pkgsrc/www/curl/PLIST

138 lines
3.9 KiB
Text
Raw Normal View History

Changes 7.28.1: This release includes the following changes: o metalink/md5: Use CommonCrypto on Apple operating systems o href_extractor: new example code extracting href elements o NSS can be used for metalink hashing [13] This release includes the following bugfixes: o Fix broken libmetalink-aware OpenSSL build o gnutls: fix the error is fatal logic [1] o darwinssl: un-broke iOS build, fix error on server disconnect o asyn-ares: restore functionality with c-ares < 1.6.1 [2] o tlsauthtype: deal with the string case insensitively [3] o Fixed MSVC libssh2 static build o evhiperfifo: fix the pointer passed to WRITEDATA [6] o BUGS: fix the bug tracker URL [4] o winbuild: Use machine type of development environment o FTP: prevent the multi interface from blocking [5] o uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES o httpcustomheader.c: free the headers after use o fix >2000 bytes POST over NTLM-using proxy [7] o redirects to URLs with fragments [8] o don't send '#' fragments when using proxy [9] o OpenSSL: show full issuer string [10] o fix HTTP auth regression [11] o CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value [12] o ftp: EPSV-disable fix over SOCKS [14] o Digest: Add microseconds into nounce calculation [15] o SCP/SFTP: improve error code used for send failures o SSL: Several SSL-backend related fixes o removed the notorious "additional stuff not fine" debug output o OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack o FILE: Make upload-writes unbuffered o custom memory callbacks failure with HTTP proxy (and more) [16] o TFTP: handle resends o autoconf: don't force-disable compiler debug option o winbuild: Fix PDB file output [17] o test2032: spurious failure caused by premature termination [18] o memory leak: CURLOPT_RESOLVE with multi interface [19]
2012-12-06 17:24:29 +01:00
@comment $NetBSD: PLIST,v 1.38 2012/12/06 16:24:29 adam Exp $
bin/curl
bin/curl-config
include/curl/curl.h
include/curl/curlbuild.h
include/curl/curlrules.h
include/curl/curlver.h
include/curl/easy.h
include/curl/mprintf.h
include/curl/multi.h
include/curl/stdcheaders.h
include/curl/typecheck-gcc.h
lib/libcurl.la
lib/pkgconfig/libcurl.pc
man/man1/curl-config.1
man/man1/curl.1
Update to 7.26: This release includes the following changes: o nss: the minimal supported version of NSS bumped to 3.12.x o nss: human-readable names are now provided for NSS errors if available o add a manual page for mk-ca-bundle o added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR o smtp: Add support for DIGEST-MD5 authentication o pop3: Added support for additional pop3 commands This release includes the following bugfixes: o nss: libcurl now uses NSS_InitContext() to prevent collisions if available [1] o URL parse: reject numerical IPv6 addresses outside brackets [4] o MD5: fix OOM memory leak [5] o OpenSSL cert: provide more details when cert check fails o HTTP: empty chunked POST ended up in two zero size chunks [6] o fixed a regression when curl resolved to multiple addresses and the first isn't supported [7] o -# progress meter: avoid superfluous updates and duplicate lines [8] o headers: surround GCC attribute names with double underscores [9] o PolarSSL: correct return code for CRL matches o PolarSSL: include version number in version string o PolarSSL: add support for asynchronous connect o mk-ca-bundle: revert the LWP usage [12] o IPv6 cookie domain: get rid of the first bracket before the second o connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails o OpenSSL: Made cert hostname check conform to RFC 6125 [10] o HTTP: reset expected DL/UL sizes on redirects [11] o CMake: fix Windows LDAP/LDAPS option handling [2] o CMake: fix MS Visual Studio x64 unsigned long long literal suffix [3] o configure: update detection logic of getaddrinfo() thread-safeness o configure: check for gethostbyname in the watt lib o curl-config.1: fix curl-config usage in example [13] o smtp: Fixed non-escaping of dot character at beginning of line o MakefileBuild.vc: use the correct IDN variable o autoconf: improve handling of versioned symbols o curl.1: clarify -x usage o curl: shorten user-agent o smtp: issue with the multi-interface always sending postdata [14] o compile error with GnuTLS+Nettle fixed o winbuild: fix IPv6 enabled build
2012-05-29 16:58:05 +02:00
man/man1/mk-ca-bundle.1
man/man3/curl_easy_cleanup.3
man/man3/curl_easy_duphandle.3
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
man/man3/curl_easy_escape.3
man/man3/curl_easy_getinfo.3
man/man3/curl_easy_init.3
Update to version 7.18.0 and add SSHv2 support via the newly imported security/libssh2 package. Changes: o --data-urlencode o CURLOPT_PROXY_TRANSFER_MODE o --no-keepalive - now curl does connections with keep-alive enabled by default o --socks4a added (proxy type CURLPROXY_SOCKS4A for libcurl) o --socks5-hostname added (CURLPROXY_SOCKS5_HOSTNAME for libcurl) o curl_easy_pause() o CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA o --keepalive-time o curl --help output was re-ordered This release includes the following bugfixes: o curl-config --features and --protocols show the correct output when built with NSS, and also when SCP, SFTP and libz are not available o free problem in the curl tool for users with empty home dir o curl.h version 7.17.1 problem when building C++ apps with MSVC o SFTP and SCP use persistent connections o segfault on bad URL o variable wrapping when using absolutely huge send buffer sizes o variable wrapping when using debug callback and the HTTP request wasn't sent in one go o SSL connections with NSS done with the multi-interface o setting a share no longer activates cookies o Negotiate now works on auth and proxy simultanouesly o support HTTP Digest nonces up to 1023 letters o resumed ftp upload no longer requires the read callback to return full buffers o no longer default-appends ;type= on FTP URLs thru proxies o SSL session id caching o POST with callback over proxy requiring NTLM or Digest o Expect: 100-continue flaw on re-used connection with POSTs o build fix for MSVC 9.0 (VS2008) o Windows curl builds failed file truncation when retry downloading o SSL session ID cache memory leak o bad connection re-use check with environment variable-activated proxy use o --libcurl now generates a return statement as well o socklen_t is no longer used in the public includes o time zone offsets from -1400 to +1400 are now accepted by the date parser o allows more spaces in WWW/Proxy-Authenticate: headers o curl-config --libs skips /usr/lib64 o range support for file:// transfers o libcurl hang with huge POST request and request-body read from callback o removed extra newlines from many error messages o improved pipelining o improved OOM handling for data url encoded HTTP POSTs when read from a file o test suite could pick wrong tool(s) if more than one existed in the PATH o curl_multi_fdset() failed to return socket while doing CONNECT over proxy o curl_multi_remove_handle() on a handle that is in used for a pipeline now break that pipeline o CURLOPT_COOKIELIST memory leaks o progress meter/callback during http proxy CONNECT requests o auth for http proxy when the proxy closes connection after first response
2008-03-02 15:40:26 +01:00
man/man3/curl_easy_pause.3
man/man3/curl_easy_perform.3
man/man3/curl_easy_recv.3
update to Curl 7.12.1 Changes: * the version string now only contains info about (sub) package versions, while for example krb4 and ipv6 now only are available as 'features' * added curl_easy_reset() * socks proxy support even when libcurl is built ipv6-enabled * read callbacks can stop the transfer by returning CURL_READFUNC_ABORT * libcurl-tutorial.3 is the new man page formerly known as libcurl-the-guide * additional SSL trace data might be sent to the debug callback using two new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT * multipart formposts can upload files larger than system memory * the curl tool continues with the next URL even if one transfer fails * FTP 3rd party transfer support - seven new setopt() options Bugfixes: * UTF-8 encoded certificate names can now be verified properly * krb4 link problem * HTTP Negotiate service name now provided in uppercase * no longer accepts any cookies with domain set to just a TLD * HTTP Digest properties without quotes in the header * bad Host: header case on re-used connections over proxy * duplicate Host: header case on re-used connections * curl -o name#[num] now works when no globbing for [num] exists * test suite runs fine with valgrind 2.1.x * negative Content-Length is ignored * test 505 runs fine on windows * curl_share_cleanup() crash * --trace files now get the final info lines too * multi interface connects fine to multi-IP resolving hosts * --limit-rate works on Mac OS X (and other systems with bad poll()s) * cookies can now hold 4999 bytes of content * HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX * HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate * less restrictive libidn requirements, 0.4.1 or later is fine * HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server didn't require any authentication * win32 file:// transfer free memory bug * configure --disable-http builds a libcurl without HTTP support * CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument * builds fine with Borland on Windows * the msvc curllib.dsp now builds the libcurl.lib file * builds fine on VMS * builds fine on NetWare * HTTP Digest authentication with proxies uses correct user name + password * builds fine with lcc-win32
2004-08-21 13:31:00 +02:00
man/man3/curl_easy_reset.3
man/man3/curl_easy_send.3
man/man3/curl_easy_setopt.3
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
man/man3/curl_easy_strerror.3
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
man/man3/curl_easy_unescape.3
upgrade to 7.7.1. Version 7.7.1 Daniel (3 April 2001) - Puneet Pawaia pointed out two serious problems. Libcurl would attempt to read bad memory during situations when an (ftp) connection attempt failed. Also, the lib/Makefile.vc6 was corrected. - More investigations in the Location: following code made me realize that it was not clean enough to work transparantly with persistant and non- persistant connections. I think I've fixed it now. Daniel (29 March 2001) - Georg Horn mailed me some corrections for the Curl::easy perl interface. - Experimental ftps:// support added. It is basically FTP over SSL for the control connection. It still makes all data transfers going over unencrypted connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used that to verify the functionality. Daniel (27 March 2001) - Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried to get a file from a site and it fails, the SIGALRM would still be sent after the timeout-time, quite inexpectedly! - I added an ftp transfer example to docs/examples/ and I also wrote a tiny example makefile that can be used as a start when building one of the examples. Version 7.7.1-beta1 Daniel (26 March 2001) - Mohamed Lrhazi reported problems with 7.6.1 and persistant HTTP/1.0 connections (when the server replied a Connection: Keep-Alive) and this problem was not properly dealt with in 7.7 either. A patch was posted to the curl-and-php mailing list. Daniel (24 March 2001) - Colin Watson reported about a problem and brought a patch that corrected it, which was about the man page and lines starting with a single quote (') in a way that gnroff doesn't like. Daniel (23 March 2001) - Peter Bray reported correctly that the root makefile used make instead of $(MAKE) for the test target. - Corrected the Curl::easy perl interface to use curl_easy_setopt() and not curl_setopt() which was removed in 7.7! - SM provided updates on three documents (MANUAL, INSTALL and FAQ). - When following a Location:, libcurl would sometimes write to the URL string in a way it shouldn't. As the pointer is passed-in to libcurl from an application, we can't be allowed to write to it. The particular bug report from 'nk' that brought this up was because he had a read-only URL that then caused a libcurl crash! - No longer reads HEAD responses longer than to the last header. Previously, curl would read the full reply if the connection was a "close" one. - libcurl did re-use connections way too much. Doing "curl http://www.{microsoft,ibm}.com" would make it re-use the connection which made the second request return very odd results. Daniel (22 March 2001) - Edin Kadribasic made me aware that curl should not re-send POST requests when following 302-redirects. I made 302 work like 303 which means curl uses GET in the following request(s). - libcurl now reset the "followed-location" counter on each invoke of curl_easy_perform() as it otherwise would sum up all redirects on the same connection and thus could reach the maxredirs counter wrongly. - Jim Drash suggested curl_escape() should not re-encode what already looks like an encoded sequence and I think that's a fair suggestion. Version 7.7 Daniel (22 March 2001) - The configure script now fails with an error message if gethostbyname_r() is detected but it couldn't figure out how to invoke it (what amount of arguments it is supposed to get). Reports from Andrés García made me aware of this need. - Talking with Jim Drash made me finally put the curl_escape and curl_unescape functions in the curl.h include file and write man pages for them. The escape function was modified to use the same interface as the unescape one had. - No bug reports at all on the latest betas. Release time coming up. Version 7.7-beta5 Daniel (19 March 2001) - Georg Ottinger reported problems with using -C together with -L in the sense that the -C info got lost when it was redirected. I could not repeat this problem on the 7.7 branch why I leave this for the moment. Test case 39 was added to do exactly this, and it seems to do right. - Christian Robottom Reis reported how his 7.7 beta didn't successfully do form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT and POST operations that I need to add support for. Section 8.2.3 in RFC2616 has all the details. Seems to work now! Daniel (16 March 2001) - After having experienced another machine break-down, we're back. - Georg Horn's perl interface Curl::easy is now included in the curl release archive. The perl/ directory is now present. Please help me with docs, examples and updates you think fit. - Made a new php/ directory in the release archive and moved the PHP examples into a subdirectory in there. Not much PHP info yet, but I plan to. Please help me here as well! - Made libcurl return error if a transfer is aborted in the middle of a "chunk". It actually enables libcurl to discover premature transfer aborts even if the Content-Length: size is unknown. Daniel (15 March 2001) - Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT option in libcurl. It limits the time curl is allowed to spend in the connection phase. This differs from -m/--max-time that limits the entire file transfer operation. Requested by Larry Fahnoe and others. I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the item from the TODO. Version 7.7-beta4 Daniel (14 March 2001) - Made curl grok IPv6 with HTTP proxies and got everything to compile nicely again when ENABLE_IPV6 is set. I need to remake things in the test suite. I can't test the FTP parts with curl built for IPv6 as it uses a different set of FTP commands then! - I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was a report meant for our project. Anyway, it said the .netrc parsing didn't work as supposed, and as I agreed with Lars, I made the netrc parser use getpwuid() to figure out the home directory of the effective user and try that netrc. It still uses the environment variable HOME for those that don't have that function or if the user doesn't return valid pwd info. - Edin Kadribaic posted a bug report where he got a crash when a fetch with user+password in the URL followed a Location: to a second URL (absolute, without name+password). This bug has been around for a long while and crashes due to a read at address zero. Fixed now. Wrote test case 38, that tests this. - Modified the test suite's httpserver slightly to append all client request data to its log file so that the test script now better can verify a range of requests and not only the last one, as it did previously. - Updated the curl man page with --random-file and --egd-file details. Version 7.7-beta3 Daniel (14 March 2001) - Björn Stenberg provided similar fixes as Jörn did and some additional patches for non-SSL compiles. - I increased the interface number for libcurl as I've removed the low level functions from the interface. I also took this opportunity to rename the Curl_strequal function to curl_strequal and Curl_strnequal to curl_strnequal, as they're public libcurl functions (even if they're still undocumented). This will make older programs not capable of using the new libcurl with just a drop-in replacement. - Jörn Hartroth updated stuff for win32 compiles: o config-win32.h was fixed for socklen_t o lib/ssluse.c had a bad #endif placement o lib/file.c was made to compile on win32 again o lib/Makefile.m32 was updated with the new files o lib/libcurl.def matches the current interface state Daniel (13 March 2001) - It only took an hour or so before Jörn Hartroth found a problem in the chunked transfer-encoding. Given his fine example-site, I could easily spot the problem and when I re-read the spec (the part I have pasted in the top of the http_chunks.h file), I realized I had made my state-machine slightly wrong and didn't expect/handle the trailing CRLF that comes after the data in each chunk (and those extra two bytes sure feel wasted). Had to modify test case 34 to match this as well. Version 7.7-beta2 Daniel (13 March 2001) - Added the policy stuff to the curl_easy_setopt man page for the two supported policies. - Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now supported, and the "least recently used" is used as default if no policy is chosen. Daniel (12 March 2001) - Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the SSL random engine. The random seeding support was also brought to the curl client with the new options --random-file <file> and --egd-file <file>. I need some people to really test this to know they work as supposed. Remember that libcurl now informs (if verbose is on) if the random seed is considered weak (HTTPS connections). - Made the chunked transfer-encoding engine detected bad formatted data length and return error if so (we can't possibly extract sensible data if this is the case). Added a test case that detects this. Number 36. Now there are 60 test cases. - Added 5 new libcurl options to curl/curl.h that can be used to control the persistant connection support in libcurl. They're also documented (fairly thoroughly) in the curl_easy_setopt.3 man page. Three of them are now implemented, although not really tested at this point... Anyway, the new implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT, CURLOPT_FORBID_REUSE. The ones still left to write code for are: CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION. - Made curl (the actual command line tool) use the new libcurl 7.7 persistant connection support by re-using the same curl handle for every specified file transfer and after some more test case tweaking we have 100% test case OK. I made some test cases return HTTP/1.0 now to make sure that works as well. - Had to add 'Connection: close' to the headers of a bunch of test cases so that curl behaves "old-style" since the test http server doesn't do multiple connections... Now I get 100% test case OK. - The curl.haxx.se site, the main curl mailing list and my personal email are all dead today due to power blackout in the area where the main servers are located. Horrible. - I've made persistance work over a squid HTTP proxy. I find it disturbing that it uses headers that aren't present in any HTTP standard though (Proxy-Connection:) and that makes me feel that I'm now on the edge of what the standard actually defines. I need to get this code excercised on a lot of different HTTP proxies before I feel safe. Now I'm facing the problem with my test suite servers (both FTP and HTTP) not supporting persistant connections and libcurl is doing them now. I have to fix the test servers to get all the test cases do OK. Daniel (8 March 2001) - Guenole Bescon reported that libcurl did output errors to stderr even if MUTE and NOPROGRESS was set. It turned out to be a bug and happens if there's an error and no ERRORBUFFER is set. This is now corrected. Version 7.7-beta1 Daniel (8 March 2001) - "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've added two source files and I've run some test downloads that look fine. - HTTP HEAD works too, even on 1.1 servers. Daniel (5 March 2001) - The current 57 test cases now pass OK. It would suggest that libcurl works using the old-style with one connection per handle. The test suite doesn't handle multiple connections yet so there are no test cases for this. - I patched the telnet.c heavily to not use any global variables anymore. It should make it a lot nicer library-wise. - The file:// support was modified slightly to use the internal connect-first- then-do approach. Daniel (4 March 2001) - More bugs erased. Version 7.7-alpha2 Daniel (4 March 2001) - Now, there's even a basic check that a re-used connection is still alive before it is assumed so. A few first tests have proven that libcurl will then re-connect instead of re-use the dead connection! Daniel (2 March 2001) - Now they work intermixed as well. Major coolness! - More fiddling around, my 'tiny' client I have for testing purposes now has proved to download both FTP and HTTP with persistant connections. They do not work intermixed yet though. Daniel (1 March 2001) - Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that curl_slist_append() should take a const char * as second argument. It does now. Daniel (22 February 2001) - The persistant connections start to look good for HTTP. On a subsequent request, it seems that libcurl now can pick an already existing connection if a suitable one exists, or it opens a new one. - Douglas R. Horner mailed me corrections to the curl_formparse() man page that I applied. Daniel (20 February 2001) - Added the docs/examples/win32sockets.c file for our windows friends. - Linus Nielsen Feltzing provided brand new TELNET functionality and improvements: * Negotiation is now passive. Curl does not negotiate until the peer does. * Possibility to set negotiation options on the command line, currently only XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV). * Now sends the USER environment variable if the -u switch is used. * Use -t to set telnet options (Linus even updated the man page, awesome!) - Haven't done this big changes to curl for a while. Moved around a lot of struct fields and stuff to make multiple connections get connection specific data in separate structs so that they can co-exist in a nice way. See the mailing lists for discussions around how this is gonna be implemented. Docs and more will follow. Studied the HTTP RFC to find out better how persistant connections should work. Seems cool enough. Daniel (19 February 2001) - Bob Schader brought me two files that help set up a MS VC++ libcurl project easier. He also provided me with an up-to-date libcurl.def file. - I moved a bunch of prototypes from the public <curl/curl.h> file to the library private urldata.h. This is because of the upcoming changes. The low level interface is no longer being planned to become reality. Daniel (15 February 2001) - CURLOPT_POST is not required anymore. Just setting the POST string with CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in libcurl already works this way, i.e they require only the parameter to switch on a feature so I think this works well with the rest. Setting a NULL string switches off the POST again. - Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn Reese helped me define a way how to incorporate persistant connections into libcurl in a very smooth way. If done right, no change may have to be made to older programs and they will just start using persistant connections when applicable! Daniel (13 February 2001) - Changed the word 'timeouted' to 'timed out' in two different error messages. Suggested by Larry Fahnoe. Version 7.6.1 Daniel (9 February 2001) - Frank Reid and Cain Hopwood provided information and research around a HTTPS PUT/upload problem we seem to have. No solution found yet. Daniel (8 February 2001) - An interesting discussion is how to specify an empty password without having curl ask for it interactively? The current implmentation takes an empty password as a request for a password prompt. However, I still want to support a blank user field. Thus, today if you enter "-u :" (without user and password) curl will prompt for the password. Tricky. How would you specify you want the prompt otherwise? - Made the netrc parse result possible to use for other protocols than FTP and HTTP (such as the upcoming TELNET fixes). - The previously mentioned "MSVC++ problems" turned out to be a non-issue. - Added a HTTP file upload code example in the docs/examples/ section on request. - Adjusted the FTP response fix slightly. Version 7.6.1-pre3 Daniel (7 February 2001) - SM found a flaw in the response reading function for FTP that could make libcurl not get out of the loop properly when it should, if libcurl got -1 returned when reading the socket. - I found a similar mistake in http.c when using a proxy and reading the results from the proxy connection. Daniel (6 February 2001) - A friendly person named "SM" (nntp at iname.com) pointed out that the VC makefile in src/ needed the libpath set for the debug build to work. - Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver brought up yesterday. Daniel (5 February 2001) - Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to a bunch of different areas within libcurl. - Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with the 'static' keyword on a number of libcurl functions. I might need to add a patch that redefines static when libcurl is compiled with that compiler. How do I know when VC++ compiles, anyone? Daniel (4 February 2001) - curl_getinfo() was extended with two new options: CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They return the full assumed content length of the transfer in the given direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length: size of a HTTP download. Added descriptions to the man page as well. This was done after discussions with Bob Schader. Daniel (3 February 2001) - Ingo Ralf Blum provided another fix that makes curl build under the more recent cygwin installations. It seems they've changed the preset defines to not include WIN32 anymore. Version 7.6.1-pre2 Daniel (31 January 2001) - Curl_read() and curl_read() now return a ssize_t for the size, as it had to be able to return -1. The telnet support crashed due to this and there was a possibility to weird behaviour all over. Linus Nielsen Feltzing helped me find this. - Added a configure.in check for a working getaddrinfo() if IPv6 is requested. I also made the configure script feature --enable-debug which sets a couple of compiler options when used. It assumes gcc. Daniel (30 January 2001) - I finally took a stab at the long-term FIXME item I've had on myself, and now libcurl will properly work when doing a HTTP range-request that follows a Location:. Previously that would make libcurl fail saying that the server doesn't seem to support range requests. Daniel (29 January 2001) - I added a test case for the HTTP PUT resume thing (test case 33). Version 7.6.1-pre1 Daniel (29 January 2001) - Yet another Content-Range change. Ok now? Bob Schader checks from his end and it works for him. Daniel (27 January 2001) - So the HTTP PUT resume fix wasn't good. There should appearantly be a Content-Range header when resuming a PUT. - I noticed I broke the download-check that verifies that a resumed HTTP download is actually resumed. It got broke because my new 'httpreq' field in the main curl struct. I should get slapped. I added a test case for this now, so I won't be able to ruin this again without noticing. - Added a test case for content-length verifying when downloading HTTP. - Made the progress meter title say if the transfer is being transfered. It makes the output slightly better for resumes. - When dealing with Location: and HTTP return codes, libcurl will not attempt to follow the spirit of RFC2616 better. It means that when POSTing to a URL that is being following to a second place, the standard will judge on what to do. All HTTP codes except 303 and 305 will cause curl to make a second POST operation. 303 will make a GET and 305 is not yet supported. I also wrote two test cases for this POST/GET/Location stuff.
2001-04-06 05:47:23 +02:00
man/man3/curl_escape.3
man/man3/curl_formadd.3
man/man3/curl_formfree.3
Update to 7.15.5, convert to options.mk. Version 7.15.5 (7 August 2006) Daniel (2 August 2006) - Mark Lentczner fixed how libcurl was not properly doing chunked encoding if the header "Transfer-Encoding: chunked" was set by the application. http://curl.haxx.se/bug/view.cgi?id=1531838 Daniel (1 August 2006) - Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror() an unknown error number on glibc systems. http://curl.haxx.se/bug/view.cgi?id=1532289 Daniel (31 July 2006) - *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified prototypes: they both now provide the number of running handles back to the calling function. It makes the functions resemble the good old curl_multi_perform() more and provides a nice way to know when the multi handle goes empty. ALERT2: don't use the curl_multi_socket*() functionality in anything production-like until I say it's somewhat settled, as I suspect there might be some further API changes before I'm done... Daniel (28 July 2006) - Yves Lejeune fixed so that replacing Content-Type: when doing multipart formposts work exactly the way you want it (and the way you'd assume it works). Daniel (27 July 2006) - David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both control and data connection, as the existing --ftp-ssl option only requests it. - [Hiper-related work] Added a function called curl_multi_assign() that will set a private pointer added to the internal libcurl hash table for the particular socket passed in to this function: CURLMcode curl_multi_assign(CURLM *multi_handle, curl_socket_t sockfd, void *sockp); 'sockp' being a custom pointer set by the application to be associated with this socket. The socket has to be already existing and in-use by libcurl, like having already called the callback telling about its existance. The set hashp pointer will then be passed on to the callback in upcoming calls when this same socket is used (in the brand new 'socketp' argument). Daniel (26 July 2006) - Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl tool option named --ftp-alternative-to-user. It provides a mean to send a particular command if the normal USER/PASS approach fails. - Michael Jerris added magic that builds lib/curllib.vcproj automatically for newer MSVC. Daniel (25 July 2006) - Georg Horn made the transfer timeout error message include more details. Daniel (20 July 2006) - David McCreedy fixed a build error when building libcurl with HTTP disabled, problem added with the curl_formget() patch. Daniel (17 July 2006) - Jari Sundell did some excellent research and bug tracking, figured out that we did wrong and patched it: When nodes were removed from the splay tree, and we didn't properly remove it from the splay tree when an easy handle was removed from a multi stack and thus we could wrongly leave a node in the splay tree pointing to (bad) memory. Daniel (14 July 2006) - David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared for FTP ASCII transfers. Daniel (8 July 2006) - Ates Goral pointed out that libcurl's cookie parser did case insensitive string comparisons on the path which is incorrect and provided a patch that fixes this. I edited test case 8 to include details that test for this. - Ingmar Runge provided a source snippet that caused a crash. The reason for the crash was that libcurl internally was a bit confused about who owned the DNS cache at all times so if you created an easy handle that uses a shared DNS cache and added that to a multi handle it would crash. Now we keep more careful internal track of exactly what kind of DNS cache each easy handle uses: None, Private (allocated for and used only by this single handle), Shared (points to a cache held by a shared object), Global (points to the global cache) or Multi (points to the cache within the multi handle that is automatically shared between all easy handles that are added with private caches). Daniel (4 July 2006) - Toshiyuki Maezawa fixed a problem where you couldn't override the Proxy-Connection: header when using a proxy and not doing CONNECT. Daniel (24 June 2006) - Michael Wallner added curl_formget(), which allows an application to extract (serialise) a previously built formpost (as with curl_formadd()). Daniel (23 June 2006) - Arve Knudsen found a flaw in curl_multi_fdset() for systems where curl_socket_t is unsigned (like Windows) that could cause it to wrongly return a max fd of -1. Daniel (20 June 2006) - Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed to send or receive data. This kind of adds the the command line tool's option --limit-rate to the library. The rate limiting logic in the curl app is now removed and is instead provided by libcurl itself. Transfer rate limiting will now also work for -d and -F, which it didn't before. Daniel (19 June 2006) - Made -K on a file that couldn't be read cause a warning to be displayed. Daniel (13 June 2006) - Dan Fandrich implemented --enable-hidden-symbols configure option to enable -fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl binary and speeds up dynamic linking by hiding all the internal symbols from the symbol table.
2006-08-10 16:18:14 +02:00
man/man3/curl_formget.3
man/man3/curl_free.3
man/man3/curl_getdate.3
man/man3/curl_getenv.3
man/man3/curl_global_cleanup.3
man/man3/curl_global_init.3
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
man/man3/curl_global_init_mem.3
man/man3/curl_mprintf.3
man/man3/curl_multi_add_handle.3
Update to 7.15.5, convert to options.mk. Version 7.15.5 (7 August 2006) Daniel (2 August 2006) - Mark Lentczner fixed how libcurl was not properly doing chunked encoding if the header "Transfer-Encoding: chunked" was set by the application. http://curl.haxx.se/bug/view.cgi?id=1531838 Daniel (1 August 2006) - Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror() an unknown error number on glibc systems. http://curl.haxx.se/bug/view.cgi?id=1532289 Daniel (31 July 2006) - *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified prototypes: they both now provide the number of running handles back to the calling function. It makes the functions resemble the good old curl_multi_perform() more and provides a nice way to know when the multi handle goes empty. ALERT2: don't use the curl_multi_socket*() functionality in anything production-like until I say it's somewhat settled, as I suspect there might be some further API changes before I'm done... Daniel (28 July 2006) - Yves Lejeune fixed so that replacing Content-Type: when doing multipart formposts work exactly the way you want it (and the way you'd assume it works). Daniel (27 July 2006) - David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both control and data connection, as the existing --ftp-ssl option only requests it. - [Hiper-related work] Added a function called curl_multi_assign() that will set a private pointer added to the internal libcurl hash table for the particular socket passed in to this function: CURLMcode curl_multi_assign(CURLM *multi_handle, curl_socket_t sockfd, void *sockp); 'sockp' being a custom pointer set by the application to be associated with this socket. The socket has to be already existing and in-use by libcurl, like having already called the callback telling about its existance. The set hashp pointer will then be passed on to the callback in upcoming calls when this same socket is used (in the brand new 'socketp' argument). Daniel (26 July 2006) - Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl tool option named --ftp-alternative-to-user. It provides a mean to send a particular command if the normal USER/PASS approach fails. - Michael Jerris added magic that builds lib/curllib.vcproj automatically for newer MSVC. Daniel (25 July 2006) - Georg Horn made the transfer timeout error message include more details. Daniel (20 July 2006) - David McCreedy fixed a build error when building libcurl with HTTP disabled, problem added with the curl_formget() patch. Daniel (17 July 2006) - Jari Sundell did some excellent research and bug tracking, figured out that we did wrong and patched it: When nodes were removed from the splay tree, and we didn't properly remove it from the splay tree when an easy handle was removed from a multi stack and thus we could wrongly leave a node in the splay tree pointing to (bad) memory. Daniel (14 July 2006) - David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared for FTP ASCII transfers. Daniel (8 July 2006) - Ates Goral pointed out that libcurl's cookie parser did case insensitive string comparisons on the path which is incorrect and provided a patch that fixes this. I edited test case 8 to include details that test for this. - Ingmar Runge provided a source snippet that caused a crash. The reason for the crash was that libcurl internally was a bit confused about who owned the DNS cache at all times so if you created an easy handle that uses a shared DNS cache and added that to a multi handle it would crash. Now we keep more careful internal track of exactly what kind of DNS cache each easy handle uses: None, Private (allocated for and used only by this single handle), Shared (points to a cache held by a shared object), Global (points to the global cache) or Multi (points to the cache within the multi handle that is automatically shared between all easy handles that are added with private caches). Daniel (4 July 2006) - Toshiyuki Maezawa fixed a problem where you couldn't override the Proxy-Connection: header when using a proxy and not doing CONNECT. Daniel (24 June 2006) - Michael Wallner added curl_formget(), which allows an application to extract (serialise) a previously built formpost (as with curl_formadd()). Daniel (23 June 2006) - Arve Knudsen found a flaw in curl_multi_fdset() for systems where curl_socket_t is unsigned (like Windows) that could cause it to wrongly return a max fd of -1. Daniel (20 June 2006) - Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed to send or receive data. This kind of adds the the command line tool's option --limit-rate to the library. The rate limiting logic in the curl app is now removed and is instead provided by libcurl itself. Transfer rate limiting will now also work for -d and -F, which it didn't before. Daniel (19 June 2006) - Made -K on a file that couldn't be read cause a warning to be displayed. Daniel (13 June 2006) - Dan Fandrich implemented --enable-hidden-symbols configure option to enable -fvisibility=hidden on gcc >= 4.0. This reduces the size of the libcurl binary and speeds up dynamic linking by hiding all the internal symbols from the symbol table.
2006-08-10 16:18:14 +02:00
man/man3/curl_multi_assign.3
man/man3/curl_multi_cleanup.3
man/man3/curl_multi_fdset.3
man/man3/curl_multi_info_read.3
man/man3/curl_multi_init.3
man/man3/curl_multi_perform.3
man/man3/curl_multi_remove_handle.3
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
man/man3/curl_multi_setopt.3
man/man3/curl_multi_socket.3
Update to 7.19.5: Version 7.19.5 (18 May 2009) Daniel Stenberg (17 May 2009) - James Bursa posted a patch to the mailing list that fixed a problem with no_proxy which made it not skip the proxy if the URL entered contained a user name. I added test case 1101 to verify. Daniel Stenberg (11 May 2009) - Balint Szilakszi reported a memory leak when libcurl did gzip decompression of streams that had some parts (legitimately) missing. We now provide and use a proper cleanup function for the content encoding submodule. http://curl.haxx.se/mail/lib-2009-05/0092.html - Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12 If an incorrect password is given while loading a private key, libcurl ends up in an infinite loop consuming memory. The bug is critical. - I fixed the problem with doing NTLM, POST and then following a 302 redirect, as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on curl-library). The transfer was mistakenly marked to get more data to send but since it didn't actually have that, it just hung there... Daniel Stenberg (10 May 2009) - Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted byte in the digest code. Yang Tse (9 May 2009) - Removed DOS and TPF package's subdirectory Makefile.am, it was only used to include some files in the distribution tarball serving no other purpose. Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST of the Makefile in the parent subdirectory. Yang Tse (8 May 2009) - Changed host name literal in several tests to one under the haxx.se domain. - Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. Daniel Stenberg (8 May 2009) - Constantine Sapuntzakis fixed bug report #2784055 (http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to connect to SOCKS proxies when using the multi interface. It turned out to almost not work at all previously. We need to wait for the TCP connect to be properly verified before doing the SOCKS magic. There's still a flaw in the FTP code for this. Daniel Stenberg (7 May 2009) - Made the SO_SNDBUF setting for the data connection socket for ftp uploads as well. See change 28 Apr 2009. Yang Tse (7 May 2009) - Fixed an issue affecting FTP transfers, introduced with the transfer.c patch committed May 4. Daniel Stenberg (7 May 2009) - Man page *roff problems fixed thanks to input from Colin Watson. Problems reported in the Debian package. - Vijay G filed bug report #2723236 (http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with libcurl's TFTP code and its lack of dealing with the OACK packet. Yang Tse (5 May 2009) - Fixed the --ftp-port address of test #251 to the CLIENTIP address, and reverted the change affecting test suite harness committed 4 May. Daniel Stenberg (5 May 2009) - Inspired by Michael Smith's session id fix for OpenSSL, I did the corresponding fix in the GnuTLS code: make sure to store the new session id in case the previous re-used one is rejected. Daniel Stenberg (4 May 2009) - Michael Smith posted bug report #2786255 (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how libcurl did not deal with SSL session ids properly if the server rejected a re-use of one. Starting now, it will forget the rejected one and remember the new. This change was for OpenSSL only, it is likely that other SSL lib code needs similar fixes. Yang Tse (4 May 2009) - Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems: 1) On non-ASCII platforms not all of the protocol portions of the PUT are being translated to ASCII. 2) On all platforms the line endings of part of the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV). - Applied David McCreedy's patch to fix test suite harness to allow test FTP server and client on different machines, providing FTP client address when running the FTP test server. Daniel Fandrich (3 May 2009) - Added and disabled test case 563 which shows KNOWN_BUGS #59. The bug report failed to mention that a proxy must be used to reproduce it. Yang Tse (2 May 2009) - Use a build-time configured curl_socklen_t data type instead of socklen_t. Yang Tse (1 May 2009) - Applied David McCreedy's patches "TPF-platform specific changes to various files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the former with minor edits. Daniel Stenberg (30 Apr 2009) - I was going to fix issue #59 in KNOWN_BUGS If the CURLOPT_PORT option is used on an FTP URL like "ftp://example.com/file;type=A" the ";type=A" is stripped off. I added test case 562 to verify, only to find out that I couldn't repeat this bug so I hereby consider it not a bug anymore! Daniel Stenberg (29 Apr 2009) - Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219) I've now made TFTP "connections" not being kept for re-use within libcurl. TFTP is UDP-based so the benefit was really low (if even existing) to begin with so instead of tracking down to fix this problem we instead removed the re-use. I also enabled test case 1099 that I wrote a few days ago to verify that this change fixes the reported problem. Daniel Stenberg (28 Apr 2009) - Constantine Sapuntzakis filed bug report #2783090 (http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows we need to grow the SO_SNDBUF buffer somewhat to get really good upload speeds. http://support.microsoft.com/kb/823764 has the details. Friends confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough. - Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim Chen pointed out how curl couldn't upload with resume when reading from a pipe. This ended up with the introduction of a new return code for the CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but that libcurl may try to resolve the situation anyway. In our case this means libcurl will attempt to instead read that much data from the stream instead of seeking and that way curl can now upload with resume when data is read from a stream! Daniel Stenberg (26 Apr 2009) - Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi interface and provided a patch that fixed the problem! Daniel Stenberg (24 Apr 2009) - Kamil Dudka fixed another NSS-related leak when client certs were used. - Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer Koenig pointed out that the man page didn't tell that the *_proxy environment variables can be specified lower case or UPPER CASE and the lower case takes precedence, Daniel Fandrich (21 Apr 2009) - Added new libcurl source files to Amiga, RiscOS and VC6 build files. Yang Tse (21 Apr 2009) - Moved potential inclusion of system's malloc.h and memory.h header files to setup_once.h. Inclusion of each header file is based on the definition of NEED_MALLOC_H and NEED_MEMORY_H respectively. Renamed libcurl's memory.h to curl_memory.h Daniel Stenberg (20 Apr 2009) - Leanic Lefever reported a crash and did some detailed research on why and how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The conclusion was that if an error is detected and Curl_done() is called for the connection, ftp_done() could at times return another error code that then would take precedence and that new code confused existing logic that works for the first error code (CURLE_SEND_ERROR) only. - Gisle Vanem noticed that --libtool would produce bogus strings at times for OBJECTPOINT options. Now we've introduced a new function - my_setopt_str - within the app for setting plain string options to avoid the risk of this mistake happening. Daniel Stenberg (17 Apr 2009) - Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP proxy. libcurl would then wrongly close the connection after each request. In his case it had the weird side-effect that it killed NTLM auth for the proxy causing an inifinite loop! I added test case 1098 to verify this fix. The test case does however not properly verify that the transfers are done persistently - as I couldn't think of a clever way to achieve it right now - but you need to read the stderr output after a test run to see that it truly did the right thing. Daniel Stenberg (13 Apr 2009) - bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin Storsj confusing as it set the method to either GET or HEAD. The example he showed looked like: curl_easy_setopt(curl, CURLOPT_PUT, 1); curl_easy_setopt(curl, CURLOPT_NOBODY, 0); The new way doesn't alter the method until the request is about to start. If CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is 0 and the request happens to have been set to HEAD, it will then instead be set to GET. I believe this will be less surprising to users, and hopefully not hit any existing users badly. - Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue is found in Redhat's bug tracker: https://bugzilla.redhat.com/show_bug.cgi?id=453612 There are still memory leaks present, but they seem to have other reasons. Daniel Fandrich (11 Apr 2009) - Added new libcurl source files to Symbian OS build files. - Improved Symbian support for SSL. Yang Tse (10 Apr 2009) - Daniel Johnson improved the MacOSX-Framework shell script to now perform all the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64 libcurl.framework. Four way fat framework requires OS X 10.5 SDK or later. Yang Tse (8 Apr 2009) - Removed Sun compilers preprocessor block from curlbuild.h.dist, this also removes it from the curlbuild.h file originally distributed by the cURL project as this file is intended for systems not capable of running the configure script. For those who have been building curl out of the source code curl distribution tarball provided by curl.haxx.se the change implies nothing. Previous change in this area committed 2 Apr becomes irrelevant. Daniel Stenberg (6 Apr 2009) - I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success and 1 on fatal errors. Previously it only mentioned non-zero on fatal errors. This is a slight change in meaning, but it follows what we've done elsewhere before and it opens up for LOTS of more useful return codes whenever we can think of them... Yang Tse (2 Apr 2009) - Fix curl_off_t definition for builds done using Sun compilers and a non-configured libcurl. In this case curl_off_t data type was gated to the off_t data type which depends on the _FILE_OFFSET_BITS. This configuration is exactly the unwanted configuration for our curl_off_t data type which must not depend on such setting. This breaks ABI for libcurl libraries built with Sun compilers which were built without having run the configure script with _FILE_OFFSET_BITS different than 64 and using the ILP32 data model. Daniel Stenberg (1 Apr 2009) - Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a strdup() call failed. Daniel Fandrich (31 Mar 2009) - Properly return an error code in curl_easy_recv (reported by Jim Freeman). Daniel Stenberg (18 Mar 2009) - Kamil Dudka brought a patch that enables 6 additional crypto algorithms when NSS is used. These ciphers were added in NSS 3.4 and require to be enabled explicitly. Daniel Stenberg (13 Mar 2009) - Use libssh2_version() to present the libssh2 version in case the libssh2 library is found to support it. Yang Tse (12 Mar 2009) - Added missing Curl_read() return code checking in TELNET transfers. - Pierre Brico found and fixed TELNET transfers not being aborted upon a write callback failure. Daniel Stenberg (11 Mar 2009) - Kamil Dudka made the curl tool properly call curl_global_init() before any other libcurl function. Yang Tse (11 Mar 2009) - Added missing TELNET timeout support for Windows builds. This issue was reported by Pierre Brico. Daniel Stenberg (9 Mar 2009) - Frank Hempel found out a bug and provided the fix: curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE option. It only enabled the cookie engine in the destination handle if data->cookies is not NULL (where data is the source handle). In case of a newly initialized handle which just had the cookie support enabled by a curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was still NULL because the setopt-call only appends the value to data->change.cookielist, hence duplicating this handle would not have the cookie engine switched on. We also concluded that the slist-functionality would be suitable for being put in its own module rather than simply hanging out in lib/sendf.c so I created lib/slist.[ch] for them. - Andreas Farber made the 'buildconf' script check for the presence of m4 scripts to make it detect a bad checkout earlier. People with older checkouts who don't do cvs update with the -d option won't get the new dirs and then will get funny outputs that can be a bit hard to understand and fix. Daniel Stenberg (8 Mar 2009) - Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the allocation of the memory BIO was not being properly checked. - Andre Guibert de Bruet fixed the gnutls-using code: There are a few places in the gnutls code where we were checking for negative values for errors, when the man pages state that GNUTLS_E_SUCCESS is returned on success and other values indicate error conditions. - Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that curl didn't use sprintf() in a way that is documented to work in POSIX but since we use our own printf() code (from libcurl) that shouldn't be a problem. Nonetheless I modified the code to not rely on such particular features and to not cause further raised eyebrowse with no good reason. Daniel Fandrich (5 Mar 2009) - Expanded the security section of the libcurl-tutorial man page to cover more issues for authors to consider when writing robust libcurl-using applications. Yang Tse (5 Mar 2009) - Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This issue was noticed by Chris Deidun. Daniel Fandrich (4 Mar 2009) - Fixed a problem with m4 quoting in the OpenSSL configure check reported by Daniel Johnson. Daniel Stenberg (3 Mar 2009) - David James brought a patch that make libcurl close (all) dead connections whenever you attempt to open a new connection. 1. After cleaning up a dead connection, "continue" instead of returning FALSE. This ensures that we clean up all dead connections, rather than just cleaning up the first dead connection. 2. Move up the cleanup for dead connections so that it occurs for all connections, rather than just the connections which have the same preferences as our current new connection.
2009-06-09 20:31:35 +02:00
man/man3/curl_multi_socket_action.3
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
man/man3/curl_multi_strerror.3
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
man/man3/curl_multi_timeout.3
Changes 7.28.0: SSH: added agent based authentication ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT multi: add curl_multi_wait() metalink: Added support for Microsoft Windows CryptoAPI md5: Added support for Microsoft Windows CryptoAPI parse_proxy: treat "socks://x" as a socks4 proxy socks: Added support for IPv6 connections through SOCKSv5 proxy Bugfixes: WSAPoll disabled on Windows builds due to its bugs segfault on request retries curl-config: parentheses fix VC build: add define for openssl globbing: fix segfault when >9 globs were used fixed a few clang-analyzer warnings metalink: change code order to build with gnutls-nettle gtls: fix build failure by including nettle-specific headers change preferred HTTP auth on a handle previously used for another auth file: use fdopen() to avoid race condition Added DWANT_IDN_PROTOTYPES define for MSVC too verbose: fixed (nil) output of hostnames in re-used connections metalink: Un-broke the build when building --with-darwinssl curl man page cleanup Avoid leak of local device string when reusing connection Curl_socket_check: fix return code for timeout nss: do not print misleading NSS error codes configure: remove the --enable/disable-nonblocking options darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions NTLM: re-use existing connection better schannel crash on multi and easy handle cleanup SOCKS: truly disable it if CURL_DISABLE_PROXY is defined mk-ca-bundle: detect start of trust section better gnutls: do not fail on non-fatal handshake errors SMTP: only send SIZE if supported ftpserver: respond with a 250 to SMTP EHLO ssh: do not crash if MD5 fingerprint is not provided by libssh2 winbuild: Added support for building with SPNEGO enabled metalink: Fixed validation of binary files containing EOF setup.h: fixed for MS VC10 build cmake: use standard findxxx modules for cmake v2.8+ HTTP_ONLY: disable more protocols Curl_reconnect_request: clear pointer on failure https.c example: remember to call curl_global_init() metalink: Filter resource URLs by type multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation curl_schannel: Removed buffer limit and optimized buffer strategy
2012-10-12 09:36:11 +02:00
man/man3/curl_multi_wait.3
man/man3/curl_share_cleanup.3
man/man3/curl_share_init.3
man/man3/curl_share_setopt.3
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
man/man3/curl_share_strerror.3
man/man3/curl_slist_append.3
man/man3/curl_slist_free_all.3
man/man3/curl_strequal.3
upgrade to 7.7.1. Version 7.7.1 Daniel (3 April 2001) - Puneet Pawaia pointed out two serious problems. Libcurl would attempt to read bad memory during situations when an (ftp) connection attempt failed. Also, the lib/Makefile.vc6 was corrected. - More investigations in the Location: following code made me realize that it was not clean enough to work transparantly with persistant and non- persistant connections. I think I've fixed it now. Daniel (29 March 2001) - Georg Horn mailed me some corrections for the Curl::easy perl interface. - Experimental ftps:// support added. It is basically FTP over SSL for the control connection. It still makes all data transfers going over unencrypted connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used that to verify the functionality. Daniel (27 March 2001) - Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried to get a file from a site and it fails, the SIGALRM would still be sent after the timeout-time, quite inexpectedly! - I added an ftp transfer example to docs/examples/ and I also wrote a tiny example makefile that can be used as a start when building one of the examples. Version 7.7.1-beta1 Daniel (26 March 2001) - Mohamed Lrhazi reported problems with 7.6.1 and persistant HTTP/1.0 connections (when the server replied a Connection: Keep-Alive) and this problem was not properly dealt with in 7.7 either. A patch was posted to the curl-and-php mailing list. Daniel (24 March 2001) - Colin Watson reported about a problem and brought a patch that corrected it, which was about the man page and lines starting with a single quote (') in a way that gnroff doesn't like. Daniel (23 March 2001) - Peter Bray reported correctly that the root makefile used make instead of $(MAKE) for the test target. - Corrected the Curl::easy perl interface to use curl_easy_setopt() and not curl_setopt() which was removed in 7.7! - SM provided updates on three documents (MANUAL, INSTALL and FAQ). - When following a Location:, libcurl would sometimes write to the URL string in a way it shouldn't. As the pointer is passed-in to libcurl from an application, we can't be allowed to write to it. The particular bug report from 'nk' that brought this up was because he had a read-only URL that then caused a libcurl crash! - No longer reads HEAD responses longer than to the last header. Previously, curl would read the full reply if the connection was a "close" one. - libcurl did re-use connections way too much. Doing "curl http://www.{microsoft,ibm}.com" would make it re-use the connection which made the second request return very odd results. Daniel (22 March 2001) - Edin Kadribasic made me aware that curl should not re-send POST requests when following 302-redirects. I made 302 work like 303 which means curl uses GET in the following request(s). - libcurl now reset the "followed-location" counter on each invoke of curl_easy_perform() as it otherwise would sum up all redirects on the same connection and thus could reach the maxredirs counter wrongly. - Jim Drash suggested curl_escape() should not re-encode what already looks like an encoded sequence and I think that's a fair suggestion. Version 7.7 Daniel (22 March 2001) - The configure script now fails with an error message if gethostbyname_r() is detected but it couldn't figure out how to invoke it (what amount of arguments it is supposed to get). Reports from Andrés García made me aware of this need. - Talking with Jim Drash made me finally put the curl_escape and curl_unescape functions in the curl.h include file and write man pages for them. The escape function was modified to use the same interface as the unescape one had. - No bug reports at all on the latest betas. Release time coming up. Version 7.7-beta5 Daniel (19 March 2001) - Georg Ottinger reported problems with using -C together with -L in the sense that the -C info got lost when it was redirected. I could not repeat this problem on the 7.7 branch why I leave this for the moment. Test case 39 was added to do exactly this, and it seems to do right. - Christian Robottom Reis reported how his 7.7 beta didn't successfully do form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT and POST operations that I need to add support for. Section 8.2.3 in RFC2616 has all the details. Seems to work now! Daniel (16 March 2001) - After having experienced another machine break-down, we're back. - Georg Horn's perl interface Curl::easy is now included in the curl release archive. The perl/ directory is now present. Please help me with docs, examples and updates you think fit. - Made a new php/ directory in the release archive and moved the PHP examples into a subdirectory in there. Not much PHP info yet, but I plan to. Please help me here as well! - Made libcurl return error if a transfer is aborted in the middle of a "chunk". It actually enables libcurl to discover premature transfer aborts even if the Content-Length: size is unknown. Daniel (15 March 2001) - Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT option in libcurl. It limits the time curl is allowed to spend in the connection phase. This differs from -m/--max-time that limits the entire file transfer operation. Requested by Larry Fahnoe and others. I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the item from the TODO. Version 7.7-beta4 Daniel (14 March 2001) - Made curl grok IPv6 with HTTP proxies and got everything to compile nicely again when ENABLE_IPV6 is set. I need to remake things in the test suite. I can't test the FTP parts with curl built for IPv6 as it uses a different set of FTP commands then! - I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was a report meant for our project. Anyway, it said the .netrc parsing didn't work as supposed, and as I agreed with Lars, I made the netrc parser use getpwuid() to figure out the home directory of the effective user and try that netrc. It still uses the environment variable HOME for those that don't have that function or if the user doesn't return valid pwd info. - Edin Kadribaic posted a bug report where he got a crash when a fetch with user+password in the URL followed a Location: to a second URL (absolute, without name+password). This bug has been around for a long while and crashes due to a read at address zero. Fixed now. Wrote test case 38, that tests this. - Modified the test suite's httpserver slightly to append all client request data to its log file so that the test script now better can verify a range of requests and not only the last one, as it did previously. - Updated the curl man page with --random-file and --egd-file details. Version 7.7-beta3 Daniel (14 March 2001) - Björn Stenberg provided similar fixes as Jörn did and some additional patches for non-SSL compiles. - I increased the interface number for libcurl as I've removed the low level functions from the interface. I also took this opportunity to rename the Curl_strequal function to curl_strequal and Curl_strnequal to curl_strnequal, as they're public libcurl functions (even if they're still undocumented). This will make older programs not capable of using the new libcurl with just a drop-in replacement. - Jörn Hartroth updated stuff for win32 compiles: o config-win32.h was fixed for socklen_t o lib/ssluse.c had a bad #endif placement o lib/file.c was made to compile on win32 again o lib/Makefile.m32 was updated with the new files o lib/libcurl.def matches the current interface state Daniel (13 March 2001) - It only took an hour or so before Jörn Hartroth found a problem in the chunked transfer-encoding. Given his fine example-site, I could easily spot the problem and when I re-read the spec (the part I have pasted in the top of the http_chunks.h file), I realized I had made my state-machine slightly wrong and didn't expect/handle the trailing CRLF that comes after the data in each chunk (and those extra two bytes sure feel wasted). Had to modify test case 34 to match this as well. Version 7.7-beta2 Daniel (13 March 2001) - Added the policy stuff to the curl_easy_setopt man page for the two supported policies. - Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now supported, and the "least recently used" is used as default if no policy is chosen. Daniel (12 March 2001) - Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the SSL random engine. The random seeding support was also brought to the curl client with the new options --random-file <file> and --egd-file <file>. I need some people to really test this to know they work as supposed. Remember that libcurl now informs (if verbose is on) if the random seed is considered weak (HTTPS connections). - Made the chunked transfer-encoding engine detected bad formatted data length and return error if so (we can't possibly extract sensible data if this is the case). Added a test case that detects this. Number 36. Now there are 60 test cases. - Added 5 new libcurl options to curl/curl.h that can be used to control the persistant connection support in libcurl. They're also documented (fairly thoroughly) in the curl_easy_setopt.3 man page. Three of them are now implemented, although not really tested at this point... Anyway, the new implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT, CURLOPT_FORBID_REUSE. The ones still left to write code for are: CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION. - Made curl (the actual command line tool) use the new libcurl 7.7 persistant connection support by re-using the same curl handle for every specified file transfer and after some more test case tweaking we have 100% test case OK. I made some test cases return HTTP/1.0 now to make sure that works as well. - Had to add 'Connection: close' to the headers of a bunch of test cases so that curl behaves "old-style" since the test http server doesn't do multiple connections... Now I get 100% test case OK. - The curl.haxx.se site, the main curl mailing list and my personal email are all dead today due to power blackout in the area where the main servers are located. Horrible. - I've made persistance work over a squid HTTP proxy. I find it disturbing that it uses headers that aren't present in any HTTP standard though (Proxy-Connection:) and that makes me feel that I'm now on the edge of what the standard actually defines. I need to get this code excercised on a lot of different HTTP proxies before I feel safe. Now I'm facing the problem with my test suite servers (both FTP and HTTP) not supporting persistant connections and libcurl is doing them now. I have to fix the test servers to get all the test cases do OK. Daniel (8 March 2001) - Guenole Bescon reported that libcurl did output errors to stderr even if MUTE and NOPROGRESS was set. It turned out to be a bug and happens if there's an error and no ERRORBUFFER is set. This is now corrected. Version 7.7-beta1 Daniel (8 March 2001) - "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've added two source files and I've run some test downloads that look fine. - HTTP HEAD works too, even on 1.1 servers. Daniel (5 March 2001) - The current 57 test cases now pass OK. It would suggest that libcurl works using the old-style with one connection per handle. The test suite doesn't handle multiple connections yet so there are no test cases for this. - I patched the telnet.c heavily to not use any global variables anymore. It should make it a lot nicer library-wise. - The file:// support was modified slightly to use the internal connect-first- then-do approach. Daniel (4 March 2001) - More bugs erased. Version 7.7-alpha2 Daniel (4 March 2001) - Now, there's even a basic check that a re-used connection is still alive before it is assumed so. A few first tests have proven that libcurl will then re-connect instead of re-use the dead connection! Daniel (2 March 2001) - Now they work intermixed as well. Major coolness! - More fiddling around, my 'tiny' client I have for testing purposes now has proved to download both FTP and HTTP with persistant connections. They do not work intermixed yet though. Daniel (1 March 2001) - Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that curl_slist_append() should take a const char * as second argument. It does now. Daniel (22 February 2001) - The persistant connections start to look good for HTTP. On a subsequent request, it seems that libcurl now can pick an already existing connection if a suitable one exists, or it opens a new one. - Douglas R. Horner mailed me corrections to the curl_formparse() man page that I applied. Daniel (20 February 2001) - Added the docs/examples/win32sockets.c file for our windows friends. - Linus Nielsen Feltzing provided brand new TELNET functionality and improvements: * Negotiation is now passive. Curl does not negotiate until the peer does. * Possibility to set negotiation options on the command line, currently only XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV). * Now sends the USER environment variable if the -u switch is used. * Use -t to set telnet options (Linus even updated the man page, awesome!) - Haven't done this big changes to curl for a while. Moved around a lot of struct fields and stuff to make multiple connections get connection specific data in separate structs so that they can co-exist in a nice way. See the mailing lists for discussions around how this is gonna be implemented. Docs and more will follow. Studied the HTTP RFC to find out better how persistant connections should work. Seems cool enough. Daniel (19 February 2001) - Bob Schader brought me two files that help set up a MS VC++ libcurl project easier. He also provided me with an up-to-date libcurl.def file. - I moved a bunch of prototypes from the public <curl/curl.h> file to the library private urldata.h. This is because of the upcoming changes. The low level interface is no longer being planned to become reality. Daniel (15 February 2001) - CURLOPT_POST is not required anymore. Just setting the POST string with CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in libcurl already works this way, i.e they require only the parameter to switch on a feature so I think this works well with the rest. Setting a NULL string switches off the POST again. - Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn Reese helped me define a way how to incorporate persistant connections into libcurl in a very smooth way. If done right, no change may have to be made to older programs and they will just start using persistant connections when applicable! Daniel (13 February 2001) - Changed the word 'timeouted' to 'timed out' in two different error messages. Suggested by Larry Fahnoe. Version 7.6.1 Daniel (9 February 2001) - Frank Reid and Cain Hopwood provided information and research around a HTTPS PUT/upload problem we seem to have. No solution found yet. Daniel (8 February 2001) - An interesting discussion is how to specify an empty password without having curl ask for it interactively? The current implmentation takes an empty password as a request for a password prompt. However, I still want to support a blank user field. Thus, today if you enter "-u :" (without user and password) curl will prompt for the password. Tricky. How would you specify you want the prompt otherwise? - Made the netrc parse result possible to use for other protocols than FTP and HTTP (such as the upcoming TELNET fixes). - The previously mentioned "MSVC++ problems" turned out to be a non-issue. - Added a HTTP file upload code example in the docs/examples/ section on request. - Adjusted the FTP response fix slightly. Version 7.6.1-pre3 Daniel (7 February 2001) - SM found a flaw in the response reading function for FTP that could make libcurl not get out of the loop properly when it should, if libcurl got -1 returned when reading the socket. - I found a similar mistake in http.c when using a proxy and reading the results from the proxy connection. Daniel (6 February 2001) - A friendly person named "SM" (nntp at iname.com) pointed out that the VC makefile in src/ needed the libpath set for the debug build to work. - Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver brought up yesterday. Daniel (5 February 2001) - Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to a bunch of different areas within libcurl. - Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with the 'static' keyword on a number of libcurl functions. I might need to add a patch that redefines static when libcurl is compiled with that compiler. How do I know when VC++ compiles, anyone? Daniel (4 February 2001) - curl_getinfo() was extended with two new options: CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They return the full assumed content length of the transfer in the given direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length: size of a HTTP download. Added descriptions to the man page as well. This was done after discussions with Bob Schader. Daniel (3 February 2001) - Ingo Ralf Blum provided another fix that makes curl build under the more recent cygwin installations. It seems they've changed the preset defines to not include WIN32 anymore. Version 7.6.1-pre2 Daniel (31 January 2001) - Curl_read() and curl_read() now return a ssize_t for the size, as it had to be able to return -1. The telnet support crashed due to this and there was a possibility to weird behaviour all over. Linus Nielsen Feltzing helped me find this. - Added a configure.in check for a working getaddrinfo() if IPv6 is requested. I also made the configure script feature --enable-debug which sets a couple of compiler options when used. It assumes gcc. Daniel (30 January 2001) - I finally took a stab at the long-term FIXME item I've had on myself, and now libcurl will properly work when doing a HTTP range-request that follows a Location:. Previously that would make libcurl fail saying that the server doesn't seem to support range requests. Daniel (29 January 2001) - I added a test case for the HTTP PUT resume thing (test case 33). Version 7.6.1-pre1 Daniel (29 January 2001) - Yet another Content-Range change. Ok now? Bob Schader checks from his end and it works for him. Daniel (27 January 2001) - So the HTTP PUT resume fix wasn't good. There should appearantly be a Content-Range header when resuming a PUT. - I noticed I broke the download-check that verifies that a resumed HTTP download is actually resumed. It got broke because my new 'httpreq' field in the main curl struct. I should get slapped. I added a test case for this now, so I won't be able to ruin this again without noticing. - Added a test case for content-length verifying when downloading HTTP. - Made the progress meter title say if the transfer is being transfered. It makes the output slightly better for resumes. - When dealing with Location: and HTTP return codes, libcurl will not attempt to follow the spirit of RFC2616 better. It means that when POSTing to a URL that is being following to a second place, the standard will judge on what to do. All HTTP codes except 303 and 305 will cause curl to make a second POST operation. 303 will make a GET and 305 is not yet supported. I also wrote two test cases for this POST/GET/Location stuff.
2001-04-06 05:47:23 +02:00
man/man3/curl_unescape.3
man/man3/curl_version.3
man/man3/curl_version_info.3
man/man3/libcurl-easy.3
man/man3/libcurl-errors.3
man/man3/libcurl-multi.3
man/man3/libcurl-share.3
update to Curl 7.12.1 Changes: * the version string now only contains info about (sub) package versions, while for example krb4 and ipv6 now only are available as 'features' * added curl_easy_reset() * socks proxy support even when libcurl is built ipv6-enabled * read callbacks can stop the transfer by returning CURL_READFUNC_ABORT * libcurl-tutorial.3 is the new man page formerly known as libcurl-the-guide * additional SSL trace data might be sent to the debug callback using two new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT * multipart formposts can upload files larger than system memory * the curl tool continues with the next URL even if one transfer fails * FTP 3rd party transfer support - seven new setopt() options Bugfixes: * UTF-8 encoded certificate names can now be verified properly * krb4 link problem * HTTP Negotiate service name now provided in uppercase * no longer accepts any cookies with domain set to just a TLD * HTTP Digest properties without quotes in the header * bad Host: header case on re-used connections over proxy * duplicate Host: header case on re-used connections * curl -o name#[num] now works when no globbing for [num] exists * test suite runs fine with valgrind 2.1.x * negative Content-Length is ignored * test 505 runs fine on windows * curl_share_cleanup() crash * --trace files now get the final info lines too * multi interface connects fine to multi-IP resolving hosts * --limit-rate works on Mac OS X (and other systems with bad poll()s) * cookies can now hold 4999 bytes of content * HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX * HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate * less restrictive libidn requirements, 0.4.1 or later is fine * HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server didn't require any authentication * win32 file:// transfer free memory bug * configure --disable-http builds a libcurl without HTTP support * CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument * builds fine with Borland on Windows * the msvc curllib.dsp now builds the libcurl.lib file * builds fine on VMS * builds fine on NetWare * HTTP Digest authentication with proxies uses correct user name + password * builds fine with lcc-win32
2004-08-21 13:31:00 +02:00
man/man3/libcurl-tutorial.3
man/man3/libcurl.3
share/doc/curl/FAQ
share/doc/curl/MANUAL
share/doc/curl/TheArtOfHttpScripting
update to Curl 7.12.1 Changes: * the version string now only contains info about (sub) package versions, while for example krb4 and ipv6 now only are available as 'features' * added curl_easy_reset() * socks proxy support even when libcurl is built ipv6-enabled * read callbacks can stop the transfer by returning CURL_READFUNC_ABORT * libcurl-tutorial.3 is the new man page formerly known as libcurl-the-guide * additional SSL trace data might be sent to the debug callback using two new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT * multipart formposts can upload files larger than system memory * the curl tool continues with the next URL even if one transfer fails * FTP 3rd party transfer support - seven new setopt() options Bugfixes: * UTF-8 encoded certificate names can now be verified properly * krb4 link problem * HTTP Negotiate service name now provided in uppercase * no longer accepts any cookies with domain set to just a TLD * HTTP Digest properties without quotes in the header * bad Host: header case on re-used connections over proxy * duplicate Host: header case on re-used connections * curl -o name#[num] now works when no globbing for [num] exists * test suite runs fine with valgrind 2.1.x * negative Content-Length is ignored * test 505 runs fine on windows * curl_share_cleanup() crash * --trace files now get the final info lines too * multi interface connects fine to multi-IP resolving hosts * --limit-rate works on Mac OS X (and other systems with bad poll()s) * cookies can now hold 4999 bytes of content * HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX * HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate * less restrictive libidn requirements, 0.4.1 or later is fine * HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server didn't require any authentication * win32 file:// transfer free memory bug * configure --disable-http builds a libcurl without HTTP support * CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument * builds fine with Borland on Windows * the msvc curllib.dsp now builds the libcurl.lib file * builds fine on VMS * builds fine on NetWare * HTTP Digest authentication with proxies uses correct user name + password * builds fine with lcc-win32
2004-08-21 13:31:00 +02:00
share/doc/curl/curl-config.pdf
share/doc/curl/curl.pdf
Update to 7.16.0: Version 7.16.0 (30 October 2006) Daniel (25 October 2006) - Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the case when 401 or 407 are returned, *IF* no auth credentials have been given. The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401 and 407 cases when auth credentials is given, but we've now covered this somewhat more. You might get some amounts of headers transferred before this situation is detected, like for when a "100-continue" is received as a response to a POST/PUT and a 401 or 407 is received immediately afterwards. Added test 281 to verify this change. Daniel (23 October 2006) - Ravi Pratap provided a major update with pipelining fixes. We also no longer re-use connections (for pipelining) before the name resolving is done. Daniel (21 October 2006) - Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all the single test applications' link and dependences, so that you easier can override those from the command line when using make. - Armel Asselin separated CA cert verification problems from problems with reading the (local) CA cert file to let users easier pinpoint the actual problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code. Daniel (18 October 2006) - Removed the "protocol-guessing" for URLs with host names starting with FTPS or TELNET since they are practically non-existant. This leaves us with only three different prefixes that would assume the protocol is anything but HTTP, and they are host names starting with "ftp.", "dict." or "ldap.". Daniel (17 October 2006) - Bug report #1579171 pointed out code flaws detected with "prefast", and they were 1 - a too small memory clear with memset() in the threaded resolver and 2 - a range of potentially bad uses of the ctype family of is*() functions such as isdigit(), isalnum(), isprint() and more. The latter made me switch to using our own set of these functions/macros using uppercase letters, and with some extra set of crazy typecasts to avoid mistakingly passing in negative numbers to the underlying is*() functions. - With Jeff Pohlmeyer's help, I fixed the expire timer when using curl_multi_socket() during name resolves with c-ares and the LOW_SPEED options now work fine with curl_multi_socket() as well. Daniel (16 October 2006) - Added a check in configure that simply tries to run a program (not when cross-compiling) in order to detect problems with run-time libraries that otherwise would occur when the sizeof tests for curl_off_t would run and thus be much more confusing to users. The check of course should run after all lib-checks are done and before any other test is used that would run an executable built for testing-purposes. Dan F (13 October 2006) - The tagging of application/x-www-form-urlencoded POST body data sent to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously included as part of the header). A message was also added to the command line tool to show when data is being sent, enabled when --verbose is used. Daniel (12 October 2006) - Starting now, adding an easy handle to a multi stack that was already added to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned. - Jeff Pohlmeyer has been working with the hiperfifo.c example source code, and while doing so it became apparent that the current timeout system for the socket API really was a bit awkward since it become quite some work to be sure we have the correct timeout set. Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another callback the app can set to get to know when the general timeout time changes and thus for an application like hiperfifo.c it makes everything a lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in good old libcurl tradition. Jeff has also updated the hiperfifo.c example code to use this news. Daniel (9 October 2006) - Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test case 535 and it now runs fine. Again a problem with the pipelining code not taking all possible (error) conditions into account. Daniel (6 October 2006) - Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to test case 533 and the test now runs fine. Daniel (4 October 2006) - Dmitriy Sergeyev provided an example source code that crashed CVS libcurl but that worked nicely in 7.15.5. I converted it into test case 532 and fixed the problem. Daniel (29 September 2006) - Removed a few other no-longer present options from the header file. - Support for FTP third party transfers was removed. Here's why: o The recent multi interface changes broke it and the design of the 3rd party transfers made it very hard to fix the problems o It was still blocking and thus nasty for the multi interface o It was a lot of extra code for a very rarely used feature o It didn't use the same code as for "plain" FTP transfers, so it didn't work fine for IPv6 and it didn't properly re-use connections and more o There's nobody around who's willing to work on and improve the existing code This does not mean that third party transfers are banned forever, only that they need to be done better if they are to be re-added in the future. The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p* options from the command line tool. For this reason, I also bumped the version info for the lib. Daniel (28 September 2006) - Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl would crash if a bad function sequence was used when shutting down after using the multi interface (i.e using easy_cleanup after multi_cleanup) so precautions have been added to make sure it doesn't any more - test case 529 was added to verify. Daniel (27 September 2006) - The URL in the cookie jar file is now changed since it was giving a 404. Reported by Timothy Stone. The new URL will take the visitor to a curl web site mirror with the document. Daniel (24 September 2006) - Bernard Leak fixed configure --with-gssapi-libs. - Cory Nelson made libcurl use the WSAPoll() function if built for Windows Vista (_WIN32_WINNT >= 0x0600) Daniel (23 September 2006) - Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only encrypt the control connection and use the data connection "plain". - Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better as it now will read the full data sent from servers. The SOCKS-related code was also moved to the new lib/socks.c source file. Daniel (21 September 2006) - Added test case 531 in an attempt to repeat bug report #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an FTP upload fails with the multi interface. It did not, but I made a failed upload still assume the control connection to be fine. Daniel (20 September 2006) - Armel Asselin fixed problems when you gave a proxy URL with user name and empty password or no password at all. Test case 278 and 279 were added to verify. Daniel (12 September 2006) - Added docs/examples/10-at-a-time.c by Michael Wallner - Added docs/examples/hiperfifo.c by Jeff Pohlmeyer Daniel (11 September 2006) - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a handle that is part of a multi handle first removes the handle from the stack. - Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL session-ID re-use on demand since there obviously are broken servers out there that misbehave with session-IDs used. - Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a problem with it (SIGSEGV-style). It clearly showed that the existing socket-state and state-difference function wasn't good enough so I rewrote it and could then re-run Jeff's program without any crash. The previous version clearly could miss to tell the application when a handle changed from using one socket to using another. While I was at it (as I could use this as a means to track this problem down), I've now added a 'magic' number to the easy handle struct that is inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that we can use internally to detect that an easy handle seems to be fine, or at least not closed or freed (freeing in debug builds fill the area with 0x13 bytes but in normal builds we can of course not assume any particular data in the freed areas). Daniel (9 September 2006) - Michele Bini fixed how the hostname is put in NTLM packages. As servers don't expect fully qualified names we need to cut them off at the first dot. - Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some of them can be completetly removed though... Daniel (6 September 2006) - Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that handle will be attempted to get pipelined instead of done in parallell as they are performed otherwise. As a side-effect from this work, connections are now shared between all easy handles within a multi handle, so if you use N easy handles for transfers, each of them can pick up and re-use a connection that was previously used by any of the handles, be it the same or one of the others. This separation of the tight relationship between connections and easy handles is most noticable when you close easy handles that have been used in a multi handle and check amount of used memory or watch the debug output, as there are times when libcurl will keep the easy handle around for a while longer to be able to close it properly. Like for sending QUIT to close down an FTP connection. This is a major change. Daniel (4 September 2006) - Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a patch that while not fixing things very nicely, it does make the SOCKS5 proxy connection slightly better as it now acknowledges the timeout for connection and it no longer segfaults in the case when SOCKS requires authentication and you did not specify username:password. Daniel (31 August 2006) - Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch name resolves. It could get stuck in the wrong state. Gisle (29 August 2006) - Added support for other MS-DOS compilers (desides djgpp). All MS-DOS compiler now uses the same config.dos file (renamed to config.h by make). libcurl now builds fine using Watcom and Metaware's High-C using the Watt-32 tcp/ip-stack. Daniel (29 August 2006) - David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to allow applications to set their own socket options. Daniel (25 August 2006) - Armel Asselin reported that the 'running_handles' counter wasn't updated properly if you removed a "live" handle from a multi handle with curl_multi_remove_handle(). Daniel (22 August 2006) - David McCreedy fixed a remaining mistake from the August 19 TYPE change. - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP code when doing pure ipv6 EPRT connections. Daniel (19 August 2006) - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE command on subsequent requests on a re-used connection unless it has to. - Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and files in the root directory. - Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't send the whole request at once, even though the Expect: header was disabled by the application. An effect of this change is also that small (< 1024 bytes) POSTs are now always sent without Expect: header since we deem it more costly to bother about that than the risk that we send the data in vain. Daniel (9 August 2006) - Armel Asselin made the CURLOPT_PREQUOTE option work fine even when CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place in the command sequence as it would have run if there would've been a transfer. Daniel (8 August 2006) - Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs on a persistent connection and allowed the first to use that header, you could not disable it for the second request. Daniel (7 August 2006) - Domenico Andreolfound a quick build error which happened because src/config.h.in was not a proper duplcate of lib/config.h.in which it should've been and this was due to the maketgz script not doing the cp properly.
2006-11-01 00:04:22 +01:00
share/examples/curl/10-at-a-time.c
share/examples/curl/README
Update to 7.12.3. Enable libidn support. Version 7.12.3 (20 December 2004) Daniel (19 December 2004) - I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e, and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef named 'free_func' and the OpenSSL headers have a prototype that uses 'free_func' in one of its arguments. This is why the compile errors out. In other words, we need to include the openssl/pkcs12.h header before the zlib.h header and it builds fine. The configure script now checks for this file and it then gets included early in lib/urldata.h. Daniel (18 December 2004) - Samuel Listopad added support for PKCS12 formatted certificates. - Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well. Daniel (16 December 2004) - Gisle found and fixed a problem in the directory re-use for FTP. I added test case 215 and 216 to better verify the functionality. - Dinar in bug report #1086121, found a file handle leak when a multipart formpost (including a file upload part) was aborted before the whole file was sent. Daniel (15 December 2004) - Tom Lee found out that globbing of strings with backslashes didn't work as you'd expect. Backslashes are such a central part of windows file names that forcing backslashes to have to be escaped with backslashes is a bit too awkward to users. Starting now, you only need to escape globbing characters such as the five letters: "[]{},". Added test case 214 to verify this. Daniel (14 December 2004) - Harshal Pradhan patched a HTTP persistent connection flaw: if the user name and/or password were modified between two requests on a persistent connection, the second request were still made with the first setup! I added test case 519 to verify the fix. Daniel (13 December 2004) - Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app to list all available crypto ENGINES. - Gisle fixed bug report #1083542, which pointed out a problem with resuming large file (>4GB) file:// transfers on windows. Daniel (11 December 2004) - Made the test suite HTTP server (sws) capable of using IPv6, and then extended the test environment to support that and also added three test cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that didn't work before the 10 dec fix by Kai Sommerfeld. - Made a failed file:// resume output an error message - Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c - Dan Fandrich: simplified and consolidated the SSL checks in configure and the usage of the defines in lib/setup.h provided a first libcurl.pc.in file for pkg-config (but the result is not installed anywhere at this point) extended the cross compile section in the docs/INSTALL file Daniel (10 December 2004) - When providing user name in the URL and a IPv6-style IP-address (like in "ftp://user@[::1]/tmp"), the URL parser didn't get the host extracted properly. Reported and fixed by Kai Sommerfeld. Daniel (9 December 2004) - Ton Voon provided a configure fix that should fix the notorious (mostly reported on Solaris) problem where the size_t check fails due to the SSL libs being found in a dir not searched through by the run-time linker. patch-tracker entry #1081707. - Bryan Henderson pointed out in bug report #1081788 that the curl-config --vernum output wasn't zero prefixed properly (as claimed in documentation). This is fixed in maketgz now. Daniel (8 December 2004) - Matt Veenstra updated the mach-O framework files for Mac OS X. - Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where libcurl always and unconditionally overwrote a stack-based array with 3 zero bytes. This is not an exploitable buffer overflow. No need to get alarmed. Daniel (7 December 2004) - Fixed so that the final error message is sent to the verbose info "stream" even if no errorbuffer is set. Daniel (6 December 2004) - Dan Fandrich added the --disable-cookies option to configure to build libcurl without cookie support. This is mainly useful if you want to build a minimalistic libcurl with no cookies support at all. Like for embedded systems or similar. - Richard Atterer fixed libcurl's way of dealing with the EPSV response. Previously, libcurl would re-resolve the host name with the new port number and attempt to connect to that, while it should use the IP from the control channel. This bug made it hard to EPSV from an FTP server with multiple IP addresses! Daniel (3 December 2004) - Bug report #1078066: when a chunked transfer was pre-maturely closed exactly at a chunk boundary it was not considered an error and thus went unnoticed. Fixed by Maurice Barnum. Added test case 207 to verify. Daniel (2 December 2004) - Fixed the CONNECT loop to default timeout to 3600 seconds. Added test case 206 that makes CONNECT with Digest. Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user- agent field. Daniel (30 November 2004) - Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream - Dan also helped me with input data to create three more test cases for the --compressed option. Daniel (29 November 2004) - I improved the test suite to enable binary contents in the tests (by proving it base64 encoded), like for testing decompress etc. Added test 220 and 221 for this purpose. Tests can now also depend on libz to run. - As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285 (http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables the ability to transfer a file. Now, when connected to an FTP server with IPv6, these FTP commands can't be disabled even if asked to with the available libcurl options. Daniel (26 November 2004) - As reported in Mandrake's bug tracker bug 12289 (http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a newline to "finish" the progress meter after each redirect and not only after a completed transfer. Daniel (25 November 2004) - FTP improvements: If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on the same server again even if a following request is made using a persistent connection. If a second request is made to a server, requesting a file from the same directory as the previous request operated on, libcurl will no longer make that long series of CWD commands just to end up on the same spot. Note that this is only for *exactly* the same dir. There is still room for improvements to optimize the CWD-sending when the dirs are only slightly different. Added test 210, 211 and 212 to verify these changes. Had to improve the test script too and added a new primitive to the test file format. Daniel (24 November 2004) - Andrés García fixed the configure script to detect select properly when run with Msys/Mingw on Windows. Daniel (22 November 2004) - Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass auth negotiation (NTLM, Digest and Negotiate), but instead use the request keyword "properly". Details in lib/README.httpauth. This also introduces CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the "any" auth alternative as then libcurl may need to send the PUT/POST data more than once and thus may need to ask the app to "rewind" the read data stream to start. See also the new example using this: docs/examples/anyauthput.c - David Phillips enhanced test 518. I made it depend on a "feature" so that systems without getrlimit() won't attempt to test 518. configure now checks for getrlimit() and setrlimit() for this test case. Daniel (18 November 2004) - David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE file descriptors are in use. Test case 518 added to verify. Daniel (15 November 2004) - To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and num_redirects support to the -w writeout option for the command line tool. - Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as documented. Daniel (12 November 2004) - Gisle Vanem modigied the MSVC and Netware makefiles to build without libcurl.def - Dan Fandrich added the --disable-crypto-auth option to configure to allow libcurl to build without Digest support. (I figure it should also explicitly disable Negotiate and NTLM.) - *** Modified Behaviour Alert *** Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET. Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make a zero byte POST. Added test case 515 to verify this. Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516 to verify this. CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know". Setting it to zero simply says this is a zero byte POST. When providing POST data with a read callback, setting the size up front is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE. Daniel (11 November 2004) - Dan Fandrich added --disable-verbose to the configure script to allow builds without verbose strings in the code, to save some 12KB space. Makes sense only for systems with very little memory resources. - Jeff Phillips found out that a date string with a year beyond 2038 could crash the new date parser on systems with 32bit time_t. We now check for this case and deal with it. Daniel (10 November 2004) - I installed Heimdal on my Debian box (using the debian package) and noticed that configure --with-gssapi failed to create a nice build. Fixed now. Daniel (9 November 2004) - Gisle Vanem marked all external function calls with CURL_EXTERN so that now the Windows, Netware and other builds no longer need libcurl.def or similar files. Daniel (8 November 2004) - Made the configure script check for tld.h if libidn was detected, since libidn 0.3.X didn't have such a header and we don't work with anything before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version of libidn which makes the curl 7.12.2 build fail. Jean-Philippe Barrette-LaPierre helped pointing this out. - Ian Gulliver reported in debian bug report #278691: if curl is invoked in an environment where stderr is closed the -v output will still be sent to file descriptor 2 which then might be the network socket handle! Now we have a weird hack instead that attempts to make sure that file descriptor 2 is opened (with a call to pipe()) before libcurl is called to do the transfer. configure now checks for pipe() and systems without pipe don't get the weird hack done. Daniel (5 November 2004) - Tim Sneddon made libcurl send no more than 64K in a single first chunk when doing a huge POST on VMS, as this is a system limitation. Default on general systems is 100K. Daniel (4 November 2004) - Andres Garcia made it build on mingw againa, my --retry code broke the build. Daniel (2 November 2004) - Added --retry-max-time that allows a maximum time that may not have been reached for a retry to be made. If not set there is no maximum time, only the amount of retries set with --retry. - Paul Nolan provided a patch to make libcurl build nicely on Windows CE. Daniel (1 November 2004) - When cross-compiling, the configure script no longer attempts to use pkg-config on the build host in order to detect OpenSSL compiler options. Daniel (27 October 2004) - Dan Fandrich: An improvement to the gzip handling of libcurl. There were two problems with the old version: it was possible for a malicious gzip file to cause libcurl to leak memory, as a buffer was malloced to hold the header and never freed if the header ended with no file contents. The second problem is that the 64 KiB decompression buffer was allocated on the stack, which caused unexpectedly high stack usage and overflowed the stack on some systems (someone complained about that in the mailing list about a year ago). Both problems are fixed by this patch. The first one is fixed when a recent (1.2) version of zlib is used, as it takes care of gzip header parsing itself. A check for the version number is done at run-time and libcurl uses that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that can be commented out to save some code space if libcurl is guaranteed to be using a 1.2 version of zlib. The second problem is solved by dynamically allocating the memory buffer instead of storing it on the stack. The allocation/free is done for every incoming packet, which is suboptimal, but should be dwarfed by the actual decompression computation. I've also factored out some common code between deflate and gzip to reduce the code footprint somewhat. I've tested the gzip code on a few test files and I tried deflate using the freshmeat.net server, and it all looks OK. I didn't try running it with valgrind, however. - Added a --retry option to curl that takes a numerical option for the number of times the operation should be retried. It is retried if a transient error is detected or if a timeout occurred. By default, it will first wait one second between the retries and then double the delay time between each retry until the delay time is ten minutes which then will be the delay time between all forthcoming retries. You can set a static delay time with "--retry-delay [num]" where [num] is the number of seconds to wait between each retry. Daniel (25 October 2004) - Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a file that was already completely downloaded caused an error, while it doesn't if you don't use --fail! I added test case 194 to verify the fix. Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in libcurl v8 due to all the kludges needed to support it. - Mohun Biswas found out that formposting a zero-byte file didn't work very good. I fixed. Daniel (19 October 2004) - Alexander Krasnostavsky made it possible to make FTP 3rd party transfers with both source and destination being the same host. It can be useful if you want to move a file on a server or similar. - Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure out how many new connects a previous transfer required. I added %{num_connects} to the curl tool and added test case 192 and 193 to verify the new code. Daniel (18 October 2004) - Peter Wullinger pointed out that curl should call setlocale() properly to initiate the specific language operations, to make the IDN stuff work better.
2005-01-03 12:00:51 +01:00
share/examples/curl/anyauthput.c
share/examples/curl/cacertinmem.c
share/examples/curl/certinfo.c
share/examples/curl/chkspeed.c
share/examples/curl/cookie_interface.c
share/examples/curl/curlgtk.c
share/examples/curl/curlx.c
share/examples/curl/debug.c
share/examples/curl/evhiperfifo.c
Update to 7.23.1: Fixed in 7.23.1 - November 17 2011 Bugfixes: Windows: curl would fail if it found no CA cert, unless -k was used. Even if a non-SSL protocol URL was used Fixed in 7.23.0 - November 15 2011 Changes: Empty headers can be sent in HTTP requests by terminating with a semicolon SSL session sharing support added to curl_share_setopt() Added support to MAIL FROM for the optional SIZE parameter smtp: Added support for NTLM authentication curl tool: code split into tool_*.[ch] files Bugfixes: handle HTTP redirects to "//hostname/path" SMTP without --mail-from caused segfault prevent extra progress meter headers between multiple files allow Content-Length to be replaced when sending HTTP requests curl now always sets postfieldsize to allow --data-binary and --data to be mixed in the same command line curl_multi_fdset: avoid FD_SET out of bounds lots of MinGW build tweaks Curl_gethostname: return un-qualified machine name fixed the openssl version number configure check nss: certificates from files are no longer looked up by file base names returning abort from the progress function when using the multi interface would not properly cancel the transfer and close the connection fix libcurl.m4 to not fail with modern gcc versions ftp: improved the failed PORT host name resolved error message TFTP timeout and unexpected block adjustments HTTP and GOPHER test server-side connection closing adjustments fix endless loop upon transport connection timeout don't clobber errno on failed connect typecheck: allow NULL to unset CURLOPT_ERRORBUFFER formdata: ack read callback abort make --show-error properly position independent set the ipv6-connection boolean correctly on connect SMTP: fix end-of-body string escaping gtls: only call gnutls_transport_set_lowat with HTTP: handle multiple auths in a single WWW-Authenticate line curl_multi_fdset: correct fdset with FTP PORT use windbuild: fix the static build fix builds with GnuTLS version 3 fix calling of OpenSSL's ERR_remove_state(0) HTTP auth: fix proxy Negotiate bug when Negotiate not requested ftp PORT: don't hang if bind() fails -# would crash on terminals wider than 256 columns Fixed in 7.22.0 - September 13 2011 Changes: Added CURLOPT_GSSAPI_DELEGATION Added support for NTLM delegation to Samba's winbind daemon helper ntlm_auth Display notes from setup file in testcurl.pl BSD-style lwIP TCP/IP stack experimental support on Windows OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available --delegation was added to set CURLOPT_GSSAPI_DELEGATION nss: start with no database if the selected database is broken telnet: allow programatic use on Windows Bugfixes: curl_getdate: detect some illegal dates better when sending a request and an error is received before the (entire) request body is sent, stop sending the request and close the connection after having received the entire response. This is equally true if an Expect: 100-continue header was used. When using both -J and a single -O with multiple URLs, a missing init could cause a segfault -J fixed for escaped quotes -J fixed for file names with semicolons progress: reset flags at transfer start to avoid wrong CURLINFO_CONTENT_LENGTH_DOWNLOAD curl_gssapi: Guard files with HAVE_GSSAPI and rename private header silence picky compilers: mark unused parameters help output: more gnu like output libtests: stop checking for CURLM_CALL_MULTI_PERFORM setting a non-HTTP proxy with an environment variable or with CURLOPT_PROXY / --proxy (without specifying CURLOPT_PROXYTYPE) would still make it do proxy-like HTTP requests CURLFORM_BUFFER: insert filename as documented (regression) SOCKS: fix the connect timeout ftp_doing: bail out on error properly while multi interfacing improved Content-Encoded decoding error message asyn-thread: check for dotted addresses before thread starts cmake: find winsock when building on windows Curl_retry_request: check return code cookies: handle 'secure=' as if it was 'secure' tests: break busy loops in tests 502, 555, and 573 FTP: fix proxy connect race condition with multi interface and SOCKS proxy RTSP: GET_PARAMETER requests have a body fixed several memory leaks in OOM situations bad expire(0) caused multi_socket API to hang Avoid ftruncate() static define with mingw64 mk-ca-bundle.pl: ignore untrusted certs builds with PolarSSL 1.0.0
2011-11-30 21:56:08 +01:00
share/examples/curl/externalsocket.c
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
share/examples/curl/fileupload.c
share/examples/curl/fopen.c
2010-08-15 13:14:36 +02:00
share/examples/curl/ftp-wildcard.c
share/examples/curl/ftpget.c
share/examples/curl/ftpgetinfo.c
share/examples/curl/ftpgetresp.c
Changes 7.28.0: SSH: added agent based authentication ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT multi: add curl_multi_wait() metalink: Added support for Microsoft Windows CryptoAPI md5: Added support for Microsoft Windows CryptoAPI parse_proxy: treat "socks://x" as a socks4 proxy socks: Added support for IPv6 connections through SOCKSv5 proxy Bugfixes: WSAPoll disabled on Windows builds due to its bugs segfault on request retries curl-config: parentheses fix VC build: add define for openssl globbing: fix segfault when >9 globs were used fixed a few clang-analyzer warnings metalink: change code order to build with gnutls-nettle gtls: fix build failure by including nettle-specific headers change preferred HTTP auth on a handle previously used for another auth file: use fdopen() to avoid race condition Added DWANT_IDN_PROTOTYPES define for MSVC too verbose: fixed (nil) output of hostnames in re-used connections metalink: Un-broke the build when building --with-darwinssl curl man page cleanup Avoid leak of local device string when reusing connection Curl_socket_check: fix return code for timeout nss: do not print misleading NSS error codes configure: remove the --enable/disable-nonblocking options darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions NTLM: re-use existing connection better schannel crash on multi and easy handle cleanup SOCKS: truly disable it if CURL_DISABLE_PROXY is defined mk-ca-bundle: detect start of trust section better gnutls: do not fail on non-fatal handshake errors SMTP: only send SIZE if supported ftpserver: respond with a 250 to SMTP EHLO ssh: do not crash if MD5 fingerprint is not provided by libssh2 winbuild: Added support for building with SPNEGO enabled metalink: Fixed validation of binary files containing EOF setup.h: fixed for MS VC10 build cmake: use standard findxxx modules for cmake v2.8+ HTTP_ONLY: disable more protocols Curl_reconnect_request: clear pointer on failure https.c example: remember to call curl_global_init() metalink: Filter resource URLs by type multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation curl_schannel: Removed buffer limit and optimized buffer strategy
2012-10-12 09:36:11 +02:00
share/examples/curl/ftpsget.c
share/examples/curl/ftpupload.c
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
share/examples/curl/ftpuploadresume.c
update to Curl 7.12.1 Changes: * the version string now only contains info about (sub) package versions, while for example krb4 and ipv6 now only are available as 'features' * added curl_easy_reset() * socks proxy support even when libcurl is built ipv6-enabled * read callbacks can stop the transfer by returning CURL_READFUNC_ABORT * libcurl-tutorial.3 is the new man page formerly known as libcurl-the-guide * additional SSL trace data might be sent to the debug callback using two new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT * multipart formposts can upload files larger than system memory * the curl tool continues with the next URL even if one transfer fails * FTP 3rd party transfer support - seven new setopt() options Bugfixes: * UTF-8 encoded certificate names can now be verified properly * krb4 link problem * HTTP Negotiate service name now provided in uppercase * no longer accepts any cookies with domain set to just a TLD * HTTP Digest properties without quotes in the header * bad Host: header case on re-used connections over proxy * duplicate Host: header case on re-used connections * curl -o name#[num] now works when no globbing for [num] exists * test suite runs fine with valgrind 2.1.x * negative Content-Length is ignored * test 505 runs fine on windows * curl_share_cleanup() crash * --trace files now get the final info lines too * multi interface connects fine to multi-IP resolving hosts * --limit-rate works on Mac OS X (and other systems with bad poll()s) * cookies can now hold 4999 bytes of content * HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX * HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate * less restrictive libidn requirements, 0.4.1 or later is fine * HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server didn't require any authentication * win32 file:// transfer free memory bug * configure --disable-http builds a libcurl without HTTP support * CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument * builds fine with Borland on Windows * the msvc curllib.dsp now builds the libcurl.lib file * builds fine on VMS * builds fine on NetWare * HTTP Digest authentication with proxies uses correct user name + password * builds fine with lcc-win32
2004-08-21 13:31:00 +02:00
share/examples/curl/getinfo.c
share/examples/curl/getinmemory.c
Update to 7.16.0: Version 7.16.0 (30 October 2006) Daniel (25 October 2006) - Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the case when 401 or 407 are returned, *IF* no auth credentials have been given. The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401 and 407 cases when auth credentials is given, but we've now covered this somewhat more. You might get some amounts of headers transferred before this situation is detected, like for when a "100-continue" is received as a response to a POST/PUT and a 401 or 407 is received immediately afterwards. Added test 281 to verify this change. Daniel (23 October 2006) - Ravi Pratap provided a major update with pipelining fixes. We also no longer re-use connections (for pipelining) before the name resolving is done. Daniel (21 October 2006) - Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all the single test applications' link and dependences, so that you easier can override those from the command line when using make. - Armel Asselin separated CA cert verification problems from problems with reading the (local) CA cert file to let users easier pinpoint the actual problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code. Daniel (18 October 2006) - Removed the "protocol-guessing" for URLs with host names starting with FTPS or TELNET since they are practically non-existant. This leaves us with only three different prefixes that would assume the protocol is anything but HTTP, and they are host names starting with "ftp.", "dict." or "ldap.". Daniel (17 October 2006) - Bug report #1579171 pointed out code flaws detected with "prefast", and they were 1 - a too small memory clear with memset() in the threaded resolver and 2 - a range of potentially bad uses of the ctype family of is*() functions such as isdigit(), isalnum(), isprint() and more. The latter made me switch to using our own set of these functions/macros using uppercase letters, and with some extra set of crazy typecasts to avoid mistakingly passing in negative numbers to the underlying is*() functions. - With Jeff Pohlmeyer's help, I fixed the expire timer when using curl_multi_socket() during name resolves with c-ares and the LOW_SPEED options now work fine with curl_multi_socket() as well. Daniel (16 October 2006) - Added a check in configure that simply tries to run a program (not when cross-compiling) in order to detect problems with run-time libraries that otherwise would occur when the sizeof tests for curl_off_t would run and thus be much more confusing to users. The check of course should run after all lib-checks are done and before any other test is used that would run an executable built for testing-purposes. Dan F (13 October 2006) - The tagging of application/x-www-form-urlencoded POST body data sent to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously included as part of the header). A message was also added to the command line tool to show when data is being sent, enabled when --verbose is used. Daniel (12 October 2006) - Starting now, adding an easy handle to a multi stack that was already added to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned. - Jeff Pohlmeyer has been working with the hiperfifo.c example source code, and while doing so it became apparent that the current timeout system for the socket API really was a bit awkward since it become quite some work to be sure we have the correct timeout set. Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another callback the app can set to get to know when the general timeout time changes and thus for an application like hiperfifo.c it makes everything a lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in good old libcurl tradition. Jeff has also updated the hiperfifo.c example code to use this news. Daniel (9 October 2006) - Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test case 535 and it now runs fine. Again a problem with the pipelining code not taking all possible (error) conditions into account. Daniel (6 October 2006) - Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to test case 533 and the test now runs fine. Daniel (4 October 2006) - Dmitriy Sergeyev provided an example source code that crashed CVS libcurl but that worked nicely in 7.15.5. I converted it into test case 532 and fixed the problem. Daniel (29 September 2006) - Removed a few other no-longer present options from the header file. - Support for FTP third party transfers was removed. Here's why: o The recent multi interface changes broke it and the design of the 3rd party transfers made it very hard to fix the problems o It was still blocking and thus nasty for the multi interface o It was a lot of extra code for a very rarely used feature o It didn't use the same code as for "plain" FTP transfers, so it didn't work fine for IPv6 and it didn't properly re-use connections and more o There's nobody around who's willing to work on and improve the existing code This does not mean that third party transfers are banned forever, only that they need to be done better if they are to be re-added in the future. The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p* options from the command line tool. For this reason, I also bumped the version info for the lib. Daniel (28 September 2006) - Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl would crash if a bad function sequence was used when shutting down after using the multi interface (i.e using easy_cleanup after multi_cleanup) so precautions have been added to make sure it doesn't any more - test case 529 was added to verify. Daniel (27 September 2006) - The URL in the cookie jar file is now changed since it was giving a 404. Reported by Timothy Stone. The new URL will take the visitor to a curl web site mirror with the document. Daniel (24 September 2006) - Bernard Leak fixed configure --with-gssapi-libs. - Cory Nelson made libcurl use the WSAPoll() function if built for Windows Vista (_WIN32_WINNT >= 0x0600) Daniel (23 September 2006) - Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only encrypt the control connection and use the data connection "plain". - Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better as it now will read the full data sent from servers. The SOCKS-related code was also moved to the new lib/socks.c source file. Daniel (21 September 2006) - Added test case 531 in an attempt to repeat bug report #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an FTP upload fails with the multi interface. It did not, but I made a failed upload still assume the control connection to be fine. Daniel (20 September 2006) - Armel Asselin fixed problems when you gave a proxy URL with user name and empty password or no password at all. Test case 278 and 279 were added to verify. Daniel (12 September 2006) - Added docs/examples/10-at-a-time.c by Michael Wallner - Added docs/examples/hiperfifo.c by Jeff Pohlmeyer Daniel (11 September 2006) - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a handle that is part of a multi handle first removes the handle from the stack. - Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL session-ID re-use on demand since there obviously are broken servers out there that misbehave with session-IDs used. - Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a problem with it (SIGSEGV-style). It clearly showed that the existing socket-state and state-difference function wasn't good enough so I rewrote it and could then re-run Jeff's program without any crash. The previous version clearly could miss to tell the application when a handle changed from using one socket to using another. While I was at it (as I could use this as a means to track this problem down), I've now added a 'magic' number to the easy handle struct that is inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that we can use internally to detect that an easy handle seems to be fine, or at least not closed or freed (freeing in debug builds fill the area with 0x13 bytes but in normal builds we can of course not assume any particular data in the freed areas). Daniel (9 September 2006) - Michele Bini fixed how the hostname is put in NTLM packages. As servers don't expect fully qualified names we need to cut them off at the first dot. - Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some of them can be completetly removed though... Daniel (6 September 2006) - Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that handle will be attempted to get pipelined instead of done in parallell as they are performed otherwise. As a side-effect from this work, connections are now shared between all easy handles within a multi handle, so if you use N easy handles for transfers, each of them can pick up and re-use a connection that was previously used by any of the handles, be it the same or one of the others. This separation of the tight relationship between connections and easy handles is most noticable when you close easy handles that have been used in a multi handle and check amount of used memory or watch the debug output, as there are times when libcurl will keep the easy handle around for a while longer to be able to close it properly. Like for sending QUIT to close down an FTP connection. This is a major change. Daniel (4 September 2006) - Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a patch that while not fixing things very nicely, it does make the SOCKS5 proxy connection slightly better as it now acknowledges the timeout for connection and it no longer segfaults in the case when SOCKS requires authentication and you did not specify username:password. Daniel (31 August 2006) - Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch name resolves. It could get stuck in the wrong state. Gisle (29 August 2006) - Added support for other MS-DOS compilers (desides djgpp). All MS-DOS compiler now uses the same config.dos file (renamed to config.h by make). libcurl now builds fine using Watcom and Metaware's High-C using the Watt-32 tcp/ip-stack. Daniel (29 August 2006) - David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to allow applications to set their own socket options. Daniel (25 August 2006) - Armel Asselin reported that the 'running_handles' counter wasn't updated properly if you removed a "live" handle from a multi handle with curl_multi_remove_handle(). Daniel (22 August 2006) - David McCreedy fixed a remaining mistake from the August 19 TYPE change. - Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP code when doing pure ipv6 EPRT connections. Daniel (19 August 2006) - Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE command on subsequent requests on a re-used connection unless it has to. - Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and files in the root directory. - Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't send the whole request at once, even though the Expect: header was disabled by the application. An effect of this change is also that small (< 1024 bytes) POSTs are now always sent without Expect: header since we deem it more costly to bother about that than the risk that we send the data in vain. Daniel (9 August 2006) - Armel Asselin made the CURLOPT_PREQUOTE option work fine even when CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place in the command sequence as it would have run if there would've been a transfer. Daniel (8 August 2006) - Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs on a persistent connection and allowed the first to use that header, you could not disable it for the second request. Daniel (7 August 2006) - Domenico Andreolfound a quick build error which happened because src/config.h.in was not a proper duplcate of lib/config.h.in which it should've been and this was due to the maketgz script not doing the cp properly.
2006-11-01 00:04:22 +01:00
share/examples/curl/ghiper.c
share/examples/curl/hiperfifo.c
Changes 7.28.1: This release includes the following changes: o metalink/md5: Use CommonCrypto on Apple operating systems o href_extractor: new example code extracting href elements o NSS can be used for metalink hashing [13] This release includes the following bugfixes: o Fix broken libmetalink-aware OpenSSL build o gnutls: fix the error is fatal logic [1] o darwinssl: un-broke iOS build, fix error on server disconnect o asyn-ares: restore functionality with c-ares < 1.6.1 [2] o tlsauthtype: deal with the string case insensitively [3] o Fixed MSVC libssh2 static build o evhiperfifo: fix the pointer passed to WRITEDATA [6] o BUGS: fix the bug tracker URL [4] o winbuild: Use machine type of development environment o FTP: prevent the multi interface from blocking [5] o uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES o httpcustomheader.c: free the headers after use o fix >2000 bytes POST over NTLM-using proxy [7] o redirects to URLs with fragments [8] o don't send '#' fragments when using proxy [9] o OpenSSL: show full issuer string [10] o fix HTTP auth regression [11] o CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value [12] o ftp: EPSV-disable fix over SOCKS [14] o Digest: Add microseconds into nounce calculation [15] o SCP/SFTP: improve error code used for send failures o SSL: Several SSL-backend related fixes o removed the notorious "additional stuff not fine" debug output o OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack o FILE: Make upload-writes unbuffered o custom memory callbacks failure with HTTP proxy (and more) [16] o TFTP: handle resends o autoconf: don't force-disable compiler debug option o winbuild: Fix PDB file output [17] o test2032: spurious failure caused by premature termination [18] o memory leak: CURLOPT_RESOLVE with multi interface [19]
2012-12-06 17:24:29 +01:00
share/examples/curl/href_extractor.c
Update to 7.13.1: Version 7.13.1 (4 March 2005) Daniel (4 March 2005) - Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate the cookie "engine" without having to provide an empty or non-existing file. - Rene Rebe fixed a -# crash when more data than expected was retrieved. Daniel (22 February 2005) - NTLM and ftp-krb4 buffer overflow fixed, as reported here: http://www.securityfocus.com/archive/1/391042 and the CAN report here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490 If these security guys were serious, we'd been notified in advance and we could've saved a few of you a little surprise, but now we weren't. Daniel (19 February 2005) - Ralph Mitchell reported a flaw when you used a proxy with auth, and you requested data from a host and then followed a redirect to another host. libcurl then didn't use the proxy-auth properly in the second request, due to the host-only check for original host name wrongly being extended to the proxy auth as well. Added test case 233 to verify the flaw and that the fix removed the problem. Daniel (18 February 2005) - Mike Dobbs reported a mingw build failure due to the lack of BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by configure when mingw is used. Daniel (17 February 2005) - David in bug report #1124588 found and fixed a socket leak when libcurl didn't close the socket properly when returning error due to failing localbind Daniel (16 February 2005) - Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth" that picks NTLM. Thanks to David Byron letting me test NTLM against his servers, I could quickly repeat and fix the problem. It turned out to be: When libcurl POSTs without knowing/using an authentication and it gets back a list of types from which it picks NTLM, it needs to either continue sending its data if it keeps the connection alive, or not send the data but close the connection. Then do the first step in the NTLM auth. libcurl didn't send the data nor close the connection but simply read the response-body and then sent the first negotiation step. Which then failed miserably of course. The fixed version forces a connection if there is more than 2000 bytes left to send. Daniel (14 February 2005) - The configure script didn't check for ENGINE_load_builtin_engines() so it was never used. Daniel (11 February 2005) - Removed all uses of strftime() since it uses the localised version of the week day names and month names and servers don't like that. Daniel (10 February 2005) - Now the test script disables valgrind-testing when the test suite runs if libcurl is built shared. Otherwise valgrind only tests the shell that runs the wrapper-script named 'curl' that is a front-end to curl in this case. This should also fix the huge amount of reports of false positives when valgrind has identified leaks in (ba)sh and not in curl and people report that as curl bugs. Bug report #1116672 is one example. Also, the valgrind report parser has been adapted to check that at least one of the sources in a stack strace is one of (lib)curl's source files or otherwise it will not consider the problem to concern (lib)curl. - Marty Kuhrt streamlined the VMS build. Daniel (9 February 2005) - David Byron fixed his SSL problems, initially mentioned here: http://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use SSL_pending() as we should. - Converted lots of FTP code to a statemachine, so that the multi interface doesn't block while communicating commands-responses with an FTP server. I've added a comment like BLOCKING in the code on all spots I could find where we still have blocking operations. When we change curl_easy_perform() to use the multi interface, we'll also be able to simplify the code since there will only be one "internal interface". While doing this, I've now made CURLE_FTP_ACCESS_DENIED separate from the new CURLE_LOGIN_DENIED. The first one is now access denied to a function, like changing directory or retrieving a file, while the second means that we were denied login. The CVS tag 'before_ftp_statemachine' was set just before this went in, in case of future need. - Gisle made the DICT code send CRLF and not just LF as the spec says so. Daniel (8 February 2005) - Gisle fixed problems when libcurl runs out of memory, and worked on making sure the proper error code is returned for those occations. Daniel (7 February 2005) - Maruko pointed out a problem with inflate decompressing exactly 64K contents. Daniel (5 February 2005) - Eric Vergnaud found a use of an uninitialised variable in the ftp when doing PORT on ipv6-enabled hosts. - David Byron pointed out we could use BUFSIZE to read data (in lib/transfer.c) instead of using BUFSIZE -1.
2005-03-05 15:23:00 +01:00
share/examples/curl/htmltidy.c
share/examples/curl/http-post.c
share/examples/curl/httpcustomheader.c
share/examples/curl/httpput.c
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
share/examples/curl/https.c
Update to 7.24.0: Fixed in 7.24.0 - January 24 2012 Release contains security-related bug fix Changes: * CURLOPT_QUOTE: SFTP supports the '*'-prefix now * CURLOPT_DNS_SERVERS: set name servers if possible * Add support for using nettle instead of gcrypt as gnutls backend * CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes * Added CURLOPT_ACCEPTTIMEOUT_MS * configure: add symbols versioning option --enable-versioned-symbols Bugfixes: * curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036 * curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL * SSL session share: move the age counter to the share object * -J -O: use -O name if no Content-Disposition header comes! * protocol_connect: show verbose connect and set connect time * query-part: ignore the URI part for given protocols * gnutls: only translate winsock errors for old versions * POP3: fix end of body detection * POP3: detect when LIST returns no mails * TELNET: improved treatment of options * configure: add support for pkg-config detection of libidn * CyaSSL 2.0+ library initialization adjustment * multi interface: only use non-NULL socker function pointer * call opensocket callback properly for active FTP * don't call close socket callback for sockets created with accept() * differentiate better between host/proxy errors * SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5 * multi: handle timeouts on DNS servers by checking for new sockets * CURLOPT_DNS_SERVERS: fix return code * POP3: fixed escaped dot not being stripped out * OpenSSL: check for the SSLv2 function in configure * MakefileBuild: fix the static build * create_conn: don't switch to HTTP protocol if tunneling is enabled * multi interface: fix block when CONNECT_ONLY option is used * Fix connection reuse for TLS upgraded connections * multiple file upload with -F and custom type * multi interface: active FTP connections are no longer blocking * Android build fix * timer: restore PRETRANSFER timing * libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM * appconnect time fixed for non-blocking connect ssl backends * do not include SSL handshake into time spent waiting for 100-continue * handle dns cache case insensitive * use new host name casing for subsequent HTTP requests * CURLOPT_RESOLVE: avoid adding already present host names * SFTP mkdir: use correct permission * resolve: don't leak pre-populated dns entries * --retry: Retry transfers on timeout and DNS errors * negotiate with SSPI backend: use the correct buffer for input * SFTP dir: increase buffer size counter to avoid cut off file names * TFTP: fix resending (again) * c-ares: don't include getaddrinfo-using code * FTP: CURLE_PARTIAL_FILE will not close the control channel * win32-threaded-resolver: stop using a dummy socket * OpenSSL: remove reference to openssl internal struct * OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled * OpenSSL: fix PKCS#12 certificate parsing related memory leak * OpenLDAP: fix LDAP connection phase memory leak * Telnet: Use correct file descriptor for telnet upload * Telnet: Remove bogus optimisation of telnet upload * URL parse: user name with ipv6 numerical address * polarssl: show cipher suite name correctly with 1.1.0 * polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be insecure * gnutls: enforced use of SSLv3
2012-01-28 15:41:14 +01:00
share/examples/curl/imap.c
share/examples/curl/multi-app.c
Changes 7.12.0: o added ability to "upload" to file:// URLs o added curl_global_init_mem() o removed curl_formparse() o the MSVC project file in the release archive is automatically built o curl --proxy-digest is a new command line option o the Windows version of libcurl can use wldap32.dll for LDAP o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror() o IPv6-enabled Windows hosts now resolves names threaded/asynch as well o configure --with-libidn can be used to point out the root dir of a libidn installation (version 0.4.5 or later) for curl to use, then libcurl can resolve and use IDNA names (domain names with "international" letters) Bugfixes: o incoming cookies with domains set with a prefixed dot now works better o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request o improved peer certificate name verification o allocation failures cause no leaks nor crashes o the progress meter display now handles file sizes up to full 8 exabytes (which is as high a signed 64 bit number can reach) o general HTTP authentication improvements o HTTP Digest authentication with the proxy works o mulipart formposting with -F and file names with spaces work again o curl_easy_duphandle() now works when ares-enabled o HTTP Digest authentication works a lot more like the RFC says o curl works with telnet and stdin properly on Windows o configure --without-ssl works even when pkg-config has OpenSSL details o src/hugehelp.c builds correct again in non-configure build environments
2004-06-02 14:07:48 +02:00
share/examples/curl/multi-debugcallback.c
share/examples/curl/multi-double.c
share/examples/curl/multi-post.c
share/examples/curl/multi-single.c
share/examples/curl/multithread.c
share/examples/curl/opensslthreadlock.c
share/examples/curl/persistant.c
Update to 7.24.0: Fixed in 7.24.0 - January 24 2012 Release contains security-related bug fix Changes: * CURLOPT_QUOTE: SFTP supports the '*'-prefix now * CURLOPT_DNS_SERVERS: set name servers if possible * Add support for using nettle instead of gcrypt as gnutls backend * CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes * Added CURLOPT_ACCEPTTIMEOUT_MS * configure: add symbols versioning option --enable-versioned-symbols Bugfixes: * curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036 * curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL * SSL session share: move the age counter to the share object * -J -O: use -O name if no Content-Disposition header comes! * protocol_connect: show verbose connect and set connect time * query-part: ignore the URI part for given protocols * gnutls: only translate winsock errors for old versions * POP3: fix end of body detection * POP3: detect when LIST returns no mails * TELNET: improved treatment of options * configure: add support for pkg-config detection of libidn * CyaSSL 2.0+ library initialization adjustment * multi interface: only use non-NULL socker function pointer * call opensocket callback properly for active FTP * don't call close socket callback for sockets created with accept() * differentiate better between host/proxy errors * SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5 * multi: handle timeouts on DNS servers by checking for new sockets * CURLOPT_DNS_SERVERS: fix return code * POP3: fixed escaped dot not being stripped out * OpenSSL: check for the SSLv2 function in configure * MakefileBuild: fix the static build * create_conn: don't switch to HTTP protocol if tunneling is enabled * multi interface: fix block when CONNECT_ONLY option is used * Fix connection reuse for TLS upgraded connections * multiple file upload with -F and custom type * multi interface: active FTP connections are no longer blocking * Android build fix * timer: restore PRETRANSFER timing * libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM * appconnect time fixed for non-blocking connect ssl backends * do not include SSL handshake into time spent waiting for 100-continue * handle dns cache case insensitive * use new host name casing for subsequent HTTP requests * CURLOPT_RESOLVE: avoid adding already present host names * SFTP mkdir: use correct permission * resolve: don't leak pre-populated dns entries * --retry: Retry transfers on timeout and DNS errors * negotiate with SSPI backend: use the correct buffer for input * SFTP dir: increase buffer size counter to avoid cut off file names * TFTP: fix resending (again) * c-ares: don't include getaddrinfo-using code * FTP: CURLE_PARTIAL_FILE will not close the control channel * win32-threaded-resolver: stop using a dummy socket * OpenSSL: remove reference to openssl internal struct * OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled * OpenSSL: fix PKCS#12 certificate parsing related memory leak * OpenLDAP: fix LDAP connection phase memory leak * Telnet: Use correct file descriptor for telnet upload * Telnet: Remove bogus optimisation of telnet upload * URL parse: user name with ipv6 numerical address * polarssl: show cipher suite name correctly with 1.1.0 * polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be insecure * gnutls: enforced use of SSLv3
2012-01-28 15:41:14 +01:00
share/examples/curl/pop3s.c
share/examples/curl/pop3slist.c
share/examples/curl/post-callback.c
share/examples/curl/postit2.c
Update to 7.23.1: Fixed in 7.23.1 - November 17 2011 Bugfixes: Windows: curl would fail if it found no CA cert, unless -k was used. Even if a non-SSL protocol URL was used Fixed in 7.23.0 - November 15 2011 Changes: Empty headers can be sent in HTTP requests by terminating with a semicolon SSL session sharing support added to curl_share_setopt() Added support to MAIL FROM for the optional SIZE parameter smtp: Added support for NTLM authentication curl tool: code split into tool_*.[ch] files Bugfixes: handle HTTP redirects to "//hostname/path" SMTP without --mail-from caused segfault prevent extra progress meter headers between multiple files allow Content-Length to be replaced when sending HTTP requests curl now always sets postfieldsize to allow --data-binary and --data to be mixed in the same command line curl_multi_fdset: avoid FD_SET out of bounds lots of MinGW build tweaks Curl_gethostname: return un-qualified machine name fixed the openssl version number configure check nss: certificates from files are no longer looked up by file base names returning abort from the progress function when using the multi interface would not properly cancel the transfer and close the connection fix libcurl.m4 to not fail with modern gcc versions ftp: improved the failed PORT host name resolved error message TFTP timeout and unexpected block adjustments HTTP and GOPHER test server-side connection closing adjustments fix endless loop upon transport connection timeout don't clobber errno on failed connect typecheck: allow NULL to unset CURLOPT_ERRORBUFFER formdata: ack read callback abort make --show-error properly position independent set the ipv6-connection boolean correctly on connect SMTP: fix end-of-body string escaping gtls: only call gnutls_transport_set_lowat with HTTP: handle multiple auths in a single WWW-Authenticate line curl_multi_fdset: correct fdset with FTP PORT use windbuild: fix the static build fix builds with GnuTLS version 3 fix calling of OpenSSL's ERR_remove_state(0) HTTP auth: fix proxy Negotiate bug when Negotiate not requested ftp PORT: don't hang if bind() fails -# would crash on terminals wider than 256 columns Fixed in 7.22.0 - September 13 2011 Changes: Added CURLOPT_GSSAPI_DELEGATION Added support for NTLM delegation to Samba's winbind daemon helper ntlm_auth Display notes from setup file in testcurl.pl BSD-style lwIP TCP/IP stack experimental support on Windows OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available --delegation was added to set CURLOPT_GSSAPI_DELEGATION nss: start with no database if the selected database is broken telnet: allow programatic use on Windows Bugfixes: curl_getdate: detect some illegal dates better when sending a request and an error is received before the (entire) request body is sent, stop sending the request and close the connection after having received the entire response. This is equally true if an Expect: 100-continue header was used. When using both -J and a single -O with multiple URLs, a missing init could cause a segfault -J fixed for escaped quotes -J fixed for file names with semicolons progress: reset flags at transfer start to avoid wrong CURLINFO_CONTENT_LENGTH_DOWNLOAD curl_gssapi: Guard files with HAVE_GSSAPI and rename private header silence picky compilers: mark unused parameters help output: more gnu like output libtests: stop checking for CURLM_CALL_MULTI_PERFORM setting a non-HTTP proxy with an environment variable or with CURLOPT_PROXY / --proxy (without specifying CURLOPT_PROXYTYPE) would still make it do proxy-like HTTP requests CURLFORM_BUFFER: insert filename as documented (regression) SOCKS: fix the connect timeout ftp_doing: bail out on error properly while multi interfacing improved Content-Encoded decoding error message asyn-thread: check for dotted addresses before thread starts cmake: find winsock when building on windows Curl_retry_request: check return code cookies: handle 'secure=' as if it was 'secure' tests: break busy loops in tests 502, 555, and 573 FTP: fix proxy connect race condition with multi interface and SOCKS proxy RTSP: GET_PARAMETER requests have a body fixed several memory leaks in OOM situations bad expire(0) caused multi_socket API to hang Avoid ftruncate() static define with mingw64 mk-ca-bundle.pl: ignore untrusted certs builds with PolarSSL 1.0.0
2011-11-30 21:56:08 +01:00
share/examples/curl/progressfunc.c
share/examples/curl/resolve.c
share/examples/curl/rtsp.c
Update to 7.15.4: Version 7.15.4 (12 June 2006) Daniel (8 June 2006) - Brian Dessent fixed the code for cygwin in three distinct ways: The first modifies {lib,src}/setup.h to not include the winsock headers under Cygwin. This fixes the reported build problem. Cygwin attempts as much as possible to emulate a posix environment under Windows. This means that WIN32 is *not* #defined and (to the extent possible) everything is done as it would be on a *ix type system. Thus <sys/socket.h> is the proper include, and even though winsock2.h is present, including it just introduces a whole bunch of incompatible socket API stuff. The second is a patch I've included in the Cygwin binary packages for a while. It skips two unnecessary library checks (-lwinmm and -lgdi32). The checks are innocuous and they do succeed, but they pollute LIBS with unnecessary stuff which gets recorded as such in the libcurl.la file, which brings them into the build of any libcurl-downstream. As far as I know these libs are really only necessary for mingw, so alternatively they could be designed to only run if $host matches *-*-mingw* but I took the safer route of skipping them for *-*-cygwin*. The third patch replaces all uses of the ancient and obsolete __CYGWIN32__ with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>. Daniel (7 June 2006) - Mikael Sennerholm provided a patch that added NTLM2 session response support to libcurl. The 21 NTLM test cases were again modified to comply... Daniel (27 May 2006) - Óscar Morales Vivó updated the libcurl.framework.make file. Daniel (26 May 2006) - Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to fail. When using the md5-sess, the result was not Md5 encoded and Base64 transformed. Daniel (25 May 2006) - Michael Wallner provided a patch that allows "SESS" to be set with CURLOPT_COOKIELIST, which then makes all session cookies get cleared. Daniel (24 May 2006) - Tor Arntsen made test 271 run fine again since the TFTP path fix. Daniel (23 May 2006) - Martin Michlmayr filed debian bug report #367954, but the same error also showed up in the autobuilds. It seems a rather long-since introduced shell script flaw in the configure script suddenly was detected by the bash version in Debian Unstable. It had previously passed undetected by all shells used so far... - David McCreedy updated lib/config-tpf.h Daniel (11 May 2006) - Fixed the configure's check for old-style SSLeay headers since I fell over a case with a duplicate file name (a krb4 implementation with an err.h file). I converted the check to manually make sure three of the headers are present before considering them fine. - David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended checks on the to-be-returned socket to make sure it truly seems to be alive and well. For SSL connection it (only) uses OpenSSL functions. Daniel (10 May 2006) - Fixed DICT in two aspects: 1 - allow properly URL-escaped words, like using %20 for spaces 2 - properly escape certain letters within a word to comply to the RFC2229 Daniel (9 May 2006) - Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU autotools project, which optionally (default=yes) uses libcurl on a system without a (usable) libcurl installation, but not specifying `--without-libcurl', configure determines correctly that no libcurl is available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl' in the resulting Makefiles. David Shaw fixed the flaw. - Robson Braga Araujo fixed two problems in the recently added non-blocking SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks. - Robson Braga Araujo fixed a memory leak when you added an easy handle to a multi stack and that easy handle had already been used to do one or more easy interface transfers, as then the code threw away the previously used DNS cache without properly freeing it. Daniel (8 May 2006) - Dan Fandrich went over the TFTP code and he pointed out and fixed numerous problems: * The received file is corrupted when a packet is lost and retransmitted (this is a serious problem!) * Transmitting a file aborts if a block is lost and retransmitted * Data is stored in the wrong location in the buffer for uploads, so uploads always fail (I don't see how it could have ever worked, but it did on x86 at least) * A number of calls are made to strerror instead of Curl_strerror, making the code not thread safe * There are references to errno instead of Curl_sockerrno(), causing incorrect error messages on Windows * The file name includes a leading / which violates RFC3617. Doing something similar to ftp, where two slashes after the host name means an absolute reference seems a reasonable extension to fix this. * Failures in EBCDIC conversion are not propagated up to the caller but are silently ignored - Fixed known bug #28. The TFTP code no longer assumes a packed struct and thus works reliably on more platforms. Daniel (5 May 2006) - Roland Blom filed bug report #1481217 (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele Bini and David Byron. libcurl previously wrongly used GetLastError() on windows to get error details after socket-related function calls, when it really should use WSAGetLastError() instead. When changing to this, the former function Curl_ourerrno() is now instead called Curl_sockerrno() as it is necessary to only use it to get errno from socket-related functions as otherwise it won't work as intended on Windows. Daniel (4 May 2006) - Mark Eichin submitted bug report #1480821 (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this. Daniel (2 May 2006) - Added a --checkfor option to curl-config to allow users to easier write for example shell scripts that test for the presence of a new-enough libcurl version. If --checkfor is given a version string newer than what is currently installed, curl-config will return a non-zero exit code and output a string about the unfulfilled requirement. Daniel (26 April 2006) - David McCreedy brought initial line end conversions when doing FTP ASCII transfers. They are done on non-windows systems and translate CRLF to LF. I modified the 15 LIST-using test cases accordingly. The downside is that now we'll have even more trouble to get the tests to run on Windows since they should get CRLF newlines left intact which the *nix versions don't. I figure the only sane thing to do is to add some kind of [newline] macro for the test case files and have them expanded to the proper native line ending when the test cases are run. This is however left to implement. Daniel (25 April 2006) - Paul Querna fixed libcurl to better deal with deflate content encoding when the stream (wrongly) lacks a proper zlib header. This seems to be the case on too many actual server implementations. Daniel (21 April 2006) - Ale Vesely fixed CURLOPT_INTERFACE when using a hostname. Daniel (19 April 2006) - Based on previous info from Tor Arntsen, I made configure detect the Intel ICC compiler to add a compiler option for it, in order for configure to properly be able to detect function prototypes. - Robson Braga Araujo provided a patch that makes libcurl less eager to close the control connection when using FTP, for example when you remove an easy handle from a multi stack. - Applied a patch by Ates Goral and Katie Wang that corrected my bad fix attempt from April 10. Daniel (11 April 2006) - #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least) since the struct timeval field tv_sec is an int while time_t is 64bit. Daniel (10 April 2006) - Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL connection time-out! - I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main sources. See the lib/README.multi_socket for implementation story with details. Don't expect it to work fully yet. I don't intend to blow any whistles or ring any bells about it until I'm more convinced it works at least somewhat reliably. Daniel (7 April 2006) - David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt() options (callbacks) were added: CONV_FROM_NETWORK_FUNCTION CONV_TO_NETWORK_FUNCTION CONV_FROM_UTF8_FUNCTION Daniel (5 April 2006) - Michele Bini modified the NTLM code to work for his "weird IIS case" (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk. Daniel (28 March 2006) - #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that occurred when asking libcurl to follow HTTP redirects and the original URL had more than one question mark (?). Added test case 276 to verify. Daniel (27 March 2006) - David Byron found a problem multiple -d options when libcurl was built with --enable-debug, as then curl used free() on memory allocated both with normal malloc() and with libcurl-provided functions, when the latter MUST be freed with curl_free() in debug builds. Daniel (26 March 2006) - Tor Arntsen figured out that TFTP was broken on a lot of systems since we called bind() with a too big argument in the 3rd parameter and at least Tru64, AIX and IRIX seem to be very picky about it. Daniel (21 March 2006) - David McCreedy added CURLINFO_FTP_ENTRY_PATH. - Xavier Bouchoux made the SSL connection non-blocking for the multi interface (when using OpenSSL). - Tor Arntsen fixed the AIX Toolbox RPM spec Daniel (20 March 2006) - David McCreedy fixed libcurl to no longer ignore AUTH failures and now it reacts properly according to the CURLOPT_FTP_SSL setting. - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file whose length was a multiple of 512 bytes could have random garbage appended. Also, stop processing TFTP packets which are too short to be legal. - Ilja van Sprundel reported a possible crash in the curl tool when using "curl hostwithoutslash -d data -G"
2006-07-03 23:32:09 +02:00
share/examples/curl/sampleconv.c
share/examples/curl/sendrecv.c
share/examples/curl/sepheaders.c
Changes 7.28.0: SSH: added agent based authentication ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT multi: add curl_multi_wait() metalink: Added support for Microsoft Windows CryptoAPI md5: Added support for Microsoft Windows CryptoAPI parse_proxy: treat "socks://x" as a socks4 proxy socks: Added support for IPv6 connections through SOCKSv5 proxy Bugfixes: WSAPoll disabled on Windows builds due to its bugs segfault on request retries curl-config: parentheses fix VC build: add define for openssl globbing: fix segfault when >9 globs were used fixed a few clang-analyzer warnings metalink: change code order to build with gnutls-nettle gtls: fix build failure by including nettle-specific headers change preferred HTTP auth on a handle previously used for another auth file: use fdopen() to avoid race condition Added DWANT_IDN_PROTOTYPES define for MSVC too verbose: fixed (nil) output of hostnames in re-used connections metalink: Un-broke the build when building --with-darwinssl curl man page cleanup Avoid leak of local device string when reusing connection Curl_socket_check: fix return code for timeout nss: do not print misleading NSS error codes configure: remove the --enable/disable-nonblocking options darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions NTLM: re-use existing connection better schannel crash on multi and easy handle cleanup SOCKS: truly disable it if CURL_DISABLE_PROXY is defined mk-ca-bundle: detect start of trust section better gnutls: do not fail on non-fatal handshake errors SMTP: only send SIZE if supported ftpserver: respond with a 250 to SMTP EHLO ssh: do not crash if MD5 fingerprint is not provided by libssh2 winbuild: Added support for building with SPNEGO enabled metalink: Fixed validation of binary files containing EOF setup.h: fixed for MS VC10 build cmake: use standard findxxx modules for cmake v2.8+ HTTP_ONLY: disable more protocols Curl_reconnect_request: clear pointer on failure https.c example: remember to call curl_global_init() metalink: Filter resource URLs by type multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation curl_schannel: Removed buffer limit and optimized buffer strategy
2012-10-12 09:36:11 +02:00
share/examples/curl/sftpget.c
share/examples/curl/simple.c
share/examples/curl/simplepost.c
Update to curl 7.21.4 This release includes the following changes: o CURLINFO_FTP_ENTRY_PATH now supports SFTP o introduced new framework for unit-testing o IDN: use win32 API if told to o ares: ask for both IPv4 and IPv6 addresses o HTTP: do Negotiate authentication using SSPI on windows o Windows build: alternative makefile o TLS-SRP: support added when using GnuTLS This release includes the following bugfixes: o SMTP: add brackets for MAIL FROM o ossl_seed: no more RAND_screen (on Windows) o multi: connect fail => use next IP address o use the timeout when using multiple IP addresses similar to how the easy interface does it o cookies: tricked dotcounter fixed o pubkey_show: allocate buffer to fit any-size result o Curl_nss_connect: avoid PATH_MAX o Curl_do: avoid using stale conn pointer o tftpd test server: avoid buffer overflow report from glibc o nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash o nss: fix a bug in handling of CURLOPT_CAPATH o CMake: Use upstream CheckTypeSize module o OpenSSL get_cert_chain: support larger data sets o SCP/SFTP transfers: acknowledge speedcheck o GnuTLS builds: fix memory leak o connect problem: use UDP correctly o Borland C++ makefile tweaks o OpenSSL: improved error message on SSL_CTX_new failures o HTTP: memory leak on multiple Location: o ares_query_completed_cb: don't touch invalid data o ares: memory leak fix o mk-ca-bundle: use new cacert url o Curl_gmtime: added a portable gmtime and check for NULL o curl.1: typo in -v description o CURLOPT_SOCKOPTFUNCTION: return proper error code o --keepalive-time: warn if not supported properly o file: add support for CURLOPT_TIMECONDITION o nss: avoid memory leaks and failure of NSS shutdown o multi: fix CURLM_STATE_TOOFAST for multi_socket
2011-03-09 20:22:24 +01:00
share/examples/curl/simplesmtp.c
share/examples/curl/simplessl.c
Update to 7.21.3: Changes: * Added --noconfigure switch to testcurl.pl * Added --xattr option * Added CURLOPT_RESOLVE and --resolve * Added CURLAUTH_ONLY * Added version-check.pl to the examples dir Bugfixes: * check for libcurl features for some command line options * Curl_setopt: disallow CURLOPT_USE_SSL without SSL support * http_chunks: remove debug output * URL-parsing: consider ? a divider * SSH: avoid using the libssh2_ prefix * SSH: use libssh2_session_handshake() to work on win64 * ftp: prevent server from hanging on closed data connection when stopping a transfer before the end of the full transfer (ranges) * LDAP: detect non-binary attributes properly * ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT * gnutls->handshake: improved timeout handling * security: Pass the right parameter to init * krb5: Use GSS_ERROR to check for error * TFTP: resend the correct data * configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected * GnuTLS: now detects socket errors on Windows * symbols-in-versions: updated en masse * added a couple examples that were missing from the tar ball * Curl_send/recv_plain: return errno on failure * Curl_wait_for_resolv (for c-ares): correct timeout * ossl_connect_common: detect connection re-use * configure: Prevent link errors with --librtmp * openldap: use remote port in URL passed to ldap_init_fd() * url: provide dead_connection flag in Curl_handler::disconnect * lots of compiler warning fixes * ssh: fix a download resume point calculation * fix getinfo CURLINFO_LOCAL* for reused connections * multi: the returned running handles conuter could turn negative * multi: only ever consider pipelining for connections doing HTTP(S)
2010-12-23 01:23:56 +01:00
share/examples/curl/smooth-gtk-thread.c
share/examples/curl/smtp-multi.c
Update to curl 7.21.4 This release includes the following changes: o CURLINFO_FTP_ENTRY_PATH now supports SFTP o introduced new framework for unit-testing o IDN: use win32 API if told to o ares: ask for both IPv4 and IPv6 addresses o HTTP: do Negotiate authentication using SSPI on windows o Windows build: alternative makefile o TLS-SRP: support added when using GnuTLS This release includes the following bugfixes: o SMTP: add brackets for MAIL FROM o ossl_seed: no more RAND_screen (on Windows) o multi: connect fail => use next IP address o use the timeout when using multiple IP addresses similar to how the easy interface does it o cookies: tricked dotcounter fixed o pubkey_show: allocate buffer to fit any-size result o Curl_nss_connect: avoid PATH_MAX o Curl_do: avoid using stale conn pointer o tftpd test server: avoid buffer overflow report from glibc o nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash o nss: fix a bug in handling of CURLOPT_CAPATH o CMake: Use upstream CheckTypeSize module o OpenSSL get_cert_chain: support larger data sets o SCP/SFTP transfers: acknowledge speedcheck o GnuTLS builds: fix memory leak o connect problem: use UDP correctly o Borland C++ makefile tweaks o OpenSSL: improved error message on SSL_CTX_new failures o HTTP: memory leak on multiple Location: o ares_query_completed_cb: don't touch invalid data o ares: memory leak fix o mk-ca-bundle: use new cacert url o Curl_gmtime: added a portable gmtime and check for NULL o curl.1: typo in -v description o CURLOPT_SOCKOPTFUNCTION: return proper error code o --keepalive-time: warn if not supported properly o file: add support for CURLOPT_TIMECONDITION o nss: avoid memory leaks and failure of NSS shutdown o multi: fix CURLM_STATE_TOOFAST for multi_socket
2011-03-09 20:22:24 +01:00
share/examples/curl/smtp-tls.c
Update to 7.15.2: Version 7.15.2 (27 February 2005) Daniel (22 February 2006) - Lots of work and analysis by "xbx___" in bug #1431750 (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two different but related bugs: 1) Removing an easy handle from a multi handle before the transfer is done could leave a connection in the connection cache for that handle that is in a state that isn't suitable for re-use. A subsequent re-use could then read from a NULL pointer and segfault. 2) When an easy handle was removed from the multi handle, there could be an outstanding c-ares DNS name resolve request. When the response arrived, it caused havoc since the connection struct it "belonged" to could've been freed already. Now Curl_done() is called when an easy handle is removed from a multi handle pre-maturely (that is, before the transfer was complteted). Curl_done() also makes sure to cancel all (if any) outstanding c-ares requests. Daniel (21 February 2006) - Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy type to the already provided type CURLPROXY_SOCKS4. I added a --socks4 option that works like the current --socks5 option but instead use the socks4 protocol. Daniel (20 February 2006) - Shmulik Regev fixed an issue with multi-pass authentication and compressed content when libcurl didn't honor the internal ignorebody flag. Daniel (18 February 2006) - Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate code. It should however not be the cause of any troubles. He also fixed a few similar problems in the HTTP test server code. Daniel (17 February 2006) - Shmulik Regev provided a fix for the DNS cache when using short life times, as previously it could be holding on to old cached entries longer than requested. Daniel (11 February 2006) - Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options that an app can use to let libcurl only connect to a remote host and then extract the socket from libcurl. libcurl will then not attempt to do any transfer at all after the connect is done. - Kent Boortz improved the configure check for GnuTLS to properly set LIBS instead of LDFLAGS. Daniel (8 February 2006) - Philippe Vaucher provided a brilliant piece of test code that show a problem with re-used FTP connections. If the second request on the same connection was set not to fetch a "body", libcurl could get confused and consider it an attempt to use a dead connection and would go acting mighty strange. Daniel (2 February 2006) - Make --limit-rate [num] mean bytes. It used to be that but it broke in my change done in November 2005. Daniel (30 January 2006) - Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the curl tool with --local-port. Plain and simply set the range of ports to bind the local end of connections to. Implemented on to popular demand. - Based on an error report by Philippe Vaucher, we no longer count a retried connection setup as a follow-redirect. It turns out 1) this fails when a FTP connection is re-setup and 2) it does make the max-redirs counter behave wrong. Daniel (24 January 2006) - Michal Marek provided a patch for FTP that makes libcurl continue to try PASV even after EPSV returned a positive response code, if libcurl failed to connect to the port number the EPSV response said. Obviously some people are going through protocol-sensitive firewalls (or similar) that don't understand EPSV and then they don't allow the second connection unless PASV was used. This also called for a minor fix of test case 238. Daniel (20 January 2006) - Duane Cathey was one of our friends who reported that curl -P [IP] (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a "native" IP while it works fine for ipv6-disabled builds! In the process of fixing this, I removed the support for LPRT since I can't think of many reasons to keep doing it and asking on the mailing list didn't reveal anyone else that could either. The code that sends EPRT and PORT is now also a lot simpler than before (IMHO). Daniel (19 January 2006) - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl (built ipv4-only) didn't work. Daniel (18 January 2006) - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742), the configure script complained about a missing "missing" script if you ran configure within a path whose name included one or more spaces. This is due to a flaw in automake (1.9.6 and earlier). I've now worked around it by including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll be used instead of the one automake ships with. This kludge needs to be removed once we get an automake version with this problem corrected. Possibly we'll then need to convert this into a kludge depending on what automake version that is used and that is gonna be painful and I don't even want to think about that now...! Daniel (17 January 2006) - David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with the latest features and protocols that libcurl supports and has a minor fix to better deal with the obscure case where someone has more than one libcurl installed at the same time. Daniel (16 January 2006) - David Shaw finally removed all traces of Gopher and we are now officially not supporting it. It hasn't been functioning for years anyway, so this is just finally stating what already was true. And a cleanup at the same time. - Bryan Henderson turned the 'initialized' variable for curl_global_init() into a counter, and thus you can now do multiple curl_global_init() and you are then supposed to do the same amount of calls to curl_global_cleanup(). Bryan has also updated the docs accordingly. Daniel (13 January 2006) - Andrew Benham fixed a race condition in the test suite that could cause the test script to kill all processes in the current process group! Daniel (12 January 2006) - Michael Jahn: Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru HTTP proxy. Fixed PROXYTUNNEL to work fine when you do ftp through a proxy. It would previously overwrite internal memory and cause unpredicted behaviour! Daniel (11 January 2006) - I decided to document the "secret option" here now, as I've received *NO* feedback at all on my mailing list requests from November 2005: I'm looking for feedback and comments. I added some experimental code the other day, that allows a libcurl user to select what method libcurl should use to reach a file on a FTP(S) server. This functionality is available in CVS code and in recent daily snapshots. Let me explain... The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for the command line tool) and you set it to a long (there are currenly no defines for the argument values, just plain numericals). You can set three different "methods" that do this: 1 multicwd - like today, curl will do a single CWD operation for each path part in the given URL. For deep hierarchies this means very many commands. This is how RFC1738 says it should be done. This is the default. 2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give a full path to the server. 3 singlecwd - make one CWD with the full target directory and then operate on the file "normally". (With the command line tool you do --ftp-method [METHOD], where [METHOD] is one of "multicwd", "nocwd" or "singlecwd".) What feedback I'm interested in: 1 - Do they work at all? Do you find servers where one of these don't work? 2 - What would proper names for the option and its arguments be, if we consider this feature good enough to get included and documented in upcoming releases? 3 - Should we make libcurl able to "walk through" these options in case of (path related) failures, or should it fail and let the user redo any possible retries? (This option is not documented in any man page just yet since I'm not sure these names will be used or if the functionality will end up exactly like this. And for the same reasons we have no test cases for these yet.) Daniel (10 January 2006) - When using a bad path over FTP, as in when libcurl couldn't CWD into all given subdirs, libcurl would still "remember" the full path as if it is the current directory libcurl is in so that the next curl_easy_perform() would get really confused if it tried the same path again - as it would not issue any CWD commands at all, assuming it is already in the "proper" dir. Starting now, a failed CWD command sets a flag that prevents the path to be "remembered" after returning. Daniel (7 January 2006) - Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP proxy actually used a new connection and not sent the second request on the first socket! Daniel (6 January 2006) - Alexander Lazic made the buildconf run the buildconf in the ares dir if that is present instead of trying to mimic that script in curl's buildconf script. Daniel (3 January 2006) - Andres Garcia made the TFTP test server build with mingw. Daniel (16 December 2005) - Jean Jacques Drouin pointed out that you could only have a user name or password of 127 bytes or less embedded in a URL, where actually the code uses a 255 byte buffer for it! Modified now to use the full buffer size. Daniel (12 December 2005) - Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly
2006-03-03 23:26:08 +01:00
share/examples/curl/synctime.c
share/examples/curl/threaded-ssl.c
Update to 7.24.0: Fixed in 7.24.0 - January 24 2012 Release contains security-related bug fix Changes: * CURLOPT_QUOTE: SFTP supports the '*'-prefix now * CURLOPT_DNS_SERVERS: set name servers if possible * Add support for using nettle instead of gcrypt as gnutls backend * CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes * Added CURLOPT_ACCEPTTIMEOUT_MS * configure: add symbols versioning option --enable-versioned-symbols Bugfixes: * curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036 * curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL * SSL session share: move the age counter to the share object * -J -O: use -O name if no Content-Disposition header comes! * protocol_connect: show verbose connect and set connect time * query-part: ignore the URI part for given protocols * gnutls: only translate winsock errors for old versions * POP3: fix end of body detection * POP3: detect when LIST returns no mails * TELNET: improved treatment of options * configure: add support for pkg-config detection of libidn * CyaSSL 2.0+ library initialization adjustment * multi interface: only use non-NULL socker function pointer * call opensocket callback properly for active FTP * don't call close socket callback for sockets created with accept() * differentiate better between host/proxy errors * SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5 * multi: handle timeouts on DNS servers by checking for new sockets * CURLOPT_DNS_SERVERS: fix return code * POP3: fixed escaped dot not being stripped out * OpenSSL: check for the SSLv2 function in configure * MakefileBuild: fix the static build * create_conn: don't switch to HTTP protocol if tunneling is enabled * multi interface: fix block when CONNECT_ONLY option is used * Fix connection reuse for TLS upgraded connections * multiple file upload with -F and custom type * multi interface: active FTP connections are no longer blocking * Android build fix * timer: restore PRETRANSFER timing * libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM * appconnect time fixed for non-blocking connect ssl backends * do not include SSL handshake into time spent waiting for 100-continue * handle dns cache case insensitive * use new host name casing for subsequent HTTP requests * CURLOPT_RESOLVE: avoid adding already present host names * SFTP mkdir: use correct permission * resolve: don't leak pre-populated dns entries * --retry: Retry transfers on timeout and DNS errors * negotiate with SSPI backend: use the correct buffer for input * SFTP dir: increase buffer size counter to avoid cut off file names * TFTP: fix resending (again) * c-ares: don't include getaddrinfo-using code * FTP: CURLE_PARTIAL_FILE will not close the control channel * win32-threaded-resolver: stop using a dummy socket * OpenSSL: remove reference to openssl internal struct * OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled * OpenSSL: fix PKCS#12 certificate parsing related memory leak * OpenLDAP: fix LDAP connection phase memory leak * Telnet: Use correct file descriptor for telnet upload * Telnet: Remove bogus optimisation of telnet upload * URL parse: user name with ipv6 numerical address * polarssl: show cipher suite name correctly with 1.1.0 * polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be insecure * gnutls: enforced use of SSLv3
2012-01-28 15:41:14 +01:00
share/examples/curl/url2file.c