summaryrefslogtreecommitdiff
path: root/plugins/FTPFileYM/curl-7.29.0/CHANGES
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/FTPFileYM/curl-7.29.0/CHANGES')
-rw-r--r--plugins/FTPFileYM/curl-7.29.0/CHANGES5751
1 files changed, 5751 insertions, 0 deletions
diff --git a/plugins/FTPFileYM/curl-7.29.0/CHANGES b/plugins/FTPFileYM/curl-7.29.0/CHANGES
new file mode 100644
index 0000000000..08f0a8f60d
--- /dev/null
+++ b/plugins/FTPFileYM/curl-7.29.0/CHANGES
@@ -0,0 +1,5751 @@
+ _ _ ____ _
+ ___| | | | _ \| |
+ / __| | | | |_) | |
+ | (__| |_| | _ <| |___
+ \___|\___/|_| \_\_____|
+
+ Changelog
+
+Version 7.29.0 (6 Feb 2013)
+
+Daniel Stenberg (6 Feb 2013)
+- vms: config-vms.h is removed, no use trying to distribute it
+
+- RELEASE-NOTES: mention the SASL buffer overflow
+
+- [Eldar Zaitov brought this change]
+
+ Curl_sasl_create_digest_md5_message: fix buffer overflow
+
+ When negotiating SASL DIGEST-MD5 authentication, the function
+ Curl_sasl_create_digest_md5_message() uses the data provided from the
+ server without doing the proper length checks and that data is then
+ appended to a local fixed-size buffer on the stack.
+
+ This vulnerability can be exploited by someone who is in control of a
+ server that a libcurl based program is accessing with POP3, SMTP or
+ IMAP. For applications that accept user provided URLs, it is also
+ thinkable that a malicious user would feed an application with a URL to
+ a server hosting code targetting this flaw.
+
+ Bug: http://curl.haxx.se/docs/adv_20130206.html
+
+Steve Holme (6 Feb 2013)
+- FEATURES: Removed erroneous whitespace
+
+ Removed whitespace introduced in commit 5f8f20f5e65b that caused
+ formatting issues when generating the website docs.
+
+Yang Tse (6 Feb 2013)
+- setup-vms.h: post VMS patch cleanup - III
+
+ - rename post-config-vms.h to setup-vms.h
+ - move its inclusion into proper location in curl_setup.h
+
+- vms_show: post VMS patch cleanup - II
+
+ - remove multiple declarations of vms_show and add comments
+
+- tool_main.c: post VMS patch cleanup - I
+
+ - remove header inclusion already done in curl_setup_once.h
+
+Steve Holme (6 Feb 2013)
+- FEATURES: Added SSPI to list of NTLM libraries
+
+- FEATURES: Added Secure Transport and qssl to list of SSL libraries
+
+- FEATURES: Added email feature set
+
+ Added SMTP, SMTPS, POP3, POP3S, IMAP and IMAPS features.
+
+- imap.h: Corrected incorrect comment clarification
+
+ Corrected comment clarification made in commit 167717b8069a.
+
+- COPYING: Updated copyright year to include 2013
+
+Daniel Stenberg (5 Feb 2013)
+- RELEASE-NOTES: synced with 25f351424b3538
+
+ 8 more bug fixes mentioned
+
+- [John E. Malmberg brought this change]
+
+ VMS: fix and generate the VMS build config
+
+ config_h.com is a new file that generates a config.h file based on the
+ curl_config.h.in file and a quick scan of the configure script. This is
+ actually a generic procedure that is shared with other VMS packages.
+
+ The existing pre-built config-vms.h had over 100 entries that were not
+ correct and in some cases conflicted with the build options available in
+ the build_vms.com.
+
+ generate_config_vms_h_curl.com is a helper procedure to the
+ config_h.com. It covers the cases that the generic config_h.com is not
+ able to figure out, and accepts input from the build_vms.com procedure.
+
+ build_curlbuild_h.com is a new file to generate the curlbuild.h file
+ that Curl is now using when it is using a curl_config.h file.
+
+ post-config-vms.h is a new file that is needed to provide VMS specific
+ definitions, and most of them need to be set before the system header
+ files are included.
+
+ The VMS build procedure is fixed:
+
+ 1. Fixed to link in the correct HP ssl library.
+ 2. Fixed to detect if HP Kerberos is installed.
+ 3. Fixed to detect if HP LDAP is installed.
+ 4. Fixed to detect if gnv$libzshr is installed.
+ 5. Simplified the input parameter parsing to not use a loop.
+ 6. Warn that 64 bit pointer option support is not complete
+ in comments.
+ 7. Default to IEEE floating if platform supports it so
+ resulting libcurl will be compatible with other
+ open source projects on VMS.
+ 8. Default to LARGEFILE if platform supports it.
+ 9. Default to enable SSL, LDAP, Kerberos, libz
+ if the libraries are present.
+ 10. Build with exact case global symbols for libcurl.
+ 11. Generate linker option file needed.
+ 12. Compiler list option only commonly needed items.
+ 13. fulllist option for those who really want it.
+ 14. Create debug symbol file on Alpha, IA64.
+
+- Curl_proxyCONNECT: return once CONNECT is sent
+
+ By doing this unconditionally, we infer a simpler and more defined
+ behavior. This also has the upside that test 1021 no longer fails for me
+ even if I run with valgrind.
+
+ Also fixed some wrong comments.
+
+Steve Holme (5 Feb 2013)
+- email: Reworked comments in the endofresp() functions
+
+ Tidied up the comments in the endofresp() functions to be more
+ meaningful prior to release.
+
+Marc Hoersken (5 Feb 2013)
+- schannel: Removed extended error connection setup flag
+
+ According KB975858 this flag may cause problems on Windows 7 and
+ Windows Server 2008 R2 systems. Extended error information is not
+ currently used by libcurl and therefore not a requirement.
+
+ The flag may improve the SSL-connection shutdown in case of an
+ error. This means it might be a good improvement in the future.
+
+ Fixes bug/issue #1187 - thanks for the report
+
+Daniel Stenberg (5 Feb 2013)
+- [Tor Arntsen brought this change]
+
+ singleipconnect: Update *sockp for all CURLE_OK
+
+ The 56b7c87c7 change left a case where a good sockfd was not copied to
+ *sockp before returning with CURLE_OK
+
+- curl_easy_perform: Value stored to 'mcode' is never read
+
+ pointed out by clang-analyzer
+
+- singleipconnect: remove dead assignment
+
+ pointed out by clang-analyzer
+
+Linus Nielsen Feltzing (5 Feb 2013)
+- CURLMOPT_MAXCONNECTS: restore functionality
+
+ When a connection is no longer used, it is kept in the cache. If the
+ cache is full, the oldest idle connection is closed. If no connection is
+ idle, the current one is closed instead.
+
+Steve Holme (5 Feb 2013)
+- RELEASE-NOTES: Updated following recent changes to the email protocols
+
+ Added recent additions and fixes following the changes to imap, pop3
+ and smtp. Additionally added another contributor that helped to test
+ the imap sasl changes.
+
+- email: Provided extra comments following recent pop3/imap fixes
+
+ Provided additional clarification about the logic of the authenticate()
+ functions following commit 6b6bdc83bd36 and b4270a9af1d0.
+
+Daniel Stenberg (5 Feb 2013)
+- [Andrei Kurushin brought this change]
+
+ winbuild: include version info for .dll .exe
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=1186
+
+- FAQ: clarify 5.13 How do I stop an ongoing transfer
+
+ Rich Gray provided good feedback and we now clarify that you can in fact
+ stop a multi transfer at any point you like by removing the easy handle.
+
+- [Matt Arsenault brought this change]
+
+ cmake: Fix mingw build
+
+- [Sergei Nikulov brought this change]
+
+ cmake: updated OpenSSL build
+
+Steve Holme (4 Feb 2013)
+- pop3.c: Updated variable names to use shorter / more readable variant
+
+ Tidied up code from commit 6b6bdc83bdUpdated where a few instances of
+ the pop3c struct variable used the longer conndata struct rather than
+ matching what other code in pop3_authenticate() used.
+
+Guenter Knauf (4 Feb 2013)
+- updated copyright years.
+
+- configure: update the copyright years for the output.
+
+Steve Holme (3 Feb 2013)
+- imap: Fixed no known authentication mechanism when fallback is required
+
+ Fixed an issue where (lib)curl is compiled without support for a
+ supported challenge-response based SASL authentication mechanism, such
+ as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
+ mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
+
+ Note: In order to fallback to Clear Text authentication properly this
+ fix adds support for the LOGINDISABLED server capability.
+ imap: Fixed no known authentication mechanism when fallback is required
+
+ Fixed an issue where (lib)curl is compiled without support for a
+ supported challenge-response based SASL authentication mechanism, such
+ as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
+ mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
+
+ Note: In order to fallback to Clear Text authentication properly this
+ fix adds support for the LOGINDISABLED server capability.
+
+ Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
+ Reported by: Stanislav Ivochkin
+
+- pop3: Fixed no known authentication mechanism when fallback is required
+
+ Fixed an issue where (lib)curl is compiled without support for a
+ supported challenge-response based SASL authentication mechanism, such
+ as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
+ mechanisms and (lib)curl doesn't fallback to APOP or Clear Text
+ authentication.
+
+ Bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
+ Reported by: Stanislav Ivochkin
+
+Daniel Stenberg (1 Feb 2013)
+- singleipconnect: simplify and clean up
+
+ Remove timeout argument that's never used.
+
+ Make the actual connection get detected on a single spot to reduce code
+ duplication.
+
+ Store the IPv6 state already when the connection is attempted.
+
+- Curl_perfom: removed
+
+ Curl_perfom is no longer used anywhere since the always-multi commit
+ c43127414d89ccb9, and some related functions were used only from within
+ Curl_perfom.
+
+Guenter Knauf (30 Jan 2013)
+- Updated date.
+
+Yang Tse (30 Jan 2013)
+- zz40-xc-ovr.m4: fix 'wc' detection - follow-up 2
+
+ - Fix a pair of single quotes to double quotes.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0355.html
+ Reported by: Tor Arntsen
+
+- zz40-xc-ovr.m4: fix 'wc' detection - follow-up
+
+ - Take into account that 'wc' may return leading spaces and/or tabs.
+
+ - Set initial IFS to space, tab and newline.
+
+- zz40-xc-ovr.m4: fix 'wc' detection
+
+ - Take into account that 'wc' may return leading spaces.
+
+ - Set internationalization behavior variables.
+
+ Tor Arntsen analyzed and reported the issue.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0351.html
+
+- zz40-xc-ovr.m4: check another three basic utilities
+
+Guenter Knauf (29 Jan 2013)
+- Fixed debug.c to work again unchanged.
+
+ Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.
+
+Daniel Stenberg (29 Jan 2013)
+- [Nick Zitzmann brought this change]
+
+ darwinssl: Fix bug where packets were sometimes transmitted twice
+
+ There was a bug where, if SSLWrite() returned errSSLWouldBlock but did
+ succeed in transmitting at least something, then we'd incorrectly
+ resend the packet. Now we never take errSSLWouldBlock as a sign that
+ nothing was transferred to/from the server.
+
+ Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html
+ Reported by: Bruno de Carvalho
+
+- [Nick Zitzmann brought this change]
+
+ FAQ: "Darwinssl" is AKA "Secure Transport" and supports NTLM
+
+- RELEASE-NOTES: only list Nick once
+
+ Even though he's a fine dude, once is enough for this time!
+
+Yang Tse (28 Jan 2013)
+- zz40-xc-ovr.m4: 1.0 interface stabilization
+
+ - Stabilization results in 4 public interface m4 macros:
+ XC_CONFIGURE_PREAMBLE
+ XC_CONFIGURE_PREAMBLE_VER_MAJOR
+ XC_CONFIGURE_PREAMBLE_VER_MINOR
+ XC_CHECK_PATH_SEPARATOR
+ - Avoid one level of internal indirection
+ - Update comments
+ - Drop XC_OVR_ZZ40 macro
+
+Kamil Dudka (28 Jan 2013)
+- docs: fix typos in man pages
+
+ Reported by: Jiri Jaburek
+ Bug: https://bugzilla.redhat.com/896544
+
+- docs: update the comments about loading CA certs with NSS
+
+ Bug: https://bugzilla.redhat.com/696783
+
+Guenter Knauf (28 Jan 2013)
+- Updated dependency libs.
+
+- Fixed simple.c to work again unchanged.
+
+ Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.
+
+Steve Holme (27 Jan 2013)
+- smtp.c: Fixed unnecessary state change if starttls fails
+
+ The state machine should only be changed to SMTP_STARTTLS when the
+ STARTTLS command has been successfully sent to the server.
+
+- pop3.c: Fixed unnecessary state change if starttls fails
+
+ The state machine should only be changed to POP3_STARTTLS when the
+ STLS command has been successfully sent to the server.
+
+- imap.c: Fixed unnecessary state change if starttls fails
+
+ The state machine should only be changed to IMAP_STARTTLS when the
+ STARTTLS command has been successfully sent to the server.
+
+- email: Updated comment regarding ssldone usage
+
+ Updated the ssldone comment as multi mode is always used internally now.
+
+Yang Tse (26 Jan 2013)
+- zz40-xc-ovr.m4: emit witness message in configure BODY
+
+ This avoids witness message in output when running configure --help,
+ while sending the message to config.log for other configure runs.
+
+Steve Holme (25 Jan 2013)
+- smtp.c: Added comments to smtp_endofresp()
+
+ Minor code tidy up to add comments similar to those used in the pop3
+ and imap end of resp functions, in order to assist anyone reading the
+ code and highlight the similarities between each of these protocols.
+
+Yang Tse (25 Jan 2013)
+- zz40-xc-ovr.m4: truly do version conditional overriding
+
+ - version conditional overriding
+ - catch unexpanded XC macros
+ - fix double words in comments
+
+- zz40-xc-ovr.m4: fix variable assignment of subshell output bashism
+
+ Tor Arntsen analyzed and reported the issue.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0306.html
+
+- zz40-xc-ovr.m4: reinstate strict AC_REQUIRE macro dependencies
+
+- zz40-xc-ovr.m4: avoid double single-quote usage
+
+- zz40-xc-ovr.m4: parentheses balancing of 'case' statements
+
+ m4 quadrigraph shell comment technique allows proper autoconf
+ parentheses balancing in shell 'case' statements. The presence
+ of unbalanced parentheses may otherwise trigger expansion bugs.
+
+Steve Holme (24 Jan 2013)
+- smtp.c: Corrected RFC references
+
+ The most recent version of the SMTP RFC is RFC5321 and not RFC2821 as
+ previously documented.
+
+ Added RFC1870 and re-ordered list numerically.
+
+- smtp.c: Fixed failure detection during TLS upgrade
+
+ smtp_state_upgrade_tls() would attempt to incorrectly complete the
+ upgrade to smtps and start the EHLO command if
+ Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
+ was set to TRUE. This would only happen when a non-blocking API hadn't
+ been provided by the SSL implementation and curlssl_connect() was
+ called underneath.
+
+- pop3.c: Fixed failure detection during TLS upgrade
+
+ pop3_state_upgrade_tls() would attempt to incorrectly complete the
+ upgrade to pop3s and start the CAPA command if
+ Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
+ was set to TRUE. This would only happen when a non-blocking API hadn't
+ been provided by the SSL implementation and curlssl_connect() was
+ called underneath.
+
+- imap.c: Fixed failure detection during TLS upgrade
+
+ imap_state_upgrade_tls() would attempt to incorrectly complete the
+ upgrade to imaps and start the CAPABILITY command if
+ Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
+ was set to TRUE. This would only happen when a non-blocking API hadn't
+ been provided by the SSL implementation and curlssl_connect() was
+ called underneath.
+
+Yang Tse (24 Jan 2013)
+- zz40-xc-ovr.m4: internals overhauling
+
+ - Update comments
+ - Execute commands in subshells
+ - Faster path separator check
+ - Fix missing 'test' command
+ - Rename private macros
+ - Minimize AC_REQUIRE usage
+
+Steve Holme (23 Jan 2013)
+- email: Removed unnecessary return statements
+
+ Small tidy up to remove unnecessary return statements prior to the next
+ fix.
+
+Yang Tse (23 Jan 2013)
+- zz40-xc-ovr.m4: redirect errors and warnings to stderr
+
+- zz40-xc-ovr.m4: AC_REQUIRE also XC_CONFIGURE_PREAMBLE success message
+
+- zz60-xc-ovr.m4: tighten XC_OVR_ZZ60 macro placement requirements
+
+- configure: use XC_CONFIGURE_PREAMBLE early checks
+
+ Some basic checks we make were placed early enough in generated
+ configure script when using autoconf 2.5X versions. Newer autoconf
+ versions expand these checks much further into the configure script,
+ rendering them useless. Using XC_CONFIGURE_PREAMBLE fixes placement
+ of early intended checks across all our autoconf supported versions.
+
+- zz40-xc-ovr.m4: provide XC_CONFIGURE_PREAMBLE macro
+
+Daniel Stenberg (23 Jan 2013)
+- FAQ: update the SSL lib list and wording in question 2.2
+
+Steve Holme (22 Jan 2013)
+- curl_sasl.c: Corrected references to RFC
+
+ The most recent version of the RFC is RFC4422 and not RFC2222 as
+ previously documented.
+
+- email: Corrected references to SASL RFC
+
+ The most recent version of the SASL RFC is RFC4422 and not RFC2222 as
+ previously documented.
+
+Daniel Stenberg (22 Jan 2013)
+- [Ulion brought this change]
+
+ formpost: support quotes, commas and semicolon in file names
+
+ - document the double-quote and backslash need be escaped if quoting.
+ - libcurl formdata escape double-quote in filename by backslash.
+ - curl formparse can parse filename both contains '"' and ',' or ';'.
+ - curl now can uploading file with ',' or ';' in filename.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=1171
+
+- memanalyze.pl: handle fopen() of file names with quotes
+
+Yang Tse (21 Jan 2013)
+- xc-cc-check.m4: re-evaluate exporting and AC_SUBST'ing vars
+
+ Notes:
+
+ When running a configure script that has nested packages (for example
+ libcurl's configure with --enable-ares and c-ares sources embedded in
+ curl tree) and AC_CONFIG_SUBDIRS([nested-subdir]) machinery is used to
+ automatically run the nested configure script from within the parent
+ configure script, it happens that the nested _shell_ script will
+ inherit shell variables exported from the parent _shell_ script.
+
+ If for example parent configure script sets and exports LDFLAGS and LIBS
+ variables with proper values in order to link either a parent library or
+ program with a library which will be configured and built by a nested
+ package; It will happen that when the nested configure script runs, the
+ nested library does not exist yet and _any_ link-test done in the nested
+ configure will fail, such as those that autoconf macros perform in order
+ to detect existing compiler and its characteristics, the result is that
+ the nested configure script will fail with errors such as:
+
+ configure: error: C compiler cannot create executables
+
+ For now, we no longer export variables previously exported here.
+
+ On the other hand, AC_SUBST'ing them is appropriate and even with nested
+ packages each package's config.status gets its own package values.
+
+ So we reinstate AC_SUBST'ing previously AC_SUBST'ed variables.
+
+Daniel Stenberg (21 Jan 2013)
+- FAQ: 3.22 curl -X gives me HTTP problems
+
+Yang Tse (21 Jan 2013)
+- xc-cc-check.m4: avoid recursive package automake'ing breakage
+
+- xc-cc-check.m4: mark earlier variables that are to be exported
+
+- configure: autotools compatibility fixes - step I
+
+ Fix proper macro expansion order across autotools versions for
+ C compiler and preprocessor program checks.
+
+Steve Holme (20 Jan 2013)
+- pop3.c: Fixed conditional compilation of the apop response function
+
+ Extended the fix from commit 8b15c84ea91e to additionally exclude
+ pop3_state_apop_resp() if the CURL_DISABLE_CRYPTO_AUTH flag is
+ defined.
+
+Yang Tse (20 Jan 2013)
+- Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables
+
+Daniel Stenberg (19 Jan 2013)
+- formadd: reject trying to read a directory where a file is expected
+
+ Bug: http://curl.haxx.se/mail/archive-2013-01/0017.html
+ Reported by: Ulrich Doehner
+
+- curl_easy_send.3: document return codes
+
+ Reported by: Craig Davison
+ Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html
+
+- curl_easy_recv.3: document return codes
+
+ Reported by: Craig Davison
+ Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html
+
+Steve Holme (19 Jan 2013)
+- email: General code tidy up
+
+ Corrected some function argument definitions to maximize the 80
+ character line length limit and be in keeping with the curl
+ coding style.
+
+- pop3.c: Fixed a problem with pop3s connections not connecting properly
+
+ Fixed an issue where Curl_ssl_connect_nonblocking() wouldn't complete
+ correctly and the ssldone flag wouldn't be set to true for pop3s based
+ connections.
+
+ Bug introduced in commit: 4ffb8a6398ed.
+
+Daniel Stenberg (18 Jan 2013)
+- RELEASE-NOTES: add references to several bugfixes+changes
+
+Steve Holme (18 Jan 2013)
+- RELEASE-NOTES: Added missing imap fix
+
+ Added missing imap fix as per commit 709b3506cd9b.
+
+Yang Tse (18 Jan 2013)
+- runtests.pl: make VPATH builds find valgrind.supp
+
+Daniel Stenberg (18 Jan 2013)
+- RELEASE-NOTES: synced with c43127414d89
+
+- always-multi: always use non-blocking internals
+
+ Remove internal separated behavior of the easy vs multi intercace.
+ curl_easy_perform() is now using the multi interface itself.
+
+ Several minor multi interface quirks and bugs have been fixed in the
+ process.
+
+ Much help with debugging this has been provided by: Yang Tse
+
+Yang Tse (17 Jan 2013)
+- url.c: fix HTTP CONNECT tunnel establishment upon delayed response
+
+ Fixes initial proxy response being processed by the tunneled protocol
+ handler instead of the HTTP wrapper handler. This issue would trigger
+ upon delayed CONNECT response from the proxy.
+
+ Additionally fixes a multi interface code-path in which connections
+ would not time out properly.
+
+ This does not fix known bug #39.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0191.html
+
+Daniel Stenberg (16 Jan 2013)
+- [Yves Arrouye brought this change]
+
+ --libcurl: fix for non-zero default options
+
+ If the default value for an option taking a long as its value is non
+ zero, and it is set by zero by a command line option, then that command
+ line option is not reflected in --libcurl's output. This is because line
+ 520-521 of tool_setopt.c look like:
+
+ if(!lval)
+ skip = TRUE;
+
+ An example of a command-line option doing so is the -k option that sets
+ CURLOPT_SLL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to 0L, when the
+ defaults are non-zero.
+
+- FTP: reject illegal port numbers in EPSV 229 responses
+
+Yang Tse (15 Jan 2013)
+- commit bc682cbd follow-up
+
+- build: use per-target '_CPPFLAGS' for those currently using default
+
+ Automake documents that doing this will make it choose a different name
+ for intermediate object files even when sharing source files across
+ targets of same Makefile.am.
+
+ Up to automake 1.13.1 target's intermediate object files were placed
+ in the build subdirectory of the target. We depended on this, probably
+ undocumented behavior, to achieve same behavior as if a per-target flag
+ had been specified when building targets that actually belong to
+ different Makefile.am files.
+
+ It seems automake 1.13.2 is going to break behavior mentioned above.
+
+ So, lets use a documented behavior in order to achieve same purpose,
+ across automake versions, no matter where automake wishes to place
+ intermediate object files.
+
+ Our build targets that already were using a per-target '_CFLAGS' or
+ '_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only
+ Makefile.am or Makefile.in files in libcurl's source tree touched by
+ this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc.
+
+- tests/libtest/Makefile.inc: sort build targets
+
+- tests/Makefile.am: remove wildcard usage in EXTRA_DIST
+
+Kamil Dudka (15 Jan 2013)
+- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
+
+ Do not use the error messages from NSS for errors not occurring in NSS.
+
+Steve Holme (14 Jan 2013)
+- TODO: Updated following IMAP SASL additions
+
+Yang Tse (14 Jan 2013)
+- configure: fix automake 1.13 compatibility
+
+ Tested with:
+
+ buildconf: autoconf version 2.69
+ buildconf: autom4te version 2.69
+ buildconf: autoheader version 2.69
+ buildconf: automake version 1.13.1
+ buildconf: aclocal version 1.13.1
+ buildconf: libtool version 2.4
+ buildconf: GNU m4 version 1.4.16
+
+Daniel Stenberg (13 Jan 2013)
+- BUGS: update bug tracker URL
+
+ ... and refresh number of lines of code
+
+- Curl_resolver_getsock: fix the function description comment
+
+ It referred to it by the wrong name and said it returned the wrong value.
+
+ Reported by: Gisle Vanem
+
+Kamil Dudka (11 Jan 2013)
+- nss: clear session cache if a client cert from file is used
+
+ This commit fixes a regression introduced in 052a08ff.
+
+ NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
+ and if we connect second time to the same server, the cached cert/key
+ pair is used. If we use multiple client certificates for different
+ paths on the same server, we need to clear the session cache to force
+ NSS to call the hook again. The commit 052a08ff prevented the session
+ cache from being cleared if a client certificate from file was used.
+
+ The condition is now fixed to cover both cases: consssl->client_nickname
+ is not NULL if a client certificate from the NSS database is used and
+ connssl->obj_clicert is not NULL if a client certificate from file is
+ used.
+
+ Review by: Kai Engert
+
+Yang Tse (11 Jan 2013)
+- sockfilt.c: log file descriptor number on read/write error
+
+- [Gisle Vanem brought this change]
+
+ packages/DOS/common.dj: remove COFF debug info generation
+
+ gcc on DOS hasn't really supported COFF-debug (-gcoff) on djgpp for a
+ long time.
+
+ "Sounds like the COFF debug info generation has bit-rotted in GCC.
+ Nothing new here, no other platform uses COFF AFAIK."
+
+ So lets drop it too.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0130.html
+
+- curl: ignore SIGPIPE - compilation fix - follow-up
+
+- test servers: handle W32/W64 SIGBREAK with exit_signal_handler
+
+- test servers: fix errno, ERRNO and SOCKERRNO usage for W32/W64
+
+- sockfilt.c: fix some W64 compiler warnings
+
+Daniel Stenberg (9 Jan 2013)
+- [Nick Zitzmann brought this change]
+
+ docs: the --with-darwinssl option is available on Apple OSes
+
+Yang Tse (9 Jan 2013)
+- curl: ignore SIGPIPE - compilation fix
+
+- build: fix circular header inclusion with other packages
+
+ This commit renames lib/setup.h to lib/curl_setup.h and
+ renames lib/setup_once.h to lib/curl_setup_once.h.
+
+ Removes the need and usage of a header inclusion guard foreign
+ to libcurl. [1]
+
+ Removes the need and presence of an alarming notice we carried
+ in old setup_once.h [2]
+
+ ----------------------------------------
+
+ 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
+ up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
+ this single inclusion guard is enough to ensure that inclusion of
+ lib/setup_once.h done from lib/setup.h is only done once.
+
+ Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
+ protect inclusion of setup_once.h even after commit ec691ca3, this
+ was to avoid a circular header inclusion triggered when building a
+ c-ares enabled version with c-ares sources available which also has
+ a setup_once.h header. Commit ec691ca3 exposes the real nature of
+ __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
+ foreign to libcurl belonging to c-ares's setup_once.h
+
+ The renaming this commit does, fixes the circular header inclusion,
+ and as such removes the need and usage of a header inclusion guard
+ foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.
+
+ 2 - Due to the circular interdependency of old lib/setup_once.h and the
+ c-ares setup_once.h header, old file lib/setup_once.h has carried
+ back from 2006 up to now days an alarming and prominent notice about
+ the need of keeping libcurl's and c-ares's setup_once.h in sync.
+
+ Given that this commit fixes the circular interdependency, the need
+ and presence of mentioned notice is removed.
+
+ All mentioned interdependencies come back from now old days when
+ the c-ares project lived inside a curl subdirectory. This commit
+ removes last traces of such fact.
+
+Daniel Stenberg (8 Jan 2013)
+- curl: ignore SIGPIPE
+
+ This is a work-around for bug #1180 which is really libcurl's inability
+ to ignore SIGPIPE in a few cases. With this work-around at least curl
+ won't suffer from it!
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=1180
+ Reported by: Lluís Batlle i Rossell
+
+Yang Tse (8 Jan 2013)
+- sockfilt.c: fix some compiler warnings
+
+Daniel Stenberg (8 Jan 2013)
+- Revert "configure: update req to 2.59"
+
+ This reverts commit 7a6d8b1b1a8fcc184c36d6b6e741e32250b4bacb.
+
+ URL: http://curl.haxx.se/mail/lib-2013-01/0103.html
+
+Steve Holme (8 Jan 2013)
+- pop3: Added support for non-blocking SSL upgrade
+
+ Added support for asynchronous SSL upgrade when using the
+ multi-interface.
+
+Daniel Stenberg (8 Jan 2013)
+- configure: update req to 2.59
+
+ I ran the 2.59 version of autoupdate that updates obsoleted configure.ac
+ constructs to the 2.59 standard. With a little hands-on fiddling I
+ prevented it from ruining the quoting in AS_HELP_STRING() uses.
+
+ I subsequently also bumped the required autoconf version to 2.59
+ (released in December 2003) as I don't have an older autoconf version
+ around to test with and I can't be bothered to install one either...
+
+ Inspired by: Björn Stenberg
+ Related blog post: http://cazfi.livejournal.com/195108.html
+
+Steve Holme (7 Jan 2013)
+- imap.c: Small tidy up to add missing comment
+
+- imap: Added support for sasl digest-md5 authentication
+
+- imap: Added support for sasl cram-md5 authentication
+
+Marc Hoersken (7 Jan 2013)
+- tests/server/sockfilt.c: Fixed integer comparison warning
+
+- tests/server/sockfilt.c: Include required Win32 headers
+
+Steve Holme (7 Jan 2013)
+- imap: Added support for sasl ntlm authentication
+
+- imap: Added support for sasl login authentication
+
+- pop3.c: Fixed default authentication detection
+
+ Fixed an issue where a server may positively respond to the CAPA command
+ but not list clear text as a valid authentication type.
+
+- curl_sasl.c: Small code tidy up following imap changes
+
+- smtp.c: Small code tidy up following imap changes
+
+- pop3.c: Small code tidy up following imap changes
+
+- imap: Added support for sasl plain text authentication
+
+Marc Hoersken (6 Jan 2013)
+- tests/server/sockfilt.c: Fixed support for listening sockets
+
+ This commit fixes support for sockets that are ready to accept
+ a new connection and have previously been put into listening mode.
+
+ It also includes changes which are the result of investigation
+ regarding Windows STDIN. These changes are the preparation for further
+ improvements regarding support for reading data from STDIN on Windows.
+
+ Open issue: WaitForMultipleObjectsEx does not support PIPE handles
+ which are returned by GetStdHandle while running without a GUI.
+
+- tests/server/sockfilt.c: Set Windows Console to binary mode
+
+- tests/server/sockfilt.c: Improved log error messages
+
+ Include error code and parameters in error messages.
+
+Steve Holme (6 Jan 2013)
+- imap: Introduced the continue response in imap_endofresp()
+
+- imap: Added support for SASL based authentication mechanism detection
+
+ Added support for detecting the supported SASL authentication mechanisms
+ via the CAPABILITY command.
+
+Yang Tse (6 Jan 2013)
+- Revert changes relative to lib/*.[ch] recent renaming
+
+ This reverts renaming and usage of lib/*.h header files done
+ 28-12-2012, reverting 2 commits:
+
+ f871de0... build: make use of 76 lib/*.h renamed files
+ ffd8e12... build: rename 76 lib/*.h files
+
+ This also reverts removal of redundant include guard (redundant thanks
+ to changes in above commits) done 2-12-2013, reverting 1 commit:
+
+ c087374... curl_setup.h: remove redundant include guard
+
+ This also reverts renaming and usage of lib/*.c source files done
+ 3-12-2013, reverting 3 commits:
+
+ 13606bb... build: make use of 93 lib/*.c renamed files
+ 5b6e792... build: rename 93 lib/*.c files
+ 7d83dff... build: commit 13606bbfde follow-up 1
+
+ Start of related discussion thread:
+
+ http://curl.haxx.se/mail/lib-2013-01/0012.html
+
+ Asking for confirmation on pushing this revertion commit:
+
+ http://curl.haxx.se/mail/lib-2013-01/0048.html
+
+ Confirmation summary:
+
+ http://curl.haxx.se/mail/lib-2013-01/0079.html
+
+ NOTICE: The list of 2 files that have been modified by other
+ intermixed commits, while renamed, and also by at least one
+ of the 6 commits this one reverts follows below. These 2 files
+ will exhibit a hole in history unless git's '--follow' option
+ is used when viewing logs.
+
+ lib/curl_imap.h
+ lib/curl_smtp.h
+
+Daniel Stenberg (6 Jan 2013)
+- mk-ca-bundle.1: convert syntax to what's used elsewhere
+
+ ... mostly to make sure roffit works better on it, but also to make our
+ man pages use a more unified style.
+
+- mk-ca-bundle.1: mention new -f, fix outputfile output
+
+ also edited a few sentences to become more verbose
+
+- mk-ca-bundle: add -f, support passing to stdout and more
+
+ 1. When the downloaded data file from Mozilla is current, but the output
+ bundle does not exist: continue processing to create the bundle. The
+ goal is to have the output file - not just download the latest input.
+
+ 2. added -f option to force re-processing the file. Useful for
+ debugging/testing the process.
+
+ 3. added support for output to '-' (stdout), allowing the output to be
+ piped.
+
+ 4. All progress and error messages go to STDERR rather than STDOUT (3)
+
+ 5. The script opened and closed the output file many times
+ unnecessarily. It now opens it once, does the output and closes it.
+
+ 6. Backup of the input files happens after successful processing, not
+ before.
+
+ 7. The output is written to a temporary file, and renamed to the
+ requested name after backup - this greatly reduces the window where the
+ file can be seen partially written.
+
+ 8. all die calls have a \n at the end to suppress perl's traceback - the
+ traceback isn't useful to end users.
+
+ Patch: http://curl.haxx.se/mail/lib-2013-01/0045.html
+
+Yang Tse (5 Jan 2013)
+- imap test server: fix typo in name of SELECT_imap() sub definition
+
+ IMAP test server breaking typo introduced with commit b708a522a1
+
+Steve Holme (4 Jan 2013)
+- imap test server: Added support for the CAPABILITY command
+
+ Added support for the CAPABILITY command in preparation of upcoming
+ changes.
+
+Daniel Stenberg (3 Jan 2013)
+- writeout: -w now supports remote_ip/port and local_ip/port
+
+ Added mention to the curl.1 man page.
+
+ Test case 1223 verifies remote_ip/port.
+
+Yang Tse (3 Jan 2013)
+- test 1222: 8 chars object name generation && test 1221: adjustments
+
+Daniel Stenberg (3 Jan 2013)
+- INTERNALS: remove "footnote" never used
+
+Yang Tse (3 Jan 2013)
+- build: commit 13606bbfde follow-up 1
+
+Daniel Stenberg (3 Jan 2013)
+- FAQ: Can I write a server with libcurl?
+
+Yang Tse (3 Jan 2013)
+- build: rename 93 lib/*.c files
+
+ 93 lib/*.c source files renamed to use our standard naming scheme.
+
+ This commit only does the file renaming.
+
+ ----------------------------------------
+
+ renamed: lib/amigaos.c -> lib/curl_amigaos.c
+ renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c
+ renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c
+ renamed: lib/axtls.c -> lib/curl_axtls.c
+ renamed: lib/base64.c -> lib/curl_base64.c
+ renamed: lib/bundles.c -> lib/curl_bundles.c
+ renamed: lib/conncache.c -> lib/curl_conncache.c
+ renamed: lib/connect.c -> lib/curl_connect.c
+ renamed: lib/content_encoding.c -> lib/curl_content_encoding.c
+ renamed: lib/cookie.c -> lib/curl_cookie.c
+ renamed: lib/cyassl.c -> lib/curl_cyassl.c
+ renamed: lib/dict.c -> lib/curl_dict.c
+ renamed: lib/easy.c -> lib/curl_easy.c
+ renamed: lib/escape.c -> lib/curl_escape.c
+ renamed: lib/file.c -> lib/curl_file.c
+ renamed: lib/fileinfo.c -> lib/curl_fileinfo.c
+ renamed: lib/formdata.c -> lib/curl_formdata.c
+ renamed: lib/ftp.c -> lib/curl_ftp.c
+ renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c
+ renamed: lib/getenv.c -> lib/curl_getenv.c
+ renamed: lib/getinfo.c -> lib/curl_getinfo.c
+ renamed: lib/gopher.c -> lib/curl_gopher.c
+ renamed: lib/gtls.c -> lib/curl_gtls.c
+ renamed: lib/hash.c -> lib/curl_hash.c
+ renamed: lib/hmac.c -> lib/curl_hmac.c
+ renamed: lib/hostasyn.c -> lib/curl_hostasyn.c
+ renamed: lib/hostcheck.c -> lib/curl_hostcheck.c
+ renamed: lib/hostip.c -> lib/curl_hostip.c
+ renamed: lib/hostip4.c -> lib/curl_hostip4.c
+ renamed: lib/hostip6.c -> lib/curl_hostip6.c
+ renamed: lib/hostsyn.c -> lib/curl_hostsyn.c
+ renamed: lib/http.c -> lib/curl_http.c
+ renamed: lib/http_chunks.c -> lib/curl_http_chunks.c
+ renamed: lib/http_digest.c -> lib/curl_http_digest.c
+ renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c
+ renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c
+ renamed: lib/http_proxy.c -> lib/curl_http_proxy.c
+ renamed: lib/idn_win32.c -> lib/curl_idn_win32.c
+ renamed: lib/if2ip.c -> lib/curl_if2ip.c
+ renamed: lib/imap.c -> lib/curl_imap.c
+ renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c
+ renamed: lib/inet_pton.c -> lib/curl_inet_pton.c
+ renamed: lib/krb4.c -> lib/curl_krb4.c
+ renamed: lib/krb5.c -> lib/curl_krb5.c
+ renamed: lib/ldap.c -> lib/curl_ldap.c
+ renamed: lib/llist.c -> lib/curl_llist.c
+ renamed: lib/md4.c -> lib/curl_md4.c
+ renamed: lib/md5.c -> lib/curl_md5.c
+ renamed: lib/memdebug.c -> lib/curl_memdebug.c
+ renamed: lib/mprintf.c -> lib/curl_mprintf.c
+ renamed: lib/multi.c -> lib/curl_multi.c
+ renamed: lib/netrc.c -> lib/curl_netrc.c
+ renamed: lib/non-ascii.c -> lib/curl_non_ascii.c
+ renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h
+ renamed: lib/nonblock.c -> lib/curl_nonblock.c
+ renamed: lib/nss.c -> lib/curl_nss.c
+ renamed: lib/nwlib.c -> lib/curl_nwlib.c
+ renamed: lib/nwos.c -> lib/curl_nwos.c
+ renamed: lib/openldap.c -> lib/curl_openldap.c
+ renamed: lib/parsedate.c -> lib/curl_parsedate.c
+ renamed: lib/pingpong.c -> lib/curl_pingpong.c
+ renamed: lib/polarssl.c -> lib/curl_polarssl.c
+ renamed: lib/pop3.c -> lib/curl_pop3.c
+ renamed: lib/progress.c -> lib/curl_progress.c
+ renamed: lib/qssl.c -> lib/curl_qssl.c
+ renamed: lib/rawstr.c -> lib/curl_rawstr.c
+ renamed: lib/rtsp.c -> lib/curl_rtsp.c
+ renamed: lib/security.c -> lib/curl_security.c
+ renamed: lib/select.c -> lib/curl_select.c
+ renamed: lib/sendf.c -> lib/curl_sendf.c
+ renamed: lib/share.c -> lib/curl_share.c
+ renamed: lib/slist.c -> lib/curl_slist.c
+ renamed: lib/smtp.c -> lib/curl_smtp.c
+ renamed: lib/socks.c -> lib/curl_socks.c
+ renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c
+ renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c
+ renamed: lib/speedcheck.c -> lib/curl_speedcheck.c
+ renamed: lib/splay.c -> lib/curl_splay.c
+ renamed: lib/ssh.c -> lib/curl_ssh.c
+ renamed: lib/sslgen.c -> lib/curl_sslgen.c
+ renamed: lib/ssluse.c -> lib/curl_ssluse.c
+ renamed: lib/strdup.c -> lib/curl_strdup.c
+ renamed: lib/strequal.c -> lib/curl_strequal.c
+ renamed: lib/strerror.c -> lib/curl_strerror.c
+ renamed: lib/strtok.c -> lib/curl_strtok.c
+ renamed: lib/strtoofft.c -> lib/curl_strtoofft.c
+ renamed: lib/telnet.c -> lib/curl_telnet.c
+ renamed: lib/tftp.c -> lib/curl_tftp.c
+ renamed: lib/timeval.c -> lib/curl_timeval.c
+ renamed: lib/transfer.c -> lib/curl_transfer.c
+ renamed: lib/url.c -> lib/curl_url.c
+ renamed: lib/version.c -> lib/curl_version.c
+ renamed: lib/warnless.c -> lib/curl_warnless.c
+ renamed: lib/wildcard.c -> lib/curl_wildcard.c
+
+ ----------------------------------------
+
+- build: make use of 93 lib/*.c renamed files
+
+ 93 *.c source files renamed to use our standard naming scheme.
+
+ This change affects 77 files in libcurl's source tree.
+
+Daniel Stenberg (3 Jan 2013)
+- INSTALL: unify the SSL library texts
+
+ Make them smaller and more similar for each separate SSL library
+ supported by the configure build
+
+Yang Tse (2 Jan 2013)
+- curl_setup.h: remove redundant include guard
+
+- build and tests: curl_10char_object_name() shell function
+
+ lib/objnames.inc provides definition of curl_10char_object_name() shell
+ function. The intended purpose of this function is to transliterate a
+ (*.c) source file name that may be longer than 10 characters, or not,
+ into a string with at most 10 characters which may be used as an OS/400
+ object name.
+
+ Test case 1221 does unit testng of this function and also verifies
+ that it is possible to generate distinct short object names for all
+ curl and libcurl *.c source file names.
+
+ lib/objnames-test.sh is the shell script used for test case 1221.
+
+ tests/runtests.pl modified to accept shell script test cases.
+
+ More details inside lib/objnames.inc and lib/objnames-test.sh
+
+- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS
+
+ automake 1.13 errors if AM_CONFIG_HEADER is used in configure script.
+ automake 1.13 no longer autoupdates AM_CONFIG_HEADER to
+ AC_CONFIG_HEADERS, thing which automake has been doing since automake
+ version 1.7
+
+ Given that our first automake supported version is automake 1.7,
+ simply replacing AM_CONFIG_HEADER usage with AC_CONFIG_HEADERS seems
+ enough to yet support same automake versions.
+
+ Dave Reisner reported issue with 1.13 and provided patch.
+
+ http://curl.haxx.se/mail/lib-2012-12/0246.html
+
+- curl-override.m4: provide AC_CONFIG_MACRO_DIR definition conditionally
+
+ Provide a 'traceable' AC_CONFIG_MACRO_DIR definition only when using
+ an autoconf version that does not provide it, instead of what we were
+ doing up to now of providing and overriding AC_CONFIG_MACRO_DIR for
+ all autoconf versions.
+
+Steve Holme (30 Dec 2012)
+- imap.c: Minor follow up tidy up
+
+- imap: Code tidy up prior to adding support for the CAPABILITY command
+
+ * Changing the order of the state machine to represent the order in
+ which commands are sent to the server.
+
+ * Reworking the imap_endofresp() function as the FETCH response doesn't
+ include the command id and shouldn't be part of the length comparison
+ that takes into account the id string.
+
+- pop3_doing: Applied debug info message when function fails
+
+ Applied the same debug message as used in smtp_doing() and imap_doing()
+ when pop3_multi_statemach() fails.
+
+- imap_doing: don't call imap_dophase_done() if already failed
+
+ Applied the POP3 fix from commit 2897ce7dc2e1 so imap_dophase_done()
+ isn't called if imap_multi_statemach() fails.
+
+- smtp_doing: don't call smtp_dophase_done() if already failed
+
+ Applied the POP3 fix from commit 2897ce7dc2e1 so smtp_dophase_done()
+ isn't called if smtp_multi_statemach() fails.
+
+Yang Tse (29 Dec 2012)
+- examples/certinfo.c: fix compiler warning
+
+Steve Holme (29 Dec 2012)
+- pop3.c: Removed unnecessary POP3_STOP state changes
+
+ Removed unnecessary state changes in pop3_state_starttls_resp()
+ following previous fix in IMAP module.
+
+- smtp.c: Added extra comments around SMTP_STOP state change
+
+ Provided extra comments in the SMTP module following previous IMAP fix.
+
+- imap.c: Fixed bad state error when logging in with invalid credentials
+
+ Fixed a problem with the state machine when attempting to log in with
+ invalid credentials. The server would report login failure but libcurl
+ would not read the response due to inappropriate IMAP_STOP states being
+ set after the login was sent.
+
+Yang Tse (29 Dec 2012)
+- imap.c: remove trailing whitespace
+
+Steve Holme (28 Dec 2012)
+- imap.c: Code tidy up - Part 2
+
+- imap.c: Code tidy up - Part 1
+
+ Applied some of the comment and layout changes that had already been
+ applied to the pop3 and smtp code over the last 6 to 9 months.
+
+ This is in preparation of adding SASL based authentication.
+
+- pop3.c: Minor code tidy up
+
+ Minor tidy up of comments and layout prior to next part of imap work.
+
+- smtp: Minor code tidy up
+
+ Minor tidy up of comments and layout prior to next part of imap work.
+
+- curl_imap.h: Tidy up of comments to be more readable
+
+- imap.c: Code tidy up renaming imapsendf() to imap_sendf()
+
+ Renamed imapsendf() to imap_sendf() to be more in keeping with the
+ other imap functions as well as Curl_pp_sendf() that it replaces.
+
+Yang Tse (28 Dec 2012)
+- build: rename 76 lib/*.h files
+
+ 76 private header files renamed to use our standard naming scheme.
+
+ This commit only does the file renaming.
+
+ ----------------------------------------
+
+ renamed: amigaos.h -> curl_amigaos.h
+ renamed: arpa_telnet.h -> curl_arpa_telnet.h
+ renamed: asyn.h -> curl_asyn.h
+ renamed: axtls.h -> curl_axtls.h
+ renamed: bundles.h -> curl_bundles.h
+ renamed: conncache.h -> curl_conncache.h
+ renamed: connect.h -> curl_connect.h
+ renamed: content_encoding.h -> curl_content_encoding.h
+ renamed: cookie.h -> curl_cookie.h
+ renamed: cyassl.h -> curl_cyassl.h
+ renamed: dict.h -> curl_dict.h
+ renamed: easyif.h -> curl_easyif.h
+ renamed: escape.h -> curl_escape.h
+ renamed: file.h -> curl_file.h
+ renamed: fileinfo.h -> curl_fileinfo.h
+ renamed: formdata.h -> curl_formdata.h
+ renamed: ftp.h -> curl_ftp.h
+ renamed: ftplistparser.h -> curl_ftplistparser.h
+ renamed: getinfo.h -> curl_getinfo.h
+ renamed: gopher.h -> curl_gopher.h
+ renamed: gtls.h -> curl_gtls.h
+ renamed: hash.h -> curl_hash.h
+ renamed: hostcheck.h -> curl_hostcheck.h
+ renamed: hostip.h -> curl_hostip.h
+ renamed: http.h -> curl_http.h
+ renamed: http_chunks.h -> curl_http_chunks.h
+ renamed: http_digest.h -> curl_http_digest.h
+ renamed: http_negotiate.h -> curl_http_negotiate.h
+ renamed: http_proxy.h -> curl_http_proxy.h
+ renamed: if2ip.h -> curl_if2ip.h
+ renamed: imap.h -> curl_imap.h
+ renamed: inet_ntop.h -> curl_inet_ntop.h
+ renamed: inet_pton.h -> curl_inet_pton.h
+ renamed: krb4.h -> curl_krb4.h
+ renamed: llist.h -> curl_llist.h
+ renamed: memdebug.h -> curl_memdebug.h
+ renamed: multiif.h -> curl_multiif.h
+ renamed: netrc.h -> curl_netrc.h
+ renamed: non-ascii.h -> curl_non-ascii.h
+ renamed: nonblock.h -> curl_nonblock.h
+ renamed: nssg.h -> curl_nssg.h
+ renamed: parsedate.h -> curl_parsedate.h
+ renamed: pingpong.h -> curl_pingpong.h
+ renamed: polarssl.h -> curl_polarssl.h
+ renamed: pop3.h -> curl_pop3.h
+ renamed: progress.h -> curl_progress.h
+ renamed: qssl.h -> curl_qssl.h
+ renamed: rawstr.h -> curl_rawstr.h
+ renamed: rtsp.h -> curl_rtsp.h
+ renamed: select.h -> curl_select.h
+ renamed: sendf.h -> curl_sendf.h
+ renamed: setup.h -> curl_setup.h
+ renamed: setup_once.h -> curl_setup_once.h
+ renamed: share.h -> curl_share.h
+ renamed: slist.h -> curl_slist.h
+ renamed: smtp.h -> curl_smtp.h
+ renamed: sockaddr.h -> curl_sockaddr.h
+ renamed: socks.h -> curl_socks.h
+ renamed: speedcheck.h -> curl_speedcheck.h
+ renamed: splay.h -> curl_splay.h
+ renamed: ssh.h -> curl_ssh.h
+ renamed: sslgen.h -> curl_sslgen.h
+ renamed: ssluse.h -> curl_ssluse.h
+ renamed: strdup.h -> curl_strdup.h
+ renamed: strequal.h -> curl_strequal.h
+ renamed: strerror.h -> curl_strerror.h
+ renamed: strtok.h -> curl_strtok.h
+ renamed: strtoofft.h -> curl_strtoofft.h
+ renamed: telnet.h -> curl_telnet.h
+ renamed: tftp.h -> curl_tftp.h
+ renamed: timeval.h -> curl_timeval.h
+ renamed: transfer.h -> curl_transfer.h
+ renamed: url.h -> curl_url.h
+ renamed: urldata.h -> curl_urldata.h
+ renamed: warnless.h -> curl_warnless.h
+ renamed: wildcard.h -> curl_wildcard.h
+
+ ----------------------------------------
+
+- build: make use of 76 lib/*.h renamed files
+
+ 76 private header files renamed to use our standard naming scheme.
+
+ This change affects 322 files in libcurl's source tree.
+
+- lib/*.h: use our standard naming scheme for header inclusion guards
+
+Steve Holme (28 Dec 2012)
+- imsp.c: Fixed usernames and passwords that contain escape characters
+
+ Fixed a problem with sending usernames and passwords that contain
+ backslash, quotation mark and space characters.
+
+Daniel Stenberg (27 Dec 2012)
+- curl.1: extend the -X, --request description
+
+- RELEASE-NOTES: synced with e3ed2b82e6
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: Fixed inability to disable peer verification
+
+ ... on Snow Leopard and Lion
+
+ Snow Leopard introduced the SSLSetSessionOption() function, but it
+ doesn't disable peer verification as expected on Snow Leopard or
+ Lion (it works as expected in Mountain Lion). So we now use sysctl()
+ to detect whether or not the user is using Snow Leopard or Lion,
+ and if that's the case, then we now use the deprecated
+ SSLSetEnableCertVerify() function instead to disable peer verification.
+
+Yang Tse (26 Dec 2012)
+- curl tool: rename hugehelp files to tool_hugehelp
+
+- curl tool: renaming hugehelp files to tool_hugehelp
+
+- sockfilt.c: commit b44da5a82a follow-up 2
+
+- sockfilt.c: commit b44da5a82a follow-up
+
+- sockfilt.c: fix some compiler warnings
+
+- curl_multi_remove_handle: commit 0aabfd9963 follow-up
+
+Daniel Stenberg (25 Dec 2012)
+- lib556: enable VERBOSE to ease debugging on failures
+
+Marc Hoersken (25 Dec 2012)
+- socklift.c: Quick fix to re-add missing code
+
+- socklift.c: Added select_ws function to support Windows
+
+ WinSock select() does not support standard file descriptors,
+ it can only check SOCKETs. The following function is an attempt
+ to create a select() function with support for other handles.
+
+Yang Tse (25 Dec 2012)
+- Enable tests 1503, 1504 and 1505
+
+- curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
+
+- Curl_hash_clean: OOM handling fix
+
+- test 1504 and 1505: same as 1502 but with different cleanup sequences
+
+Daniel Stenberg (24 Dec 2012)
+- Curl_conncache_foreach: allow callback to break loop
+
+ ... and have it take a proper 'struct connectdata *' as first argument
+
+- pop3_doing: don't call pop3_dophase_done() if already failed
+
+ ... it also clobbered the 'result' return value so that it wouldn't
+ return the error back to the parent function properly, which broke test
+ 809 when run with 'multi-always'.
+
+Yang Tse (23 Dec 2012)
+- test 1503: same as 1502 but with a different cleanup sequence
+
+- test 1502: OOM handling fixes
+
+- curl_multi_wait: OOM handling fix
+
+- [Daniel Stenberg brought this change]
+
+ curl_multi_wait: avoid an unnecessary memory allocation
+
+- runtests.pl: prepend $srcdir to HTTPTLS server config files path
+
+- multi.c: OOM handling fix
+
+- lib543.c: OOM handling fixes
+
+- configure: add internal sanity check (warn only) on vars for makefiles
+
+Daniel Stenberg (21 Dec 2012)
+- SCP: relative path didn't work
+
+ When prefixing a path with /~/ it is supposed to be used relative to the
+ user's home directory but it didn't work. Now we cut off the entire
+ three byte sequenct "/~/" which seems to be how OpenSSH does it.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=1173
+ Reported by: Balaji Parasuram
+
+Yang Tse (21 Dec 2012)
+- configure: LIBMETALINK_CFLAGS actually is LIBMETALINK_CPPFLAGS
+
+- configure: add minimal sanity check on user provided CFLAGS and CPPFLAGS
+
+- bundles connection caching: some out of memory handling fixes
+
+- libntlmconnect.c: fix compiler warnings and OOM handling
+
+- configure.ac: clear local test intended variables before use
+
+- VC6 IDE: link with advapi32.lib when using WIN32 crypto API (md5.c)
+
+- curl-functions.m4: improve gethostname arg 2 data type check
+
+- setup_once.h: HP-UX specific 'bool', 'false' and 'true' definitions.
+
+ Also reverts commit f254c59dc7
+
+- configure: check if compiler halts on function prototype mismatch
+
+- warnless.c: fix compiler warnings
+
+- curl-functions.m4: add gethostname arg 2 data type check and definition
+
+Daniel Stenberg (14 Dec 2012)
+- [Nick Zitzmann brought this change]
+
+ darwinssl: Fix implicit conversion compiler warnings
+
+ The Clang compiler found a few implicit conversion problems that have
+ now been fixed.
+
+Yang Tse (14 Dec 2012)
+- setup_once.h: HP-UX <sys/socket.h> issue workaround
+
+ Issue: When building a 32bit target with large file support HP-UX
+ <sys/socket.h> header file may simultaneously provide two different
+ sets of declarations for sendfile and sendpath functions, one with
+ static and another with external linkage. Given that we do not use
+ mentioned functions we really don't care which linkage is the
+ appropriate one, but on the other hand, the double declaration emmits
+ warnings when using the HP-UX compiler and errors when using modern
+ gcc versions resulting in fatal compilation errors.
+
+ Mentioned issue is now fixed as long as we don't use sendfile nor
+ sendpath functions.
+
+- setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>
+
+ Inclusion of top two most included header files now done in setup_once.h
+
+- setup_once.h: HP-UX specific TRUE and FALSE definitions
+
+ Some HP-UX system headers require TRUE defined to 1 and FALSE to 0.
+
+Daniel Stenberg (12 Dec 2012)
+- gopher: #include cleanup
+
+ Remove all system file includes from this file as they're not needed
+
+ Reported by: Dan Fandrich
+
+Yang Tse (11 Dec 2012)
+- examples/simplessl.c: fix compiler warning
+
+- examples/externalsocket.c: fix SunPro compilation issue
+
+- examples/simplessl.c: fix compiler warning
+
+- build: add bundles and conncache files to other build systems
+
+- conncache: fix enumerated type mixed with another type
+
+- examples/anyauthput.c: fix Tru64 compilation issue
+
+Daniel Stenberg (8 Dec 2012)
+- [Colin Watson brought this change]
+
+ configure: fix cross pkg-config detection
+
+ When cross-compiling, CURL_CHECK_PKGCONFIG was checking for the cross
+ pkg-config using ${host}-pkg-config.
+
+ The gold standard for doing this correctly is pkg-config's own macro,
+ PKG_PROG_PKG_CONFIG. However, on the assumption that you have a good
+ reason not to use that directly (reduced dependencies for maintainer
+ builds?), the behaviour of cURL's version should at least match.
+ PKG_PROG_PKG_CONFIG uses AC_PATH_TOOL, which ultimately ends up trying
+ ${host_alias}-pkg-config; this is not quite the same as what cURL does,
+ and may differ because ${host} has been run through config.sub. For
+ instance, when cross-building to the armhf architecture on Ubuntu,
+ ${host_alias} is arm-linux-gnueabihf while ${host} is
+ arm-unknown-linux-gnueabihf. This may also have been the cause of the
+ problem reported at http://curl.haxx.se/mail/lib-2012-04/0224.html.
+
+ AC_PATH_TOOL is significantly simpler than cURL's current code, and
+ dates back to well before the current minimum of Autoconf 2.57, so let's
+ use it instead.
+
+- [Linus Nielsen Feltzing brought this change]
+
+ Introducing a new persistent connection caching system using "bundles".
+
+ A bundle is a list of all persistent connections to the same host.
+ The connection cache consists of a hash of bundles, with the
+ hostname as the key.
+ The benefits may not be obvious, but they are two:
+
+ 1) Faster search for connections to reuse, since the hash
+ lookup only finds connections to the host in question.
+ 2) It lays out the groundworks for an upcoming patch,
+ which will introduce multiple HTTP pipelines.
+
+ This patch also removes the awkward list of "closure handles",
+ which were needed to send QUIT commands to the FTP server
+ when closing a connection.
+ Now we allocate a separate closure handle and use that
+ one to close all connections.
+
+ This has been tested in a live system for a few weeks, and of
+ course passes the test suite.
+
+- [Fabian Keil brought this change]
+
+ runtests and friends: Do not add undefined values to @INC
+
+ On FreeBSD this fixes the warning:
+ Use of uninitialized value $p in string eq at /usr/local/lib/perl5/5.14.2/BSDPAN/BSDPAN.pm line 36.
+
+Steve Holme (5 Dec 2012)
+- Merge pull request #52 from isn-/master
+
+ small compilation fix
+
+Stanislav Ivochkin (5 Dec 2012)
+- build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
+
+Yang Tse (5 Dec 2012)
+- libtest: fix some compiler warnings
+
+- examples: fix compilation issues - commit 7332a7cafb follow-up
+
+- examples: fix compilation issues - commit 23f8dca6fb follow-up
+
+- examples: fix compilation issues
+
+- build: explain current role of LIBS in our Makefile.am files
+
+ BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
+ LIBS variable used in generated makefile at makefile processing
+ time. Doing this functionally prevents LIBS from being used for
+ all link targets in given makefile.
+
+Daniel Stenberg (4 Dec 2012)
+- multi: fix re-sending request on early connection close
+
+ This handling already works with the easy-interface code. When a request
+ is sent on a re-used connection that gets closed by the server at the
+ same time as the request is sent, the situation may occur so that we can
+ send the request and we discover the broken connection as a RECV_ERROR
+ in the PERFORM state and then the request needs to be retried on a fresh
+ connection. Test 64 broke with 'multi-always-internally'.
+
+Yang Tse (4 Dec 2012)
+- configure: add minimal sanity check on user provided LIBS and LDFLAGS
+
+- build: prevent global LIBS from influencing src and lib build targets
+
+ Currently, LIBS is already used through other macros.
+
+Kamil Dudka (3 Dec 2012)
+- nss: prevent NSS from crashing on client auth hook failure
+
+ Although it is not explicitly stated in the documentation, NSS uses
+ *pRetCert and *pRetKey even if the client authentication hook returns
+ a failure. Namely, if we destroy *pRetCert without clearing *pRetCert
+ afterwards, NSS destroys the certificate once again, which causes a
+ double free.
+
+ Reported by: Bob Relyea
+
+Yang Tse (30 Nov 2012)
+- testcurl.pl: build example programs for several autobuilds
+
+ Affected autobuilds: IRIX, AIX, Tru64 and AIX.
+
+- build: prevent global LIBS from influencing examples build targets
+
+- build: prevent global LIBS from influencing libtest build targets
+
+- build: prevent global LIBS from influencing test server build targets
+
+- build: fix Windows build targets damaged since commit 550e403f00
+
+- build: avoid linkage of directly unused libraries
+
+- dd missing NTLM feature for tests 2025, and 2028 to 2032
+
+- avoid mixing of enumerated type with another type
+
+- multi.c: disambiguate precedence of bitwise and relational operation
+
+Daniel Stenberg (26 Nov 2012)
+- [Fabian Keil brought this change]
+
+ Remove stray CRLF in chunk-encoded content-free request bodies
+
+ .. that are sent when auth-negotiating before a chunked
+ upload or when setting the 'Transfer-Encoding: chunked'
+ header and intentionally sending no content.
+
+ Adjust test565 and test1333 accordingly.
+
+- FAQ: clarify the 3.4 section
+
+ You can do custom commands to FTP without sending anything by using the
+ CURLOPT_NOBODY, which -I sets.
+
+- [Lijo Antony brought this change]
+
+ examples: Updated asiohiper.cpp to remove connect from opensocket
+
+ Blocking connect on the socket has been removed from opensocket
+ callback. opensocket just opens a new socket and gives it back to
+ libcurl and libcurl will take care of the connect. sockopt_callback has
+ also been removed, as it is no longer required.
+
+Yang Tse (23 Nov 2012)
+- build: fix AIX compilation and usage
+
+ AIX sys/poll.h header file defines 'events' and 'revents' as C
+ preprocessor macros. Usage of these literals in libcurl's external
+ API was introduced in commit de24d7bd4c causing AIX build failures.
+ Appropriate inclusion of sys/poll.h by libcurl's external interface
+ fixes AIX build and usage issues while avoiding a SONAME bump.
+
+Steve Holme (23 Nov 2012)
+- DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols
+
+Daniel Stenberg (23 Nov 2012)
+- test: offer "automake" output and check for perl better
+
+ runtests.pl -am now uses the "PASS/FAIL: [desc]" output for each
+ executed test. You can run 'make test-am' in the root build directory to
+ invoke that. The reason for this output style is to better allow generic
+ test suite parsers to also grok our test output.
+
+ The test Makefile now also tests that perl was indeed found and that the
+ PERL variable points to an executable before it tries to run the main
+ test perl script runtests.pl,
+
+- [Fabian Keil brought this change]
+
+ Test 206: Use a Content-Length header for the 407 response
+
+ Otherwise curl would have to guess where the body ends.
+
+- [Fabian Keil brought this change]
+
+ Test 206: Don't respond to a succesful CONNECT request with a body
+
+ It's against the spec and caused test failures when header
+ and response were read from the network separately in which
+ case bug #39 wasn't triggered.
+
+- htmltitle: use .cpp extension for C++ examples
+
+- [Lijo Antony brought this change]
+
+ examples: Added a c++ example of using multi with boost::asio
+
+ Added an example for demonstrating the usage of curl multi interface
+ with boost::asio in c++
+
+- VC Makefiles: add missing hostcheck
+
+ the newly introduced hostcheck.h/c is missing in the Visual Studio
+ Makefiles as obj file.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html
+
+- compiler warning fixes
+
+ The conversions from ssize_t to int need to be typecasted.
+
+- bump: start working on 7.28.2
+
+- THANKS: added 14 contributors from the 7.28.1 release
+
+Version 7.28.1 (20 Nov 2012)
+
+Daniel Stenberg (20 Nov 2012)
+- RELEASE-NOTES: synced with 52af6e69f079 / 7.28.1
+
+Kamil Dudka (20 Nov 2012)
+- [Anthony Bryan brought this change]
+
+ RELEASE-NOTES: NSS can be used for metalink hashing
+
+- [Fabian Keil brought this change]
+
+ Get test 2032 working when using valgrind
+
+ If curl_multi_fdset() sets maxfd to -1, the socket detection
+ loop is skipped and thus !found_new_socket is no cause for alarm.
+
+- test2032: spurious failure caused by premature termination
+
+ Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
+
+Daniel Stenberg (19 Nov 2012)
+- [Fabian Keil brought this change]
+
+ Fix comment typos in test 517
+
+- [Fabian Keil brought this change]
+
+ Test 92 and 194: normalize spaces in the Server headers
+
+ It makes no difference from curl's point of view but
+ makes it more convenient to use the tests with a
+ lws-normalizing proxy between curl and the test server.
+
+- [Fabian Keil brought this change]
+
+ Add a HOSTIP precheck for tests 31 and 1105
+
+ They currently only work for 127.0.0.1 which
+ is hardcoded and can't be easily changed.
+
+- [Fabian Keil brought this change]
+
+ Let test 8 work as long as %HOSTIP ends with ".0.0.1"
+
+ .. and add a precheck to skip the test otherwise.
+
+- [Fabian Keil brought this change]
+
+ Add --resolve to the keywords and name of test 1318
+
+ This makes it easier to skip it automatically when
+ the test suite is used with external proxies.
+
+- [Fabian Keil brought this change]
+
+ Add FTP keywords for a couple of currently keyword-less FTP tests
+
+- [Fabian Keil brought this change]
+
+ Add keywords for a couple of currently keyword-less HTTP tests
+
+- [Fabian Keil brought this change]
+
+ Use carriage returns in all headers in test 31
+
+ Trailing spaces were left unmodifed, assuming they were intentional.
+
+- [Fabian Keil brought this change]
+
+ Do not mix CRLF and LF header endings in a couple of HTTP tests
+
+ Consistently use CRLF instead. The mixed endings weren't
+ documented so I assume they were unintentional.
+
+ This change doesn't matter for curl itself but makes using
+ the tests with a proxy between curl and the test server
+ more convenient.
+
+ Tests that consistently use no carriage returns were
+ left unmodified as one can easily work around this.
+
+- fixed memory leak: CURLOPT_RESOLVE with multi interface
+
+ DNS cache entries populated with CURLOPT_RESOLVE were not properly freed
+ again when done using the multi interface.
+
+ Test case 1502 added to verify.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3575448
+ Reported by: Alex Gruz
+
+- RELEASE-NOTES: synced with ee588fe08807778
+
+ 4 more bug fixes and 4 more contributors
+
+- mem-include-scan: verify memory #includes
+
+ If we use memory functions (malloc, free, strdup etc) in C sources in
+ libcurl and we fail to include curl_memory.h or memdebug.h we either
+ fail to properly support user-provided memory callbacks or the memory
+ leak system of the test suite fails.
+
+ After Ajit's report of a failure in the first category in http_proxy.c,
+ I spotted a few in the second category as well. These problems are now
+ tested for by test 1132 which runs a perl program that scans for and
+ attempts to check that we use the correct include files if a memory
+ related function is used in the source code.
+
+ Reported by: Ajit Dhumale
+ Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
+
+- tftp_rx: code style cleanup
+
+ Fixed checksrc warnings
+
+- [Fabian Keil brought this change]
+
+ Fix the libauthretry changes from 7c0cbcf2f61
+
+ They broke the NTLM tests from 2023 to 2031.
+
+- [Christian Vogt brought this change]
+
+ tftp_rx: handle resends
+
+ Re-send ACK for block X in case we receive block X data again while
+ waiting for block X+1.
+
+ Based on an earlier patch by Marcin Adamski.
+
+- autoconf: don't force-disable compiler debug option
+
+ When nothing is told to configure, we should not enforce switching off
+ debug options with -g0 (or similar). We instead don't use -g at all in
+ that situaion and therefore allow the user's CFLAGS settings possibly
+ dictate what to do.
+
+- [Mark Snelling brought this change]
+
+ winbuild: Fix PDB file output
+
+ And fix some newlines to be proper CRLF
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3586741
+
+- RELEASE-NOTES: synced with fa1ae0abcde
+
+- [Cristian Rodríguez brought this change]
+
+ OpenSSL: Disable SSL/TLS compression
+
+ It either causes increased memory usage or exposes users
+ to the "CRIME attack" (CVE-2012-4929)
+
+- [Sebastian Rasmussen brought this change]
+
+ FILE: Make upload-writes unbuffered by not using FILE streams
+
+Kamil Dudka (13 Nov 2012)
+- tool_metalink: fix error detection of hash alg initialization
+
+ The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly
+ without any wrappers and they return 1 for success, 0 otherwise. Hence,
+ we have to use the same approach in all the wrapper functions that are
+ used for the other crypto libraries.
+
+ This commit fixes a regression introduced in commit dca8ae5f.
+
+Daniel Stenberg (13 Nov 2012)
+- RELEASE-NOTES: synced with 7c0cbcf2f617b
+
+- [Sergei Nikulov brought this change]
+
+ fixed Visual Studio 2010 compilation
+
+- [Anton Malov brought this change]
+
+ ftp: EPSV-disable fix over SOCKS
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3586338
+
+Patrick Monnerat (12 Nov 2012)
+- Merge branch 'master' of github.com:bagder/curl
+
+- OS400: upgrade wrappers for the 7.28.1 release.
+
+Daniel Stenberg (12 Nov 2012)
+- runtests: limit execessive logging/output
+
+- [Gabriel Sjoberg brought this change]
+
+ Digst: Add microseconds into nounce calculation
+
+ When using only 1 second precision, curl doesn't create new cnonce
+ values quickly enough for all uses.
+
+ For example, issuing the following command multiple times to a recent
+ Tomcat causes authentication failures:
+
+ curl --digest -utest:test http://tomcat.test.com:8080/manager/list
+
+ This is because curl uses the same cnonce for several seconds, but
+ doesn't increment the nonce counter.  Tomcat correctly interprets
+ this as a replay attack and rejects the request.
+
+ When microsecond-precision is available, this commit causes curl to
+ change cnonce values much more frequently.
+
+ With microsecond resolution, increasing the nounce length used in the
+ headers to 32 was made to further reduce the risk of duplication.
+
+- SCP/SFTP: improve error code used for send failures
+
+ Instead of relying on the generic CURLE error for SCP or SFTP send
+ failures, try passing back a more suitable error if possible.
+
+- Curl_write: remove unneeded typecast
+
+Kamil Dudka (9 Nov 2012)
+- tool_metalink: allow to use hash algorithms provided by NSS
+
+ Fixes bug #3578163:
+ http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
+
+- tool_metalink: allow to handle failure of hash alg initialization
+
+- tool_metalink: introduce metalink_cleanup() in the internal API
+
+ ... to release resources allocated at global scope
+
+Daniel Stenberg (8 Nov 2012)
+- hostcheck: only build for the actual users
+
+ and make local function static
+
+- [Oscar Koeroo brought this change]
+
+ SSL: Several SSL-backend related fixes
+
+ axTLS:
+
+ This will make the axTLS backend perform the RFC2818 checks, honoring
+ the VERIFYHOST setting similar to the OpenSSL backend.
+
+ Generic for OpenSSL and axTLS:
+
+ Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
+ files to make them genericly available for both the OpenSSL, axTLS and
+ other SSL backends. They are now in the new lib/hostcheck.c file.
+
+ CyaSSL:
+
+ CyaSSL now also has the RFC2818 checks enabled by default. There is a
+ limitation that the verifyhost can not be enabled exclusively on the
+ Subject CN field comparison. This SSL backend will thus behave like the
+ NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
+ setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
+ too.
+
+ Schannel:
+
+ Updated the schannel information messages: Split the IP address usage
+ message from the verifyhost setting and changed the message about
+ disabling SNI (Server Name Indication, used in HTTP virtual hosting)
+ into a message stating that the Subject Alternative Names checks are
+ being disabled when verifyhost is set to 0 or 1. As a side effect of
+ switching off the RFC2818 related servername checks with
+ SCH_CRED_NO_SERVERNAME_CHECK
+ (http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
+ is being disabled. This effect is not documented in MSDN, but Wireshark
+ output clearly shows the effect (details on the libcurl maillist).
+
+ PolarSSL:
+
+ Fix the prototype change in PolarSSL of ssl_set_session() and the move
+ of the peer_cert from the ssl_context to the ssl_session. Found this
+ change in the PolarSSL SVN between r1316 and r1317 where the
+ POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
+ PolarSSL version 1.1.4 the check is to discriminate between lower then
+ PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
+ trunk jumped from version 1.1.1 to 1.2.0.
+
+ Generic:
+
+ All the SSL backends are fixed and checked to work with the
+ ssl.verifyhost as a boolean, which is an internal API change.
+
+- libcurl: VERSIONINFO update
+
+ Since we added the curl_multi_wait function, the VERSIONINFO needed
+ updating.
+
+ Reported by: Patrick Monnerat
+
+Guenter Knauf (8 Nov 2012)
+- Added .def file to output.
+
+ Requested by Johnny Luong on the libcurl list.
+
+- Added deps for static metalink-aware MinGW builds.
+
+Daniel Stenberg (8 Nov 2012)
+- [Fabian Keil brought this change]
+
+ Fix compilation of lib1501
+
+- Curl_readwrite: remove debug output
+
+ The text "additional stuff not fine" text was added for debug purposes a
+ while ago, but it isn't really helping anyone and for some reason some
+ Linux distributions provide their libcurls built with debug info still
+ present and thus (far too many) users get to read this info.
+
+- RELEASE-NOTES: synced with 487538e87a3d5e
+
+ 6 new bugfixes and 3 more contributors...
+
+- http_perhapsrewind: consider NTLM over proxy too
+
+ The logic previously checked for a started NTLM negotiation only for
+ host and not also with proxy, leading to problems doing POSTs over a
+ proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the
+ check.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3582321
+ Reported by: John Suprock
+
+- [Lars Buitinck brought this change]
+
+ Curl_connecthost: friendlier "couldn't connect" message
+
+- test1413: verify redirects to URLs with fragments
+
+ The bug report claimed it didn't work. This problem was probably fixed
+ in 473003fbdf.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3581898
+
+- URL parser: cut off '#' fragments from URLs (better)
+
+ The existing logic only cut off the fragment from the separate 'path'
+ buffer which is used when sending HTTP to hosts. The buffer that held
+ the full URL used for proxies were not dealt with. It is now.
+
+ Test case 5 was updated to use a fragment on a URL over a proxy.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3579813
+
+- OpenSSL/servercert: use correct buffer size, not size of pointer
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3579286
+
+- curl: set CURLOPT_SSL_VERIFYHOST to 0 to disable
+
+- test 2027/2030: take duplicate Digest requests into account
+
+ With the reversion of ce8311c7e49eca and the new clear logic, this flaw
+ is present and we allow it.
+
+- Curl_pretransfer: clear out unwanted auth methods
+
+ As a handle can be re-used after having done HTTP auth in a previous
+ request, it must make sure to clear out the HTTP types that aren't
+ wanted in this new request.
+
+- test1412: verify Digest with repeated URLs
+
+ This test case verifies that bug 3582718 is fixed.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3582718
+ Reported by: Nick Zitzmann (originally)
+
+- Revert "Zero out auth structs before transfer"
+
+ This reverts commit ce8311c7e49eca93c136b58efa6763853541ec97.
+
+ The commit made test 2024 work but caused a regression with repeated
+ Digest authentication. We need to fix this differently.
+
+- CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
+
+ After a research team wrote a document[1] that found several live source
+ codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
+ option thinking it was a boolean, this change now bans 1 as a value and
+ will make libcurl return error for it.
+
+ 1 was never a sensible value to use in production but was introduced
+ back in the days to help debugging. It was always documented clearly
+ this way.
+
+ 1 was never supported by all SSL backends in libcurl, so this cleanup
+ makes the treatment of it unified.
+
+ The report's list of mistakes for this option were all PHP code and
+ while there's a binding layer between libcurl and PHP, the PHP team has
+ decided that they have an as thin layer as possible on top of libcurl so
+ they will not alter or specifically filter a 'TRUE' value for this
+ particular option. I sympathize with that position.
+
+ [1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
+
+- gnutls: fix compiler warnings
+
+- [Alessandro Ghedini brought this change]
+
+ gnutls: print alerts during handshake
+
+- [Alessandro Ghedini brought this change]
+
+ gnutls: fix the error_is_fatal logic
+
+- RELEASE-NOTES: synced with fa6d78829fd30ad
+
+- httpcustomheader.c: free the headers after use
+
+- [Dave Reisner brought this change]
+
+ uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
+
+ Since automake 1.12.4, the warnings are issued on running automake:
+
+ warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
+
+ Avoid INCLUDES and roll these flags into AM_CPPFLAGS.
+
+ Compile tested on:
+ Ubuntu 10.04 (automake 1:1.11.1-1)
+ Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2)
+ Arch Linux (automake 1.12.4)
+
+- libauthretry.c: shorten lines to fit within 80 cols
+
+- ftp_readresp: fix build without krb4 support
+
+ Oops, my previous commit broke builds with krb support.
+
+- test/README: mention the 1500 test number range
+
+- FTP: prevent the multi interface from blocking
+
+ As pointed out in Bug report #3579064, curl_multi_perform() would
+ wrongly use a blocking mechanism internally for some commands which
+ could lead to for example a very long block if the LIST response never
+ showed.
+
+ The solution was to make sure to properly continue to use the multi
+ interface non-blocking state machine.
+
+ The new test 1501 verifies the fix.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3579064
+ Reported by: Guido Berhoerster
+
+Marc Hoersken (1 Nov 2012)
+- winbuild: Use machine type of development environment
+
+ This patch restores the original behavior instead of always
+ falling back to x86 if no MACHINE-type was specified.
+
+- winbuild: Additional clean up
+
+- [Sapien2 brought this change]
+
+ Even more winbuild refactoring
+
+- [Sapien2 brought this change]
+
+ Minor winbuild refactoring
+
+- [Sapien2 brought this change]
+
+ Architecture selection for winbuild and minor makefiles refactoring
+
+Daniel Stenberg (1 Nov 2012)
+- BUGS: fix the bug tracker URL
+
+ The URL we used before is the one that goes directly to 'add' a bug
+ report, but since you can only do that after first having logged in to
+ sourceforge, the link often doesn't work for visitors.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3582408
+ Reported by: Oscar Norlander
+
+- evhiperfifo: fix the pointer passed to WRITEDATA
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3582407
+ Reported by: Oscar Norlander
+
+Guenter Knauf (1 Nov 2012)
+- Fixed MSVC libssh2 static build.
+
+ Since libssh2 supports now agent stuff it also depends on user32.lib.
+ Posted to the list by Jan Ehrhardt.
+
+Daniel Stenberg (23 Oct 2012)
+- tlsauthtype: deal with the string case insensitively
+
+ When given a string as 'srp' it didn't work, but required 'SRP'.
+ Starting now, the check disregards casing.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3578418
+ Reported by: Jeff Connelly
+
+- asyn-ares: restore working with c-ares < 1.6.1
+
+ Back in those days the public ares.h header didn't include the
+ ares_version.h header so it needs to be included here.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3577710
+
+- [Nick Zitzmann brought this change]
+
+ metalink/md5: Use CommonCrypto on Apple operating systems
+
+ Previously the Metalink code used Apple's CommonCrypto library only if
+ curl was built using the --with-darwinssl option. Now we use CommonCrypto
+ on all Apple operating systems including Tiger or later, or iOS 5 or
+ later, so you don't need to build --with-darwinssl anymore. Also rolled
+ out this change to libcurl's md5 code.
+
+- href_extractor.c: fix the URL
+
+- [Michał Kowalczyk brought this change]
+
+ href_extractor: example code extracting href elements
+
+ It does so in a streaming manner using the "Streaming HTML parser".
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: un-broke iOS build, fix error on server disconnect
+
+ The iOS build was broken by a reference to a function that only existed
+ under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
+ server disconnected before libcurl got the chance to hang up first and
+ SecureTransport was in use, then we'd raise an error instead of failing
+ gracefully.
+
+- [Alessandro Ghedini brought this change]
+
+ gnutls: put reset code into else block
+
+ Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551
+
+Guenter Knauf (13 Oct 2012)
+- Fix now broken libmetalink-aware OpenSSL build.
+
+- Revert c44e674; add OpenSSL includes/defines.
+
+ The makefile is designed to build against a libmetalink devel package;
+ therefore is does not matter what will change inside libmetalink.
+ Add OpenSSL includes and defines for libmetalink-aware OpenSSL builds.
+
+Daniel Stenberg (10 Oct 2012)
+- version-bump: towards 7.28.1!
+
+- THANKS: 14 new contributors from 7.28.0
+
+Version 7.28.0 (10 Oct 2012)
+
+Daniel Stenberg (10 Oct 2012)
+- RELEASE-NOTES: synced with 8373ca3641
+
+ One bug, one contributor. Getting ready for release.
+
+- curl_multi_wait: no wait if no descriptors to wait for
+
+ This is a minor change in behavior after having been pointed out by Mark
+ Tully and discussed on the list. Initially this case would internally
+ call poll() with no sockets and a timeout which would equal a sleep for
+ that specified time.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
+ Reported by: Mark Tully
+
+- TODO-RELEASE: cleanup for 7.28.0
+
+ one issue is now KNOWN_BUG #79
+
+ the other we just skip since nobody is working on it or is planning to
+ start working on it anytime soon
+
+- curl_multi_wait.3: style formatting mistake
+
+Marc Hoersken (8 Oct 2012)
+- ssluse.c: md5.h is required for Curl_ossl_md5sum
+
+Daniel Stenberg (8 Oct 2012)
+- curl_multi_wait.3: fix the name of the man page
+
+- curl_multi_wait.3: renamed the last argument variable for clarity
+
+Marc Hoersken (6 Oct 2012)
+- curl_schannel.c: Fixed caching more data than required
+
+ Do not fill the decrypted data buffer with more data unless
+ required in order to return the requested amount of data.
+
+- curl_schannel: Removed buffer limit and optimized buffer strategy
+
+ Since there are servers that seem to return very big encrypted
+ data packages, we need to be able to handle those without having
+ an internal size limit. To avoid the buffer growing to fast to
+ early the initial size was decreased and the minimum free space
+ in the buffer was decreased as well.
+
+- lib/socks.c: Merged two size variables into one
+
+- lib/socks.c: Avoid type conversions where possible
+
+ Streamlined variable names and types to avoid type conversions that
+ may result in data being lost on non 32-bit systems.
+
+- lib/curl_schannel.c: Hide size_t conversion warning
+
+- krb5/curl_rtmp.c: Hide size_t to int type conversion warning
+
+- security.c: Aligned internal type to return type
+
+ Use ssize_t instead of int to avoid conversion problems on 64-bit
+ systems. Also added curlx_sztosi where necessary.
+
+- lib/curl_schannel: Increased maximum buffer size to factor 128
+
+- winbuild/MakefileBuild.vc: Follow up on 0c8ccf7
+
+Daniel Stenberg (2 Oct 2012)
+- RELEASE-NOTES: synced with 971f5bcedd418
+
+ 9 new bug fixes, 5 changes, 6 more contributors
+
+- multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation
+
+ During the periods of rate limitation, the speedcheck function wasn't
+ called and thus the values weren't updated accordingly and it would then
+ easily trigger wrongly once data got transferred again.
+
+ Also, the progress callback's return code was not acknowledged in this
+ state so it could make an "abort" return code to get ignored and not
+ have the documented effect of aborting an ongoing transfer.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
+ Reported by: Jie He
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ tool_metalink.c: Filtered resource URLs by type
+
+ In Metalink v3, the type attribute of url element indicates the
+ type of the resource the URL points to. It can include URL to the
+ meta data, such as BitTorrent metainfo file. In Curl, we are not
+ interested in these meta data URLs. Instead, we are only
+ interested in the HTTP and FTP URLs. This change filters out
+ non-HTTP and FTP URLs. If we don't filter out them, it will be
+ downloaded by curl and hash check will fail if hash is provided
+ and next URL will be tried. This change will cut this useless
+ network transfer.
+
+Kamil Dudka (1 Oct 2012)
+- https.c example: remember to call curl_global_init()
+
+ ... in order not to leak memory on initializing an SSL library.
+
+ Reported by: Tomas Mlcoch
+
+Daniel Stenberg (28 Sep 2012)
+- FAQ: remove the date from the topmost line
+
+- FAQ: 5.16 I want a different time-out!
+
+- Curl_reconnect_request: clear pointer on failure
+
+ The Curl_reconnect_request() function could end up returning a pointer
+ to a free()d struct when Curl_done() failed inside. Clearing the pointer
+ unconditionally after Curl_done() avoids this risk.
+
+ Reported by: Ho-chi Chen
+ Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html
+
+- CURLOPT_CONNECTTIMEOUT: works without signals or posix too!
+
+Marc Hoersken (24 Sep 2012)
+- Makefile.vc6: Follow up on 0c8ccf7
+
+- Makefile.vc6: Added missing default library advapi32.lib
+
+Daniel Stenberg (19 Sep 2012)
+- HTTP_ONLY: disable more protocols
+
+- test2006: Updated expected output to include hash name
+
+ Output changed in commit a34197ef77cb
+
+- [Sergei Nikulov brought this change]
+
+ cmake: use standard findxxx modules for cmake v2.8+
+
+- [Sergei Nikulov brought this change]
+
+ setup.h: fixed for MS VC10 build
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3568327
+
+- TODO-RELEASE: push new features to 7.29
+
+ Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
+ working on them I have little hope...
+
+Marc Hoersken (17 Sep 2012)
+- metalink tests: Updated expected output to include hash name
+
+Daniel Stenberg (16 Sep 2012)
+- [Sara Golemon brought this change]
+
+ curl_multi_wait: Add parameter to return number of active sockets
+
+ Minor change to recently introduced function. BC breaking, but since
+ curl_multi_wait() doesn't exist in any releases that should be fine.
+
+Marc Hoersken (14 Sep 2012)
+- socks.c: Fixed warning: conversion to 'int' from 'long unsigned int'
+
+- http_negotiate.c: Fxied warning: unused variable 'rc'
+
+- ssh.c: Fixed warning: implicit conversion from enumeration type
+
+- socks.c: Check that IPv6 is enabled before using it's features
+
+- checksrc: Fixed line length and comment indentation
+
+- socks.c: Updated error messages to handle hostname and IPv6
+
+- socks.c: Added support for IPv6 connections through SOCKSv5 proxy
+
+Daniel Stenberg (13 Sep 2012)
+- parse_proxy: treat "socks://x" as a socks4 proxy
+
+ Selected socks proxy in Google's Chrome browser. Resulting in the
+ following environment variables:
+
+ NO_PROXY=localhost,127.0.0.0/8
+ ALL_PROXY=socks://localhost:1080/
+ all_proxy=socks://localhost:1080/
+ no_proxy=localhost,127.0.0.0/8
+
+ ... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
+ proxy.
+
+ Reported by: Scott Bailey
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3566860
+
+Kamil Dudka (12 Sep 2012)
+- ssh: do not crash if MD5 fingerprint is not provided by libssh2
+
+ The MD5 fingerprint cannot be computed when running in FIPS mode.
+
+- ssh: move the fingerprint checking code to a separate fnc
+
+Marc Hoersken (12 Sep 2012)
+- tool_metalink.c: Added name of validation hash to messages
+
+ This makes it easier to debug broken hashes or hash functions.
+
+- wincrypt: Fixed cross-compilation issues caused by include name
+
+ For some reason WinCrypt.h is named wincrypt.h under MinGW.
+
+- md5.c: Added support for Microsoft Windows CryptoAPI
+
+- Makefile.m32: Updated to build against libmetalink 0.1.2
+
+ The include and library path were moved within libmetalink, this
+ patch adjusts the defaults provided within the curl MinGW makefile.
+
+- tool_metalink.c: Added support for Microsoft Windows CryptoAPI
+
+ Since Metalink support requires a crypto library for hash functions
+ and Windows comes with the builtin CryptoAPI, this patch adds that
+ API as a fallback to the supported crypto libraries.
+ It is automatically used on Windows if no other library is provided.
+
+- libntlmconnect.c: Fixed typo and conversion
+
+- libntlmconnect.c: Fixed warning: curl_easy_getinfo expects long pointer
+
+ Fixed tests/libtest/libntlmconnect.c:52: warning: call to
+ '_curl_easy_getinfo_err_long' declared with attribute warning:
+ curl_easy_getinfo expects a pointer to long for this info
+
+- sws.c: Fixed warning: 'err' may be used uninitialized in this function
+
+- libntlmconnect.c: Fixed warning: comparison of signed/unsigned integer
+
+ Windows does not use -1 to represent invalid sockets and the
+ SOCKET type is unsigned.
+
+- nss.c: Fixed warning: 'err' may be used uninitialized in this function
+
+- tool_metalink.c: Fixed error: 'O_BINARY' undeclared
+
+ Check for O_BINARY which is not available on every system.
+
+- tool_metalink.c: Fixed validation of binary files containing EOF
+
+ Since Windows/MinGW threat 0x1A as the EOF character, reading binary
+ files which contain that byte does not work using text mode.
+ The read function will only read until the first 0x1A byte. This
+ means that the hash is not computed from the whole file and the
+ final validation check using hash comparision fails.
+
+- winbuild: Added support for building with SPNEGO enabled
+
+ Since Simple and Protected GSSAPI Negotiation Mechanism
+ is already implemented in curl and supported by the MinGW
+ builds, this change adds build support to winbuild makefiles.
+
+- winbuild: Adjusted order of options to generated config name
+
+ Cleaned up order of handled build options by ordering them
+ nearly alphabetically by using the order of the generated
+ config name. Preparation for future/more build options.
+
+Daniel Stenberg (9 Sep 2012)
+- [Anthony Bryan brought this change]
+
+ MANUAL: clarified user+password in HTTP URLs
+
+- RELEASE-NOTES: synced with 6c6f1f64c2
+
+ 6 bug fixes to mention, 5 contributors
+
+- TODO-RELEASE: CURLSSH_AUTH_AGENT and curl_multi_wait() are done
+
+ -321 - CURLSSH_AUTH_AGENT patch by Armel Asselin
+
+ -324 - curl_multi_select() vs curl_multi_fdvec() etc
+
+Marc Hoersken (9 Sep 2012)
+- curl_schannel.c: Reference count the credential/session handle
+
+ Reference counting the credential handle should avoid that such a
+ handle is freed while it is still required for connection shutdown
+
+Daniel Stenberg (8 Sep 2012)
+- [Nick Zitzmann brought this change]
+
+ darwinssl: fixed for older Mac OS X versions
+
+ SSL didn't work on older cats if built on a newer cat with weak-linking
+ turned on to support the older cat
+
+- [David Blaikie brought this change]
+
+ tool_easysrc.c: Test pointers against NULL
+
+ While validating a new Clang diagnostic (-Wnon-literal-null-conversion -
+ yes, the name isn't quite correct in this case, but it suffices) I found
+ a few violations of it in Curl.
+
+- SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3561305
+
+ Patch by: Marcel Raad
+
+- mk-ca-bundle: detect start of trust section better
+
+ Each certificate section of the input certdata.txt file has a trust
+ section following it with details.
+
+ This script failed to detect the start of the trust for at least one
+ cert[*], which made the script continue pass that section into the next
+ one where it found an 'untrusted' marker and as a result that certficate
+ was not included in the output.
+
+ [*] = "Hellenic Academic and Research Institutions RootCA 2011"
+
+ Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html
+
+- [Alessandro Ghedini brought this change]
+
+ gnutls: do not fail on non-fatal handshake errors
+
+ Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
+
+- FILEFORMAT: the FTP commands work for more protocols
+
+- test1411: verify SMTP without SIZE support
+
+- [František Kučera brought this change]
+
+ SMTP: only send SIZE if supported
+
+ SMTP client will send SIZE parameter in MAIL FROM command only if server
+ supports it. Without this patch server might say "504 Command parameter
+ not implemented" and reject the message.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3564114
+
+- ftpserver: respond with a 250 to SMTP EHLO
+
+ ... and specify that SIZE is supported. 250 is the "correct" response
+ code according to RFC 2821
+
+- RELEASE-NOTES: synced with abb0da919300e
+
+Dan Fandrich (3 Sep 2012)
+- Updated Symbian build files
+
+ This is untested, but at least Symbian still has a chance of
+ still working now.
+
+- Updated build docs w.r.t. Android and binary sizes
+
+Daniel Stenberg (1 Sep 2012)
+- symbols-in-versions: new CURL_WAIT_* symbols
+
+- [Sara Golemon brought this change]
+
+ Unit test for curl_multi_wait()
+
+- [Sara Golemon brought this change]
+
+ Manpage for curl_multi_wait().
+
+- [Sara Golemon brought this change]
+
+ multi: add curl_multi_wait()
+
+ /*
+ * Name: curl_multi_wait()
+ *
+ * Desc: Poll on all fds within a CURLM set as well as any
+ * additional fds passed to the function.
+ *
+ * Returns: CURLMcode type, general multi error code.
+ */
+ CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
+ struct curl_waitfd extra_fds[],
+ unsigned int extra_nfds,
+ int timeout_ms);
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: Bugfix for previous commit for older cats
+
+ I accidentally broke functionality for versions of OS X prior to Mountain
+ Lion in the previous commit. This commit fixes the problems.
+
+- [Joe Mason brought this change]
+
+ Use MAX_EASY_HANDLES instead of hardcoding the number of handles twice
+
+- test2032: bail out after last transfer
+
+ The test would hang and get aborted with a "ABORTING TEST, since it
+ seems that it would have run forever." until I prevented that from
+ happening.
+
+ I also fixed the data file which got broken CRLF line endings when I
+ sucked down the path from Joe's repo == my fault.
+
+ Removed #37 from KNOWN_BUGS as this fix and test case verifies exactly
+ this.
+
+- [Joe Mason brought this change]
+
+ NTLM: re-use existing connection better
+
+ If we need an NTLM connection and one already exists, always choose that
+ one.
+
+- [Joe Mason brought this change]
+
+ NTLM: verify multiple connections work
+
+ Add test2032 to test that NTLM does not switch connections in the middle
+ of the handshake
+
+- curl.1: list the -w variables sorted alphabetically
+
+- libcurl-share.3: remove wrong info of what can be shared
+
+ "Currently you can only share DNS and/or COOKIE data" is incorrect since
+ also SSL sessions can be shared.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3562261
+ Reported by: Joe Mason
+
+- [Dave Reisner brought this change]
+
+ examples: use do/while loop for multi examples
+
+ It's conceivable that after the first time curl_multi_perform returns,
+ the outvalue still_running will be 0, but work will have been done. This
+ is shown by a workload of small, purely file:// based URLs. Ensure that
+ we always read pending messages off the multi handle by forcing the
+ while loop to run at least once.
+
+- curl.h: fix comment to refer to current names
+
+ CURLOPT_USE_SSL should be set to CURLUSESSL_* and nothing else in modern
+ libcurl versions.
+
+- ftpsget: simple example showing a FTPS fetch
+
+- sftpget: SFTP is not "SSH FTP"
+
+- [Armel Asselin brought this change]
+
+ sftpget: example showing a simple SFTP download
+
+ ... using SSH-agent
+
+- curl_multi_perform.3: extended/clarified
+
+- INSTALL.cmake: clarify some flaws/limits in the cmake build
+
+- https.c example: spell check used define
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3559845
+ Reported by: Olivier Berger
+
+- configure: update the copyright years for the output
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
+
+ In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
+ of SecureTransport functions, some of which we were using. We now check
+ to see if the replacement functions are present, and if so, we use them
+ instead. The old functions are still present for users of older
+ cats. Also fixed a build warning that started to appear under Mountain
+ Lion
+
+- curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION
+
+- [Gokhan Sengun brought this change]
+
+ ftp: active conn, place calling sockopt callback at the end of function
+
+ Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
+
+- [Gokhan Sengun brought this change]
+
+ ftp: active conn, allow application to set sockopt after accept() call
+
+ For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
+
+- configure: remove the --enable/disable-nonblocking options
+
+ Removing this option as it currently only functions to lure people into
+ wrongly using it and falsely believing that libcurl will work fine
+ without using nonblocking sockets internally - which leads to hard to
+ track or understand errors.
+
+- [Ant Bryan brought this change]
+
+ MANUAL review
+
+- curl.1: shorten lines, avoid referring to libcurl instead of curl
+
+- [Ant Bryan brought this change]
+
+ curl.1: fix more consistent wording
+
+ "If this option is used several times, the last one will be used."
+ uniformity
+
+- ssh: use the libssh2 agent API conditionally
+
+ Commit e351972bc89aa4c brought in the ssh agent support but some uses of
+ the libssh2 agent API was done unconditionally which wasn't good enough
+ since that API hasn't always been present.
+
+- white space fix: shorten long line
+
+ ... to please checksrc.pl
+
+Kamil Dudka (9 Aug 2012)
+- docs: update the links to cipher-suites supported by NSS
+
+ ... and make the list of cipher-suites in nss.c readable by humans.
+
+ Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
+
+- nss: do not print misleading NSS error codes
+
+Daniel Stenberg (8 Aug 2012)
+- RELEASE-NOTES: synced with 0774386b23
+
+ 5 more bug fixes, one change, 6 contributors
+
+- [Armel Asselin brought this change]
+
+ docs: mention CURLSSH_AUTH_AGENT
+
+- [Armel Asselin brought this change]
+
+ SSH: added agent based authentication
+
+ CURLSSH_AUTH_AGENT is a new auth type for SSH
+
+- bump version to 7.28.0
+
+ I am about to merge the first patch that adds changes into the pending
+ release, and thus we bump the minor number.
+
+- RELEASE-NOTES: added missing link
+
+- curl_version: fixed Value stored to 'len' is never read
+
+ Fixed this (harmless) clang-analyzer warning. Also fixed the source
+ indentation level.
+
+- TODO-RELEASE: the (nil) bug is fixed
+
+- add_next_timeout: minor restructure of code
+
+ By reading the ->head pointer and using that instead of the ->size
+ number to figure out if there's a list remaining we avoid the (false
+ positive) clang-analyzer warning that we might dereference of a null
+ pointer.
+
+- verbose messages: fixed output of hostnames in re-used connections
+
+ I suspect this is a regression introduced in commit 207cf150, included
+ since 7.24.0.
+
+ Avoid showing '(nil)' as hostname in verbose output by making sure the
+ hostname fixup function is called early enough to set the pointers that
+ are used for this. The name data is set again for each request even for
+ re-used connections to handle multiple hostnames over the same
+ connection (like with proxy) or that the casing etc of the host name is
+ changed between requests (which has proven to be important at least once
+ in the past).
+
+ Test1011 was modified to use a redirect with a re-used a connection
+ since it then showed the bug and now lo longer does. There's currently
+ no easy way to have the test suite detect 'nil' texts in verbose ouputs
+ so no tests will detect if this problem gets reintroduced.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
+ Reported by: Gisle Vanem
+
+- [Nick Zitzmann brought this change]
+
+ metalink: Un-broke the build when building --with-darwinssl
+
+Guenter Knauf (8 Aug 2012)
+- Fix some compiler warnings.
+
+Daniel Stenberg (8 Aug 2012)
+- TODO-RELEASE: two bugs fixed
+
+ These are now addressed:
+
+ 323 - patch - select.c / Curl_socket_check() interrupted
+
+ 325 - Avoid leak of local device string when reusing connection
+
+- curl.1: minor format fix for --data-ascii
+
+ ... and removal of trailing whitespace on a single line
+
+- [Ant Bryan brought this change]
+
+ curl man page cleanup
+
+- [Mike Crowe brought this change]
+
+ Avoid leak of local device string when reusing connection
+
+ Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
+ decide we can reuse an existing connection.
+
+- Curl_socket_check: fix timeout return value for select users
+
+ This is the same fix applied for the conditional code that uses select()
+ that was already done for the poll specific code in commit
+ b61e8b81f5038.
+
+- [Maxime Larocque brought this change]
+
+ Curl_socket_check: fix return code for timeout
+
+ We found a problem with ftp transfer using libcurl (7.23 and 7.25)
+ inside an application which is receiving unix signals (SIGUSR1,
+ SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
+ defined).
+
+ Curl_socket_check() uses poll() to wait for the socket, and retries it
+ when a signal is received (EINTR). However, if a signal is received and
+ it also happens that the timeout has been reached, Curl_socket_check()
+ returns -1 instead of 0 (indicating an error instead of a timeout).
+
+ In our case, the result is an aborted connection even before the ftp
+ banner is received from the server, and a return value of
+ CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
+ in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
+ Funny to debug on a system on which OOM is a possible cause).
+
+ Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
+
+- RELEASE-NOTES: synced with b4a558041fdf65c0
+
+- TODO-RELEASE: fixed another bug
+
+ bug #3544688 "crash during retry with libcurl and SFTP"
+
+- WSAPoll: disabled on all windows builds
+
+ Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
+ library is used to setup a connection to an incorrect port, normally the
+ result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
+ the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
+ reached */.
+
+ On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
+ Online (https://premier.microsoft.com/). The support engineer handling
+ the case wrote that the case description is quite clear. He will try to
+ reproduce the issue and then proceed with troubleshooting it.
+
+ Reported by: Jan Koen Annot
+ Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
+
+- retry request: only access the HTTP data if in fact HTTP
+
+ When figuring out if the data stream needs to be rewound when the
+ request is to be resent, we must not access the HTTP struct unless the
+ protocol used is indeed HTTP...
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
+
+- TODO: support DANE, we already support gnutls without gcrypt
+
+- curl-config: parentheses fix
+
+ Braces, not parentheses, should be used for shell variable names.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3551460
+ Reported by: Edward Sheldrake
+
+- VC build: add define for openssl
+
+ This fixes a build failure of lib/ssluse.c.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
+
+- TODO-RELEASE: two bugs fixed!
+
+- globbing: fix segfault when >9 globs were used
+
+ Stupid lack of range checks caused the code to overwrite local variables
+ after glob number nine. Added checks now.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3546353
+
+- [Joe Mason brought this change]
+
+ sws: close sockets properly
+
+ Fix a bug where closed sockets (fd -1) were left in the all_sockets
+ list, because of missing parens in a pointer arithmetic expression
+
+ Reenable the tests that were locking up due to this bug.
+
+- [Joe Mason brought this change]
+
+ Remove debug logs that were accidentally checked in
+
+- [Joe Mason brought this change]
+
+ Use select in sws, which has better cross-platform support than poll
+
+- [Joe Mason brought this change]
+
+ Use cross-platform curlx_nonblock instead of fcntl in sws
+
+- operate: fix clang-analyzer warnings for never read variables
+
+ Two separate "Value stored to 'XXX' is never read" warnings
+
+- operate: fix clang-analyzer warning
+
+ Value stored to 'separator' is never read
+
+- metalink: change code order to build with gnutls-nettle
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
+ Reported by: Anthony G. Basile
+
+- gtls: fix build failure by including nettle-specific headers
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
+ Reported by: Anthony G. Basile
+
+Guenter Knauf (6 Aug 2012)
+- Fixed compiler warning - argument is type long.
+
+Daniel Stenberg (6 Aug 2012)
+- DISABLED: disable the new tests that do NTLM
+
+ The tests 2025, 2028 and 2031 don't work for me so I'll have them
+ disabled for now until we solve the problem.
+
+Joe Mason (3 Aug 2012)
+- Add tests of auth retries
+
+- Cleanup handshake after clean NTLM failure
+
+- Zero out auth structs before transfer
+
+- Add a polling loop in main to read from more than one socket at once. Add the O_NONBLOCK and
+ SO_KEEPALIVE flag to all sockets. Note that several loops which used to continue on a return value
+ of 0 (theoretical since 0 would never be returned without O_NONBLOCK) now break on 0 so that they
+ won't continue reading until after poll is called again.
+
+- Change return values of get_request, accept_connection and service_connection to add a return code
+ for non-blocking sockets: now -1 means error or connection finished, 1 means data was read, and 0
+ means there is no data available now so need to wait for poll (new return value)
+
+- Hoist the loop out of get_request, and make sure that it can be reentered when a request is
+ half-finished.
+
+ Note the the req struct used to be re-initialized AFTER reading pipeline data, so now that we
+ initialize it from the caller we must be careful not to overwrite the pipeline data.
+
+ Also we now need to handle the case where the buffer is already full when get_request is called -
+ previously this never happened as it was always called with an empty buffer and looped until done.
+
+ Now get_request is called in a loop, so the next step is to run the loop on a socket only when poll
+ signals it is readable.
+
+- Move blocks of code from the sws main loop into their own functions for easier refactoring later.
+ The next step will be to call the correct function after a poll, rather than looping unconditionally
+
+- Remove the --fork option of sws, since it makes refactoring to use poll more complicated and should
+ be redundant once we poll
+
+Kamil Dudka (30 Jul 2012)
+- file: use fdopen() for uploaded files if available
+
+ It eliminates noisy events when using inotify and fixes a TOCTOU issue.
+
+ Bug: https://bugzilla.redhat.com/844385
+
+Guenter Knauf (29 Jul 2012)
+- Added DWANT_IDN_PROTOTYPES define for MSVC too.
+
+ Discussion on the list: http://curl.haxx.se/mail/lib-2012-07/0271.html
+
+- Added Win32 problems.
+
+- Added hint to read docs/INSTALL too.
+
+- Added new file to distro.
+
+Steve Holme (28 Jul 2012)
+- TODO: Updated after 7.27.0 release
+
+ Removed APOP and SASL authentication from the POP3 section and metalink
+ support from the client section as these features were implemented in
+ this release.
+
+ Moved adding gssapi to SASL into it's own section rather than repeat it
+ for each protocol.
+
+Daniel Stenberg (28 Jul 2012)
+- TODO-RELEASE: updated after 7.27.0 release
+
+- THANKS: 12 new contributors from the 7.27.0 release
+
+- version bump: start towards next release
+
+ Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
+ when released.
+
+Version 7.27.0 (27 Jul 2012)
+
+Guenter Knauf (27 Jul 2012)
+- Fixed compiler warning 'unused parameter'.
+
+- Added prototypes to kill compiler warning.
+
+- Added --with-winidn to configure.
+
+ This needs another look from the configure experts. I tested that
+ it works so far with MinGW64 cross-compiler; libcurl builds and
+ links fine, but curl not yet ...
+
+Daniel Stenberg (27 Jul 2012)
+- [Ant Bryan brought this change]
+
+ Update man page info on --metalink and typo.
+
+- RELEASE-NOTES: remove mentioned of bug never in a release
+
+ The --silent bug came with 7561a0fc834c435 which was never in a release.
+ Pointed out by Kamil Dudka
+
+- RELEASE-NOTES: synced with 33b815e894fb
+
+ 4 more bugfixes, 3 more contributors
+
+Guenter Knauf (26 Jul 2012)
+- Changed Windows IDN text to 'WinIDN'.
+
+ Synced the output to the same short form as we now use for
+ Windows SSL (WinSSL).
+
+Daniel Stenberg (25 Jul 2012)
+- [Nick Zitzmann brought this change]
+
+ darwinssl: fixed freeze involving the multi interface
+
+ Previously the curl_multi interface would freeze if darwinssl was
+ enabled and at least one of the handles tried to connect to a Web site
+ using HTTPS. Removed the "wouldblock" state darwinssl was using because
+ I figured out a solution for our "would block but in which direction?"
+ dilemma.
+
+Guenter Knauf (25 Jul 2012)
+- Added support for tls-srp to MinGW builds.
+
+Daniel Stenberg (24 Jul 2012)
+- curl_easy_setopt: fix typo
+
+ Reported by: Santhana Todatry
+
+- keepalive: multiply value for OS-specific units
+
+ DragonFly uses milliseconds, while our API and Linux use full seconds.
+
+ Reported by: John Marino
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3546257
+
+Kamil Dudka (22 Jul 2012)
+- http: print reason phrase from HTTP status line on error
+
+ Bug: https://bugzilla.redhat.com/676596
+
+- tool_operate: fix misplaced initialization of orig_noprogress
+
+ ... and orig_isatty which caused --silent to be entirely ignored in case
+ the standard output was redirected to a file!
+
+Daniel Stenberg (21 Jul 2012)
+- [Anton Yabchinskiy brought this change]
+
+ Client's "qop" value should not be quoted (RFC2617, section 3.2.2).
+
+Guenter Knauf (21 Jul 2012)
+- Fixed typo.
+
+Daniel Stenberg (20 Jul 2012)
+- make: make distclean work again
+
+ The clean-local hook needed some polish to make sure make distclean
+ works. Added comment describing why.
+
+- test Makefile: only feature 'unit' once in the list of dirs
+
+Dan Fandrich (20 Jul 2012)
+- Fixed some typos in documentation
+
+Guenter Knauf (20 Jul 2012)
+- Fixed CR issue with Win32 version on MSYS.
+
+ Previous fix didnt work on Linux ...
+
+- Fixed CR issue with Win32 version on MSYS.
+
+- Fixed MSYS <-> Windows path convertion.
+
+ Replaced the Windows real path from mount hack with a more
+ reliable and simpler hack: the MSYS shell has a builtin pwd
+ which understands a -W option which does convertion to Windows
+ paths. Tested and confirmed that this works on all MSYS versions
+ I have back to a 3 year old one.
+
+- Follow-up fix to detect SSL libs with MinGW.
+
+ 1) the check for winssl needs to come before nss check
+ 2) the SSL checks must begin with a new if or else we will
+ never find any SSL lib with MinGW.
+
+- Tell git to not convert configure-related files.
+
+- Trial to teach runtests.pl about WinSSL.
+
+- Fixed warning 'uninitialized value in numeric gt'.
+
+ This is a MSYS/MinGW-only warning; full warning text is:
+ Use of uninitialized value in numeric gt (>) at ../../curl/tests/runtests.pl line 2227.
+
+Daniel Stenberg (15 Jul 2012)
+- RELEASE-NOTES: synced with 9d11716933616
+
+ Fixed 6 bugs, added 3 contributors
+
+- multi_runsingle: added precaution against easy_conn NULL pointer
+
+ In many states the easy_conn pointer is referenced and just assumed to
+ be working. This is an added extra check since analyzing indicates
+ there's a risk we can end up in these states with a NULL pointer there.
+
+- getparam: fix the GetStr() macro
+
+ It should return PARAM_NO_MEM if the strdup fails. Spotted by
+ clang-analyzer
+
+Guenter Knauf (15 Jul 2012)
+- Tell git to not convert configure-related files.
+
+Daniel Stenberg (13 Jul 2012)
+- parse_proxy: remove dead assignment
+
+ Spotted by clang-analyzer
+
+- ftp_do_more: add missing check of return code
+
+ Spotted by clang-analyzer. The return code was never checked, just
+ stored.
+
+- getinfo: use va_end and cut off Curl_ from static funcs
+
+ va_end() needs to be used after va_start() and we don't normally use
+ Curl_ prefixes for purely static functions.
+
+- [Philip Craig brought this change]
+
+ Split up Curl_getinfo
+
+ This avoids false positives from clang's scan-build.
+
+Guenter Knauf (12 Jul 2012)
+- Added error checking for curl_global_init().
+
+- Added curl_global_* functions.
+
+- Minor fixes to MinGW makefiles.
+
+Daniel Stenberg (12 Jul 2012)
+- docs: mention CURL_GLOBAL_DEFAULT
+
+Guenter Knauf (12 Jul 2012)
+- Added curl_global_* functions.
+
+Daniel Stenberg (12 Jul 2012)
+- tests: verify the stricter numeric option parser
+
+ Test 1409 and 1410 verifies the stricter numeric option parser
+ introduced the other day in commit f2b6ebed7b.
+
+- SWS: use of uninitialized memory fix
+
+ I made "connmon" not get initialized properly before use, and I use the
+ big hammer and make sure we always clear the entire struct to avoid any
+ problem like this in the future.
+
+- test48: verify that HEAD doesn't close extra
+
+ Two commits ago, we fixed a bug where the connction would be closed
+ prematurely after a HEAD. Now I added connection-monitor to test 48 and
+ added a second HEAD and make sure that both are sent over the same
+ connection.
+
+ This triggered a failure before the bug fix and now works. Will help us
+ avoid a future regression of this kind.
+
+- connection-monitor: always log disconnect when enabled
+
+ This makes verifying easier and makes us more sure curl closes the
+ connection only at the correct point in time. Adjusted test 206 and 1008
+ accordingly and updated the docs for it.
+
+- HEAD: don't force-close after response-headers
+
+ A HEAD response has no body length and gets the headers like the
+ corresponding GET would so it should not get closed after the response
+ based on the same rules. This mistake caused connections that did HEAD
+ to get closed too often without a valid reason.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3542731
+ Reported by: Eelco Dolstra
+
+Guenter Knauf (12 Jul 2012)
+- Removed trailing empty strings from awk script.
+
+- Cleaned up version awk script.
+
+- Added project copyright header.
+
+- Removed libcurl.imp from Makefile.am.
+
+ Updated .gitignore for NetWare created files.
+
+- Added missing dependency to export list.
+
+- Fixed export list path.
+
+- Changed NetWare build to generate export list.
+
+- Added pointer to FAQ for linkage errors.
+
+- Small NetWare makefile tweak.
+
+- Changed MinGW makefiles to use WINSSL now.
+
+Daniel Stenberg (10 Jul 2012)
+- test231: fix wrong -C use!
+
+- cmdline: parse numerical options stricter
+
+ 1 - str2offset() no longer accepts negative numbers since offsets are by
+ nature positive.
+
+ 2 - introduced str2unum() for the command line parser that accepts
+ numericals which are not supposed to be negative, so that it will
+ properly complain on apparent bad uses and mistakes.
+
+ Bug: http://curl.haxx.se/mail/archive-2012-07/0013.html
+
+- docs: switch to proper UTF-8 for text file encoding
+
+Yang Tse (9 Jul 2012)
+- Make Curl_schannel_version() return "WinSSL"
+
+ Modification based on voting result:
+
+ http://curl.haxx.se/mail/lib-2012-07/0104.html
+
+Daniel Stenberg (9 Jul 2012)
+- test 46: use different path lengths to get reliable sort order
+
+ Since the order of the cookies is sorted by the length of the paths,
+ having them on the same path length will make the test depend on what
+ order the qsort() implementation will put them. As seen in the
+ windows/msys output posted by Guenter in this posting:
+ http://curl.haxx.se/mail/lib-2012-07/0105.html
+
+- cookie: fixed typo in comment
+
+- [Christian Hägele brought this change]
+
+ https_getsock: provided for schannel backend as well
+
+ The function https_getsock was only implemented properly when USE_SSLEAY
+ or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL.
+
+ The problem occurs when Curl_read_plain or Curl_write_plain returns
+ CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an
+ the used socket is set to state CURL_POLL_REMOVE and the easy-state is
+ set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket
+ should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's
+ where https_getsock is called and doesn't return any sockets.
+
+- RELEASE-NOTES: added a URL reference to cookie docs
+
+Guenter Knauf (8 Jul 2012)
+- Removed obsolete include path to project root.
+
+Daniel Stenberg (8 Jul 2012)
+- TODO-RELEASE: issue 316 NTLM over proxy is fixed
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: don't use arc4random_buf
+
+ Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the
+ function is not available prior to iOS 4.3 and OS X 10.7.
+
+- KNOWN_BUGS: #80 Curl doesn't recognize certs in DER format
+
+- KNOWN_BUGS: #79 - any RCPT TO failure makes and error
+
+Marc Hoersken (8 Jul 2012)
+- winbuild: Aligned BUILD.WINDOWS.txt and Makefile.vc usage help
+
+- winbuild: Make USE_WINSSL depend on USE_SSPI
+
+ Since WinSSL cannot be build without SSPI being enabled,
+ USE_WINSSL now defaults to the value of USE_SSPI.
+
+ The makefile does now raise an error if WinSSL is enabled
+ while SSPI is disabled.
+
+- winbuild: Aligned USE_SSPI with other USE_x defines
+
+ Renamed external parameter USE_SSPI = yes/no to ENABLE_SSPI = yes/no.
+ Backwards compatible change: USE_SSPI can still be passed as external
+ parameter with yes/no value as long as ENABLE_SSPI is not given.
+
+ USE_x defines are passed around with true/false values internally,
+ USE_SSPI is now aligned to this approach, but still accepts external
+ values yes/no being passed, just like the other defines.
+
+- winbuild: Clean up formatting and variable naming
+
+ - Changed space usage to line up with the whole file
+ - Renamed CFLAGS_SSPI/IPV6 to SSPI/IPV6_CFLAGS to be
+ consistent with the other CFLAGS_x variables
+ - Make use of existing CFLAGS_IPV6 (previously IPV6_CFLAGS)
+ instead of appending directly to CFLAGS
+
+Daniel Stenberg (7 Jul 2012)
+- [Nick Zitzmann brought this change]
+
+ darwinssl: output cipher with text, remove SNI warning
+
+ The code was printing a warning when SNI was set up successfully. Oops.
+
+ Printing the cipher number in verbose mode was something only TLS/SSL
+ programmers might understand, so I had it print the name of the cipher,
+ just like in the OpenSSL code. That'll be at least a little bit easier
+ to understand. The SecureTransport API doesn't have a method of getting
+ a string from a cipher like OpenSSL does, so I had to generate the
+ strings manually.
+
+- RELEASE-NOTES: synced with 5a99bce07d
+
+- KNOWN_BUGS: NTLM with unicode works with schannel/winssl!
+
+ Bug #75 updated with additional info, still remains for builds with
+ other backends.
+
+- code police: narrow source to < 80 columns
+
+Yang Tse (5 Jul 2012)
+- unicode NTLM SSPI: cleanup follow-up
+
+- unicode NTLM SSPI: cleanup
+
+ Reduce the number of #ifdef UNICODE directives used in source files.
+
+Daniel Stenberg (5 Jul 2012)
+- tests: use connection-monitor and verify results
+
+ Test 1008 and 206 don't show the disconnect since it happens when SWS
+ awaits a new request, but 503 does and so the verify section needs that
+ string added.
+
+- http-proxy: keep CONNECT connections alive (for NTLM)
+
+ When doing CONNECT requests, libcurl must make sure the connection is
+ alive as much as possible. NTLM requires it and it is generally good for
+ other cases as well.
+
+ NTLM over CONNECT requests has been broken since this regression I
+ introduced in my CONNECT cleanup commits that started with 41b02378342,
+ included since 7.25.0.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3538625
+ Reported by: Marcel Raad
+
+- sws: support <servercmd> for CONNECT requests
+
+ I moved out the servercmd parsing into a its own function called
+ parse_servercmd() and made sure it gets used also when the test number
+ is extracted from CONNECT requests. It turned out sws didn't do that
+ previously!
+
+- FILEFORMAT: provided a full description of connection-monitor
+
+- lib503: enable verbose to ease debugging this
+
+- sws: add 'connection-monitor' command support
+
+ Using this, the server will output in the protocol log when the
+ connection gets disconnected and thus we will verify correctly in the
+ test cases that the connection doesn't get closed prematurely. This is
+ important for example NTLM to work.
+
+ Documentation added to FILEFORMAT, test 503 updated to use this.
+
+Guenter Knauf (4 Jul 2012)
+- Removed non-used variable.
+
+- Added error checking for samples.
+
+- Renamed vars to avoid shadow global declaration.
+
+Daniel Stenberg (3 Jul 2012)
+- docs: clarify how to start with curl_multi_socket_action
+
+ Mention the CURL_SOCKET_TIMEOUT argument in step 6 of the typical
+ application.
+
+Guenter Knauf (3 Jul 2012)
+- Moved some patterns to subfolder's .gitignore.
+
+- Merge branch 'master' of ssh://github.com/bagder/curl
+
+- MinGW makefile tweaks for running from sh.
+
+ Added function macros to make path converting easier.
+ Added CROSSPREFIX to all compile tools.
+
+Yang Tse (3 Jul 2012)
+- [Marc Hoersken brought this change]
+
+ curl_ntlm_msgs.c: Removed unused variable passwd
+
+Guenter Knauf (3 Jul 2012)
+- Added files generated by mingw32, eclipse and VC.
+
+ Posted by Marc Hoersken.
+
+Daniel Stenberg (3 Jul 2012)
+- cookies: change the URL in the cookie jar file header
+
+- HTTP-COOKIES: clarified and modified layout
+
+- HTTP-COOKIES: use the FAQ document layout
+
+- HTTP-COOKIES: added cookie documentation
+
+Yang Tse (3 Jul 2012)
+- curl_ntlm_msgs.c: include <tchar.h> for prototypes
+
+- [Neil Bowers brought this change]
+
+ testcurl.pl: fix missing semicolon
+
+Daniel Stenberg (2 Jul 2012)
+- [Christian Hägele brought this change]
+
+ unicode NTLM SSPI: heap corruption fixed
+
+ When compiling libcurl with UNICODE defined and using unicode characters
+ in username.
+
+Yang Tse (2 Jul 2012)
+- testcurl.pl: allow non in-tree c-ares enabled autobuild
+
+- configure.ac: verify that libmetalink is new enough
+
+ Enabling test2017 to test2022.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl: Added runtime version check for libmetalink
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Include metalink/metalink.h for libmetalink functions
+
+Daniel Stenberg (2 Jul 2012)
+- errors: CURLM_CALL_MULTI_PERFORM is not returned anymore
+
+- release: cleaned up plans for this and coming release
+
+Yang Tse (29 Jun 2012)
+- curl-compilers.m4: remove -Wstrict-aliasing=3 from clang
+
+ Currently it is unknown if there is any version of clang that
+ actually supports -Wstrict-aliasing. What is known is that there
+ are several that don't support it.
+
+- test2017 to test2022: more metalink tests
+
+ With this commit, checks done in previous test2017 are now done in test2018.
+
+ Whole range test2017 to test2022 DISABLED until configure is capable of
+ requiring a new-enough metalink library.
+
+ Don't try these without mentioned check in place!
+
+- test2005 to test2016: improve failure detection
+
+- lib582.c: fix conversion warning
+
+- nss.c: #include warnless.h for curlx_uztosi and curlx_uztoui prototypes
+
+- [Marc Hoersken brought this change]
+
+ nss.c: Fixed size_t conversion warnings
+
+- sslgen.c: cleanup temporary compile-time SSL-backend check
+
+Daniel Stenberg (28 Jun 2012)
+- schannel: provide two additional (dummy) API defines
+
+Yang Tse (28 Jun 2012)
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Metalink: message updates
+
+ Print "parsing (...) OK" only when no warnings are generated. If
+ no file is found in Metalink, treat it FAILED.
+
+ If no digest is provided, print WARNING in parse_metalink().
+ Also print validating FAILED after download.
+
+ These changes make tests 2012 to 2016 pass.
+
+Daniel Stenberg (27 Jun 2012)
+- sslgen: avoid compiler error in SSPI builds
+
+Yang Tse (27 Jun 2012)
+- ssluse.c: fix compiler warning: conversion to 'int' from 'size_t'
+
+ Reported by Tatsuhiro Tsujikawa
+
+ http://curl.haxx.se/mail/lib-2012-06/0371.html
+
+- sslgen.c: add compile-time check for SSL-backend completeness
+
+- build: add our standard includes to curl_darwinssl.c and curl_multibyte.c
+
+- build: add curl_schannel and curl_darwinssl files to other build systems
+
+- tests: add five more Metalink test cases
+
+- tests: update Metalink message format
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Metalink: updated message format
+
+- [Nick Zitzmann brought this change]
+
+ DarwinSSL: allow using NTLM authentication
+
+ Allow NTLM authentication when building using SecureTransport (Darwin) for SSL.
+
+ This uses CommonCrypto, a cryptography library that ships with all versions of
+ iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few
+ less-common cyphers and doesn't have a big number data structure.
+
+- curl_darwinssl.h: add newline at end of file
+
+Daniel Stenberg (26 Jun 2012)
+- ossl_seed: remove leftover RAND_screen check
+
+ Before commit 2dded8fedba (dec 2010) there was logic that used
+ RAND_screen() at times and now I remove the leftover #ifdef check for
+ it.
+
+ The seeding code that uses Curl_FormBoundary() in ossl_seed() is dubious
+ to keep since it hardly increases randomness but I fear I'll break
+ something if I remove it now...
+
+Yang Tse (26 Jun 2012)
+- [Nick Zitzmann brought this change]
+
+ DarwinSSL: several adjustments
+
+ - Renamed st_ function prefix to darwinssl_
+ - Renamed Curl_st_ function prefix to Curl_darwinssl_
+ - Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h
+ - Fixed a teensy little bug that made non-blocking connection attempts block
+ - Made it so that it builds cleanly against the iOS 5.1 SDK
+
+- curl-compilers.m4: -Wstrict-aliasing=3 for warning enabled gcc and clang builds
+
+- [Marc Hoersken brought this change]
+
+ sockaddr.h: Fixed dereferencing pointer breakin strict-aliasing
+
+ Fixed warning: dereferencing pointer does break strict-aliasing rules
+ by using a union inside the struct Curl_sockaddr_storage declaration.
+
+Daniel Stenberg (26 Jun 2012)
+- SSL cleanup: use crypto functions through the sslgen layer
+
+ curl_ntlm_msgs.c would previously use an #ifdef maze and direct
+ SSL-library calls instead of using the SSL layer we have for this
+ purpose.
+
+- [Nick Zitzmann brought this change]
+
+ darwinssl: add support for native Mac OS X/iOS SSL
+
+- RELEASE-NOTES: link to more metalink info
+
+- RELEASE-NOTES: synced with d025af9bb576
+
+Yang Tse (25 Jun 2012)
+- curl_schannel.c: Remove redundant NULL assignments following Curl_safefree()
+
+- [Marc Hoersken brought this change]
+
+ curl_schannel.c: Replace free() with Curl_safefree()
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl.1: Updated Metalink description in man page
+
+ Documented that --include will be ignored if both --metalink
+ and --include are specified.
+ Also documented that a Metalink file in the local file system
+ cannot be used if FILE protocol is disabled.
+
+Steve Holme (24 Jun 2012)
+- DOCS: Added clarification to CURLOPT_CUSTOMREQUEST for the POP3 protocol
+
+ Bug: http://curl.haxx.se/mail/lib-2012-06/0302.html
+ Reported by: Nagai H
+
+- smtp: Corrected result code for MAIL, RCPT and DATA commands
+
+ Bug: http://curl.haxx.se/mail/lib-2012-06/0094.html
+ Reported by: Dan
+
+Daniel Stenberg (24 Jun 2012)
+- [Ghennadi Procopciuc brought this change]
+
+ test: Added test HTTP receive cookies over IPv6
+
+Yang Tse (22 Jun 2012)
+- tests: add another Metalink test case
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ tests: Enable test2010 and fixed hash value
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Metalink: ignore --include if --metalink is used.
+
+ Including headers in response body will break Metalink XML parser.
+ If it is included in the file described in Metalink XML, hash check
+ will fail. Therefore, --include should be ignored if --metalink is
+ used.
+
+- tests: add six Metalink test cases
+
+- test 2005: add verification of hash checking outcome
+
+- getpart.pm: remove misleading comment
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl: Prefixed all Metalink related messages with "Metalink: "
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ tests: Added Metalink test case # 2005
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl: Restore noprogress and isatty config values.
+
+ The noprogress and isatty in Configurable are global, in a sense
+ that they persist in one curl invocation. Currently once one
+ download writes its response data to tty, they are set to FALSE
+ and they are not restored on successive downloads. This change
+ first backups the current noprogress and isatty, and restores
+ them when download does not write its data to tty.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl: Made --metalink option toggle Metalink functionality
+
+ In this change, --metalink option no longer takes argument. If
+ it is specified, given URIs are processed as Metalink XML file.
+ If given URIs are remote (e.g., http URI), curl downloads it
+ first. Regardless URI is local file (e.g., file URI scheme) or
+ remote, Metalink XML file is not written to local file system and
+ the received data is fed into Metalink XML parser directly. This
+ means with --metalink option, filename related options like -O
+ and -o are ignored.
+
+ Usage examples:
+
+ $ curl --metalink http://example.org/foo.metalink
+
+ This will download foo.metalink and parse it and then download
+ the URI described there.
+
+ $ curl --metalink file://foo.metalink
+
+ This will parse local file foo.metalink and then download the URI
+ described there.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ curl: Refactored metalink_checksum
+
+ When creating metalink_checksum from metalink_checksum_t, first
+ check hex digest is valid for the given hash function. We do
+ this check in the order of digest_aliases so that first good
+ match will be chosen (strongest hash function available). As a
+ result, the metalinkfile now only contains at most one
+ metalink_checksum because other entries are just redundant.
+
+- [Gisle Vanem brought this change]
+
+ tool_doswin.c: fix djgpp function _use_lfn() used without a prototype
+
+ http://curl.haxx.se/mail/archive-2012-06/0028.html
+
+- build: fix RESOURCE bug in lib/Makefile.vc*
+
+ Removed two, not intended to exist, RESOURCE declarations.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3535977
+
+ And sorted configuration hunks to reflect same internal order
+ as the one shown in the usage message.
+
+Daniel Stenberg (20 Jun 2012)
+- [Marc Hoersken brought this change]
+
+ schannel: Implement new buffer size strategy
+
+ Increase decrypted and encrypted cache buffers using limitted
+ doubling strategy. More information on the mailinglist:
+ http://curl.haxx.se/mail/lib-2012-06/0255.html
+
+ It updates the two remaining reallocations that have already been there
+ and fixes the other one to use the same "do we need to increase the
+ buffer"-condition as the other two. CURL_SCHANNEL_BUFFER_STEP_SIZE was
+ renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it
+ is now. Since we don't know how much more data we are going to read
+ during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the
+ minimum free space required in the buffer for the next operation.
+ CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since
+ we don't have a step size now, the define was renamed.
+
+Yang Tse (20 Jun 2012)
+- schannel SSL: fix compiler warning
+
+- [Mark Salisbury brought this change]
+
+ schannel SSL: fix for renegotiate problem
+
+ In schannel_connect_step2() doread should be initialized based
+ on connssl->connecting_state.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ runtests.pl: make it support metalink feature
+
+- getpart.pm: make test definition section/part parser more robust
+
+ Test definition section parts which needed to include xml-lingo as contents
+ of that part required that the xml-blurb was written as a single line. Now the
+ xml-data inside the part can be written multiline making it more readable.
+
+ Tested with <client><file> part which is written to disk before <command> runs.
+
+Daniel Stenberg (20 Jun 2012)
+- schannel_connect_step2: checksrc whitespace fix
+
+Yang Tse (20 Jun 2012)
+- [Mark Salisbury brought this change]
+
+ schannel SSL: changes in schannel_connect_step2
+
+ Process extra data buffer before returning from schannel_connect_step2.
+ Without this change I've seen WinCE hang when schannel_connect_step2
+ returns and calls Curl_socket_ready.
+
+ If the encrypted handshake does not fit in the intial buffer (seen with
+ large certificate chain), increasing the encrypted data buffer is necessary.
+
+ Fixed warning in curl_schannel.c line 1215.
+
+- [Mark Salisbury brought this change]
+
+ config-win32ce.h: WinCE config adjustment
+
+ process.h is not present on WinCE
+
+- [Mark Salisbury brought this change]
+
+ schannel SSL: Made send method handle unexpected cases better
+
+ Implemented timeout loop in schannel_send while sending data. This
+ is as close as I think we can get to write buffering; I put a big
+ comment in to explain my thinking.
+
+ With some committer adjustments
+
+Daniel Stenberg (19 Jun 2012)
+- [Marc Hoersken brought this change]
+
+ curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer size
+
+Yang Tse (19 Jun 2012)
+- [Mark Salisbury brought this change]
+
+ schannel SSL: Use standard Curl read/write methods
+
+ Replaced calls to swrite with Curl_write_plain and calls to sread
+ with Curl_read_plain.
+
+ With some committer adjustments
+
+- schannel SSL: make wording of some trace messages better reflect reality
+
+Daniel Stenberg (19 Jun 2012)
+- [Marc Hoersken brought this change]
+
+ curl_schannel.h: Use BUFSIZE as the initial buffer size if available
+
+ Make the Schannel implementation use libcurl's default buffer size
+ for the initial received encrypted and decrypted data cache buffers.
+ The implementation still needs to handle more data since more data
+ might have already been received or decrypted during the handshake
+ or a read operation which needs to be cached for the next read.
+
+Guenter Knauf (19 Jun 2012)
+- Fixed NetWare makefile broken from last commit.
+
+Yang Tse (19 Jun 2012)
+- [Mark Salisbury brought this change]
+
+ schannel SSL: Implemented SSL shutdown
+
+ curl_schannel.c - implemented graceful SSL shutdown. If we fail to
+ shutdown the connection gracefully, I've seen schannel try to use a
+ session ID for future connects and the server aborts the connection
+ during the handshake.
+
+- [Mark Salisbury brought this change]
+
+ schannel SSL: certificate validation on WinCE
+
+ curl_schannel.c - auto certificate validation doesn't seem to work
+ right on CE. I added a method to perform the certificate validation
+ which uses CertGetCertificateChain and manually handles the result.
+
+- [Mark Salisbury brought this change]
+
+ schannel SSL: Added helper methods to simplify code
+
+ Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it
+ easier to set up SecBuffer & SecBufferDesc structs.
+
+Guenter Knauf (18 Jun 2012)
+- Some more NetWare makefile tweaks for metalink.
+
+Yang Tse (18 Jun 2012)
+- tool_cb_see.c: WinCE build adjustment
+
+- [Mark Salisbury brought this change]
+
+ setup.h: WinCE build adjustment
+
+- [Mark Salisbury brought this change]
+
+ ftplistparser.c: do not compile if FTP protocol is not enabled
+
+- Win32: downplay MS bazillion type synonyms game
+
+ Avoid usage of some MS type synonyms to allow compilation with
+ compiler headers that don't define these, using simpler synonyms.
+
+Daniel Stenberg (15 Jun 2012)
+- Curl_rtsp_parseheader: avoid useless malloc/free
+
+ Coverity actually pointed out flawed logic in the previous call to
+ Curl_strntoupper() where the code used sizeof() of a pointer to pass in
+ a size argument. That code still worked since it only needed to
+ uppercase 4 letters. Still, the entire malloc/uppercase/free sequence
+ was pointless since the code has already matched the string once in the
+ condition that starts the block of code.
+
+- curl_share_setopt: use va_end()
+
+ As spotted by Coverity, va_end() was not used previously. To make it
+ used I took away a bunch of return statements and made them into
+ assignments instead.
+
+Yang Tse (15 Jun 2012)
+- SSPI related code: Unicode support for WinCE - kill compiler warnings
+
+- [Mark Salisbury brought this change]
+
+ SSPI related code: Unicode support for WinCE - commit 46480bb9 follow-up
+
+- build: add curl_multibyte files to build systems
+
+- [Mark Salisbury brought this change]
+
+ SSPI related code: Unicode support for WinCE
+
+ SSPI related code now compiles with ANSI and WCHAR versions of security
+ methods (WinCE requires WCHAR versions of methods).
+
+ Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file.
+
+ curl_sasl.c - include curl_memory.h to use correct memory functions.
+
+ getenv.c and telnet.c - WinCE compatibility fix
+
+ With some committer adjustments
+
+Guenter Knauf (15 Jun 2012)
+- Fixed typo.
+
+Yang Tse (14 Jun 2012)
+- winbuild/MakefileBuild.vc: convert line endings to DOS style
+
+ As per request on mailing list: http://curl.haxx.se/mail/lib-2012-06/0222.html
+
+- [Marc Hoersken brought this change]
+
+ winbuild: Allow SSPI build with or without Schannel
+
+ The changes introduced in commit 2bfa57bc32 are not enough
+ to make it actually possible to use the USE_WINSSL option.
+ Makefile.vc was not updated and the configuration name which is
+ used in the build path did not match between both build files.
+
+ This patch fixes those issues and introduces the following changes:
+
+ - Replaced the -schannel name with -winssl in order to be consistent
+ with the other options
+ - Added ENABLE_WINSSL option to winbuild/Makefile.vc (default yes)
+ - Changed winbuild/MakefileBuild.vc to set USE_WINSSL to true if
+ USE_SSL is false and USE_WINSSL was not specified as a parameter
+ - Separated WINSSL handling from SSPI handling to be consistent with
+ the other options and their corresponding code path
+
+- curl.1: 7.27.0 seems next release
+
+- schannel: fix printf-style format strings
+
+- Fix bad failf() and info() usage
+
+ Calls to failf() are not supposed to provide trailing newline.
+ Calls to infof() must provide trailing newline.
+
+ Fixed 30 or so strings.
+
+- schannel: fix unused parameter warnings
+
+- schannel: fix comparisons between signed and unsigned
+
+- schannel: fix discarding qualifier from pointer type
+
+- schannel: fix shadowing of global declarations
+
+- schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarations
+
+- [Gisle Vanem brought this change]
+
+ urldata.h: fix cyassl/openssl/ssl.h build clash with wincrypt.h
+
+ Building with CyaSSL failed compilation. Reason being that OCSP_REQUEST and
+ OCSP_RESPONSE are enum values in CyaSSL and defines in <wincrypt.h> included
+ via <winldap.h> in ldap.c.
+
+ http://curl.haxx.se/mail/lib-2012-06/0196.html
+
+- MakefileBuild.vc: Allow building without SSL
+
+ In order to use Windows native SSL support define 'USE_WINSSL'
+
+- configure: new option --with-winssl
+
+ This option may be used to build curl/libcurl using SSL/TLS support provided
+ by MS windows system libraries. Option is mutually exclusive with any other
+ SSL library. Default value is --without-winssl.
+
+ --with-winssl option implies --with-sspi option.
+
+ Option meaningful only for Windows builds.
+
+Guenter Knauf (13 Jun 2012)
+- Changed Schannel string to SSL-Windows-native.
+
+ This is more descriptive for the user who might
+ not even know what schannnel is at all.
+
+Yang Tse (13 Jun 2012)
+- schannel: remove version number and identify its use with 'schannel' literal
+
+ Version number is removed in order to make this info consistent with
+ how we do it with other MS and Linux system libraries for which we don't
+ provide this info.
+
+ Identifier changed from 'WinSSPI' to 'schannel' given that this is the
+ actual provider of the SSL/TLS support. libcurl can still be built with
+ SSPI and without SCHANNEL support.
+
+Daniel Stenberg (12 Jun 2012)
+- singlesocket: remove dead code
+
+ No need to check if 'entry' is non-NULL in a spot where it is already checked
+ and guaranteed to be non-NULL.
+
+ (Spotted by a Coverity scan)
+
+- netrc: remove dead code
+
+ Remove two states from the enum and the corresponding code for them as
+ these states were never reached or used.
+
+ (Spotted by a Coverity scan)
+
+Yang Tse (12 Jun 2012)
+- Revert "connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing"
+
+ This reverts commit 9c94236e6cc078a0dc5a78b6e2fefc1403e5375e.
+
+ It didn't server its purpose, so lets go back to long-time working code.
+
+- socks_sspi.c: further cleanup
+
+- [Marc Hoersken brought this change]
+
+ socks_sspi.c: Clean up and removal of obsolete minor status
+
+ Removed obsolete minor status variable and parameter of status function
+ which was never used or set at all. Also Curl_sspi_strerror does support
+ only one status and there is no need for a second sub status.
+
+Guenter Knauf (12 Jun 2012)
+- Removed trailing whitespaces.
+
+Yang Tse (12 Jun 2012)
+- strerror.c: make Curl_sspi_strerror() always return code for errors
+
+- curl_sspi.h: provide sspi status definitions missing in old headers
+
+- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function
+
+- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function
+
+Daniel Stenberg (11 Jun 2012)
+- Revert: 634f7cfee40d4658 partially
+
+ Make sure CURL_VERSION_SSPI is present and works as in previous releases
+ for ABI and API compatibility reasons.
+
+- checksrc: shorten a few lines to comply
+
+- cleanup: remove trailing whitespace
+
+- [Marc Hoersken brought this change]
+
+ winbuild: Removed WITH_SSL=schannel and tie schannel to SSPI
+
+ Removed specific WITH_SSL=schannel paramter that did not fit the general
+ schema and complicated the parameters. For now Schannel will be enabled
+ if SSPI is enabled and OpenSSL is disabled.
+
+- [Steve Holme brought this change]
+
+ Makefile.vc6: Added version.lib if built with SSPI
+
+- [Marc Hoersken brought this change]
+
+ winbuild: Updated winbuild scripts to add schannel
+
+- [Marc Hoersken brought this change]
+
+ mingw32: Fixed warning of USE_SSL being redefined
+
+- [Marc Hoersken brought this change]
+
+ sspi: Fixed incompatible parameter pointer type in Curl_sspi_version
+
+- [Marc Hoersken brought this change]
+
+ sspi: Updated RELEASE-NOTES, FEATURES and THANKS
+
+- [Marc Hoersken brought this change]
+
+ setup.h: Automatically define USE_SSL if USE_SCHANNEL is defined
+
+- [Marc Hoersken brought this change]
+
+ version: Replaced SSPI feature information with version string details
+
+ Added Windows SSPI version information to the curl version string when
+ SCHANNEL SSL is not enabled, as the version of the library should also
+ be included when SSPI is used to generate security contexts.
+
+ Removed SSPI from the feature list as the features are GSS-Negotiate,
+ NTLM and SSL depending on the usage of the SSPI library.
+
+- [Steve Holme brought this change]
+
+ sspi.c: Post Curl_sspi_version() rework code tidy up
+
+ Removed duplicate blank lines.
+ Removed spaces between the not and test in various if statements.
+ Removed explicit test of NULL in an if statement.
+ Placed function returns on same line as function declarations.
+ Replaced the use of curl_maprintf() with aprintf() as it is the
+ preprocessor job to do this substitution if ENABLE_CURLX_PRINTF
+ is set.
+
+- [Steve Holme brought this change]
+
+ sspi: Reworked Curl_sspi_version() to return version components
+
+ Reworked the version function to return four version components rather
+ than a string that has to be freed by the caller.
+
+- [Guenter Knauf brought this change]
+
+ configure.ac: Added -lversion if built with SSPI
+
+- [Marc Hoersken brought this change]
+
+ schannel: Code cleanup and bug fixes
+
+ curl_sspi.c: Fixed mingw32-gcc compiler warnings
+ curl_sspi.c: Fixed length of error code hex output
+
+ The hex value was printed as signed 64-bit value on 64-bit systems:
+ SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322)
+
+ It is now correctly printed as the following:
+ SEC_E_WRONG_PRINCIPAL (0x80090322)
+
+ curl_sspi.c: Fallback to security function table version number
+ Instead of reporting an unknown version, the interface version is used.
+
+ curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version
+ curl_schannel: Replaced static buffer sizes with defined names
+ curl_schannel.c: First brace when declaring functions on column 0
+ curl_schannel.c: Put the pointer sign directly at variable name
+ curl_schannel.c: Use structs directly instead of typedef'ed structs
+ curl_schannel.c: Removed space before opening brace
+ curl_schannel.c: Fixed lines being longer than 80 chars
+
+- [Marc Hoersken brought this change]
+
+ curl_sspi: Added Curl_sspi_version function
+
+ Added new function to get SSPI version as string.
+ Added required library version.lib to makefiles.
+ Changed curl_schannel.c to use Curl_sspi_version.
+
+- [Guenter Knauf brought this change]
+
+ schannel: Updated mingw32 makefiles
+
+- [Marc Hoersken brought this change]
+
+ schannel: Replace ASCII specific code with general defines
+
+- [Marc Hoersken brought this change]
+
+ schannel: Added definitions which are missing in mingw32
+
+- [Marc Hoersken brought this change]
+
+ schannel: Moved interal struct types to urldata.h
+
+ Moved type definitions in order to avoid inclusion loop
+
+- [Marc Hoersken brought this change]
+
+ schannel: Fixed compiler warnings about pointer type assignments
+
+- [Marc Hoersken brought this change]
+
+ schannel: Fixed critical typo in conditions and added buffer length checks
+
+- [Marc Hoersken brought this change]
+
+ sspi: Refactored socks_sspi and schannel to use same error message functions
+
+ Moved the error constant switch to curl_sspi.c and added two new helper
+ functions to curl_sspi.[ch] which either return the constant or a fully
+ translated message representing the SSPI security status.
+ Updated socks_sspi.c and curl_schannel.c to use the new functions.
+
+- [Marc Hoersken brought this change]
+
+ schannel: Added special shutdown check for Windows 2000 Professional
+
+ Windows 2000 Professional: Schannel returns SEC_E_OK instead
+ of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer
+ is zero and the first byte of the encrypted packet is 0x15,
+ the application can safely assume that the message was a
+ close_notify message and change the return value to
+ SEC_I_CONTEXT_EXPIRED.
+
+ Connection shutdown does not mean that there is no data to read
+ Correctly handle incomplete message and ask curl to re-read
+ Fixed buffer for decrypted being to small
+ Re-structured read condition to be more effective
+ Removed obsolete verbose messages
+ Changed memory reduction method to keep a minimum buffer of size 4096
+
+- [Marc Hoersken brought this change]
+
+ schannel: Implemented SSL/TLS renegotiation
+
+ Updated TODO information and added related MSDN articles
+
+- [Marc Hoersken brought this change]
+
+ schannel: Save session credential handles in session cache
+
+- [Marc Hoersken brought this change]
+
+ schannel: Code cleanup
+
+- [Marc Hoersken brought this change]
+
+ schannel: Check for required context attributes
+
+- [Marc Hoersken brought this change]
+
+ schannel: Allow certificate and revocation checks being deactivated
+
+- [Marc Hoersken brought this change]
+
+ schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPI
+
+- [Marc Hoersken brought this change]
+
+ http: Replaced specific SSL libraries list in https_getsock fallback
+
+- [Marc Hoersken brought this change]
+
+ connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing
+
+ Fixed warning: dereferencing pointer does break strict-aliasing rules
+ by using a union instead of separate pointer variables.
+ Internal union sockaddr_u could probably be moved to generic header.
+ Thanks to Paul Howarth for the hint about using unions for this.
+
+ Important for winbuild: Separate declaration of sockaddr_u pointer.
+ The pointer variable *sock cannot be declared and initialized right
+ after the union declaration. Therefore it has to be a separate statement.
+
+- [Marc Hoersken brought this change]
+
+ curl_ntlm_msgs.c: Fixed passwdlen not being used and recalculated
+
+Yang Tse (11 Jun 2012)
+- tests: fix test definitions # 1355, 1363, 1385 and 1393
+
+ -i without HTTP protocol shall not include headers in the output
+
+Daniel Stenberg (10 Jun 2012)
+- Curl_pgrsDone: return int and acknowledge return code
+
+ Since Curl_pgrsDone() itself calls Curl_pgrsUpdate() which may return an
+ abort instruction or similar we need to return that info back and
+ subsequently properly handle return codes from Curl_pgrsDone() where
+ used.
+
+ (Spotted by a Coverity scan)
+
+Steve Holme (10 Jun 2012)
+- [Marc Hoersken brought this change]
+
+ winbuild: Fixed environment variables being lost
+
+ Fixed USE_IPV6 and USE_IDN not being passed
+ from Makefile.vc to MakefileBuild.vc
+ Fixed whitespace and formatting issues
+ Fixed typo and format in help message
+
+Guenter Knauf (9 Jun 2012)
+- Added metalink support to NetWare builds.
+
+Steve Holme (9 Jun 2012)
+- smtp.c: Removed unused variable
+
+- smtp: Post apop feature code tidy up
+
+- pop3: Post apop feature code tidy up
+
+- pop3: Added support for apop authentication
+
+- pop3: Enhanced the extended authentication mechanism detection
+
+ Enhanced the authentication type / mechanism detection in preparation
+ for the introduction of APOP support.
+
+- pop3.c: Fixed length of SASL check
+
+Yang Tse (9 Jun 2012)
+- Fixes allowing 26 more test cases in 1334 to 1393 range to succeed
+
+- tests: fix test definitions # 1370 and 1371
+
+ -J without -O shall not honor C-D filename
+
+Daniel Stenberg (9 Jun 2012)
+- OpenSSL: support longer certificate subject names
+
+ Previously it would use a 256 byte buffer and thus cut off very long
+ subject names. The limit is now upped to the receive buffer size, 16K.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3533045
+ Reported by: Anthony G. Basile
+
+Kamil Dudka (8 Jun 2012)
+- ssl: fix duplicated SSL handshake with multi interface and proxy
+
+ Bug: https://bugzilla.redhat.com/788526
+ Reported by: Enrico Scholz
+
+Daniel Stenberg (8 Jun 2012)
+- tool_getparam.h: fix compiler error
+
+ forward declare the Configurable struct
+
+- metalink: restore some includes
+
+ Commit eeeba1496cbca removed them and thus broke my Linux build
+
+- openldap: OOM fixes
+
+ when calloc fails, return error! (Detected by Fortify)
+
+ Reported by: Robert B. Harris
+
+Steve Holme (8 Jun 2012)
+- sasl: Re-factored mechanism constants in preparation for APOP work
+
+Yang Tse (8 Jun 2012)
+- metalink: build fixes and adjustments II
+
+ Additionally, make hash checking ability mandatory in order to allow metalink
+ support in curl.
+
+ A command line option could be introduced to skip hash checking at runtime,
+ but the ability to check hashes should always be built-in when providing
+ metalink support.
+
+Guenter Knauf (8 Jun 2012)
+- Added metalink support to MinGW builds.
+
+Daniel Stenberg (7 Jun 2012)
+- log2changes.pl: fix the Version output
+
+ Previously it could easily wrongly get repeated
+
+Yang Tse (7 Jun 2012)
+- metalink: build fixes and adjustments I
+
+Daniel Stenberg (7 Jun 2012)
+- lib554.c: use curl_formadd() properly
+
+ The length/size options take longs so make sure to pass on such types.
+
+ Reported by: Neil Bowers
+ Bug: http://curl.haxx.se/mail/lib-2012-06/0001.html
+
+Steve Holme (7 Jun 2012)
+- smtp.c: Re-factored the smtp_state_*_resp() functions
+
+ Re-factored the smtp_state_*_resp() functions to 1) Match the constants
+ that were refactored in commit 00fddba6727c, 2) To be more readable and
+ 3) To match their counterparties in pop3.c.
+
+Yang Tse (7 Jun 2012)
+- Fixes allowing HTTP test cases 1338, 1339, 1368 and 1369 to succeed
+
+- tests 1364 to 1393: several -o filename -J -i -D combinations for HTTP and FTP
+
+- tests 1348 to 1363: test definition polishing
+
+ Verify that the "Saved to filename 'blabla'" message is only displayed when
+ the 'blabla' filename being used _actually_ has been specified by the server
+ in the Content-Disposition header.
+
+ Use relative path for unintended file creation postcheck.
+
+Steve Holme (6 Jun 2012)
+- smtp: Re-factored the SMTP_AUTH* state machine constants
+
+ Re-factored the SMTP_AUTH* constants, that are used by the state
+ machine, to be clearer to read.
+
+Guenter Knauf (6 Jun 2012)
+- Added hint for pkg-config wrapper script.
+
+- Updated Android section with recent NDK.
+
+ The r7b had some bugs, and shouldnt be used.
+
+Yang Tse (6 Jun 2012)
+- Disable non-HTTP header related tests
+
+ These now detect incompleate header data and fail
+
+- tests 1348 to 1363: compleate header data part of test definition
+
+- tests 1334 to 1363 revisited.
+
+ Add a postcheck section to verify unintended file creation.
+
+ Remove needless <file> checks in verify section. Renumbering where appropriate.
+
+- tests: adjust file part behavior in test verify section.
+
+ When a <file> part is now specified with no contents at all, this
+ will actually verify that the specified file has no contents at all.
+ Previously file contents would be ignored.
+
+Steve Holme (5 Jun 2012)
+- smtp.c: Removed whitespace
+
+- pop3: Another small code tidy up
+
+ Missed some comments that we identified during the SMTP tidy up earlier.
+
+- smtp: Post authentication code tidy up
+
+ Corrected lines longer than 78 characters.
+
+ Removed unnecessary braces in smtp_state_helo_resp().
+
+ Introduced some comments in data sending functions.
+
+ Tidied up comments to match changes made in pop3.c.
+
+Yang Tse (5 Jun 2012)
+- tests 1348 to 1363: add a comma in test description
+
+Steve Holme (5 Jun 2012)
+- email: Removed duplicated header file
+
+- sasl: Renamed Curl_sasl_decode_ntlm_type2_message()
+
+ For consistency with other SASL based functions renamed this function
+ to Curl_sasl_create_ntlm_type3_message() which better describes its
+ usage.
+
+- pop3: Post authentication code tidy up
+
+ Corrected lines longer than 78 characters.
+
+ Changed POP3_AUTH_FINAL to POP3_AUTH to match SMTP code now that the
+ AUTH command is no longer sent on its own.
+
+ Introduced some comments in data sending functions.
+
+ Another attempt at trying to rational code and comment style.
+
+- pop3: Added support for sasl digest-md5 authentication
+
+Yang Tse (4 Jun 2012)
+- sasl: add reference for curl_sasl
+
+- Makefile.inc: tab adjustment
+
+Daniel Stenberg (4 Jun 2012)
+- pop3 tests: CAPA instead of AUTH
+
+ After Steve's commit e336bc7c42c7340 test 1319 and 1407 need to check
+ for CAPA instead of AUTH.
+
+Steve Holme (4 Jun 2012)
+- sasl: Added service parameter to Curl_sasl_create_digest_md5_message()
+
+ Added a service type parameter to Curl_sasl_create_digest_md5_message()
+ to allow the function to be used by different services rather than being
+ hard coded to "smtp".
+
+Yang Tse (4 Jun 2012)
+- tests 1356 to 1363: several -O -J -i -D combinations with FTP protocol
+
+ Currently 1356 to 1362 succeed but a write failure is logged in traceNNNN.
+
+ Currently 1363 fails, so disabled for now.
+
+Steve Holme (4 Jun 2012)
+- tests: Updated pop3 tests for change in auth mechanism detection
+
+- pop3: Changed the sasl mechanism detection from auth to capa
+
+ Not all SASL enabled POP3 servers support the AUTH command on its own
+ when trying to detect the supported mechanisms. As such changed the
+ mechanism detection to use the CAPA command instead.
+
+Daniel Stenberg (4 Jun 2012)
+- curl_easy_setopt.3: proto updates + cleanups
+
+ - For all *FUNCTION options, they now all show the complete prototype in
+ the description. Previously some of them would just refer to a
+ typedef'ed function pointer in the curl.h header.
+
+ - I made the phrasing of that "Pass a pointer to a function that matches
+ the following prototype" the same for all *FUNCTION option descriptions.
+
+ - I removed some uses of 'should'. I think I sometimes over-use this
+ word as in many places I actually mean MUST or otherwise more specific
+ and not-so-optional synonyms.
+
+Yang Tse (4 Jun 2012)
+- tests 1348 to 1355: several -O -J -i -D combinations with FTP protocol
+
+ Currently 1348 to 1354 succeed but a write failure is logged in traceNNNN.
+
+ Currently 1355 fails, so disabled for now.
+
+- tests 1346 to 1347: several -O -J -i -D combinations with HTTP protocol
+
+Steve Holme (4 Jun 2012)
+- sasl: Small code tidy up
+
+ Reworked variable names in Curl_sasl_create_cram_md5_message() to match
+ those in Curl_sasl_create_digest_md5_message() as they are more
+ appropriate.
+
+- sasl: Moved digest-md5 authentication message creation from smtp.c
+
+ Moved the digest-md5 message creation from smtp.c into the sasl module
+ to allow for use by other modules such as pop3.
+
+- sasl: Small code tidy up before moving digest-md5 over
+
+ Correction of comments and variable names.
+
+- RELEASE-NOTES: Added missing addition of sasl login support
+
+- pop3: Added support for sasl cram-md5 authentication
+
+Daniel Stenberg (3 Jun 2012)
+- Curl_sasl_create_plain_message: remove TAB
+
+Steve Holme (3 Jun 2012)
+- sasl: Small code tidy up
+
+ Added some comments and removed an unreferenced variable.
+
+- pop3.c: Added conditional compilation for NTLM function calls
+
+ Added USE_NTLM condition compilation around the NTLM functions called
+ from pop3_statemach_act() introduced in commit 69f7156ad96877.
+
+- sasl: Moved cram-md5 authentication message creation from smtp.c
+
+ Moved the cram-md5 message creation from smtp.c into the sasl module
+ to allow for use by other modules such as pop3.
+
+- pop3: Fixed an issue with changes introduced in commit c267c53017bc
+
+ Because pop3_endofresp() is called for each line of data yet is not
+ passed the line and line length, so we have to use the data pointed to
+ by pp->linestart_resp which contains the whole packet, the mechanisms
+ were being detected in one call yet the function would be called for
+ each line of data.
+
+ Using curl with verbose mode enabled would show that one line of data
+ would be received in response to the AUTH command, before the AUTH
+ <mechanism> command was sent to the server and then the next few lines
+ of the original AUTH command would be displayed before the response from
+ the AUTH <mechanism> command. This would then cause problems when
+ parsing the CRAM-MD5 challenge data as extra data was contained in the
+ buffer.
+
+ Changed the parsing so that each line is checked for the mechanisms
+ and the function returns FALSE until the whole of the AUTH response has
+ been processed.
+
+Daniel Stenberg (3 Jun 2012)
+- version: bump to 7.27.0 for next release
+
+ Due to new features
+
+- RELEASE-NOTES: synced with c4e3578e4bf
+
+ Also bumped the contributor number and next release is to become 7.27.0
+
+- THANKS: 16 new contributors from the 7.26.0 release
+
+Steve Holme (3 Jun 2012)
+- DOCS: Fixed list in Section 18.2 not displaying correctly on web site
+
+- DOCS: Corrected missed heading renumbering from commit 530675a1ad7
+
+- DOCS: Added IMAP and LDAP sections
+
+ Added new sections 11. IMAP and 12. LDAP to document adding SASL based
+ authentication.
+
+ Renumbered current sections 11 to 17 as 13 to 19.
+
+ Additionally added 19.10 Add CURLOPT_MAIL_CLIENT option.
+
+- sasl.c: Fix to avoid warnings introduced in commit d9ca9e9869e8
+
+ Applied a fix to avoid warnings on systems where Curl_ntlm_sspi_cleanup()
+ is just a nop.
+
+- pop3.c:Corrected typo in commit 69ba0da8272d
+
+- pop3: Fixed the issue of having to supply the user name for all requests
+
+ Previously it wasn't possible to connect to POP3 and not specify the
+ user name as a CURLE_ACCESS_DENIED error would be returned. This error
+ occurred because USER would be sent to the server with a blank user name
+ if no mailbox user was specified as the server would reply with -ERR.
+
+ This wasn't a problem prior to the 7.26.0 release but with the
+ introduction of custom commands the user and/or application developer
+ might want to issue a CAPA command without having to log in as a
+ specific mailbox user.
+
+ Additionally this fix won't send the newly introduced AUTH command if no
+ user name is specified.
+
+- pop3.c: Small code tidy up
+
+ Corrected lines exceeding 78 characters.
+
+ Repositioned some comments and added extra clarity.
+
+- sasl: Corrected variable names in comments and parameters
+
+- pop3: Added support for sasl ntlm authentication
+
+- sasl: Small comment style tidy up following ntlm commit
+
+- sasl: Moved ntlm authentication message handling from smtp.c
+
+ Moved the ntlm message creation and decoding from smtp.c into the sasl
+ module to allow for use by other modules such as pop3.
+
+- pop3: Added support for sasl login authentication
+
+Yang Tse (1 Jun 2012)
+- tests 1334 to 1345: several -O -J -i -D combinations with HTTP protocol
+
+- tests: support test definitions with up to 5 file checks in <verify> section
+
+ This is done introducing tags <file1> to <file4> besides existing <file> one,
+ as well as corresponding <stripfile1> to <stripfile4> ones, that can be used
+ in the <verify> section in the same way as the non-numbered ones.
+
+Steve Holme (31 May 2012)
+- sasl: Moved login authentication message creation from smtp.c
+
+ Moved the login message creation from smtp.c into the sasl module
+ to allow for use by other modules such as pop3.
+
+- smtp.c: Reworked message encoding in smtp_state_authpasswd_resp()
+
+ Rather than encoding the password message itself the
+ smtp_state_authpasswd_resp() function now delegates the work to the same
+ function that smtp_state_authlogin_resp() and smtp_authenticate() use
+ when constructing the encoded user name.
+
+- smtp.c: Re-factored smtp_auth_login_user() for use with passwords
+
+ In preparation for moving to the SASL module re-factored the
+ smtp_auth_login_user() function to smtp_auth_login() so that it can be
+ used for both user names and passwords as sending both of these under
+ the login authentication mechanism is the same.
+
+- pop3: Added support for sasl plain text authentication
+
+- curl_ntlm_msgs.c: Corrected small spelling mistake in comments
+
+- sasl: Moved plain text authentication message creation from smtp.c
+
+ Moved the plain text message creation from smtp.c into the sasl module
+ to allow for use by other modules such as pop3.
+
+Yang Tse (30 May 2012)
+- configure: fix LDAPS disabling related misplaced closing parenthesis
+
+- pop3 test server: allow pop3 test server verification to succeed again
+
+ Introduce SUPPORTCAPA and SUPPORTAUTH config commands to allow further
+ pop3 test server expansion for tests that require CAPA or AUTH support,
+ although this will need some extra work to make it fully functional.
+
+Steve Holme (28 May 2012)
+- pop3: Introduced the continue response in pop3_endofresp()
+
+- pop3: Changed response code from O and E to + and -
+
+ The POP3 protocol doesn't really have the concept of error codes and
+ uses +, +OK and -ERR in response to commands to indicate continue,
+ success and error.
+
+ The AUTH command is one of those commands that requires multiple pieces
+ of data to be sent to the server where the server will respond with + as
+ part of the handshaking. This meant changing the values before
+ continuing with the next stage of adding authentication support.
+
+- pop3: Small code tidy up following authentication work so far
+
+ Changed the order of the state machine to match the order of actual
+ events.
+
+ Reworked some comments and function parameter positioning that I missed
+ the other day.
+
+Kamil Dudka (28 May 2012)
+- nss: use human-readable error messages provided by NSS
+
+ Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html
+
+Daniel Stenberg (27 May 2012)
+- test1013.pl: filter out Metalink
+
+ Since it isn't a feature supported by curl-config we can't compare that
+ with the --version output
+
+- pop3: remove variable-not-used warnings
+
+Steve Holme (27 May 2012)
+- DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH
+
+ Additionally corrected another RFC link that I missed yesterday.
+
+- pop3: Added support for SASL based authentication mechanism detection
+
+ Added support for detecting the supported SASL authentication mechanisms
+ via the AUTH command. There are two ways of detecting them, either by
+ using the AUTH command, that will return -ERR if not supported or by
+ using the CAPA command which will return SASL and the list of mechanisms
+ if supported, not include SASL if SASL authentication is not supported
+ or -ERR if the CAPA command is not supported. As such it seems simpler
+ to use the AUTH command and fallback to normal clear text authentication
+ if the the command is not supported.
+
+ Additionally updated the test cases to return -ERR when the AUTH command
+ is encountered. Additional test cases will be added when support for the
+ individual authentication mechanisms is added.
+
+Daniel Stenberg (27 May 2012)
+- pop3: remove trailing whitespace
+
+Steve Holme (27 May 2012)
+- pop3: Code tidy up before the introduction of authentication code
+
+ Moved EOB definition into header file.
+
+ Switched the logic around in pop3_endofresp() to allow for the
+ introduction of auth-mechanism detection.
+
+ Repositioned second and third function variables where they will fit
+ within the 78 character line limit.
+
+ Tidied up some comments.
+
+Guenter Knauf (27 May 2012)
+- Enabled OpenSSL static linkage.
+
+- Enabled OpenSSL static linkage.
+
+- Try to detect OpenSSL build type automatically.
+
+Daniel Stenberg (26 May 2012)
+- metalink: fix build errors when disabled
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Reduced #ifdef HAVE_METALINK
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Disable hash check if neither OpenSSL nor GNUTLS is installed.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Format GETOUT_METALINK nicely
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Minimize usage of structs from libmetalink
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Check checksum of downloaded file if checksum is available
+
+ Metalink file contains several hash types of checksums, such as
+ md5, sha-1, sha-256, etc. To deal with these checksums, I created
+ abstraction layer based on lib/curl_md5.h and
+ lib/md5.c. Basically, they are almost the same but I changed the
+ code so that it is not hash type dependent. Currently,
+ GNUTLS(nettle or gcrypt) and OpenSSL functions are supported.
+
+ Checksum checking is done by reopening download file. If there
+ is an I/O error, the current implementation just prints error
+ message and does not try next resource.
+
+ In this patch, the supported hash types are: md5, sha-1 and sha-256.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Always create directory hierarchy for Metalink.
+
+ Filenames contained in Metalink file can include directory information.
+ Filenames are unique in Metalink file, taking into account the directory
+ information. So we need to create the directory hierarchy.
+
+ Curl has --create-dirs option, but we create directory hierarchy for
+ Metalink downloads regardless of the option value.
+
+ This patch also put metalink int variable outside of HAVE_LIBMETALINK
+ guard. This reduces the number of #ifdefs.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Fixed segmentation fault when Metalink has no valid file or no resource.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Support media-type parameter in Content-Type
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Print "Metalink" in Features if Metalink support is enabled.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Removed trailing space
+
+- [ant brought this change]
+
+ Add --metalink to --help
+
+- [ant brought this change]
+
+ Add Metalink information and --metalink option to man page
+
+- [ant brought this change]
+
+ Add Metalink information and --metalink option to man page
+
+- [ant brought this change]
+
+ Adds Metalink information to INSTALL
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ --metalink option is available regardless of Metalink support.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ metalink: parse downloaded Metalink file
+
+ Parse downloaded Metalink file and add downloads described there. Fixed
+ compile error without metalink support.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Fixed HAVE_LIBMETALINK conditional is always true
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ metalink: minor metalinkfile fix
+
+ Don't update config->metalinkfile_last in operate(). Use local variable
+ to point to the current metalinkfile.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ metalink: show help message even if disabled
+
+ Print message if --metalink is used while metalink support is not
+ enabled. Migrated Metalink support in tool_operate.c and removed
+ operatemetalink().
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Applied patches from Daniel
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Support Metalink.
+
+ This change adds experimental Metalink support to curl.
+ To enable Metalink support, run configure with --with-libmetalink.
+ To feed Metalink file to curl, use --metalink option like this:
+
+ $ curl -O --metalink foo.metalink
+
+ We use libmetalink to parse Metalink files.
+
+Steve Holme (26 May 2012)
+- DOCS: Fixed line spacing of authentication examples in CURLOPT_URL
+
+- DOCS: Changed domain names in various examples to example.com
+
+ Updated various references of real domain names to example.com as per
+ RFC-2606.
+
+- DOCS: Fixed meaning of bit 2 in CURLOPT_POSTREDIR
+
+ Setting bit 2 for this value was documented as having a constant value
+ defined as CURL_REDIR_POST_303 yet referenced a 302 request.
+
+ Additionally corrected the meaning of CURL_REDIR_POST_ALL for all three
+ bits and fixed problems with the bolding of keywords in this section.
+
+- DOCS: Standardised how RFCs are referenced.
+
+ Standardised how RFCs are referenced so that the website may autolink to
+ the correct documentation on ietf.org. Additionally removed the one link
+ to RFC3986 on curl.haxx.se.
+
+Yang Tse (26 May 2012)
+- Fix libcurl.pc and curl-config generation for static MingW* cross builds
+
+Daniel Stenberg (25 May 2012)
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Made -D option work with -O and -J.
+
+ To achieve this, first new structure HeaderData is defined to hold
+ necessary data to perform header-related work. Then tool_header_cb now
+ receives HeaderData pointer as userdata. All header-related work
+ (currently, dumping header and Content-Disposition inspection) are done
+ in this callback function. HeaderData.outs->config is used to determine
+ whether each work is done.
+
+ Unit tests were also updated because after this change, curl code always
+ sets CURLOPT_HEADERFUNCTION and CURLOPT_HEADERDATA.
+
+ Tested with -O -J -D, -O -J -i and -O -J -D -i and all worked fine.
+
+Steve Holme (25 May 2012)
+- sasl: Re-factored auth-mechanism constants to be more generic
+
+- smtp: Moved auth-mechanism constants into a separate header file
+
+ Move the SMTP_AUTH constants into a separate header file in
+ preparation for adding SASL based authentication to POP3 as the two
+ protocols will need to share them.
+
+Kamil Dudka (25 May 2012)
+- nss: avoid using explicit casts of code pointers
+
+Steve Holme (24 May 2012)
+- DOCS: Added LDAP to the CURLOPT_URL section
+
+- TODO: Removed DIGEST-MD5 authentication from SMTP to do list
+
+ Removed DIGEST-MD5 from Section 9.1 Other authentication mechanisms as
+ the feature was added to SMTP in 7.26.0.
+
+ Also corrected small spelling mistake.
+
+Daniel Stenberg (24 May 2012)
+- bump to 7.26.1: start working towards next release
+
+Version 7.26.0 (24 May 2012)
+
+Daniel Stenberg (24 May 2012)
+- RELEASE-NOTES: synced with ef60fdbd73
+
+ Just before 7.26.0 is about to ship
+
+Steve Holme (22 May 2012)
+- smtp: Fixed an issue with the multi-interface always sending postdata
+
+ Due to the result code being reset to CURLE_OK when smtp_dophase_done()
+ was called, postdata would incorrectly be sent to the server when the
+ MAIL FROM or RCPT command was rejected.
+
+ As such, libcurl would return the wrong result code from performing the
+ operation and additionally set CURLINFO_RESPONSE_CODE to be that
+ returned by the postdata command.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-05/0108.html
+ Reported by: Gokhan Sengun
+
+- DOCS: Updated version number for features added in the pending release
+
+Daniel Stenberg (22 May 2012)
+- [Tatsuhiro Tsujikawa brought this change]
+
+ Fixed compile error with GNUTLS+NETTLE
+
+ In nettle/md5.h, md5_init and md5_update are defined as macros to
+ nettle_md5_init and nettle_md5_update respectively. This causes
+ error when using MD5_params.md5_init and md5_update. This patch
+ renames these members as md5_init_func and md5_update_func to
+ avoid name conflict. For completeness, MD5_params.md5_final was
+ also renamed as md5_final_func.
+
+ The changes in curl_ntlm_core.c is conversion error and fixed by
+ casting to proper type.
+
+- TODO-RELEASE: mention the pending biggies for 7.27.0
+
+- [Jan Ehrhardt brought this change]
+
+ winbuild: fix IPv6 enabled build
+
+ The existing check was wrong so IPv6 support would never be enabled
+
+- 7.26.0: will be the next release version
+
+- RELEASE-NOTES: synced with 8ae1e657e82a
+
+ And mention that this will become 7.26.0
+
+Guenter Knauf (22 May 2012)
+- Updated dependency libary versions.
+
+Daniel Stenberg (20 May 2012)
+- curl-config.1: fix curl-config usage in example
+
+ The curl-config command must be used twice in the single command line to
+ work properly in some environments.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3528241
+ Reported by: Julian Taylor
+
+Steve Holme (17 May 2012)
+- smtp: Fixed non-escaping of dot character at beginning of line
+
+ A dot character at the beginning of a line would not be escaped to a
+ double dot as required by RFC-2821, instead it would be deleted by the
+ mail server. Please see section 4.5.2 of the RFC for more information.
+
+ Note: This fix also simplifies the detection of repeated CRLF.CRLF
+ combinations, such as CRLF.CRLF.CRLF, a little rather than having to
+ advance the eob counter to 2.
+
+Daniel Stenberg (16 May 2012)
+- FAQ: updated 1.10 How many are using curl?
+
+ Now linking to http://daniel.haxx.se/blog/2012/05/16/300m-users/
+
+- disable-versioned-symbols: removed superfluous 'fi'
+
+ The commit e315927a1a left this in
+
+- MakefileBuild.vc: use the correct IDN variable
+
+ The variable that control IDN enablement is called USE_IDN within these
+ Makefiles
+
+- [Pierre Chapuis brought this change]
+
+ autoconf: improve handling of versioned symbols
+
+ It checks whether versioned symbols should be enabled before checking
+ whether it is possible (i.e. the linker supports --version-script) or
+ not. This avoids a useless warning when building cURL on a platform that
+ does not use GNU ld.
+
+ Moreover, it fixes broken indentation of this chunk of code.
+
+- curl.1: clarify -x usage
+
+ 1 - fix the syntax in the .IP line
+
+ 2 - Provided user names and passwords are URL decoded by libcurl
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3525935
+
+- NTLM: is supported in GnuTLS builds too
+
+ ... since commit 9a4c887c4a7 introduced in libcurl 7.19.4
+
+- TODO: happy eyeballs is now RFC6555
+
+- my_useragent: shorten user-agent
+
+ The built-in user-agent will now only say curl/[version] and nothing
+ else in an attempt to decrease overhead in HTTP requests.
+
+- CURLOPT_HEADERFUNCTION: works for non-HTTP protocols too
+
+Claes Jakobsson (3 May 2012)
+- Add note about default timeout in CURLOPT_TIMEOUT
+
+Daniel Stenberg (2 May 2012)
+- [Gokhan Sengun brought this change]
+
+ MD5: OOM fix
+
+ check whether md5 initialization succeeded before updating digest of
+ buffers onto it
+
+- REALEASE-NOTES: synced with 64f48e884e3c1
+
+- [Jan Schaumann brought this change]
+
+ add newly created manual page
+
+- [Jan Schaumann brought this change]
+
+ add a manual page for mk-ca-bundle
+
+Guenter Knauf (26 Apr 2012)
+- Updated dependency lib versions.
+
+Daniel Stenberg (23 Apr 2012)
+- URL parse: reject numerical IPv6 addresses outside brackets
+
+ Roman Mamedov spotted (in
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670126) that curl would
+ not complain when given a URL with an IPv6 numerical address without
+ brackets. It would simply cut off the last ":[hex]" part and thus not
+ work correctly.
+
+ That's a URL using an illegal syntax and now libcurl will instead return
+ a clear error code and error message detailing the error.
+
+ The above mentioned bug report claims this to be a regression but
+ libcurl does not guarantee functionality when given URLs that aren't
+ following the URL spec (RFC3986 mostly). I consider the fact that it
+ used to handle this differently a mere coincidence.
+
+- Curl_MD5_init: fix OOM memory leak
+
+ Bug: http://curl.haxx.se/mail/lib-2012-04/0246.html
+ Reported by: Michael Mueller
+
+- [Gokhan Sengun brought this change]
+
+ OpenSSL cert: provide more details when cert check fails
+
+ curl needs to be more chatty regarding certificate verification failure
+ during SSL handshake
+
+Yang Tse (23 Apr 2012)
+- Revert "sspi: Added version information"
+
+ This reverts commit 2976de480808119dae08fc6f52c8d75ba1aedb1a.
+
+- Revert "sspi - Small code tidy up"
+
+ This reverts commit 46cd5f1daddad3b3e542e6d93eee52e8bb9a8687.
+
+- Revert "Fixed 'extra tokens at end of #endif directive'."
+
+ This reverts commit 77172a242fc0c820f97eae39d0e3e0f265222fe6.
+
+- Revert "Fixed 'Trailing whitespace' found by checksrc."
+
+ This reverts commit 683bfa60ad0b52505947e59b03515e5f44378523.
+
+- Revert "sspi: Code tidy up to remove unused variable."
+
+ This reverts commit 412510f97407d617426d93b80e6b6bf0a8ff11ac.
+
+- Revert "Add -lversion if build with SSPI."
+
+ This reverts commit 9ec0b7e0c44d29eca6f45916fe5af3501168fe85.
+
+Guenter Knauf (23 Apr 2012)
+- Add -lversion if build with SSPI.
+
+Steve Holme (22 Apr 2012)
+- sspi: Code tidy up to remove unused variable.
+
+Guenter Knauf (22 Apr 2012)
+- Fixed 'Trailing whitespace' found by checksrc.
+
+- Fixed 'extra tokens at end of #endif directive'.
+
+Steve Holme (22 Apr 2012)
+- sspi - Small code tidy up
+
+- sspi: Added version information
+
+ Added version information for Windows SSPI to curl's main version
+ string and removed SSPI from the features string.
+
+Daniel Stenberg (20 Apr 2012)
+- HTTP: empty chunked POST ended up in two zero size chunks
+
+ When doing a chunked-encoded POST with -d (CURLOPT_POSTFIELDS) and the
+ size of the POST was zero length, it made libcurl first send a zero
+ chunk and then the terminating one. This could confuse a receiver and it
+ should rather just send the terminating chunk as it does with this fix.
+
+ Test case 1333 is added to verify.
+
+ Bug: http://curl.haxx.se/mail/archive-2012-04/0060.html
+ Reported by: Arnaud Compan
+
+Guenter Knauf (20 Apr 2012)
+- Updated dependency lib versions.
+
+Daniel Stenberg (19 Apr 2012)
+- singleipconnect: return OK even when Curl_socket() fails
+
+ Commit 9109cdec11ee5a brought this regression (shipped since 7.24.0).
+
+ The singleipconnect() function must not return an error if Curl_socket()
+ returns an error. It should then simply return OK and pass a SOCKET_BAD
+ back simply because that is how the user of this function expects it to
+ work and something else is not fine.
+
+ Reported by: Blaise Potard
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3516508
+
+Yang Tse (19 Apr 2012)
+- Take in account that CURLAUTH_* bitmasks are now 'unsigned long' - follow-up
+
+ MIPSPro compiler detected curl_easy_getinfo() related missing adjustments.
+ SunPro compiler detected curl tool --libcurl option related missing adjustments.
+
+- url.c: CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH fixes
+
+ Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported.
+
+ Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE.
+
+- Take in account that CURLAUTH_* bitmasks are now 'unsigned long'
+
+ Data type of internal vars holding CURLAUTH_* bitmasks changed from 'long' to
+ 'unsigned long' for proper handling and operating.
+
+- curl.h: CURLAUTH_* bitmasks adjusted to become 'unsigned long' typed
+
+ Info: http://curl.haxx.se/mail/lib-2012-04/0170.html
+
+- Some explicit conversion to 'long' of curl_easy_setopt() third argument
+
+ Explicit conversion to 'long' of curl_easy_setopt() third argument for options
+ CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH given that this is how its bitmasks are
+ docummented to be used.
+
+- build adjustments: commit 9e24b9c7 follow-up
+
+Daniel Stenberg (17 Apr 2012)
+- -# progress meter: avoid superfluous updates and duplicate lines
+
+ By comparing if a different "progress point" is reached or not since the
+ previous update, the progress function callback for this now avoids many
+ superfluous screen updates. This has the nice side-effect that it fixes
+ a problem that causes a second progress meter line.
+
+ The second line output happened because when we use the -# progress
+ meter, we force a newline output after the transfer in the main loop in
+ curl, but when libcurl calls the progress callback from
+ curl_easy_cleanup() it would then output the progress display
+ again. Possibly the naive newline output is wrong but this optimization
+ was suitable anyway...
+
+ Reported by: Daniel Theron
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3517418
+
+Yang Tse (16 Apr 2012)
+- nss.c: fix compiler warning
+
+- curl-compilers.m4: -Wno-pedantic-ms-format for Windows gcc 4.5 builds
+
+ When building a Windows target with gcc 4.5 or newer and strict compiler
+ warnings enabled use -Wno-pedantic-ms-format in addition to other flags.
+
+Kamil Dudka (16 Apr 2012)
+- tests/valgrind.pm: suppress memleaks of NSS_InitContext()
+
+ Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=745224
+
+Yang Tse (14 Apr 2012)
+- setup_once.h: tighten requirements for stdbool.h header inclusion
+
+ Include stdbool.h only when it is available and configure is capable of
+ detecting a proper 'bool' data type when the header is included.
+
+ Compilation fix for old or unpatched versions of XL C compiler.
+
+ Report: http://curl.haxx.se/mail/archive-2012-04/0022.html
+
+- headers: require GCC 2.7 or newer in order to allow attribute GCC'isms usage
+
+ Usage in other code paths already protected and requiring even newer versions.
+
+- [Jonathan Nieder brought this change]
+
+ headers: surround GCC attribute names with double underscores
+
+ This protects from attribute names being defined by third party's code.
+
+ Improvement: http://curl.haxx.se/mail/lib-2012-04/0127.html
+
+Guenter Knauf (13 Apr 2012)
+- Updated copyright year.
+
+Yang Tse (13 Apr 2012)
+- testcurl.pl: build example programs for Android cross-compiles
+
+- nss.c: fix compiler warning
+
+- examples: fix compiler warnings
+
+Kamil Dudka (13 Apr 2012)
+- nss: provide human-readable names for NSS errors
+
+- nss: use NSS_InitContext() to initialize NSS if available
+
+ NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
+ collisions on NSS initialization/shutdown with other libraries.
+
+ Bug: https://bugzilla.redhat.com/738456
+
+- nss: unconditionally require PK11_CreateGenericObject()
+
+ This bumps the minimal supported version of NSS to 3.12.x.
+
+Guenter Knauf (13 Apr 2012)
+- Set batch mode to 755 to make Cygwin git pulls work.
+
+- Added section for Android configure cross-compile.
+
+- Added NetWare export.
+
+Yang Tse (12 Apr 2012)
+- testcurl.pl: build example programs for MinGW cross-compiles
+
+- tool_operate.c: fix compiler warning
+
+- url.c: fix compiler warning
+
+Guenter Knauf (12 Apr 2012)
+- Updated dependency lib versions (2nd try).
+
+- Updated dependency lib versions.
+
+Yang Tse (12 Apr 2012)
+- tool_formparse.c: rename a couple of vars to avoid declaration shadowing
+
+- OS400/initscript.sh: fix db2_name() module name generation
+
+ Allow repeatable file name length reduction on file names with underscore or
+ dash characters. This is done in order to better support libcurl's existing
+ source file names and allow OS/400 package to build out of the box again.
+
+- testcurl.pl: log more environment vars that modify configure and build behavior
+
+- configure: NATIVE_WINDOWS no longer defined in config files
+
+- build adjustments: CURL_HIDDEN_SYMBOLS no longer defined in config files
+
+ configure script now provides conditional definitions for Makefile.am
+ that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles
+ when appropriate.
+
+ Additionally, configure script option for symbol hiding control is now
+ named --enable-symbol-hiding --disable-symbol-hiding. While still valid,
+ old option name --enable-hidden-symbols --disable-hidden-symbols will
+ be deprecated in some future release.
+
+- build adjustments: functionally revert commits 4d3fb91f and bbfe1182
+
+ Undefining CURL_HIDDEN_SYMBOLS in source files isn't the proper fix.
+
+- test servers: build adjustment
+
+ Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might
+ leak from lib/setup.h into source files where this should not be defined.
+
+- libtests: build adjustment
+
+ Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might
+ leak from lib/setup.h into source files where this should not be defined.
+
+- curl tool: make setup.h first header included in tool_setup.h again
+
+- curl tool: use configuration files from lib directory - follow-up II
+
+ lib/config-win32.h no longer copied to src/config-win32.h
+
+- configure: Windows cross-compilation fixes
+
+ BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h,
+ configure will generate appropriate conditionals so that mentioned symbols
+ get defined and used in Makefiles at compilation time
+
+- curl tool: make curl.h first header included in tool_setup.h
+
+- curl tool: use configuration files from lib directory - follow-up I
+
+ amigaos.[ch] now integrates nicely with any libcurl build
+
+- curl tool: use configuration files from lib directory
+
+ Configuration files such as curl_config.h and all config-*.h no longer exist
+ nor are generated/copied into 'src' directory, now these only exist in 'lib'
+ directory from where curl tool sources uses them.
+
+ Additionally old src/setup.h has been refactored into src/tool_setup.h which
+ now pulls lib/setup.h
+
+ The possibility of a makefile needing an include path adjustment exists.
+
+Daniel Stenberg (6 Apr 2012)
+- PolarSSL: correct return code for CRL matches
+
+ When a server certificate matches one in the given CRL file, the code
+ now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
+
+- PolarSSL: include version number in version string
+
+ Previously it would say PolarSSL only, now it says PolarSSL/1.1.0 in the
+ same style other libs and components do.
+
+- test: added test 1332 that tests --post303
+
+- curl: add --post303 to set the CURL_REDIR_POST_303 option
+
+- [Andrei Cipu brought this change]
+
+ CURLOPT_POSTREDIR: also allow 303 to do POST on the redirected URL
+
+ As it turns out, some people do want that after all.
+
+- test1331: cookies on a 407 response
+
+ Verify that cookies are sent back even after a 407 response has been
+ received
+
+- [Dag Ekengren brought this change]
+
+ PolarSSL: add support for asynchronous connect
+
+- [Tim Heckman brought this change]
+
+ Revert "access the CA source file using HTTPS"
+
+ This reverts commit f7e2ab6.
+
+ This change caused fetching of the certificates to become unreliable.
+
+ Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
+ Reported by: Tim Heckman
+
+- [Andrei Cipu brought this change]
+
+ IPv6 cookie domain: get rid of the first bracket before the second.
+
+ Commit 97b66ebe was copying a smaller buffer, thus duplicating the last
+ character.
+
+- MAIL-ETIQUETTE: Added "How to unsubscribe"
+
+ ... as it seems to hard for some people
+
+Yang Tse (4 Apr 2012)
+- ftp.c: ftplistparser related OOM handling fix
+
+- smtp.c: fix compiler warnings
+
+- lib599.c: fix compiler warning
+
+Daniel Stenberg (4 Apr 2012)
+- runtests: yassl and polarssl are not openssl
+
+ Don't set the "has_openssl" variable if yassl or polarssl is found as
+ they will simply not work as 100% drop-in replacements for some of the
+ stuff the "OpenSSL" feature is used for.
+
+ I spotted this problem when doing test runs with PolarSSL builds.
+
+- [Lijo Antony brought this change]
+
+ connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
+
+ Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback
+ returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT
+ conveys incorrect information to the user.
+
+Steve Holme (2 Apr 2012)
+- pop3: Reworked the command sending and handling
+
+ Reworked the command sending from two specific LIST and RETR command
+ functions into a single command based function as well as the two
+ associated response handlers into a generic command handler.
+
+Daniel Stenberg (1 Apr 2012)
+- [Dave Reisner brought this change]
+
+ curl tool: add filename_effective token for --write-out
+
+ By modifying the parameter list for ourWriteOut() and passing the
+ OutStruct that collects data in tool_operate, we get access to the
+ remote name that we're writing to. Shell scripters should find this
+ useful when used in conjuntion with the --remote-header-name option.
+
+Steve Holme (1 Apr 2012)
+- smtp.c: Code policing and tidy up
+
+Daniel Stenberg (1 Apr 2012)
+- [Armel Asselin brought this change]
+
+ SSH: public key can now be an empty string
+
+ If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will
+ pass no public key to libssh2 which then tries to compute it from the
+ private key. This is known to work when libssh2 1.4.0+ is linked against
+ OpenSSL.
+
+- [Tatsuhiro Tsujikawa brought this change]
+
+ OpenSSL: Made cert hostname check conform to RFC 6125
+
+ This change replaces RFC 2818 based hostname check in OpenSSL build with
+ RFC 6125 [1] based one.
+
+ The hostname check in RFC 2818 is ambiguous and each project implements
+ it in the their own way and they are slightly different. I check curl,
+ gnutls, Firefox and Chrome and they are all different.
+
+ I don't think there is a bug in current implementation of hostname
+ check. But it is not as strict as the modern browsers do. Currently,
+ curl allows multiple wildcard character '*' and it matches '.'. (as
+ described in the comment in ssluse.c).
+
+ Firefox implementation is also based on RFC 2818 but it only allows at
+ most one wildcard character and it must be in the left-most label in the
+ pattern and the wildcard must not be followed by any character in the
+ label.[2] Chromium implementation is based on RFC 6125 as my patch does.
+ Firefox and Chromium both require wildcard in the left-most label in the
+ presented identifier.
+
+ This patch is more strict than the current implementation, so there may
+ be some cases where old curl works but new one does not. But at the same
+ time I think it is good practice to follow the modern browsers do and
+ follow the newer RFC.
+
+ [1] http://tools.ietf.org/html/rfc6125#section-6.4.3
+ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
+
+- HTTP: reset expected DL/UL sizes on redirects
+
+ With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the
+ download size was known (like with a Content-Length header), but the
+ subsequent URL (transfered after the 3xx page) was chunked encoded, then
+ the previous "known download size" would linger and cause the progress
+ meter to get incorrect information, ie the former value would remain
+ being sent in. This could easily result in downloads that were WAY
+ larger than "expected" and would cause >100% outputs with the curl
+ command line tool.
+
+ Test case 599 was created and it was used to repeat the bug and then
+ verify the fix.
+
+ Bug: http://curl.haxx.se/bug/view.cgi?id=3510057
+ Reported by: Michael Wallner
+
+Steve Holme (31 Mar 2012)
+- [Gökhan Şengün brought this change]
+
+ smtp: Add support for DIGEST-MD5 authentication
+
+- [Gökhan Şengün brought this change]
+
+ smtp: Cody tidy up of md5 digest length
+
+ Replaced the hard coded md5 digest length (16) with a preprocessor
+ constant
+
+- [Gökhan Şengün brought this change]
+
+ md5: Add support for calculating the md5 sum of buffers incrementally
+
+ It is now possible to calculate the md5 sum as the stream of buffers
+ becomes known where as previously it was only possible to calculate the
+ md5 sum of a pre-prepared buffer.
+
+Daniel Stenberg (31 Mar 2012)
+- Revert "mk-ca-bundle.pl: use LWP::UserAgent for https"
+
+ This reverts commit 9f0e1689f169b83b8fbdae23e0024cc57dcbc770.
+
+ It turned out that "improvement" instead made the fetching of the
+ certificates unreliable
+
+ Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
+ Reported by: Tim Heckman
+
+Steve Holme (31 Mar 2012)
+- DOCS: Added information regarding POP3 commands to CURLOPT_CUSTOMREQUEST
+
+- pop3: Added support for additional pop3 commands
+
+ This feature allows the user to specify and use additional POP3
+ commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or
+ curl's -X command line option.
+
+Yang Tse (30 Mar 2012)
+- [tetetest tetetest brought this change]
+
+ CMakeLists.txt: fix Windows LDAP/LDAPS option handling
+
+ bug: http://curl.haxx.se/mail/lib-2012-03/0278.html
+
+- [tetetest tetetest brought this change]
+
+ CMakeLists.txt: fix MS Visual Studio x64 unsigned long long literal suffix
+
+ bug: http://curl.haxx.se/mail/lib-2012-03/0255.html
+
+Steve Holme (28 Mar 2012)
+- TODO: Corrected POP3 section heading
+
+Yang Tse (28 Mar 2012)
+- curl-functions.m4: update detection logic of getaddrinfo() thread-safeness
+
+ Take in account that h_errno might be a modifiable lvalue not defined as
+ a C preprocessor macro
+
+Steve Holme (27 Mar 2012)
+- TODO: Added SMTP and POP3 specific features
+
+Yang Tse (27 Mar 2012)
+- [Olaf Flebbe brought this change]
+
+ tool_cb_dbg.c: fix tool_cb_dbg() to behave properly even for size 0
+
+ curl segfault in debug callback triggered with CURLINFO_HEADER_OUT and size 0
+
+ bug: http://curl.haxx.se/bug/view.cgi?id=3511794
+
+- test #1405: support HTTP disabled builds
+
+Steve Holme (26 Mar 2012)
+- test #809: Updated error code to match recent pop3 changes
+
+Yang Tse (25 Mar 2012)
+- ssh.c: code cleanup, Curl_safefree() already nullifies pointer
+
+- fix some compiler warnings
+
+Steve Holme (25 Mar 2012)
+- pop3.c: Corrected problem with state() introduced in 01690ed2bce5
+
+- pop.c: Small code tidy up
+
+- pop3: Removed the need for the single message LIST command handler
+
+ Simplified the code to remove the need for a separate "LIST <msg id>"
+ command handler and state machine and instead use the LIST command
+ handler for both operations.