existing --ftp-ssl option only requests
it.
- [Hiper-related work] Added a function called curl_multi_assign() that will
set a private pointer added to the internal libcurl hash table for the
particular socket passed in to this function:
CURLMcode curl_multi_assign(CURLM *multi_handle,
curl_socket_t sockfd,
void *sockp);
'sockp' being a custom pointer set by the application to be associated with
this socket. The socket has to be already existing and in-use by libcurl,
like having already called the callback telling about its existance.
The set hashp pointer will then be passed on to the callback in upcoming
calls when this same socket is used (in the brand new 'socketp' argument).
Daniel (26 July 2006)
- Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
tool option named --ftp-alternative-to-user. It provides a mean to send a
particular command if the normal USER/PASS approach fails.
- Michael Jerris added magic that builds lib/curllib.vcproj automatically for
newer MSVC.
Daniel (25 July 2006)
- Georg Horn made the transfer timeout error message include more details.
Daniel (20 July 2006)
- David McCreedy fixed a build error when building libcurl with HTTP disabled,
problem added with the curl_formget() patch.
Daniel (17 July 2006)
- Jari Sundell did some excellent research and bug tracking, figured out that
we did wrong and patched it: When nodes were removed from the splay tree,
and we didn't properly remove it from the splay tree when an easy handle was
removed from a multi stack and thus we could wrongly leave a node in the
splay tree pointing to (bad) memory.
Daniel (14 July 2006)
- David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
for FTP ASCII transfers.
Daniel (8 July 2006)
- Ates Goral pointed out that libcurl's cookie parser did case insensitive
string comparisons on the path which is incorrect and provided a patch that
fixes this. I edited test case 8 to include details that test for this.
- Ingmar Runge provided a source snippet that caused a crash. The reason for
the crash was that libcurl internally was a bit confused about who owned the
DNS cache at all times so if you created an easy handle that uses a shared
DNS cache and added that to a multi handle it would crash. Now we keep more
careful internal track of exactly what kind of DNS cache each easy handle
uses: None, Private (allocated for and used only by this single handle),
Shared (points to a cache held by a shared object), Global (points to the
global cache) or Multi (points to the cache within the multi handle that is
automatically shared between all easy handles that are added with private
caches).
Daniel (4 July 2006)
- Toshiyuki Maezawa fixed a problem where you couldn't override the
Proxy-Connection: header when using a proxy and not doing CONNECT.
Daniel (24 June 2006)
- Michael Wallner added curl_formget(), which allows an application to extract
(serialise) a previously built formpost (as with curl_formadd()).
Daniel (23 June 2006)
- Arve Knudsen found a flaw in curl_multi_fdset() for systems where
curl_socket_t is unsigned (like Windows) that could cause it to wrongly
return a max fd of -1.
Daniel (20 June 2006)
- Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
to send or receive data. This kind of adds the the command line tool's
option --limit-rate to the library.
The rate limiting logic in the curl app is now removed and is instead
provided by libcurl itself. Transfer rate limiting will now also work for -d
and -F, which it didn't before.
Daniel (19 June 2006)
- Made -K on a file that couldn't be read cause a warning to be displayed.
Daniel (13 June 2006)
- Dan Fandrich implemented --enable-hidden-symbols configure option to enable
-fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl
binary and speeds up dynamic linking by hiding all the internal symbols from
the symbol table.
|
