diff options
Diffstat (limited to 'plugins/FTPFileYM/curl-7.29.0/CHANGES')
| -rw-r--r-- | plugins/FTPFileYM/curl-7.29.0/CHANGES | 5751 |
1 files changed, 0 insertions, 5751 deletions
diff --git a/plugins/FTPFileYM/curl-7.29.0/CHANGES b/plugins/FTPFileYM/curl-7.29.0/CHANGES deleted file mode 100644 index 08f0a8f60d..0000000000 --- a/plugins/FTPFileYM/curl-7.29.0/CHANGES +++ /dev/null @@ -1,5751 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - - Changelog - -Version 7.29.0 (6 Feb 2013) - -Daniel Stenberg (6 Feb 2013) -- vms: config-vms.h is removed, no use trying to distribute it - -- RELEASE-NOTES: mention the SASL buffer overflow - -- [Eldar Zaitov brought this change] - - Curl_sasl_create_digest_md5_message: fix buffer overflow - - When negotiating SASL DIGEST-MD5 authentication, the function - Curl_sasl_create_digest_md5_message() uses the data provided from the - server without doing the proper length checks and that data is then - appended to a local fixed-size buffer on the stack. - - This vulnerability can be exploited by someone who is in control of a - server that a libcurl based program is accessing with POP3, SMTP or - IMAP. For applications that accept user provided URLs, it is also - thinkable that a malicious user would feed an application with a URL to - a server hosting code targetting this flaw. - - Bug: http://curl.haxx.se/docs/adv_20130206.html - -Steve Holme (6 Feb 2013) -- FEATURES: Removed erroneous whitespace - - Removed whitespace introduced in commit 5f8f20f5e65b that caused - formatting issues when generating the website docs. - -Yang Tse (6 Feb 2013) -- setup-vms.h: post VMS patch cleanup - III - - - rename post-config-vms.h to setup-vms.h - - move its inclusion into proper location in curl_setup.h - -- vms_show: post VMS patch cleanup - II - - - remove multiple declarations of vms_show and add comments - -- tool_main.c: post VMS patch cleanup - I - - - remove header inclusion already done in curl_setup_once.h - -Steve Holme (6 Feb 2013) -- FEATURES: Added SSPI to list of NTLM libraries - -- FEATURES: Added Secure Transport and qssl to list of SSL libraries - -- FEATURES: Added email feature set - - Added SMTP, SMTPS, POP3, POP3S, IMAP and IMAPS features. - -- imap.h: Corrected incorrect comment clarification - - Corrected comment clarification made in commit 167717b8069a. - -- COPYING: Updated copyright year to include 2013 - -Daniel Stenberg (5 Feb 2013) -- RELEASE-NOTES: synced with 25f351424b3538 - - 8 more bug fixes mentioned - -- [John E. Malmberg brought this change] - - VMS: fix and generate the VMS build config - - config_h.com is a new file that generates a config.h file based on the - curl_config.h.in file and a quick scan of the configure script. This is - actually a generic procedure that is shared with other VMS packages. - - The existing pre-built config-vms.h had over 100 entries that were not - correct and in some cases conflicted with the build options available in - the build_vms.com. - - generate_config_vms_h_curl.com is a helper procedure to the - config_h.com. It covers the cases that the generic config_h.com is not - able to figure out, and accepts input from the build_vms.com procedure. - - build_curlbuild_h.com is a new file to generate the curlbuild.h file - that Curl is now using when it is using a curl_config.h file. - - post-config-vms.h is a new file that is needed to provide VMS specific - definitions, and most of them need to be set before the system header - files are included. - - The VMS build procedure is fixed: - - 1. Fixed to link in the correct HP ssl library. - 2. Fixed to detect if HP Kerberos is installed. - 3. Fixed to detect if HP LDAP is installed. - 4. Fixed to detect if gnv$libzshr is installed. - 5. Simplified the input parameter parsing to not use a loop. - 6. Warn that 64 bit pointer option support is not complete - in comments. - 7. Default to IEEE floating if platform supports it so - resulting libcurl will be compatible with other - open source projects on VMS. - 8. Default to LARGEFILE if platform supports it. - 9. Default to enable SSL, LDAP, Kerberos, libz - if the libraries are present. - 10. Build with exact case global symbols for libcurl. - 11. Generate linker option file needed. - 12. Compiler list option only commonly needed items. - 13. fulllist option for those who really want it. - 14. Create debug symbol file on Alpha, IA64. - -- Curl_proxyCONNECT: return once CONNECT is sent - - By doing this unconditionally, we infer a simpler and more defined - behavior. This also has the upside that test 1021 no longer fails for me - even if I run with valgrind. - - Also fixed some wrong comments. - -Steve Holme (5 Feb 2013) -- email: Reworked comments in the endofresp() functions - - Tidied up the comments in the endofresp() functions to be more - meaningful prior to release. - -Marc Hoersken (5 Feb 2013) -- schannel: Removed extended error connection setup flag - - According KB975858 this flag may cause problems on Windows 7 and - Windows Server 2008 R2 systems. Extended error information is not - currently used by libcurl and therefore not a requirement. - - The flag may improve the SSL-connection shutdown in case of an - error. This means it might be a good improvement in the future. - - Fixes bug/issue #1187 - thanks for the report - -Daniel Stenberg (5 Feb 2013) -- [Tor Arntsen brought this change] - - singleipconnect: Update *sockp for all CURLE_OK - - The 56b7c87c7 change left a case where a good sockfd was not copied to - *sockp before returning with CURLE_OK - -- curl_easy_perform: Value stored to 'mcode' is never read - - pointed out by clang-analyzer - -- singleipconnect: remove dead assignment - - pointed out by clang-analyzer - -Linus Nielsen Feltzing (5 Feb 2013) -- CURLMOPT_MAXCONNECTS: restore functionality - - When a connection is no longer used, it is kept in the cache. If the - cache is full, the oldest idle connection is closed. If no connection is - idle, the current one is closed instead. - -Steve Holme (5 Feb 2013) -- RELEASE-NOTES: Updated following recent changes to the email protocols - - Added recent additions and fixes following the changes to imap, pop3 - and smtp. Additionally added another contributor that helped to test - the imap sasl changes. - -- email: Provided extra comments following recent pop3/imap fixes - - Provided additional clarification about the logic of the authenticate() - functions following commit 6b6bdc83bd36 and b4270a9af1d0. - -Daniel Stenberg (5 Feb 2013) -- [Andrei Kurushin brought this change] - - winbuild: include version info for .dll .exe - - Bug: http://curl.haxx.se/bug/view.cgi?id=1186 - -- FAQ: clarify 5.13 How do I stop an ongoing transfer - - Rich Gray provided good feedback and we now clarify that you can in fact - stop a multi transfer at any point you like by removing the easy handle. - -- [Matt Arsenault brought this change] - - cmake: Fix mingw build - -- [Sergei Nikulov brought this change] - - cmake: updated OpenSSL build - -Steve Holme (4 Feb 2013) -- pop3.c: Updated variable names to use shorter / more readable variant - - Tidied up code from commit 6b6bdc83bdUpdated where a few instances of - the pop3c struct variable used the longer conndata struct rather than - matching what other code in pop3_authenticate() used. - -Guenter Knauf (4 Feb 2013) -- updated copyright years. - -- configure: update the copyright years for the output. - -Steve Holme (3 Feb 2013) -- imap: Fixed no known authentication mechanism when fallback is required - - Fixed an issue where (lib)curl is compiled without support for a - supported challenge-response based SASL authentication mechanism, such - as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN - mechanisms and (lib)curl doesn't fallback to Clear Text authentication. - - Note: In order to fallback to Clear Text authentication properly this - fix adds support for the LOGINDISABLED server capability. - imap: Fixed no known authentication mechanism when fallback is required - - Fixed an issue where (lib)curl is compiled without support for a - supported challenge-response based SASL authentication mechanism, such - as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN - mechanisms and (lib)curl doesn't fallback to Clear Text authentication. - - Note: In order to fallback to Clear Text authentication properly this - fix adds support for the LOGINDISABLED server capability. - - Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html - Reported by: Stanislav Ivochkin - -- pop3: Fixed no known authentication mechanism when fallback is required - - Fixed an issue where (lib)curl is compiled without support for a - supported challenge-response based SASL authentication mechanism, such - as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN - mechanisms and (lib)curl doesn't fallback to APOP or Clear Text - authentication. - - Bug: http://curl.haxx.se/mail/lib-2013-02/0004.html - Reported by: Stanislav Ivochkin - -Daniel Stenberg (1 Feb 2013) -- singleipconnect: simplify and clean up - - Remove timeout argument that's never used. - - Make the actual connection get detected on a single spot to reduce code - duplication. - - Store the IPv6 state already when the connection is attempted. - -- Curl_perfom: removed - - Curl_perfom is no longer used anywhere since the always-multi commit - c43127414d89ccb9, and some related functions were used only from within - Curl_perfom. - -Guenter Knauf (30 Jan 2013) -- Updated date. - -Yang Tse (30 Jan 2013) -- zz40-xc-ovr.m4: fix 'wc' detection - follow-up 2 - - - Fix a pair of single quotes to double quotes. - - URL: http://curl.haxx.se/mail/lib-2013-01/0355.html - Reported by: Tor Arntsen - -- zz40-xc-ovr.m4: fix 'wc' detection - follow-up - - - Take into account that 'wc' may return leading spaces and/or tabs. - - - Set initial IFS to space, tab and newline. - -- zz40-xc-ovr.m4: fix 'wc' detection - - - Take into account that 'wc' may return leading spaces. - - - Set internationalization behavior variables. - - Tor Arntsen analyzed and reported the issue. - - URL: http://curl.haxx.se/mail/lib-2013-01/0351.html - -- zz40-xc-ovr.m4: check another three basic utilities - -Guenter Knauf (29 Jan 2013) -- Fixed debug.c to work again unchanged. - - Added CURLOPT_FOLLOWLOCATION since example.com is now redirected. - -Daniel Stenberg (29 Jan 2013) -- [Nick Zitzmann brought this change] - - darwinssl: Fix bug where packets were sometimes transmitted twice - - There was a bug where, if SSLWrite() returned errSSLWouldBlock but did - succeed in transmitting at least something, then we'd incorrectly - resend the packet. Now we never take errSSLWouldBlock as a sign that - nothing was transferred to/from the server. - - Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html - Reported by: Bruno de Carvalho - -- [Nick Zitzmann brought this change] - - FAQ: "Darwinssl" is AKA "Secure Transport" and supports NTLM - -- RELEASE-NOTES: only list Nick once - - Even though he's a fine dude, once is enough for this time! - -Yang Tse (28 Jan 2013) -- zz40-xc-ovr.m4: 1.0 interface stabilization - - - Stabilization results in 4 public interface m4 macros: - XC_CONFIGURE_PREAMBLE - XC_CONFIGURE_PREAMBLE_VER_MAJOR - XC_CONFIGURE_PREAMBLE_VER_MINOR - XC_CHECK_PATH_SEPARATOR - - Avoid one level of internal indirection - - Update comments - - Drop XC_OVR_ZZ40 macro - -Kamil Dudka (28 Jan 2013) -- docs: fix typos in man pages - - Reported by: Jiri Jaburek - Bug: https://bugzilla.redhat.com/896544 - -- docs: update the comments about loading CA certs with NSS - - Bug: https://bugzilla.redhat.com/696783 - -Guenter Knauf (28 Jan 2013) -- Updated dependency libs. - -- Fixed simple.c to work again unchanged. - - Added CURLOPT_FOLLOWLOCATION since example.com is now redirected. - -Steve Holme (27 Jan 2013) -- smtp.c: Fixed unnecessary state change if starttls fails - - The state machine should only be changed to SMTP_STARTTLS when the - STARTTLS command has been successfully sent to the server. - -- pop3.c: Fixed unnecessary state change if starttls fails - - The state machine should only be changed to POP3_STARTTLS when the - STLS command has been successfully sent to the server. - -- imap.c: Fixed unnecessary state change if starttls fails - - The state machine should only be changed to IMAP_STARTTLS when the - STARTTLS command has been successfully sent to the server. - -- email: Updated comment regarding ssldone usage - - Updated the ssldone comment as multi mode is always used internally now. - -Yang Tse (26 Jan 2013) -- zz40-xc-ovr.m4: emit witness message in configure BODY - - This avoids witness message in output when running configure --help, - while sending the message to config.log for other configure runs. - -Steve Holme (25 Jan 2013) -- smtp.c: Added comments to smtp_endofresp() - - Minor code tidy up to add comments similar to those used in the pop3 - and imap end of resp functions, in order to assist anyone reading the - code and highlight the similarities between each of these protocols. - -Yang Tse (25 Jan 2013) -- zz40-xc-ovr.m4: truly do version conditional overriding - - - version conditional overriding - - catch unexpanded XC macros - - fix double words in comments - -- zz40-xc-ovr.m4: fix variable assignment of subshell output bashism - - Tor Arntsen analyzed and reported the issue. - - URL: http://curl.haxx.se/mail/lib-2013-01/0306.html - -- zz40-xc-ovr.m4: reinstate strict AC_REQUIRE macro dependencies - -- zz40-xc-ovr.m4: avoid double single-quote usage - -- zz40-xc-ovr.m4: parentheses balancing of 'case' statements - - m4 quadrigraph shell comment technique allows proper autoconf - parentheses balancing in shell 'case' statements. The presence - of unbalanced parentheses may otherwise trigger expansion bugs. - -Steve Holme (24 Jan 2013) -- smtp.c: Corrected RFC references - - The most recent version of the SMTP RFC is RFC5321 and not RFC2821 as - previously documented. - - Added RFC1870 and re-ordered list numerically. - -- smtp.c: Fixed failure detection during TLS upgrade - - smtp_state_upgrade_tls() would attempt to incorrectly complete the - upgrade to smtps and start the EHLO command if - Curl_ssl_connect_nonblocking() returned a failure code and if ssldone - was set to TRUE. This would only happen when a non-blocking API hadn't - been provided by the SSL implementation and curlssl_connect() was - called underneath. - -- pop3.c: Fixed failure detection during TLS upgrade - - pop3_state_upgrade_tls() would attempt to incorrectly complete the - upgrade to pop3s and start the CAPA command if - Curl_ssl_connect_nonblocking() returned a failure code and if ssldone - was set to TRUE. This would only happen when a non-blocking API hadn't - been provided by the SSL implementation and curlssl_connect() was - called underneath. - -- imap.c: Fixed failure detection during TLS upgrade - - imap_state_upgrade_tls() would attempt to incorrectly complete the - upgrade to imaps and start the CAPABILITY command if - Curl_ssl_connect_nonblocking() returned a failure code and if ssldone - was set to TRUE. This would only happen when a non-blocking API hadn't - been provided by the SSL implementation and curlssl_connect() was - called underneath. - -Yang Tse (24 Jan 2013) -- zz40-xc-ovr.m4: internals overhauling - - - Update comments - - Execute commands in subshells - - Faster path separator check - - Fix missing 'test' command - - Rename private macros - - Minimize AC_REQUIRE usage - -Steve Holme (23 Jan 2013) -- email: Removed unnecessary return statements - - Small tidy up to remove unnecessary return statements prior to the next - fix. - -Yang Tse (23 Jan 2013) -- zz40-xc-ovr.m4: redirect errors and warnings to stderr - -- zz40-xc-ovr.m4: AC_REQUIRE also XC_CONFIGURE_PREAMBLE success message - -- zz60-xc-ovr.m4: tighten XC_OVR_ZZ60 macro placement requirements - -- configure: use XC_CONFIGURE_PREAMBLE early checks - - Some basic checks we make were placed early enough in generated - configure script when using autoconf 2.5X versions. Newer autoconf - versions expand these checks much further into the configure script, - rendering them useless. Using XC_CONFIGURE_PREAMBLE fixes placement - of early intended checks across all our autoconf supported versions. - -- zz40-xc-ovr.m4: provide XC_CONFIGURE_PREAMBLE macro - -Daniel Stenberg (23 Jan 2013) -- FAQ: update the SSL lib list and wording in question 2.2 - -Steve Holme (22 Jan 2013) -- curl_sasl.c: Corrected references to RFC - - The most recent version of the RFC is RFC4422 and not RFC2222 as - previously documented. - -- email: Corrected references to SASL RFC - - The most recent version of the SASL RFC is RFC4422 and not RFC2222 as - previously documented. - -Daniel Stenberg (22 Jan 2013) -- [Ulion brought this change] - - formpost: support quotes, commas and semicolon in file names - - - document the double-quote and backslash need be escaped if quoting. - - libcurl formdata escape double-quote in filename by backslash. - - curl formparse can parse filename both contains '"' and ',' or ';'. - - curl now can uploading file with ',' or ';' in filename. - - Bug: http://curl.haxx.se/bug/view.cgi?id=1171 - -- memanalyze.pl: handle fopen() of file names with quotes - -Yang Tse (21 Jan 2013) -- xc-cc-check.m4: re-evaluate exporting and AC_SUBST'ing vars - - Notes: - - When running a configure script that has nested packages (for example - libcurl's configure with --enable-ares and c-ares sources embedded in - curl tree) and AC_CONFIG_SUBDIRS([nested-subdir]) machinery is used to - automatically run the nested configure script from within the parent - configure script, it happens that the nested _shell_ script will - inherit shell variables exported from the parent _shell_ script. - - If for example parent configure script sets and exports LDFLAGS and LIBS - variables with proper values in order to link either a parent library or - program with a library which will be configured and built by a nested - package; It will happen that when the nested configure script runs, the - nested library does not exist yet and _any_ link-test done in the nested - configure will fail, such as those that autoconf macros perform in order - to detect existing compiler and its characteristics, the result is that - the nested configure script will fail with errors such as: - - configure: error: C compiler cannot create executables - - For now, we no longer export variables previously exported here. - - On the other hand, AC_SUBST'ing them is appropriate and even with nested - packages each package's config.status gets its own package values. - - So we reinstate AC_SUBST'ing previously AC_SUBST'ed variables. - -Daniel Stenberg (21 Jan 2013) -- FAQ: 3.22 curl -X gives me HTTP problems - -Yang Tse (21 Jan 2013) -- xc-cc-check.m4: avoid recursive package automake'ing breakage - -- xc-cc-check.m4: mark earlier variables that are to be exported - -- configure: autotools compatibility fixes - step I - - Fix proper macro expansion order across autotools versions for - C compiler and preprocessor program checks. - -Steve Holme (20 Jan 2013) -- pop3.c: Fixed conditional compilation of the apop response function - - Extended the fix from commit 8b15c84ea91e to additionally exclude - pop3_state_apop_resp() if the CURL_DISABLE_CRYPTO_AUTH flag is - defined. - -Yang Tse (20 Jan 2013) -- Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables - -Daniel Stenberg (19 Jan 2013) -- formadd: reject trying to read a directory where a file is expected - - Bug: http://curl.haxx.se/mail/archive-2013-01/0017.html - Reported by: Ulrich Doehner - -- curl_easy_send.3: document return codes - - Reported by: Craig Davison - Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html - -- curl_easy_recv.3: document return codes - - Reported by: Craig Davison - Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html - -Steve Holme (19 Jan 2013) -- email: General code tidy up - - Corrected some function argument definitions to maximize the 80 - character line length limit and be in keeping with the curl - coding style. - -- pop3.c: Fixed a problem with pop3s connections not connecting properly - - Fixed an issue where Curl_ssl_connect_nonblocking() wouldn't complete - correctly and the ssldone flag wouldn't be set to true for pop3s based - connections. - - Bug introduced in commit: 4ffb8a6398ed. - -Daniel Stenberg (18 Jan 2013) -- RELEASE-NOTES: add references to several bugfixes+changes - -Steve Holme (18 Jan 2013) -- RELEASE-NOTES: Added missing imap fix - - Added missing imap fix as per commit 709b3506cd9b. - -Yang Tse (18 Jan 2013) -- runtests.pl: make VPATH builds find valgrind.supp - -Daniel Stenberg (18 Jan 2013) -- RELEASE-NOTES: synced with c43127414d89 - -- always-multi: always use non-blocking internals - - Remove internal separated behavior of the easy vs multi intercace. - curl_easy_perform() is now using the multi interface itself. - - Several minor multi interface quirks and bugs have been fixed in the - process. - - Much help with debugging this has been provided by: Yang Tse - -Yang Tse (17 Jan 2013) -- url.c: fix HTTP CONNECT tunnel establishment upon delayed response - - Fixes initial proxy response being processed by the tunneled protocol - handler instead of the HTTP wrapper handler. This issue would trigger - upon delayed CONNECT response from the proxy. - - Additionally fixes a multi interface code-path in which connections - would not time out properly. - - This does not fix known bug #39. - - URL: http://curl.haxx.se/mail/lib-2013-01/0191.html - -Daniel Stenberg (16 Jan 2013) -- [Yves Arrouye brought this change] - - --libcurl: fix for non-zero default options - - If the default value for an option taking a long as its value is non - zero, and it is set by zero by a command line option, then that command - line option is not reflected in --libcurl's output. This is because line - 520-521 of tool_setopt.c look like: - - if(!lval) - skip = TRUE; - - An example of a command-line option doing so is the -k option that sets - CURLOPT_SLL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to 0L, when the - defaults are non-zero. - -- FTP: reject illegal port numbers in EPSV 229 responses - -Yang Tse (15 Jan 2013) -- commit bc682cbd follow-up - -- build: use per-target '_CPPFLAGS' for those currently using default - - Automake documents that doing this will make it choose a different name - for intermediate object files even when sharing source files across - targets of same Makefile.am. - - Up to automake 1.13.1 target's intermediate object files were placed - in the build subdirectory of the target. We depended on this, probably - undocumented behavior, to achieve same behavior as if a per-target flag - had been specified when building targets that actually belong to - different Makefile.am files. - - It seems automake 1.13.2 is going to break behavior mentioned above. - - So, lets use a documented behavior in order to achieve same purpose, - across automake versions, no matter where automake wishes to place - intermediate object files. - - Our build targets that already were using a per-target '_CFLAGS' or - '_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only - Makefile.am or Makefile.in files in libcurl's source tree touched by - this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc. - -- tests/libtest/Makefile.inc: sort build targets - -- tests/Makefile.am: remove wildcard usage in EXTRA_DIST - -Kamil Dudka (15 Jan 2013) -- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE - - Do not use the error messages from NSS for errors not occurring in NSS. - -Steve Holme (14 Jan 2013) -- TODO: Updated following IMAP SASL additions - -Yang Tse (14 Jan 2013) -- configure: fix automake 1.13 compatibility - - Tested with: - - buildconf: autoconf version 2.69 - buildconf: autom4te version 2.69 - buildconf: autoheader version 2.69 - buildconf: automake version 1.13.1 - buildconf: aclocal version 1.13.1 - buildconf: libtool version 2.4 - buildconf: GNU m4 version 1.4.16 - -Daniel Stenberg (13 Jan 2013) -- BUGS: update bug tracker URL - - ... and refresh number of lines of code - -- Curl_resolver_getsock: fix the function description comment - - It referred to it by the wrong name and said it returned the wrong value. - - Reported by: Gisle Vanem - -Kamil Dudka (11 Jan 2013) -- nss: clear session cache if a client cert from file is used - - This commit fixes a regression introduced in 052a08ff. - - NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback - and if we connect second time to the same server, the cached cert/key - pair is used. If we use multiple client certificates for different - paths on the same server, we need to clear the session cache to force - NSS to call the hook again. The commit 052a08ff prevented the session - cache from being cleared if a client certificate from file was used. - - The condition is now fixed to cover both cases: consssl->client_nickname - is not NULL if a client certificate from the NSS database is used and - connssl->obj_clicert is not NULL if a client certificate from file is - used. - - Review by: Kai Engert - -Yang Tse (11 Jan 2013) -- sockfilt.c: log file descriptor number on read/write error - -- [Gisle Vanem brought this change] - - packages/DOS/common.dj: remove COFF debug info generation - - gcc on DOS hasn't really supported COFF-debug (-gcoff) on djgpp for a - long time. - - "Sounds like the COFF debug info generation has bit-rotted in GCC. - Nothing new here, no other platform uses COFF AFAIK." - - So lets drop it too. - - URL: http://curl.haxx.se/mail/lib-2013-01/0130.html - -- curl: ignore SIGPIPE - compilation fix - follow-up - -- test servers: handle W32/W64 SIGBREAK with exit_signal_handler - -- test servers: fix errno, ERRNO and SOCKERRNO usage for W32/W64 - -- sockfilt.c: fix some W64 compiler warnings - -Daniel Stenberg (9 Jan 2013) -- [Nick Zitzmann brought this change] - - docs: the --with-darwinssl option is available on Apple OSes - -Yang Tse (9 Jan 2013) -- curl: ignore SIGPIPE - compilation fix - -- build: fix circular header inclusion with other packages - - This commit renames lib/setup.h to lib/curl_setup.h and - renames lib/setup_once.h to lib/curl_setup_once.h. - - Removes the need and usage of a header inclusion guard foreign - to libcurl. [1] - - Removes the need and presence of an alarming notice we carried - in old setup_once.h [2] - - ---------------------------------------- - - 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard - up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H, - this single inclusion guard is enough to ensure that inclusion of - lib/setup_once.h done from lib/setup.h is only done once. - - Additionally lib/setup.h has always used __SETUP_ONCE_H macro to - protect inclusion of setup_once.h even after commit ec691ca3, this - was to avoid a circular header inclusion triggered when building a - c-ares enabled version with c-ares sources available which also has - a setup_once.h header. Commit ec691ca3 exposes the real nature of - __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard - foreign to libcurl belonging to c-ares's setup_once.h - - The renaming this commit does, fixes the circular header inclusion, - and as such removes the need and usage of a header inclusion guard - foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl. - - 2 - Due to the circular interdependency of old lib/setup_once.h and the - c-ares setup_once.h header, old file lib/setup_once.h has carried - back from 2006 up to now days an alarming and prominent notice about - the need of keeping libcurl's and c-ares's setup_once.h in sync. - - Given that this commit fixes the circular interdependency, the need - and presence of mentioned notice is removed. - - All mentioned interdependencies come back from now old days when - the c-ares project lived inside a curl subdirectory. This commit - removes last traces of such fact. - -Daniel Stenberg (8 Jan 2013) -- curl: ignore SIGPIPE - - This is a work-around for bug #1180 which is really libcurl's inability - to ignore SIGPIPE in a few cases. With this work-around at least curl - won't suffer from it! - - Bug: http://curl.haxx.se/bug/view.cgi?id=1180 - Reported by: Lluís Batlle i Rossell - -Yang Tse (8 Jan 2013) -- sockfilt.c: fix some compiler warnings - -Daniel Stenberg (8 Jan 2013) -- Revert "configure: update req to 2.59" - - This reverts commit 7a6d8b1b1a8fcc184c36d6b6e741e32250b4bacb. - - URL: http://curl.haxx.se/mail/lib-2013-01/0103.html - -Steve Holme (8 Jan 2013) -- pop3: Added support for non-blocking SSL upgrade - - Added support for asynchronous SSL upgrade when using the - multi-interface. - -Daniel Stenberg (8 Jan 2013) -- configure: update req to 2.59 - - I ran the 2.59 version of autoupdate that updates obsoleted configure.ac - constructs to the 2.59 standard. With a little hands-on fiddling I - prevented it from ruining the quoting in AS_HELP_STRING() uses. - - I subsequently also bumped the required autoconf version to 2.59 - (released in December 2003) as I don't have an older autoconf version - around to test with and I can't be bothered to install one either... - - Inspired by: Björn Stenberg - Related blog post: http://cazfi.livejournal.com/195108.html - -Steve Holme (7 Jan 2013) -- imap.c: Small tidy up to add missing comment - -- imap: Added support for sasl digest-md5 authentication - -- imap: Added support for sasl cram-md5 authentication - -Marc Hoersken (7 Jan 2013) -- tests/server/sockfilt.c: Fixed integer comparison warning - -- tests/server/sockfilt.c: Include required Win32 headers - -Steve Holme (7 Jan 2013) -- imap: Added support for sasl ntlm authentication - -- imap: Added support for sasl login authentication - -- pop3.c: Fixed default authentication detection - - Fixed an issue where a server may positively respond to the CAPA command - but not list clear text as a valid authentication type. - -- curl_sasl.c: Small code tidy up following imap changes - -- smtp.c: Small code tidy up following imap changes - -- pop3.c: Small code tidy up following imap changes - -- imap: Added support for sasl plain text authentication - -Marc Hoersken (6 Jan 2013) -- tests/server/sockfilt.c: Fixed support for listening sockets - - This commit fixes support for sockets that are ready to accept - a new connection and have previously been put into listening mode. - - It also includes changes which are the result of investigation - regarding Windows STDIN. These changes are the preparation for further - improvements regarding support for reading data from STDIN on Windows. - - Open issue: WaitForMultipleObjectsEx does not support PIPE handles - which are returned by GetStdHandle while running without a GUI. - -- tests/server/sockfilt.c: Set Windows Console to binary mode - -- tests/server/sockfilt.c: Improved log error messages - - Include error code and parameters in error messages. - -Steve Holme (6 Jan 2013) -- imap: Introduced the continue response in imap_endofresp() - -- imap: Added support for SASL based authentication mechanism detection - - Added support for detecting the supported SASL authentication mechanisms - via the CAPABILITY command. - -Yang Tse (6 Jan 2013) -- Revert changes relative to lib/*.[ch] recent renaming - - This reverts renaming and usage of lib/*.h header files done - 28-12-2012, reverting 2 commits: - - f871de0... build: make use of 76 lib/*.h renamed files - ffd8e12... build: rename 76 lib/*.h files - - This also reverts removal of redundant include guard (redundant thanks - to changes in above commits) done 2-12-2013, reverting 1 commit: - - c087374... curl_setup.h: remove redundant include guard - - This also reverts renaming and usage of lib/*.c source files done - 3-12-2013, reverting 3 commits: - - 13606bb... build: make use of 93 lib/*.c renamed files - 5b6e792... build: rename 93 lib/*.c files - 7d83dff... build: commit 13606bbfde follow-up 1 - - Start of related discussion thread: - - http://curl.haxx.se/mail/lib-2013-01/0012.html - - Asking for confirmation on pushing this revertion commit: - - http://curl.haxx.se/mail/lib-2013-01/0048.html - - Confirmation summary: - - http://curl.haxx.se/mail/lib-2013-01/0079.html - - NOTICE: The list of 2 files that have been modified by other - intermixed commits, while renamed, and also by at least one - of the 6 commits this one reverts follows below. These 2 files - will exhibit a hole in history unless git's '--follow' option - is used when viewing logs. - - lib/curl_imap.h - lib/curl_smtp.h - -Daniel Stenberg (6 Jan 2013) -- mk-ca-bundle.1: convert syntax to what's used elsewhere - - ... mostly to make sure roffit works better on it, but also to make our - man pages use a more unified style. - -- mk-ca-bundle.1: mention new -f, fix outputfile output - - also edited a few sentences to become more verbose - -- mk-ca-bundle: add -f, support passing to stdout and more - - 1. When the downloaded data file from Mozilla is current, but the output - bundle does not exist: continue processing to create the bundle. The - goal is to have the output file - not just download the latest input. - - 2. added -f option to force re-processing the file. Useful for - debugging/testing the process. - - 3. added support for output to '-' (stdout), allowing the output to be - piped. - - 4. All progress and error messages go to STDERR rather than STDOUT (3) - - 5. The script opened and closed the output file many times - unnecessarily. It now opens it once, does the output and closes it. - - 6. Backup of the input files happens after successful processing, not - before. - - 7. The output is written to a temporary file, and renamed to the - requested name after backup - this greatly reduces the window where the - file can be seen partially written. - - 8. all die calls have a \n at the end to suppress perl's traceback - the - traceback isn't useful to end users. - - Patch: http://curl.haxx.se/mail/lib-2013-01/0045.html - -Yang Tse (5 Jan 2013) -- imap test server: fix typo in name of SELECT_imap() sub definition - - IMAP test server breaking typo introduced with commit b708a522a1 - -Steve Holme (4 Jan 2013) -- imap test server: Added support for the CAPABILITY command - - Added support for the CAPABILITY command in preparation of upcoming - changes. - -Daniel Stenberg (3 Jan 2013) -- writeout: -w now supports remote_ip/port and local_ip/port - - Added mention to the curl.1 man page. - - Test case 1223 verifies remote_ip/port. - -Yang Tse (3 Jan 2013) -- test 1222: 8 chars object name generation && test 1221: adjustments - -Daniel Stenberg (3 Jan 2013) -- INTERNALS: remove "footnote" never used - -Yang Tse (3 Jan 2013) -- build: commit 13606bbfde follow-up 1 - -Daniel Stenberg (3 Jan 2013) -- FAQ: Can I write a server with libcurl? - -Yang Tse (3 Jan 2013) -- build: rename 93 lib/*.c files - - 93 lib/*.c source files renamed to use our standard naming scheme. - - This commit only does the file renaming. - - ---------------------------------------- - - renamed: lib/amigaos.c -> lib/curl_amigaos.c - renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c - renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c - renamed: lib/axtls.c -> lib/curl_axtls.c - renamed: lib/base64.c -> lib/curl_base64.c - renamed: lib/bundles.c -> lib/curl_bundles.c - renamed: lib/conncache.c -> lib/curl_conncache.c - renamed: lib/connect.c -> lib/curl_connect.c - renamed: lib/content_encoding.c -> lib/curl_content_encoding.c - renamed: lib/cookie.c -> lib/curl_cookie.c - renamed: lib/cyassl.c -> lib/curl_cyassl.c - renamed: lib/dict.c -> lib/curl_dict.c - renamed: lib/easy.c -> lib/curl_easy.c - renamed: lib/escape.c -> lib/curl_escape.c - renamed: lib/file.c -> lib/curl_file.c - renamed: lib/fileinfo.c -> lib/curl_fileinfo.c - renamed: lib/formdata.c -> lib/curl_formdata.c - renamed: lib/ftp.c -> lib/curl_ftp.c - renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c - renamed: lib/getenv.c -> lib/curl_getenv.c - renamed: lib/getinfo.c -> lib/curl_getinfo.c - renamed: lib/gopher.c -> lib/curl_gopher.c - renamed: lib/gtls.c -> lib/curl_gtls.c - renamed: lib/hash.c -> lib/curl_hash.c - renamed: lib/hmac.c -> lib/curl_hmac.c - renamed: lib/hostasyn.c -> lib/curl_hostasyn.c - renamed: lib/hostcheck.c -> lib/curl_hostcheck.c - renamed: lib/hostip.c -> lib/curl_hostip.c - renamed: lib/hostip4.c -> lib/curl_hostip4.c - renamed: lib/hostip6.c -> lib/curl_hostip6.c - renamed: lib/hostsyn.c -> lib/curl_hostsyn.c - renamed: lib/http.c -> lib/curl_http.c - renamed: lib/http_chunks.c -> lib/curl_http_chunks.c - renamed: lib/http_digest.c -> lib/curl_http_digest.c - renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c - renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c - renamed: lib/http_proxy.c -> lib/curl_http_proxy.c - renamed: lib/idn_win32.c -> lib/curl_idn_win32.c - renamed: lib/if2ip.c -> lib/curl_if2ip.c - renamed: lib/imap.c -> lib/curl_imap.c - renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c - renamed: lib/inet_pton.c -> lib/curl_inet_pton.c - renamed: lib/krb4.c -> lib/curl_krb4.c - renamed: lib/krb5.c -> lib/curl_krb5.c - renamed: lib/ldap.c -> lib/curl_ldap.c - renamed: lib/llist.c -> lib/curl_llist.c - renamed: lib/md4.c -> lib/curl_md4.c - renamed: lib/md5.c -> lib/curl_md5.c - renamed: lib/memdebug.c -> lib/curl_memdebug.c - renamed: lib/mprintf.c -> lib/curl_mprintf.c - renamed: lib/multi.c -> lib/curl_multi.c - renamed: lib/netrc.c -> lib/curl_netrc.c - renamed: lib/non-ascii.c -> lib/curl_non_ascii.c - renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h - renamed: lib/nonblock.c -> lib/curl_nonblock.c - renamed: lib/nss.c -> lib/curl_nss.c - renamed: lib/nwlib.c -> lib/curl_nwlib.c - renamed: lib/nwos.c -> lib/curl_nwos.c - renamed: lib/openldap.c -> lib/curl_openldap.c - renamed: lib/parsedate.c -> lib/curl_parsedate.c - renamed: lib/pingpong.c -> lib/curl_pingpong.c - renamed: lib/polarssl.c -> lib/curl_polarssl.c - renamed: lib/pop3.c -> lib/curl_pop3.c - renamed: lib/progress.c -> lib/curl_progress.c - renamed: lib/qssl.c -> lib/curl_qssl.c - renamed: lib/rawstr.c -> lib/curl_rawstr.c - renamed: lib/rtsp.c -> lib/curl_rtsp.c - renamed: lib/security.c -> lib/curl_security.c - renamed: lib/select.c -> lib/curl_select.c - renamed: lib/sendf.c -> lib/curl_sendf.c - renamed: lib/share.c -> lib/curl_share.c - renamed: lib/slist.c -> lib/curl_slist.c - renamed: lib/smtp.c -> lib/curl_smtp.c - renamed: lib/socks.c -> lib/curl_socks.c - renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c - renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c - renamed: lib/speedcheck.c -> lib/curl_speedcheck.c - renamed: lib/splay.c -> lib/curl_splay.c - renamed: lib/ssh.c -> lib/curl_ssh.c - renamed: lib/sslgen.c -> lib/curl_sslgen.c - renamed: lib/ssluse.c -> lib/curl_ssluse.c - renamed: lib/strdup.c -> lib/curl_strdup.c - renamed: lib/strequal.c -> lib/curl_strequal.c - renamed: lib/strerror.c -> lib/curl_strerror.c - renamed: lib/strtok.c -> lib/curl_strtok.c - renamed: lib/strtoofft.c -> lib/curl_strtoofft.c - renamed: lib/telnet.c -> lib/curl_telnet.c - renamed: lib/tftp.c -> lib/curl_tftp.c - renamed: lib/timeval.c -> lib/curl_timeval.c - renamed: lib/transfer.c -> lib/curl_transfer.c - renamed: lib/url.c -> lib/curl_url.c - renamed: lib/version.c -> lib/curl_version.c - renamed: lib/warnless.c -> lib/curl_warnless.c - renamed: lib/wildcard.c -> lib/curl_wildcard.c - - ---------------------------------------- - -- build: make use of 93 lib/*.c renamed files - - 93 *.c source files renamed to use our standard naming scheme. - - This change affects 77 files in libcurl's source tree. - -Daniel Stenberg (3 Jan 2013) -- INSTALL: unify the SSL library texts - - Make them smaller and more similar for each separate SSL library - supported by the configure build - -Yang Tse (2 Jan 2013) -- curl_setup.h: remove redundant include guard - -- build and tests: curl_10char_object_name() shell function - - lib/objnames.inc provides definition of curl_10char_object_name() shell - function. The intended purpose of this function is to transliterate a - (*.c) source file name that may be longer than 10 characters, or not, - into a string with at most 10 characters which may be used as an OS/400 - object name. - - Test case 1221 does unit testng of this function and also verifies - that it is possible to generate distinct short object names for all - curl and libcurl *.c source file names. - - lib/objnames-test.sh is the shell script used for test case 1221. - - tests/runtests.pl modified to accept shell script test cases. - - More details inside lib/objnames.inc and lib/objnames-test.sh - -- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS - - automake 1.13 errors if AM_CONFIG_HEADER is used in configure script. - automake 1.13 no longer autoupdates AM_CONFIG_HEADER to - AC_CONFIG_HEADERS, thing which automake has been doing since automake - version 1.7 - - Given that our first automake supported version is automake 1.7, - simply replacing AM_CONFIG_HEADER usage with AC_CONFIG_HEADERS seems - enough to yet support same automake versions. - - Dave Reisner reported issue with 1.13 and provided patch. - - http://curl.haxx.se/mail/lib-2012-12/0246.html - -- curl-override.m4: provide AC_CONFIG_MACRO_DIR definition conditionally - - Provide a 'traceable' AC_CONFIG_MACRO_DIR definition only when using - an autoconf version that does not provide it, instead of what we were - doing up to now of providing and overriding AC_CONFIG_MACRO_DIR for - all autoconf versions. - -Steve Holme (30 Dec 2012) -- imap.c: Minor follow up tidy up - -- imap: Code tidy up prior to adding support for the CAPABILITY command - - * Changing the order of the state machine to represent the order in - which commands are sent to the server. - - * Reworking the imap_endofresp() function as the FETCH response doesn't - include the command id and shouldn't be part of the length comparison - that takes into account the id string. - -- pop3_doing: Applied debug info message when function fails - - Applied the same debug message as used in smtp_doing() and imap_doing() - when pop3_multi_statemach() fails. - -- imap_doing: don't call imap_dophase_done() if already failed - - Applied the POP3 fix from commit 2897ce7dc2e1 so imap_dophase_done() - isn't called if imap_multi_statemach() fails. - -- smtp_doing: don't call smtp_dophase_done() if already failed - - Applied the POP3 fix from commit 2897ce7dc2e1 so smtp_dophase_done() - isn't called if smtp_multi_statemach() fails. - -Yang Tse (29 Dec 2012) -- examples/certinfo.c: fix compiler warning - -Steve Holme (29 Dec 2012) -- pop3.c: Removed unnecessary POP3_STOP state changes - - Removed unnecessary state changes in pop3_state_starttls_resp() - following previous fix in IMAP module. - -- smtp.c: Added extra comments around SMTP_STOP state change - - Provided extra comments in the SMTP module following previous IMAP fix. - -- imap.c: Fixed bad state error when logging in with invalid credentials - - Fixed a problem with the state machine when attempting to log in with - invalid credentials. The server would report login failure but libcurl - would not read the response due to inappropriate IMAP_STOP states being - set after the login was sent. - -Yang Tse (29 Dec 2012) -- imap.c: remove trailing whitespace - -Steve Holme (28 Dec 2012) -- imap.c: Code tidy up - Part 2 - -- imap.c: Code tidy up - Part 1 - - Applied some of the comment and layout changes that had already been - applied to the pop3 and smtp code over the last 6 to 9 months. - - This is in preparation of adding SASL based authentication. - -- pop3.c: Minor code tidy up - - Minor tidy up of comments and layout prior to next part of imap work. - -- smtp: Minor code tidy up - - Minor tidy up of comments and layout prior to next part of imap work. - -- curl_imap.h: Tidy up of comments to be more readable - -- imap.c: Code tidy up renaming imapsendf() to imap_sendf() - - Renamed imapsendf() to imap_sendf() to be more in keeping with the - other imap functions as well as Curl_pp_sendf() that it replaces. - -Yang Tse (28 Dec 2012) -- build: rename 76 lib/*.h files - - 76 private header files renamed to use our standard naming scheme. - - This commit only does the file renaming. - - ---------------------------------------- - - renamed: amigaos.h -> curl_amigaos.h - renamed: arpa_telnet.h -> curl_arpa_telnet.h - renamed: asyn.h -> curl_asyn.h - renamed: axtls.h -> curl_axtls.h - renamed: bundles.h -> curl_bundles.h - renamed: conncache.h -> curl_conncache.h - renamed: connect.h -> curl_connect.h - renamed: content_encoding.h -> curl_content_encoding.h - renamed: cookie.h -> curl_cookie.h - renamed: cyassl.h -> curl_cyassl.h - renamed: dict.h -> curl_dict.h - renamed: easyif.h -> curl_easyif.h - renamed: escape.h -> curl_escape.h - renamed: file.h -> curl_file.h - renamed: fileinfo.h -> curl_fileinfo.h - renamed: formdata.h -> curl_formdata.h - renamed: ftp.h -> curl_ftp.h - renamed: ftplistparser.h -> curl_ftplistparser.h - renamed: getinfo.h -> curl_getinfo.h - renamed: gopher.h -> curl_gopher.h - renamed: gtls.h -> curl_gtls.h - renamed: hash.h -> curl_hash.h - renamed: hostcheck.h -> curl_hostcheck.h - renamed: hostip.h -> curl_hostip.h - renamed: http.h -> curl_http.h - renamed: http_chunks.h -> curl_http_chunks.h - renamed: http_digest.h -> curl_http_digest.h - renamed: http_negotiate.h -> curl_http_negotiate.h - renamed: http_proxy.h -> curl_http_proxy.h - renamed: if2ip.h -> curl_if2ip.h - renamed: imap.h -> curl_imap.h - renamed: inet_ntop.h -> curl_inet_ntop.h - renamed: inet_pton.h -> curl_inet_pton.h - renamed: krb4.h -> curl_krb4.h - renamed: llist.h -> curl_llist.h - renamed: memdebug.h -> curl_memdebug.h - renamed: multiif.h -> curl_multiif.h - renamed: netrc.h -> curl_netrc.h - renamed: non-ascii.h -> curl_non-ascii.h - renamed: nonblock.h -> curl_nonblock.h - renamed: nssg.h -> curl_nssg.h - renamed: parsedate.h -> curl_parsedate.h - renamed: pingpong.h -> curl_pingpong.h - renamed: polarssl.h -> curl_polarssl.h - renamed: pop3.h -> curl_pop3.h - renamed: progress.h -> curl_progress.h - renamed: qssl.h -> curl_qssl.h - renamed: rawstr.h -> curl_rawstr.h - renamed: rtsp.h -> curl_rtsp.h - renamed: select.h -> curl_select.h - renamed: sendf.h -> curl_sendf.h - renamed: setup.h -> curl_setup.h - renamed: setup_once.h -> curl_setup_once.h - renamed: share.h -> curl_share.h - renamed: slist.h -> curl_slist.h - renamed: smtp.h -> curl_smtp.h - renamed: sockaddr.h -> curl_sockaddr.h - renamed: socks.h -> curl_socks.h - renamed: speedcheck.h -> curl_speedcheck.h - renamed: splay.h -> curl_splay.h - renamed: ssh.h -> curl_ssh.h - renamed: sslgen.h -> curl_sslgen.h - renamed: ssluse.h -> curl_ssluse.h - renamed: strdup.h -> curl_strdup.h - renamed: strequal.h -> curl_strequal.h - renamed: strerror.h -> curl_strerror.h - renamed: strtok.h -> curl_strtok.h - renamed: strtoofft.h -> curl_strtoofft.h - renamed: telnet.h -> curl_telnet.h - renamed: tftp.h -> curl_tftp.h - renamed: timeval.h -> curl_timeval.h - renamed: transfer.h -> curl_transfer.h - renamed: url.h -> curl_url.h - renamed: urldata.h -> curl_urldata.h - renamed: warnless.h -> curl_warnless.h - renamed: wildcard.h -> curl_wildcard.h - - ---------------------------------------- - -- build: make use of 76 lib/*.h renamed files - - 76 private header files renamed to use our standard naming scheme. - - This change affects 322 files in libcurl's source tree. - -- lib/*.h: use our standard naming scheme for header inclusion guards - -Steve Holme (28 Dec 2012) -- imsp.c: Fixed usernames and passwords that contain escape characters - - Fixed a problem with sending usernames and passwords that contain - backslash, quotation mark and space characters. - -Daniel Stenberg (27 Dec 2012) -- curl.1: extend the -X, --request description - -- RELEASE-NOTES: synced with e3ed2b82e6 - -- [Nick Zitzmann brought this change] - - darwinssl: Fixed inability to disable peer verification - - ... on Snow Leopard and Lion - - Snow Leopard introduced the SSLSetSessionOption() function, but it - doesn't disable peer verification as expected on Snow Leopard or - Lion (it works as expected in Mountain Lion). So we now use sysctl() - to detect whether or not the user is using Snow Leopard or Lion, - and if that's the case, then we now use the deprecated - SSLSetEnableCertVerify() function instead to disable peer verification. - -Yang Tse (26 Dec 2012) -- curl tool: rename hugehelp files to tool_hugehelp - -- curl tool: renaming hugehelp files to tool_hugehelp - -- sockfilt.c: commit b44da5a82a follow-up 2 - -- sockfilt.c: commit b44da5a82a follow-up - -- sockfilt.c: fix some compiler warnings - -- curl_multi_remove_handle: commit 0aabfd9963 follow-up - -Daniel Stenberg (25 Dec 2012) -- lib556: enable VERBOSE to ease debugging on failures - -Marc Hoersken (25 Dec 2012) -- socklift.c: Quick fix to re-add missing code - -- socklift.c: Added select_ws function to support Windows - - WinSock select() does not support standard file descriptors, - it can only check SOCKETs. The following function is an attempt - to create a select() function with support for other handles. - -Yang Tse (25 Dec 2012) -- Enable tests 1503, 1504 and 1505 - -- curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE - -- Curl_hash_clean: OOM handling fix - -- test 1504 and 1505: same as 1502 but with different cleanup sequences - -Daniel Stenberg (24 Dec 2012) -- Curl_conncache_foreach: allow callback to break loop - - ... and have it take a proper 'struct connectdata *' as first argument - -- pop3_doing: don't call pop3_dophase_done() if already failed - - ... it also clobbered the 'result' return value so that it wouldn't - return the error back to the parent function properly, which broke test - 809 when run with 'multi-always'. - -Yang Tse (23 Dec 2012) -- test 1503: same as 1502 but with a different cleanup sequence - -- test 1502: OOM handling fixes - -- curl_multi_wait: OOM handling fix - -- [Daniel Stenberg brought this change] - - curl_multi_wait: avoid an unnecessary memory allocation - -- runtests.pl: prepend $srcdir to HTTPTLS server config files path - -- multi.c: OOM handling fix - -- lib543.c: OOM handling fixes - -- configure: add internal sanity check (warn only) on vars for makefiles - -Daniel Stenberg (21 Dec 2012) -- SCP: relative path didn't work - - When prefixing a path with /~/ it is supposed to be used relative to the - user's home directory but it didn't work. Now we cut off the entire - three byte sequenct "/~/" which seems to be how OpenSSH does it. - - Bug: http://curl.haxx.se/bug/view.cgi?id=1173 - Reported by: Balaji Parasuram - -Yang Tse (21 Dec 2012) -- configure: LIBMETALINK_CFLAGS actually is LIBMETALINK_CPPFLAGS - -- configure: add minimal sanity check on user provided CFLAGS and CPPFLAGS - -- bundles connection caching: some out of memory handling fixes - -- libntlmconnect.c: fix compiler warnings and OOM handling - -- configure.ac: clear local test intended variables before use - -- VC6 IDE: link with advapi32.lib when using WIN32 crypto API (md5.c) - -- curl-functions.m4: improve gethostname arg 2 data type check - -- setup_once.h: HP-UX specific 'bool', 'false' and 'true' definitions. - - Also reverts commit f254c59dc7 - -- configure: check if compiler halts on function prototype mismatch - -- warnless.c: fix compiler warnings - -- curl-functions.m4: add gethostname arg 2 data type check and definition - -Daniel Stenberg (14 Dec 2012) -- [Nick Zitzmann brought this change] - - darwinssl: Fix implicit conversion compiler warnings - - The Clang compiler found a few implicit conversion problems that have - now been fixed. - -Yang Tse (14 Dec 2012) -- setup_once.h: HP-UX <sys/socket.h> issue workaround - - Issue: When building a 32bit target with large file support HP-UX - <sys/socket.h> header file may simultaneously provide two different - sets of declarations for sendfile and sendpath functions, one with - static and another with external linkage. Given that we do not use - mentioned functions we really don't care which linkage is the - appropriate one, but on the other hand, the double declaration emmits - warnings when using the HP-UX compiler and errors when using modern - gcc versions resulting in fatal compilation errors. - - Mentioned issue is now fixed as long as we don't use sendfile nor - sendpath functions. - -- setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h> - - Inclusion of top two most included header files now done in setup_once.h - -- setup_once.h: HP-UX specific TRUE and FALSE definitions - - Some HP-UX system headers require TRUE defined to 1 and FALSE to 0. - -Daniel Stenberg (12 Dec 2012) -- gopher: #include cleanup - - Remove all system file includes from this file as they're not needed - - Reported by: Dan Fandrich - -Yang Tse (11 Dec 2012) -- examples/simplessl.c: fix compiler warning - -- examples/externalsocket.c: fix SunPro compilation issue - -- examples/simplessl.c: fix compiler warning - -- build: add bundles and conncache files to other build systems - -- conncache: fix enumerated type mixed with another type - -- examples/anyauthput.c: fix Tru64 compilation issue - -Daniel Stenberg (8 Dec 2012) -- [Colin Watson brought this change] - - configure: fix cross pkg-config detection - - When cross-compiling, CURL_CHECK_PKGCONFIG was checking for the cross - pkg-config using ${host}-pkg-config. - - The gold standard for doing this correctly is pkg-config's own macro, - PKG_PROG_PKG_CONFIG. However, on the assumption that you have a good - reason not to use that directly (reduced dependencies for maintainer - builds?), the behaviour of cURL's version should at least match. - PKG_PROG_PKG_CONFIG uses AC_PATH_TOOL, which ultimately ends up trying - ${host_alias}-pkg-config; this is not quite the same as what cURL does, - and may differ because ${host} has been run through config.sub. For - instance, when cross-building to the armhf architecture on Ubuntu, - ${host_alias} is arm-linux-gnueabihf while ${host} is - arm-unknown-linux-gnueabihf. This may also have been the cause of the - problem reported at http://curl.haxx.se/mail/lib-2012-04/0224.html. - - AC_PATH_TOOL is significantly simpler than cURL's current code, and - dates back to well before the current minimum of Autoconf 2.57, so let's - use it instead. - -- [Linus Nielsen Feltzing brought this change] - - Introducing a new persistent connection caching system using "bundles". - - A bundle is a list of all persistent connections to the same host. - The connection cache consists of a hash of bundles, with the - hostname as the key. - The benefits may not be obvious, but they are two: - - 1) Faster search for connections to reuse, since the hash - lookup only finds connections to the host in question. - 2) It lays out the groundworks for an upcoming patch, - which will introduce multiple HTTP pipelines. - - This patch also removes the awkward list of "closure handles", - which were needed to send QUIT commands to the FTP server - when closing a connection. - Now we allocate a separate closure handle and use that - one to close all connections. - - This has been tested in a live system for a few weeks, and of - course passes the test suite. - -- [Fabian Keil brought this change] - - runtests and friends: Do not add undefined values to @INC - - On FreeBSD this fixes the warning: - Use of uninitialized value $p in string eq at /usr/local/lib/perl5/5.14.2/BSDPAN/BSDPAN.pm line 36. - -Steve Holme (5 Dec 2012) -- Merge pull request #52 from isn-/master - - small compilation fix - -Stanislav Ivochkin (5 Dec 2012) -- build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag - -Yang Tse (5 Dec 2012) -- libtest: fix some compiler warnings - -- examples: fix compilation issues - commit 7332a7cafb follow-up - -- examples: fix compilation issues - commit 23f8dca6fb follow-up - -- examples: fix compilation issues - -- build: explain current role of LIBS in our Makefile.am files - - BLANK_AT_MAKETIME may be used in our Makefile.am files to blank - LIBS variable used in generated makefile at makefile processing - time. Doing this functionally prevents LIBS from being used for - all link targets in given makefile. - -Daniel Stenberg (4 Dec 2012) -- multi: fix re-sending request on early connection close - - This handling already works with the easy-interface code. When a request - is sent on a re-used connection that gets closed by the server at the - same time as the request is sent, the situation may occur so that we can - send the request and we discover the broken connection as a RECV_ERROR - in the PERFORM state and then the request needs to be retried on a fresh - connection. Test 64 broke with 'multi-always-internally'. - -Yang Tse (4 Dec 2012) -- configure: add minimal sanity check on user provided LIBS and LDFLAGS - -- build: prevent global LIBS from influencing src and lib build targets - - Currently, LIBS is already used through other macros. - -Kamil Dudka (3 Dec 2012) -- nss: prevent NSS from crashing on client auth hook failure - - Although it is not explicitly stated in the documentation, NSS uses - *pRetCert and *pRetKey even if the client authentication hook returns - a failure. Namely, if we destroy *pRetCert without clearing *pRetCert - afterwards, NSS destroys the certificate once again, which causes a - double free. - - Reported by: Bob Relyea - -Yang Tse (30 Nov 2012) -- testcurl.pl: build example programs for several autobuilds - - Affected autobuilds: IRIX, AIX, Tru64 and AIX. - -- build: prevent global LIBS from influencing examples build targets - -- build: prevent global LIBS from influencing libtest build targets - -- build: prevent global LIBS from influencing test server build targets - -- build: fix Windows build targets damaged since commit 550e403f00 - -- build: avoid linkage of directly unused libraries - -- dd missing NTLM feature for tests 2025, and 2028 to 2032 - -- avoid mixing of enumerated type with another type - -- multi.c: disambiguate precedence of bitwise and relational operation - -Daniel Stenberg (26 Nov 2012) -- [Fabian Keil brought this change] - - Remove stray CRLF in chunk-encoded content-free request bodies - - .. that are sent when auth-negotiating before a chunked - upload or when setting the 'Transfer-Encoding: chunked' - header and intentionally sending no content. - - Adjust test565 and test1333 accordingly. - -- FAQ: clarify the 3.4 section - - You can do custom commands to FTP without sending anything by using the - CURLOPT_NOBODY, which -I sets. - -- [Lijo Antony brought this change] - - examples: Updated asiohiper.cpp to remove connect from opensocket - - Blocking connect on the socket has been removed from opensocket - callback. opensocket just opens a new socket and gives it back to - libcurl and libcurl will take care of the connect. sockopt_callback has - also been removed, as it is no longer required. - -Yang Tse (23 Nov 2012) -- build: fix AIX compilation and usage - - AIX sys/poll.h header file defines 'events' and 'revents' as C - preprocessor macros. Usage of these literals in libcurl's external - API was introduced in commit de24d7bd4c causing AIX build failures. - Appropriate inclusion of sys/poll.h by libcurl's external interface - fixes AIX build and usage issues while avoiding a SONAME bump. - -Steve Holme (23 Nov 2012) -- DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols - -Daniel Stenberg (23 Nov 2012) -- test: offer "automake" output and check for perl better - - runtests.pl -am now uses the "PASS/FAIL: [desc]" output for each - executed test. You can run 'make test-am' in the root build directory to - invoke that. The reason for this output style is to better allow generic - test suite parsers to also grok our test output. - - The test Makefile now also tests that perl was indeed found and that the - PERL variable points to an executable before it tries to run the main - test perl script runtests.pl, - -- [Fabian Keil brought this change] - - Test 206: Use a Content-Length header for the 407 response - - Otherwise curl would have to guess where the body ends. - -- [Fabian Keil brought this change] - - Test 206: Don't respond to a succesful CONNECT request with a body - - It's against the spec and caused test failures when header - and response were read from the network separately in which - case bug #39 wasn't triggered. - -- htmltitle: use .cpp extension for C++ examples - -- [Lijo Antony brought this change] - - examples: Added a c++ example of using multi with boost::asio - - Added an example for demonstrating the usage of curl multi interface - with boost::asio in c++ - -- VC Makefiles: add missing hostcheck - - the newly introduced hostcheck.h/c is missing in the Visual Studio - Makefiles as obj file. - - Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html - -- compiler warning fixes - - The conversions from ssize_t to int need to be typecasted. - -- bump: start working on 7.28.2 - -- THANKS: added 14 contributors from the 7.28.1 release - -Version 7.28.1 (20 Nov 2012) - -Daniel Stenberg (20 Nov 2012) -- RELEASE-NOTES: synced with 52af6e69f079 / 7.28.1 - -Kamil Dudka (20 Nov 2012) -- [Anthony Bryan brought this change] - - RELEASE-NOTES: NSS can be used for metalink hashing - -- [Fabian Keil brought this change] - - Get test 2032 working when using valgrind - - If curl_multi_fdset() sets maxfd to -1, the socket detection - loop is skipped and thus !found_new_socket is no cause for alarm. - -- test2032: spurious failure caused by premature termination - - Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html - -Daniel Stenberg (19 Nov 2012) -- [Fabian Keil brought this change] - - Fix comment typos in test 517 - -- [Fabian Keil brought this change] - - Test 92 and 194: normalize spaces in the Server headers - - It makes no difference from curl's point of view but - makes it more convenient to use the tests with a - lws-normalizing proxy between curl and the test server. - -- [Fabian Keil brought this change] - - Add a HOSTIP precheck for tests 31 and 1105 - - They currently only work for 127.0.0.1 which - is hardcoded and can't be easily changed. - -- [Fabian Keil brought this change] - - Let test 8 work as long as %HOSTIP ends with ".0.0.1" - - .. and add a precheck to skip the test otherwise. - -- [Fabian Keil brought this change] - - Add --resolve to the keywords and name of test 1318 - - This makes it easier to skip it automatically when - the test suite is used with external proxies. - -- [Fabian Keil brought this change] - - Add FTP keywords for a couple of currently keyword-less FTP tests - -- [Fabian Keil brought this change] - - Add keywords for a couple of currently keyword-less HTTP tests - -- [Fabian Keil brought this change] - - Use carriage returns in all headers in test 31 - - Trailing spaces were left unmodifed, assuming they were intentional. - -- [Fabian Keil brought this change] - - Do not mix CRLF and LF header endings in a couple of HTTP tests - - Consistently use CRLF instead. The mixed endings weren't - documented so I assume they were unintentional. - - This change doesn't matter for curl itself but makes using - the tests with a proxy between curl and the test server - more convenient. - - Tests that consistently use no carriage returns were - left unmodified as one can easily work around this. - -- fixed memory leak: CURLOPT_RESOLVE with multi interface - - DNS cache entries populated with CURLOPT_RESOLVE were not properly freed - again when done using the multi interface. - - Test case 1502 added to verify. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3575448 - Reported by: Alex Gruz - -- RELEASE-NOTES: synced with ee588fe08807778 - - 4 more bug fixes and 4 more contributors - -- mem-include-scan: verify memory #includes - - If we use memory functions (malloc, free, strdup etc) in C sources in - libcurl and we fail to include curl_memory.h or memdebug.h we either - fail to properly support user-provided memory callbacks or the memory - leak system of the test suite fails. - - After Ajit's report of a failure in the first category in http_proxy.c, - I spotted a few in the second category as well. These problems are now - tested for by test 1132 which runs a perl program that scans for and - attempts to check that we use the correct include files if a memory - related function is used in the source code. - - Reported by: Ajit Dhumale - Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html - -- tftp_rx: code style cleanup - - Fixed checksrc warnings - -- [Fabian Keil brought this change] - - Fix the libauthretry changes from 7c0cbcf2f61 - - They broke the NTLM tests from 2023 to 2031. - -- [Christian Vogt brought this change] - - tftp_rx: handle resends - - Re-send ACK for block X in case we receive block X data again while - waiting for block X+1. - - Based on an earlier patch by Marcin Adamski. - -- autoconf: don't force-disable compiler debug option - - When nothing is told to configure, we should not enforce switching off - debug options with -g0 (or similar). We instead don't use -g at all in - that situaion and therefore allow the user's CFLAGS settings possibly - dictate what to do. - -- [Mark Snelling brought this change] - - winbuild: Fix PDB file output - - And fix some newlines to be proper CRLF - - Bug: http://curl.haxx.se/bug/view.cgi?id=3586741 - -- RELEASE-NOTES: synced with fa1ae0abcde - -- [Cristian Rodríguez brought this change] - - OpenSSL: Disable SSL/TLS compression - - It either causes increased memory usage or exposes users - to the "CRIME attack" (CVE-2012-4929) - -- [Sebastian Rasmussen brought this change] - - FILE: Make upload-writes unbuffered by not using FILE streams - -Kamil Dudka (13 Nov 2012) -- tool_metalink: fix error detection of hash alg initialization - - The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly - without any wrappers and they return 1 for success, 0 otherwise. Hence, - we have to use the same approach in all the wrapper functions that are - used for the other crypto libraries. - - This commit fixes a regression introduced in commit dca8ae5f. - -Daniel Stenberg (13 Nov 2012) -- RELEASE-NOTES: synced with 7c0cbcf2f617b - -- [Sergei Nikulov brought this change] - - fixed Visual Studio 2010 compilation - -- [Anton Malov brought this change] - - ftp: EPSV-disable fix over SOCKS - - Bug: http://curl.haxx.se/bug/view.cgi?id=3586338 - -Patrick Monnerat (12 Nov 2012) -- Merge branch 'master' of github.com:bagder/curl - -- OS400: upgrade wrappers for the 7.28.1 release. - -Daniel Stenberg (12 Nov 2012) -- runtests: limit execessive logging/output - -- [Gabriel Sjoberg brought this change] - - Digst: Add microseconds into nounce calculation - - When using only 1 second precision, curl doesn't create new cnonce - values quickly enough for all uses. - - For example, issuing the following command multiple times to a recent - Tomcat causes authentication failures: - - curl --digest -utest:test http://tomcat.test.com:8080/manager/list - - This is because curl uses the same cnonce for several seconds, but - doesn't increment the nonce counter. Tomcat correctly interprets - this as a replay attack and rejects the request. - - When microsecond-precision is available, this commit causes curl to - change cnonce values much more frequently. - - With microsecond resolution, increasing the nounce length used in the - headers to 32 was made to further reduce the risk of duplication. - -- SCP/SFTP: improve error code used for send failures - - Instead of relying on the generic CURLE error for SCP or SFTP send - failures, try passing back a more suitable error if possible. - -- Curl_write: remove unneeded typecast - -Kamil Dudka (9 Nov 2012) -- tool_metalink: allow to use hash algorithms provided by NSS - - Fixes bug #3578163: - http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976 - -- tool_metalink: allow to handle failure of hash alg initialization - -- tool_metalink: introduce metalink_cleanup() in the internal API - - ... to release resources allocated at global scope - -Daniel Stenberg (8 Nov 2012) -- hostcheck: only build for the actual users - - and make local function static - -- [Oscar Koeroo brought this change] - - SSL: Several SSL-backend related fixes - - axTLS: - - This will make the axTLS backend perform the RFC2818 checks, honoring - the VERIFYHOST setting similar to the OpenSSL backend. - - Generic for OpenSSL and axTLS: - - Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c - files to make them genericly available for both the OpenSSL, axTLS and - other SSL backends. They are now in the new lib/hostcheck.c file. - - CyaSSL: - - CyaSSL now also has the RFC2818 checks enabled by default. There is a - limitation that the verifyhost can not be enabled exclusively on the - Subject CN field comparison. This SSL backend will thus behave like the - NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words: - setting verifyhost to 0 or 1 will disable the Subject Alt Names checks - too. - - Schannel: - - Updated the schannel information messages: Split the IP address usage - message from the verifyhost setting and changed the message about - disabling SNI (Server Name Indication, used in HTTP virtual hosting) - into a message stating that the Subject Alternative Names checks are - being disabled when verifyhost is set to 0 or 1. As a side effect of - switching off the RFC2818 related servername checks with - SCH_CRED_NO_SERVERNAME_CHECK - (http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature - is being disabled. This effect is not documented in MSDN, but Wireshark - output clearly shows the effect (details on the libcurl maillist). - - PolarSSL: - - Fix the prototype change in PolarSSL of ssl_set_session() and the move - of the peer_cert from the ssl_context to the ssl_session. Found this - change in the PolarSSL SVN between r1316 and r1317 where the - POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu - PolarSSL version 1.1.4 the check is to discriminate between lower then - PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN - trunk jumped from version 1.1.1 to 1.2.0. - - Generic: - - All the SSL backends are fixed and checked to work with the - ssl.verifyhost as a boolean, which is an internal API change. - -- libcurl: VERSIONINFO update - - Since we added the curl_multi_wait function, the VERSIONINFO needed - updating. - - Reported by: Patrick Monnerat - -Guenter Knauf (8 Nov 2012) -- Added .def file to output. - - Requested by Johnny Luong on the libcurl list. - -- Added deps for static metalink-aware MinGW builds. - -Daniel Stenberg (8 Nov 2012) -- [Fabian Keil brought this change] - - Fix compilation of lib1501 - -- Curl_readwrite: remove debug output - - The text "additional stuff not fine" text was added for debug purposes a - while ago, but it isn't really helping anyone and for some reason some - Linux distributions provide their libcurls built with debug info still - present and thus (far too many) users get to read this info. - -- RELEASE-NOTES: synced with 487538e87a3d5e - - 6 new bugfixes and 3 more contributors... - -- http_perhapsrewind: consider NTLM over proxy too - - The logic previously checked for a started NTLM negotiation only for - host and not also with proxy, leading to problems doing POSTs over a - proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the - check. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3582321 - Reported by: John Suprock - -- [Lars Buitinck brought this change] - - Curl_connecthost: friendlier "couldn't connect" message - -- test1413: verify redirects to URLs with fragments - - The bug report claimed it didn't work. This problem was probably fixed - in 473003fbdf. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3581898 - -- URL parser: cut off '#' fragments from URLs (better) - - The existing logic only cut off the fragment from the separate 'path' - buffer which is used when sending HTTP to hosts. The buffer that held - the full URL used for proxies were not dealt with. It is now. - - Test case 5 was updated to use a fragment on a URL over a proxy. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3579813 - -- OpenSSL/servercert: use correct buffer size, not size of pointer - - Bug: http://curl.haxx.se/bug/view.cgi?id=3579286 - -- curl: set CURLOPT_SSL_VERIFYHOST to 0 to disable - -- test 2027/2030: take duplicate Digest requests into account - - With the reversion of ce8311c7e49eca and the new clear logic, this flaw - is present and we allow it. - -- Curl_pretransfer: clear out unwanted auth methods - - As a handle can be re-used after having done HTTP auth in a previous - request, it must make sure to clear out the HTTP types that aren't - wanted in this new request. - -- test1412: verify Digest with repeated URLs - - This test case verifies that bug 3582718 is fixed. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3582718 - Reported by: Nick Zitzmann (originally) - -- Revert "Zero out auth structs before transfer" - - This reverts commit ce8311c7e49eca93c136b58efa6763853541ec97. - - The commit made test 2024 work but caused a regression with repeated - Digest authentication. We need to fix this differently. - -- CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value - - After a research team wrote a document[1] that found several live source - codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST - option thinking it was a boolean, this change now bans 1 as a value and - will make libcurl return error for it. - - 1 was never a sensible value to use in production but was introduced - back in the days to help debugging. It was always documented clearly - this way. - - 1 was never supported by all SSL backends in libcurl, so this cleanup - makes the treatment of it unified. - - The report's list of mistakes for this option were all PHP code and - while there's a binding layer between libcurl and PHP, the PHP team has - decided that they have an as thin layer as possible on top of libcurl so - they will not alter or specifically filter a 'TRUE' value for this - particular option. I sympathize with that position. - - [1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/ - -- gnutls: fix compiler warnings - -- [Alessandro Ghedini brought this change] - - gnutls: print alerts during handshake - -- [Alessandro Ghedini brought this change] - - gnutls: fix the error_is_fatal logic - -- RELEASE-NOTES: synced with fa6d78829fd30ad - -- httpcustomheader.c: free the headers after use - -- [Dave Reisner brought this change] - - uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES - - Since automake 1.12.4, the warnings are issued on running automake: - - warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS') - - Avoid INCLUDES and roll these flags into AM_CPPFLAGS. - - Compile tested on: - Ubuntu 10.04 (automake 1:1.11.1-1) - Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2) - Arch Linux (automake 1.12.4) - -- libauthretry.c: shorten lines to fit within 80 cols - -- ftp_readresp: fix build without krb4 support - - Oops, my previous commit broke builds with krb support. - -- test/README: mention the 1500 test number range - -- FTP: prevent the multi interface from blocking - - As pointed out in Bug report #3579064, curl_multi_perform() would - wrongly use a blocking mechanism internally for some commands which - could lead to for example a very long block if the LIST response never - showed. - - The solution was to make sure to properly continue to use the multi - interface non-blocking state machine. - - The new test 1501 verifies the fix. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3579064 - Reported by: Guido Berhoerster - -Marc Hoersken (1 Nov 2012) -- winbuild: Use machine type of development environment - - This patch restores the original behavior instead of always - falling back to x86 if no MACHINE-type was specified. - -- winbuild: Additional clean up - -- [Sapien2 brought this change] - - Even more winbuild refactoring - -- [Sapien2 brought this change] - - Minor winbuild refactoring - -- [Sapien2 brought this change] - - Architecture selection for winbuild and minor makefiles refactoring - -Daniel Stenberg (1 Nov 2012) -- BUGS: fix the bug tracker URL - - The URL we used before is the one that goes directly to 'add' a bug - report, but since you can only do that after first having logged in to - sourceforge, the link often doesn't work for visitors. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3582408 - Reported by: Oscar Norlander - -- evhiperfifo: fix the pointer passed to WRITEDATA - - Bug: http://curl.haxx.se/bug/view.cgi?id=3582407 - Reported by: Oscar Norlander - -Guenter Knauf (1 Nov 2012) -- Fixed MSVC libssh2 static build. - - Since libssh2 supports now agent stuff it also depends on user32.lib. - Posted to the list by Jan Ehrhardt. - -Daniel Stenberg (23 Oct 2012) -- tlsauthtype: deal with the string case insensitively - - When given a string as 'srp' it didn't work, but required 'SRP'. - Starting now, the check disregards casing. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3578418 - Reported by: Jeff Connelly - -- asyn-ares: restore working with c-ares < 1.6.1 - - Back in those days the public ares.h header didn't include the - ares_version.h header so it needs to be included here. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3577710 - -- [Nick Zitzmann brought this change] - - metalink/md5: Use CommonCrypto on Apple operating systems - - Previously the Metalink code used Apple's CommonCrypto library only if - curl was built using the --with-darwinssl option. Now we use CommonCrypto - on all Apple operating systems including Tiger or later, or iOS 5 or - later, so you don't need to build --with-darwinssl anymore. Also rolled - out this change to libcurl's md5 code. - -- href_extractor.c: fix the URL - -- [Michał Kowalczyk brought this change] - - href_extractor: example code extracting href elements - - It does so in a streaming manner using the "Streaming HTML parser". - -- [Nick Zitzmann brought this change] - - darwinssl: un-broke iOS build, fix error on server disconnect - - The iOS build was broken by a reference to a function that only existed - under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the - server disconnected before libcurl got the chance to hang up first and - SecureTransport was in use, then we'd raise an error instead of failing - gracefully. - -- [Alessandro Ghedini brought this change] - - gnutls: put reset code into else block - - Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551 - -Guenter Knauf (13 Oct 2012) -- Fix now broken libmetalink-aware OpenSSL build. - -- Revert c44e674; add OpenSSL includes/defines. - - The makefile is designed to build against a libmetalink devel package; - therefore is does not matter what will change inside libmetalink. - Add OpenSSL includes and defines for libmetalink-aware OpenSSL builds. - -Daniel Stenberg (10 Oct 2012) -- version-bump: towards 7.28.1! - -- THANKS: 14 new contributors from 7.28.0 - -Version 7.28.0 (10 Oct 2012) - -Daniel Stenberg (10 Oct 2012) -- RELEASE-NOTES: synced with 8373ca3641 - - One bug, one contributor. Getting ready for release. - -- curl_multi_wait: no wait if no descriptors to wait for - - This is a minor change in behavior after having been pointed out by Mark - Tully and discussed on the list. Initially this case would internally - call poll() with no sockets and a timeout which would equal a sleep for - that specified time. - - Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html - Reported by: Mark Tully - -- TODO-RELEASE: cleanup for 7.28.0 - - one issue is now KNOWN_BUG #79 - - the other we just skip since nobody is working on it or is planning to - start working on it anytime soon - -- curl_multi_wait.3: style formatting mistake - -Marc Hoersken (8 Oct 2012) -- ssluse.c: md5.h is required for Curl_ossl_md5sum - -Daniel Stenberg (8 Oct 2012) -- curl_multi_wait.3: fix the name of the man page - -- curl_multi_wait.3: renamed the last argument variable for clarity - -Marc Hoersken (6 Oct 2012) -- curl_schannel.c: Fixed caching more data than required - - Do not fill the decrypted data buffer with more data unless - required in order to return the requested amount of data. - -- curl_schannel: Removed buffer limit and optimized buffer strategy - - Since there are servers that seem to return very big encrypted - data packages, we need to be able to handle those without having - an internal size limit. To avoid the buffer growing to fast to - early the initial size was decreased and the minimum free space - in the buffer was decreased as well. - -- lib/socks.c: Merged two size variables into one - -- lib/socks.c: Avoid type conversions where possible - - Streamlined variable names and types to avoid type conversions that - may result in data being lost on non 32-bit systems. - -- lib/curl_schannel.c: Hide size_t conversion warning - -- krb5/curl_rtmp.c: Hide size_t to int type conversion warning - -- security.c: Aligned internal type to return type - - Use ssize_t instead of int to avoid conversion problems on 64-bit - systems. Also added curlx_sztosi where necessary. - -- lib/curl_schannel: Increased maximum buffer size to factor 128 - -- winbuild/MakefileBuild.vc: Follow up on 0c8ccf7 - -Daniel Stenberg (2 Oct 2012) -- RELEASE-NOTES: synced with 971f5bcedd418 - - 9 new bug fixes, 5 changes, 6 more contributors - -- multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation - - During the periods of rate limitation, the speedcheck function wasn't - called and thus the values weren't updated accordingly and it would then - easily trigger wrongly once data got transferred again. - - Also, the progress callback's return code was not acknowledged in this - state so it could make an "abort" return code to get ignored and not - have the documented effect of aborting an ongoing transfer. - - Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html - Reported by: Jie He - -- [Tatsuhiro Tsujikawa brought this change] - - tool_metalink.c: Filtered resource URLs by type - - In Metalink v3, the type attribute of url element indicates the - type of the resource the URL points to. It can include URL to the - meta data, such as BitTorrent metainfo file. In Curl, we are not - interested in these meta data URLs. Instead, we are only - interested in the HTTP and FTP URLs. This change filters out - non-HTTP and FTP URLs. If we don't filter out them, it will be - downloaded by curl and hash check will fail if hash is provided - and next URL will be tried. This change will cut this useless - network transfer. - -Kamil Dudka (1 Oct 2012) -- https.c example: remember to call curl_global_init() - - ... in order not to leak memory on initializing an SSL library. - - Reported by: Tomas Mlcoch - -Daniel Stenberg (28 Sep 2012) -- FAQ: remove the date from the topmost line - -- FAQ: 5.16 I want a different time-out! - -- Curl_reconnect_request: clear pointer on failure - - The Curl_reconnect_request() function could end up returning a pointer - to a free()d struct when Curl_done() failed inside. Clearing the pointer - unconditionally after Curl_done() avoids this risk. - - Reported by: Ho-chi Chen - Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html - -- CURLOPT_CONNECTTIMEOUT: works without signals or posix too! - -Marc Hoersken (24 Sep 2012) -- Makefile.vc6: Follow up on 0c8ccf7 - -- Makefile.vc6: Added missing default library advapi32.lib - -Daniel Stenberg (19 Sep 2012) -- HTTP_ONLY: disable more protocols - -- test2006: Updated expected output to include hash name - - Output changed in commit a34197ef77cb - -- [Sergei Nikulov brought this change] - - cmake: use standard findxxx modules for cmake v2.8+ - -- [Sergei Nikulov brought this change] - - setup.h: fixed for MS VC10 build - - Bug: http://curl.haxx.se/bug/view.cgi?id=3568327 - -- TODO-RELEASE: push new features to 7.29 - - Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be - working on them I have little hope... - -Marc Hoersken (17 Sep 2012) -- metalink tests: Updated expected output to include hash name - -Daniel Stenberg (16 Sep 2012) -- [Sara Golemon brought this change] - - curl_multi_wait: Add parameter to return number of active sockets - - Minor change to recently introduced function. BC breaking, but since - curl_multi_wait() doesn't exist in any releases that should be fine. - -Marc Hoersken (14 Sep 2012) -- socks.c: Fixed warning: conversion to 'int' from 'long unsigned int' - -- http_negotiate.c: Fxied warning: unused variable 'rc' - -- ssh.c: Fixed warning: implicit conversion from enumeration type - -- socks.c: Check that IPv6 is enabled before using it's features - -- checksrc: Fixed line length and comment indentation - -- socks.c: Updated error messages to handle hostname and IPv6 - -- socks.c: Added support for IPv6 connections through SOCKSv5 proxy - -Daniel Stenberg (13 Sep 2012) -- parse_proxy: treat "socks://x" as a socks4 proxy - - Selected socks proxy in Google's Chrome browser. Resulting in the - following environment variables: - - NO_PROXY=localhost,127.0.0.0/8 - ALL_PROXY=socks://localhost:1080/ - all_proxy=socks://localhost:1080/ - no_proxy=localhost,127.0.0.0/8 - - ... and libcurl didn't treat 'socks://' as socks but instead picked HTTP - proxy. - - Reported by: Scott Bailey - - Bug: http://curl.haxx.se/bug/view.cgi?id=3566860 - -Kamil Dudka (12 Sep 2012) -- ssh: do not crash if MD5 fingerprint is not provided by libssh2 - - The MD5 fingerprint cannot be computed when running in FIPS mode. - -- ssh: move the fingerprint checking code to a separate fnc - -Marc Hoersken (12 Sep 2012) -- tool_metalink.c: Added name of validation hash to messages - - This makes it easier to debug broken hashes or hash functions. - -- wincrypt: Fixed cross-compilation issues caused by include name - - For some reason WinCrypt.h is named wincrypt.h under MinGW. - -- md5.c: Added support for Microsoft Windows CryptoAPI - -- Makefile.m32: Updated to build against libmetalink 0.1.2 - - The include and library path were moved within libmetalink, this - patch adjusts the defaults provided within the curl MinGW makefile. - -- tool_metalink.c: Added support for Microsoft Windows CryptoAPI - - Since Metalink support requires a crypto library for hash functions - and Windows comes with the builtin CryptoAPI, this patch adds that - API as a fallback to the supported crypto libraries. - It is automatically used on Windows if no other library is provided. - -- libntlmconnect.c: Fixed typo and conversion - -- libntlmconnect.c: Fixed warning: curl_easy_getinfo expects long pointer - - Fixed tests/libtest/libntlmconnect.c:52: warning: call to - '_curl_easy_getinfo_err_long' declared with attribute warning: - curl_easy_getinfo expects a pointer to long for this info - -- sws.c: Fixed warning: 'err' may be used uninitialized in this function - -- libntlmconnect.c: Fixed warning: comparison of signed/unsigned integer - - Windows does not use -1 to represent invalid sockets and the - SOCKET type is unsigned. - -- nss.c: Fixed warning: 'err' may be used uninitialized in this function - -- tool_metalink.c: Fixed error: 'O_BINARY' undeclared - - Check for O_BINARY which is not available on every system. - -- tool_metalink.c: Fixed validation of binary files containing EOF - - Since Windows/MinGW threat 0x1A as the EOF character, reading binary - files which contain that byte does not work using text mode. - The read function will only read until the first 0x1A byte. This - means that the hash is not computed from the whole file and the - final validation check using hash comparision fails. - -- winbuild: Added support for building with SPNEGO enabled - - Since Simple and Protected GSSAPI Negotiation Mechanism - is already implemented in curl and supported by the MinGW - builds, this change adds build support to winbuild makefiles. - -- winbuild: Adjusted order of options to generated config name - - Cleaned up order of handled build options by ordering them - nearly alphabetically by using the order of the generated - config name. Preparation for future/more build options. - -Daniel Stenberg (9 Sep 2012) -- [Anthony Bryan brought this change] - - MANUAL: clarified user+password in HTTP URLs - -- RELEASE-NOTES: synced with 6c6f1f64c2 - - 6 bug fixes to mention, 5 contributors - -- TODO-RELEASE: CURLSSH_AUTH_AGENT and curl_multi_wait() are done - - -321 - CURLSSH_AUTH_AGENT patch by Armel Asselin - - -324 - curl_multi_select() vs curl_multi_fdvec() etc - -Marc Hoersken (9 Sep 2012) -- curl_schannel.c: Reference count the credential/session handle - - Reference counting the credential handle should avoid that such a - handle is freed while it is still required for connection shutdown - -Daniel Stenberg (8 Sep 2012) -- [Nick Zitzmann brought this change] - - darwinssl: fixed for older Mac OS X versions - - SSL didn't work on older cats if built on a newer cat with weak-linking - turned on to support the older cat - -- [David Blaikie brought this change] - - tool_easysrc.c: Test pointers against NULL - - While validating a new Clang diagnostic (-Wnon-literal-null-conversion - - yes, the name isn't quite correct in this case, but it suffices) I found - a few violations of it in Curl. - -- SOCKS: truly disable it if CURL_DISABLE_PROXY is defined - - Bug: http://curl.haxx.se/bug/view.cgi?id=3561305 - - Patch by: Marcel Raad - -- mk-ca-bundle: detect start of trust section better - - Each certificate section of the input certdata.txt file has a trust - section following it with details. - - This script failed to detect the start of the trust for at least one - cert[*], which made the script continue pass that section into the next - one where it found an 'untrusted' marker and as a result that certficate - was not included in the output. - - [*] = "Hellenic Academic and Research Institutions RootCA 2011" - - Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html - -- [Alessandro Ghedini brought this change] - - gnutls: do not fail on non-fatal handshake errors - - Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402 - -- FILEFORMAT: the FTP commands work for more protocols - -- test1411: verify SMTP without SIZE support - -- [František Kučera brought this change] - - SMTP: only send SIZE if supported - - SMTP client will send SIZE parameter in MAIL FROM command only if server - supports it. Without this patch server might say "504 Command parameter - not implemented" and reject the message. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3564114 - -- ftpserver: respond with a 250 to SMTP EHLO - - ... and specify that SIZE is supported. 250 is the "correct" response - code according to RFC 2821 - -- RELEASE-NOTES: synced with abb0da919300e - -Dan Fandrich (3 Sep 2012) -- Updated Symbian build files - - This is untested, but at least Symbian still has a chance of - still working now. - -- Updated build docs w.r.t. Android and binary sizes - -Daniel Stenberg (1 Sep 2012) -- symbols-in-versions: new CURL_WAIT_* symbols - -- [Sara Golemon brought this change] - - Unit test for curl_multi_wait() - -- [Sara Golemon brought this change] - - Manpage for curl_multi_wait(). - -- [Sara Golemon brought this change] - - multi: add curl_multi_wait() - - /* - * Name: curl_multi_wait() - * - * Desc: Poll on all fds within a CURLM set as well as any - * additional fds passed to the function. - * - * Returns: CURLMcode type, general multi error code. - */ - CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle, - struct curl_waitfd extra_fds[], - unsigned int extra_nfds, - int timeout_ms); - -- [Nick Zitzmann brought this change] - - darwinssl: Bugfix for previous commit for older cats - - I accidentally broke functionality for versions of OS X prior to Mountain - Lion in the previous commit. This commit fixes the problems. - -- [Joe Mason brought this change] - - Use MAX_EASY_HANDLES instead of hardcoding the number of handles twice - -- test2032: bail out after last transfer - - The test would hang and get aborted with a "ABORTING TEST, since it - seems that it would have run forever." until I prevented that from - happening. - - I also fixed the data file which got broken CRLF line endings when I - sucked down the path from Joe's repo == my fault. - - Removed #37 from KNOWN_BUGS as this fix and test case verifies exactly - this. - -- [Joe Mason brought this change] - - NTLM: re-use existing connection better - - If we need an NTLM connection and one already exists, always choose that - one. - -- [Joe Mason brought this change] - - NTLM: verify multiple connections work - - Add test2032 to test that NTLM does not switch connections in the middle - of the handshake - -- curl.1: list the -w variables sorted alphabetically - -- libcurl-share.3: remove wrong info of what can be shared - - "Currently you can only share DNS and/or COOKIE data" is incorrect since - also SSL sessions can be shared. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3562261 - Reported by: Joe Mason - -- [Dave Reisner brought this change] - - examples: use do/while loop for multi examples - - It's conceivable that after the first time curl_multi_perform returns, - the outvalue still_running will be 0, but work will have been done. This - is shown by a workload of small, purely file:// based URLs. Ensure that - we always read pending messages off the multi handle by forcing the - while loop to run at least once. - -- curl.h: fix comment to refer to current names - - CURLOPT_USE_SSL should be set to CURLUSESSL_* and nothing else in modern - libcurl versions. - -- ftpsget: simple example showing a FTPS fetch - -- sftpget: SFTP is not "SSH FTP" - -- [Armel Asselin brought this change] - - sftpget: example showing a simple SFTP download - - ... using SSH-agent - -- curl_multi_perform.3: extended/clarified - -- INSTALL.cmake: clarify some flaws/limits in the cmake build - -- https.c example: spell check used define - - Bug: http://curl.haxx.se/bug/view.cgi?id=3559845 - Reported by: Olivier Berger - -- configure: update the copyright years for the output - -- [Nick Zitzmann brought this change] - - darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions - - In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number - of SecureTransport functions, some of which we were using. We now check - to see if the replacement functions are present, and if so, we use them - instead. The old functions are still present for users of older - cats. Also fixed a build warning that started to appear under Mountain - Lion - -- curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION - -- [Gokhan Sengun brought this change] - - ftp: active conn, place calling sockopt callback at the end of function - - Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket - -- [Gokhan Sengun brought this change] - - ftp: active conn, allow application to set sockopt after accept() call - - For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types. - -- configure: remove the --enable/disable-nonblocking options - - Removing this option as it currently only functions to lure people into - wrongly using it and falsely believing that libcurl will work fine - without using nonblocking sockets internally - which leads to hard to - track or understand errors. - -- [Ant Bryan brought this change] - - MANUAL review - -- curl.1: shorten lines, avoid referring to libcurl instead of curl - -- [Ant Bryan brought this change] - - curl.1: fix more consistent wording - - "If this option is used several times, the last one will be used." - uniformity - -- ssh: use the libssh2 agent API conditionally - - Commit e351972bc89aa4c brought in the ssh agent support but some uses of - the libssh2 agent API was done unconditionally which wasn't good enough - since that API hasn't always been present. - -- white space fix: shorten long line - - ... to please checksrc.pl - -Kamil Dudka (9 Aug 2012) -- docs: update the links to cipher-suites supported by NSS - - ... and make the list of cipher-suites in nss.c readable by humans. - - Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html - -- nss: do not print misleading NSS error codes - -Daniel Stenberg (8 Aug 2012) -- RELEASE-NOTES: synced with 0774386b23 - - 5 more bug fixes, one change, 6 contributors - -- [Armel Asselin brought this change] - - docs: mention CURLSSH_AUTH_AGENT - -- [Armel Asselin brought this change] - - SSH: added agent based authentication - - CURLSSH_AUTH_AGENT is a new auth type for SSH - -- bump version to 7.28.0 - - I am about to merge the first patch that adds changes into the pending - release, and thus we bump the minor number. - -- RELEASE-NOTES: added missing link - -- curl_version: fixed Value stored to 'len' is never read - - Fixed this (harmless) clang-analyzer warning. Also fixed the source - indentation level. - -- TODO-RELEASE: the (nil) bug is fixed - -- add_next_timeout: minor restructure of code - - By reading the ->head pointer and using that instead of the ->size - number to figure out if there's a list remaining we avoid the (false - positive) clang-analyzer warning that we might dereference of a null - pointer. - -- verbose messages: fixed output of hostnames in re-used connections - - I suspect this is a regression introduced in commit 207cf150, included - since 7.24.0. - - Avoid showing '(nil)' as hostname in verbose output by making sure the - hostname fixup function is called early enough to set the pointers that - are used for this. The name data is set again for each request even for - re-used connections to handle multiple hostnames over the same - connection (like with proxy) or that the casing etc of the host name is - changed between requests (which has proven to be important at least once - in the past). - - Test1011 was modified to use a redirect with a re-used a connection - since it then showed the bug and now lo longer does. There's currently - no easy way to have the test suite detect 'nil' texts in verbose ouputs - so no tests will detect if this problem gets reintroduced. - - Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html - Reported by: Gisle Vanem - -- [Nick Zitzmann brought this change] - - metalink: Un-broke the build when building --with-darwinssl - -Guenter Knauf (8 Aug 2012) -- Fix some compiler warnings. - -Daniel Stenberg (8 Aug 2012) -- TODO-RELEASE: two bugs fixed - - These are now addressed: - - 323 - patch - select.c / Curl_socket_check() interrupted - - 325 - Avoid leak of local device string when reusing connection - -- curl.1: minor format fix for --data-ascii - - ... and removal of trailing whitespace on a single line - -- [Ant Bryan brought this change] - - curl man page cleanup - -- [Mike Crowe brought this change] - - Avoid leak of local device string when reusing connection - - Ensure that the copy of the CURLOPT_INTERFACE string is freed if we - decide we can reuse an existing connection. - -- Curl_socket_check: fix timeout return value for select users - - This is the same fix applied for the conditional code that uses select() - that was already done for the poll specific code in commit - b61e8b81f5038. - -- [Maxime Larocque brought this change] - - Curl_socket_check: fix return code for timeout - - We found a problem with ftp transfer using libcurl (7.23 and 7.25) - inside an application which is receiving unix signals (SIGUSR1, - SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE - defined). - - Curl_socket_check() uses poll() to wait for the socket, and retries it - when a signal is received (EINTR). However, if a signal is received and - it also happens that the timeout has been reached, Curl_socket_check() - returns -1 instead of 0 (indicating an error instead of a timeout). - - In our case, the result is an aborted connection even before the ftp - banner is received from the server, and a return value of - CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(), - in pingpong.c, actually returns OOM if Curl_socket_check() fails :-) - Funny to debug on a system on which OOM is a possible cause). - - Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html - -- RELEASE-NOTES: synced with b4a558041fdf65c0 - -- TODO-RELEASE: fixed another bug - - bug #3544688 "crash during retry with libcurl and SFTP" - -- WSAPoll: disabled on all windows builds - - Due to WSAPoll bugs, libcurl does not work as intended. When the cURL - library is used to setup a connection to an incorrect port, normally the - result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll, - the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was - reached */. - - On August 1, Jan Koen Annot opened a case for this to Microsoft Premier - Online (https://premier.microsoft.com/). The support engineer handling - the case wrote that the case description is quite clear. He will try to - reproduce the issue and then proceed with troubleshooting it. - - Reported by: Jan Koen Annot - Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html - -- retry request: only access the HTTP data if in fact HTTP - - When figuring out if the data stream needs to be rewound when the - request is to be resent, we must not access the HTTP struct unless the - protocol used is indeed HTTP... - - Bug: http://curl.haxx.se/bug/view.cgi?id=3544688 - -- TODO: support DANE, we already support gnutls without gcrypt - -- curl-config: parentheses fix - - Braces, not parentheses, should be used for shell variable names. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3551460 - Reported by: Edward Sheldrake - -- VC build: add define for openssl - - This fixes a build failure of lib/ssluse.c. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3552997 - -- TODO-RELEASE: two bugs fixed! - -- globbing: fix segfault when >9 globs were used - - Stupid lack of range checks caused the code to overwrite local variables - after glob number nine. Added checks now. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3546353 - -- [Joe Mason brought this change] - - sws: close sockets properly - - Fix a bug where closed sockets (fd -1) were left in the all_sockets - list, because of missing parens in a pointer arithmetic expression - - Reenable the tests that were locking up due to this bug. - -- [Joe Mason brought this change] - - Remove debug logs that were accidentally checked in - -- [Joe Mason brought this change] - - Use select in sws, which has better cross-platform support than poll - -- [Joe Mason brought this change] - - Use cross-platform curlx_nonblock instead of fcntl in sws - -- operate: fix clang-analyzer warnings for never read variables - - Two separate "Value stored to 'XXX' is never read" warnings - -- operate: fix clang-analyzer warning - - Value stored to 'separator' is never read - -- metalink: change code order to build with gnutls-nettle - - Bug: http://curl.haxx.se/bug/view.cgi?id=3554668 - Reported by: Anthony G. Basile - -- gtls: fix build failure by including nettle-specific headers - - Bug: http://curl.haxx.se/bug/view.cgi?id=3554668 - Reported by: Anthony G. Basile - -Guenter Knauf (6 Aug 2012) -- Fixed compiler warning - argument is type long. - -Daniel Stenberg (6 Aug 2012) -- DISABLED: disable the new tests that do NTLM - - The tests 2025, 2028 and 2031 don't work for me so I'll have them - disabled for now until we solve the problem. - -Joe Mason (3 Aug 2012) -- Add tests of auth retries - -- Cleanup handshake after clean NTLM failure - -- Zero out auth structs before transfer - -- Add a polling loop in main to read from more than one socket at once. Add the O_NONBLOCK and - SO_KEEPALIVE flag to all sockets. Note that several loops which used to continue on a return value - of 0 (theoretical since 0 would never be returned without O_NONBLOCK) now break on 0 so that they - won't continue reading until after poll is called again. - -- Change return values of get_request, accept_connection and service_connection to add a return code - for non-blocking sockets: now -1 means error or connection finished, 1 means data was read, and 0 - means there is no data available now so need to wait for poll (new return value) - -- Hoist the loop out of get_request, and make sure that it can be reentered when a request is - half-finished. - - Note the the req struct used to be re-initialized AFTER reading pipeline data, so now that we - initialize it from the caller we must be careful not to overwrite the pipeline data. - - Also we now need to handle the case where the buffer is already full when get_request is called - - previously this never happened as it was always called with an empty buffer and looped until done. - - Now get_request is called in a loop, so the next step is to run the loop on a socket only when poll - signals it is readable. - -- Move blocks of code from the sws main loop into their own functions for easier refactoring later. - The next step will be to call the correct function after a poll, rather than looping unconditionally - -- Remove the --fork option of sws, since it makes refactoring to use poll more complicated and should - be redundant once we poll - -Kamil Dudka (30 Jul 2012) -- file: use fdopen() for uploaded files if available - - It eliminates noisy events when using inotify and fixes a TOCTOU issue. - - Bug: https://bugzilla.redhat.com/844385 - -Guenter Knauf (29 Jul 2012) -- Added DWANT_IDN_PROTOTYPES define for MSVC too. - - Discussion on the list: http://curl.haxx.se/mail/lib-2012-07/0271.html - -- Added Win32 problems. - -- Added hint to read docs/INSTALL too. - -- Added new file to distro. - -Steve Holme (28 Jul 2012) -- TODO: Updated after 7.27.0 release - - Removed APOP and SASL authentication from the POP3 section and metalink - support from the client section as these features were implemented in - this release. - - Moved adding gssapi to SASL into it's own section rather than repeat it - for each protocol. - -Daniel Stenberg (28 Jul 2012) -- TODO-RELEASE: updated after 7.27.0 release - -- THANKS: 12 new contributors from the 7.27.0 release - -- version bump: start towards next release - - Let's call it 7.27.1 for now, but it it probably going to become 7.28.0 - when released. - -Version 7.27.0 (27 Jul 2012) - -Guenter Knauf (27 Jul 2012) -- Fixed compiler warning 'unused parameter'. - -- Added prototypes to kill compiler warning. - -- Added --with-winidn to configure. - - This needs another look from the configure experts. I tested that - it works so far with MinGW64 cross-compiler; libcurl builds and - links fine, but curl not yet ... - -Daniel Stenberg (27 Jul 2012) -- [Ant Bryan brought this change] - - Update man page info on --metalink and typo. - -- RELEASE-NOTES: remove mentioned of bug never in a release - - The --silent bug came with 7561a0fc834c435 which was never in a release. - Pointed out by Kamil Dudka - -- RELEASE-NOTES: synced with 33b815e894fb - - 4 more bugfixes, 3 more contributors - -Guenter Knauf (26 Jul 2012) -- Changed Windows IDN text to 'WinIDN'. - - Synced the output to the same short form as we now use for - Windows SSL (WinSSL). - -Daniel Stenberg (25 Jul 2012) -- [Nick Zitzmann brought this change] - - darwinssl: fixed freeze involving the multi interface - - Previously the curl_multi interface would freeze if darwinssl was - enabled and at least one of the handles tried to connect to a Web site - using HTTPS. Removed the "wouldblock" state darwinssl was using because - I figured out a solution for our "would block but in which direction?" - dilemma. - -Guenter Knauf (25 Jul 2012) -- Added support for tls-srp to MinGW builds. - -Daniel Stenberg (24 Jul 2012) -- curl_easy_setopt: fix typo - - Reported by: Santhana Todatry - -- keepalive: multiply value for OS-specific units - - DragonFly uses milliseconds, while our API and Linux use full seconds. - - Reported by: John Marino - Bug: http://curl.haxx.se/bug/view.cgi?id=3546257 - -Kamil Dudka (22 Jul 2012) -- http: print reason phrase from HTTP status line on error - - Bug: https://bugzilla.redhat.com/676596 - -- tool_operate: fix misplaced initialization of orig_noprogress - - ... and orig_isatty which caused --silent to be entirely ignored in case - the standard output was redirected to a file! - -Daniel Stenberg (21 Jul 2012) -- [Anton Yabchinskiy brought this change] - - Client's "qop" value should not be quoted (RFC2617, section 3.2.2). - -Guenter Knauf (21 Jul 2012) -- Fixed typo. - -Daniel Stenberg (20 Jul 2012) -- make: make distclean work again - - The clean-local hook needed some polish to make sure make distclean - works. Added comment describing why. - -- test Makefile: only feature 'unit' once in the list of dirs - -Dan Fandrich (20 Jul 2012) -- Fixed some typos in documentation - -Guenter Knauf (20 Jul 2012) -- Fixed CR issue with Win32 version on MSYS. - - Previous fix didnt work on Linux ... - -- Fixed CR issue with Win32 version on MSYS. - -- Fixed MSYS <-> Windows path convertion. - - Replaced the Windows real path from mount hack with a more - reliable and simpler hack: the MSYS shell has a builtin pwd - which understands a -W option which does convertion to Windows - paths. Tested and confirmed that this works on all MSYS versions - I have back to a 3 year old one. - -- Follow-up fix to detect SSL libs with MinGW. - - 1) the check for winssl needs to come before nss check - 2) the SSL checks must begin with a new if or else we will - never find any SSL lib with MinGW. - -- Tell git to not convert configure-related files. - -- Trial to teach runtests.pl about WinSSL. - -- Fixed warning 'uninitialized value in numeric gt'. - - This is a MSYS/MinGW-only warning; full warning text is: - Use of uninitialized value in numeric gt (>) at ../../curl/tests/runtests.pl line 2227. - -Daniel Stenberg (15 Jul 2012) -- RELEASE-NOTES: synced with 9d11716933616 - - Fixed 6 bugs, added 3 contributors - -- multi_runsingle: added precaution against easy_conn NULL pointer - - In many states the easy_conn pointer is referenced and just assumed to - be working. This is an added extra check since analyzing indicates - there's a risk we can end up in these states with a NULL pointer there. - -- getparam: fix the GetStr() macro - - It should return PARAM_NO_MEM if the strdup fails. Spotted by - clang-analyzer - -Guenter Knauf (15 Jul 2012) -- Tell git to not convert configure-related files. - -Daniel Stenberg (13 Jul 2012) -- parse_proxy: remove dead assignment - - Spotted by clang-analyzer - -- ftp_do_more: add missing check of return code - - Spotted by clang-analyzer. The return code was never checked, just - stored. - -- getinfo: use va_end and cut off Curl_ from static funcs - - va_end() needs to be used after va_start() and we don't normally use - Curl_ prefixes for purely static functions. - -- [Philip Craig brought this change] - - Split up Curl_getinfo - - This avoids false positives from clang's scan-build. - -Guenter Knauf (12 Jul 2012) -- Added error checking for curl_global_init(). - -- Added curl_global_* functions. - -- Minor fixes to MinGW makefiles. - -Daniel Stenberg (12 Jul 2012) -- docs: mention CURL_GLOBAL_DEFAULT - -Guenter Knauf (12 Jul 2012) -- Added curl_global_* functions. - -Daniel Stenberg (12 Jul 2012) -- tests: verify the stricter numeric option parser - - Test 1409 and 1410 verifies the stricter numeric option parser - introduced the other day in commit f2b6ebed7b. - -- SWS: use of uninitialized memory fix - - I made "connmon" not get initialized properly before use, and I use the - big hammer and make sure we always clear the entire struct to avoid any - problem like this in the future. - -- test48: verify that HEAD doesn't close extra - - Two commits ago, we fixed a bug where the connction would be closed - prematurely after a HEAD. Now I added connection-monitor to test 48 and - added a second HEAD and make sure that both are sent over the same - connection. - - This triggered a failure before the bug fix and now works. Will help us - avoid a future regression of this kind. - -- connection-monitor: always log disconnect when enabled - - This makes verifying easier and makes us more sure curl closes the - connection only at the correct point in time. Adjusted test 206 and 1008 - accordingly and updated the docs for it. - -- HEAD: don't force-close after response-headers - - A HEAD response has no body length and gets the headers like the - corresponding GET would so it should not get closed after the response - based on the same rules. This mistake caused connections that did HEAD - to get closed too often without a valid reason. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3542731 - Reported by: Eelco Dolstra - -Guenter Knauf (12 Jul 2012) -- Removed trailing empty strings from awk script. - -- Cleaned up version awk script. - -- Added project copyright header. - -- Removed libcurl.imp from Makefile.am. - - Updated .gitignore for NetWare created files. - -- Added missing dependency to export list. - -- Fixed export list path. - -- Changed NetWare build to generate export list. - -- Added pointer to FAQ for linkage errors. - -- Small NetWare makefile tweak. - -- Changed MinGW makefiles to use WINSSL now. - -Daniel Stenberg (10 Jul 2012) -- test231: fix wrong -C use! - -- cmdline: parse numerical options stricter - - 1 - str2offset() no longer accepts negative numbers since offsets are by - nature positive. - - 2 - introduced str2unum() for the command line parser that accepts - numericals which are not supposed to be negative, so that it will - properly complain on apparent bad uses and mistakes. - - Bug: http://curl.haxx.se/mail/archive-2012-07/0013.html - -- docs: switch to proper UTF-8 for text file encoding - -Yang Tse (9 Jul 2012) -- Make Curl_schannel_version() return "WinSSL" - - Modification based on voting result: - - http://curl.haxx.se/mail/lib-2012-07/0104.html - -Daniel Stenberg (9 Jul 2012) -- test 46: use different path lengths to get reliable sort order - - Since the order of the cookies is sorted by the length of the paths, - having them on the same path length will make the test depend on what - order the qsort() implementation will put them. As seen in the - windows/msys output posted by Guenter in this posting: - http://curl.haxx.se/mail/lib-2012-07/0105.html - -- cookie: fixed typo in comment - -- [Christian Hägele brought this change] - - https_getsock: provided for schannel backend as well - - The function https_getsock was only implemented properly when USE_SSLEAY - or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL. - - The problem occurs when Curl_read_plain or Curl_write_plain returns - CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an - the used socket is set to state CURL_POLL_REMOVE and the easy-state is - set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket - should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's - where https_getsock is called and doesn't return any sockets. - -- RELEASE-NOTES: added a URL reference to cookie docs - -Guenter Knauf (8 Jul 2012) -- Removed obsolete include path to project root. - -Daniel Stenberg (8 Jul 2012) -- TODO-RELEASE: issue 316 NTLM over proxy is fixed - -- [Nick Zitzmann brought this change] - - darwinssl: don't use arc4random_buf - - Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the - function is not available prior to iOS 4.3 and OS X 10.7. - -- KNOWN_BUGS: #80 Curl doesn't recognize certs in DER format - -- KNOWN_BUGS: #79 - any RCPT TO failure makes and error - -Marc Hoersken (8 Jul 2012) -- winbuild: Aligned BUILD.WINDOWS.txt and Makefile.vc usage help - -- winbuild: Make USE_WINSSL depend on USE_SSPI - - Since WinSSL cannot be build without SSPI being enabled, - USE_WINSSL now defaults to the value of USE_SSPI. - - The makefile does now raise an error if WinSSL is enabled - while SSPI is disabled. - -- winbuild: Aligned USE_SSPI with other USE_x defines - - Renamed external parameter USE_SSPI = yes/no to ENABLE_SSPI = yes/no. - Backwards compatible change: USE_SSPI can still be passed as external - parameter with yes/no value as long as ENABLE_SSPI is not given. - - USE_x defines are passed around with true/false values internally, - USE_SSPI is now aligned to this approach, but still accepts external - values yes/no being passed, just like the other defines. - -- winbuild: Clean up formatting and variable naming - - - Changed space usage to line up with the whole file - - Renamed CFLAGS_SSPI/IPV6 to SSPI/IPV6_CFLAGS to be - consistent with the other CFLAGS_x variables - - Make use of existing CFLAGS_IPV6 (previously IPV6_CFLAGS) - instead of appending directly to CFLAGS - -Daniel Stenberg (7 Jul 2012) -- [Nick Zitzmann brought this change] - - darwinssl: output cipher with text, remove SNI warning - - The code was printing a warning when SNI was set up successfully. Oops. - - Printing the cipher number in verbose mode was something only TLS/SSL - programmers might understand, so I had it print the name of the cipher, - just like in the OpenSSL code. That'll be at least a little bit easier - to understand. The SecureTransport API doesn't have a method of getting - a string from a cipher like OpenSSL does, so I had to generate the - strings manually. - -- RELEASE-NOTES: synced with 5a99bce07d - -- KNOWN_BUGS: NTLM with unicode works with schannel/winssl! - - Bug #75 updated with additional info, still remains for builds with - other backends. - -- code police: narrow source to < 80 columns - -Yang Tse (5 Jul 2012) -- unicode NTLM SSPI: cleanup follow-up - -- unicode NTLM SSPI: cleanup - - Reduce the number of #ifdef UNICODE directives used in source files. - -Daniel Stenberg (5 Jul 2012) -- tests: use connection-monitor and verify results - - Test 1008 and 206 don't show the disconnect since it happens when SWS - awaits a new request, but 503 does and so the verify section needs that - string added. - -- http-proxy: keep CONNECT connections alive (for NTLM) - - When doing CONNECT requests, libcurl must make sure the connection is - alive as much as possible. NTLM requires it and it is generally good for - other cases as well. - - NTLM over CONNECT requests has been broken since this regression I - introduced in my CONNECT cleanup commits that started with 41b02378342, - included since 7.25.0. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3538625 - Reported by: Marcel Raad - -- sws: support <servercmd> for CONNECT requests - - I moved out the servercmd parsing into a its own function called - parse_servercmd() and made sure it gets used also when the test number - is extracted from CONNECT requests. It turned out sws didn't do that - previously! - -- FILEFORMAT: provided a full description of connection-monitor - -- lib503: enable verbose to ease debugging this - -- sws: add 'connection-monitor' command support - - Using this, the server will output in the protocol log when the - connection gets disconnected and thus we will verify correctly in the - test cases that the connection doesn't get closed prematurely. This is - important for example NTLM to work. - - Documentation added to FILEFORMAT, test 503 updated to use this. - -Guenter Knauf (4 Jul 2012) -- Removed non-used variable. - -- Added error checking for samples. - -- Renamed vars to avoid shadow global declaration. - -Daniel Stenberg (3 Jul 2012) -- docs: clarify how to start with curl_multi_socket_action - - Mention the CURL_SOCKET_TIMEOUT argument in step 6 of the typical - application. - -Guenter Knauf (3 Jul 2012) -- Moved some patterns to subfolder's .gitignore. - -- Merge branch 'master' of ssh://github.com/bagder/curl - -- MinGW makefile tweaks for running from sh. - - Added function macros to make path converting easier. - Added CROSSPREFIX to all compile tools. - -Yang Tse (3 Jul 2012) -- [Marc Hoersken brought this change] - - curl_ntlm_msgs.c: Removed unused variable passwd - -Guenter Knauf (3 Jul 2012) -- Added files generated by mingw32, eclipse and VC. - - Posted by Marc Hoersken. - -Daniel Stenberg (3 Jul 2012) -- cookies: change the URL in the cookie jar file header - -- HTTP-COOKIES: clarified and modified layout - -- HTTP-COOKIES: use the FAQ document layout - -- HTTP-COOKIES: added cookie documentation - -Yang Tse (3 Jul 2012) -- curl_ntlm_msgs.c: include <tchar.h> for prototypes - -- [Neil Bowers brought this change] - - testcurl.pl: fix missing semicolon - -Daniel Stenberg (2 Jul 2012) -- [Christian Hägele brought this change] - - unicode NTLM SSPI: heap corruption fixed - - When compiling libcurl with UNICODE defined and using unicode characters - in username. - -Yang Tse (2 Jul 2012) -- testcurl.pl: allow non in-tree c-ares enabled autobuild - -- configure.ac: verify that libmetalink is new enough - - Enabling test2017 to test2022. - -- [Tatsuhiro Tsujikawa brought this change] - - curl: Added runtime version check for libmetalink - -- [Tatsuhiro Tsujikawa brought this change] - - Include metalink/metalink.h for libmetalink functions - -Daniel Stenberg (2 Jul 2012) -- errors: CURLM_CALL_MULTI_PERFORM is not returned anymore - -- release: cleaned up plans for this and coming release - -Yang Tse (29 Jun 2012) -- curl-compilers.m4: remove -Wstrict-aliasing=3 from clang - - Currently it is unknown if there is any version of clang that - actually supports -Wstrict-aliasing. What is known is that there - are several that don't support it. - -- test2017 to test2022: more metalink tests - - With this commit, checks done in previous test2017 are now done in test2018. - - Whole range test2017 to test2022 DISABLED until configure is capable of - requiring a new-enough metalink library. - - Don't try these without mentioned check in place! - -- test2005 to test2016: improve failure detection - -- lib582.c: fix conversion warning - -- nss.c: #include warnless.h for curlx_uztosi and curlx_uztoui prototypes - -- [Marc Hoersken brought this change] - - nss.c: Fixed size_t conversion warnings - -- sslgen.c: cleanup temporary compile-time SSL-backend check - -Daniel Stenberg (28 Jun 2012) -- schannel: provide two additional (dummy) API defines - -Yang Tse (28 Jun 2012) -- [Tatsuhiro Tsujikawa brought this change] - - Metalink: message updates - - Print "parsing (...) OK" only when no warnings are generated. If - no file is found in Metalink, treat it FAILED. - - If no digest is provided, print WARNING in parse_metalink(). - Also print validating FAILED after download. - - These changes make tests 2012 to 2016 pass. - -Daniel Stenberg (27 Jun 2012) -- sslgen: avoid compiler error in SSPI builds - -Yang Tse (27 Jun 2012) -- ssluse.c: fix compiler warning: conversion to 'int' from 'size_t' - - Reported by Tatsuhiro Tsujikawa - - http://curl.haxx.se/mail/lib-2012-06/0371.html - -- sslgen.c: add compile-time check for SSL-backend completeness - -- build: add our standard includes to curl_darwinssl.c and curl_multibyte.c - -- build: add curl_schannel and curl_darwinssl files to other build systems - -- tests: add five more Metalink test cases - -- tests: update Metalink message format - -- [Tatsuhiro Tsujikawa brought this change] - - Metalink: updated message format - -- [Nick Zitzmann brought this change] - - DarwinSSL: allow using NTLM authentication - - Allow NTLM authentication when building using SecureTransport (Darwin) for SSL. - - This uses CommonCrypto, a cryptography library that ships with all versions of - iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few - less-common cyphers and doesn't have a big number data structure. - -- curl_darwinssl.h: add newline at end of file - -Daniel Stenberg (26 Jun 2012) -- ossl_seed: remove leftover RAND_screen check - - Before commit 2dded8fedba (dec 2010) there was logic that used - RAND_screen() at times and now I remove the leftover #ifdef check for - it. - - The seeding code that uses Curl_FormBoundary() in ossl_seed() is dubious - to keep since it hardly increases randomness but I fear I'll break - something if I remove it now... - -Yang Tse (26 Jun 2012) -- [Nick Zitzmann brought this change] - - DarwinSSL: several adjustments - - - Renamed st_ function prefix to darwinssl_ - - Renamed Curl_st_ function prefix to Curl_darwinssl_ - - Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h - - Fixed a teensy little bug that made non-blocking connection attempts block - - Made it so that it builds cleanly against the iOS 5.1 SDK - -- curl-compilers.m4: -Wstrict-aliasing=3 for warning enabled gcc and clang builds - -- [Marc Hoersken brought this change] - - sockaddr.h: Fixed dereferencing pointer breakin strict-aliasing - - Fixed warning: dereferencing pointer does break strict-aliasing rules - by using a union inside the struct Curl_sockaddr_storage declaration. - -Daniel Stenberg (26 Jun 2012) -- SSL cleanup: use crypto functions through the sslgen layer - - curl_ntlm_msgs.c would previously use an #ifdef maze and direct - SSL-library calls instead of using the SSL layer we have for this - purpose. - -- [Nick Zitzmann brought this change] - - darwinssl: add support for native Mac OS X/iOS SSL - -- RELEASE-NOTES: link to more metalink info - -- RELEASE-NOTES: synced with d025af9bb576 - -Yang Tse (25 Jun 2012) -- curl_schannel.c: Remove redundant NULL assignments following Curl_safefree() - -- [Marc Hoersken brought this change] - - curl_schannel.c: Replace free() with Curl_safefree() - -- [Tatsuhiro Tsujikawa brought this change] - - curl.1: Updated Metalink description in man page - - Documented that --include will be ignored if both --metalink - and --include are specified. - Also documented that a Metalink file in the local file system - cannot be used if FILE protocol is disabled. - -Steve Holme (24 Jun 2012) -- DOCS: Added clarification to CURLOPT_CUSTOMREQUEST for the POP3 protocol - - Bug: http://curl.haxx.se/mail/lib-2012-06/0302.html - Reported by: Nagai H - -- smtp: Corrected result code for MAIL, RCPT and DATA commands - - Bug: http://curl.haxx.se/mail/lib-2012-06/0094.html - Reported by: Dan - -Daniel Stenberg (24 Jun 2012) -- [Ghennadi Procopciuc brought this change] - - test: Added test HTTP receive cookies over IPv6 - -Yang Tse (22 Jun 2012) -- tests: add another Metalink test case - -- [Tatsuhiro Tsujikawa brought this change] - - tests: Enable test2010 and fixed hash value - -- [Tatsuhiro Tsujikawa brought this change] - - Metalink: ignore --include if --metalink is used. - - Including headers in response body will break Metalink XML parser. - If it is included in the file described in Metalink XML, hash check - will fail. Therefore, --include should be ignored if --metalink is - used. - -- tests: add six Metalink test cases - -- test 2005: add verification of hash checking outcome - -- getpart.pm: remove misleading comment - -- [Tatsuhiro Tsujikawa brought this change] - - curl: Prefixed all Metalink related messages with "Metalink: " - -- [Tatsuhiro Tsujikawa brought this change] - - tests: Added Metalink test case # 2005 - -- [Tatsuhiro Tsujikawa brought this change] - - curl: Restore noprogress and isatty config values. - - The noprogress and isatty in Configurable are global, in a sense - that they persist in one curl invocation. Currently once one - download writes its response data to tty, they are set to FALSE - and they are not restored on successive downloads. This change - first backups the current noprogress and isatty, and restores - them when download does not write its data to tty. - -- [Tatsuhiro Tsujikawa brought this change] - - curl: Made --metalink option toggle Metalink functionality - - In this change, --metalink option no longer takes argument. If - it is specified, given URIs are processed as Metalink XML file. - If given URIs are remote (e.g., http URI), curl downloads it - first. Regardless URI is local file (e.g., file URI scheme) or - remote, Metalink XML file is not written to local file system and - the received data is fed into Metalink XML parser directly. This - means with --metalink option, filename related options like -O - and -o are ignored. - - Usage examples: - - $ curl --metalink http://example.org/foo.metalink - - This will download foo.metalink and parse it and then download - the URI described there. - - $ curl --metalink file://foo.metalink - - This will parse local file foo.metalink and then download the URI - described there. - -- [Tatsuhiro Tsujikawa brought this change] - - curl: Refactored metalink_checksum - - When creating metalink_checksum from metalink_checksum_t, first - check hex digest is valid for the given hash function. We do - this check in the order of digest_aliases so that first good - match will be chosen (strongest hash function available). As a - result, the metalinkfile now only contains at most one - metalink_checksum because other entries are just redundant. - -- [Gisle Vanem brought this change] - - tool_doswin.c: fix djgpp function _use_lfn() used without a prototype - - http://curl.haxx.se/mail/archive-2012-06/0028.html - -- build: fix RESOURCE bug in lib/Makefile.vc* - - Removed two, not intended to exist, RESOURCE declarations. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3535977 - - And sorted configuration hunks to reflect same internal order - as the one shown in the usage message. - -Daniel Stenberg (20 Jun 2012) -- [Marc Hoersken brought this change] - - schannel: Implement new buffer size strategy - - Increase decrypted and encrypted cache buffers using limitted - doubling strategy. More information on the mailinglist: - http://curl.haxx.se/mail/lib-2012-06/0255.html - - It updates the two remaining reallocations that have already been there - and fixes the other one to use the same "do we need to increase the - buffer"-condition as the other two. CURL_SCHANNEL_BUFFER_STEP_SIZE was - renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it - is now. Since we don't know how much more data we are going to read - during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the - minimum free space required in the buffer for the next operation. - CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since - we don't have a step size now, the define was renamed. - -Yang Tse (20 Jun 2012) -- schannel SSL: fix compiler warning - -- [Mark Salisbury brought this change] - - schannel SSL: fix for renegotiate problem - - In schannel_connect_step2() doread should be initialized based - on connssl->connecting_state. - -- [Tatsuhiro Tsujikawa brought this change] - - runtests.pl: make it support metalink feature - -- getpart.pm: make test definition section/part parser more robust - - Test definition section parts which needed to include xml-lingo as contents - of that part required that the xml-blurb was written as a single line. Now the - xml-data inside the part can be written multiline making it more readable. - - Tested with <client><file> part which is written to disk before <command> runs. - -Daniel Stenberg (20 Jun 2012) -- schannel_connect_step2: checksrc whitespace fix - -Yang Tse (20 Jun 2012) -- [Mark Salisbury brought this change] - - schannel SSL: changes in schannel_connect_step2 - - Process extra data buffer before returning from schannel_connect_step2. - Without this change I've seen WinCE hang when schannel_connect_step2 - returns and calls Curl_socket_ready. - - If the encrypted handshake does not fit in the intial buffer (seen with - large certificate chain), increasing the encrypted data buffer is necessary. - - Fixed warning in curl_schannel.c line 1215. - -- [Mark Salisbury brought this change] - - config-win32ce.h: WinCE config adjustment - - process.h is not present on WinCE - -- [Mark Salisbury brought this change] - - schannel SSL: Made send method handle unexpected cases better - - Implemented timeout loop in schannel_send while sending data. This - is as close as I think we can get to write buffering; I put a big - comment in to explain my thinking. - - With some committer adjustments - -Daniel Stenberg (19 Jun 2012) -- [Marc Hoersken brought this change] - - curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer size - -Yang Tse (19 Jun 2012) -- [Mark Salisbury brought this change] - - schannel SSL: Use standard Curl read/write methods - - Replaced calls to swrite with Curl_write_plain and calls to sread - with Curl_read_plain. - - With some committer adjustments - -- schannel SSL: make wording of some trace messages better reflect reality - -Daniel Stenberg (19 Jun 2012) -- [Marc Hoersken brought this change] - - curl_schannel.h: Use BUFSIZE as the initial buffer size if available - - Make the Schannel implementation use libcurl's default buffer size - for the initial received encrypted and decrypted data cache buffers. - The implementation still needs to handle more data since more data - might have already been received or decrypted during the handshake - or a read operation which needs to be cached for the next read. - -Guenter Knauf (19 Jun 2012) -- Fixed NetWare makefile broken from last commit. - -Yang Tse (19 Jun 2012) -- [Mark Salisbury brought this change] - - schannel SSL: Implemented SSL shutdown - - curl_schannel.c - implemented graceful SSL shutdown. If we fail to - shutdown the connection gracefully, I've seen schannel try to use a - session ID for future connects and the server aborts the connection - during the handshake. - -- [Mark Salisbury brought this change] - - schannel SSL: certificate validation on WinCE - - curl_schannel.c - auto certificate validation doesn't seem to work - right on CE. I added a method to perform the certificate validation - which uses CertGetCertificateChain and manually handles the result. - -- [Mark Salisbury brought this change] - - schannel SSL: Added helper methods to simplify code - - Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it - easier to set up SecBuffer & SecBufferDesc structs. - -Guenter Knauf (18 Jun 2012) -- Some more NetWare makefile tweaks for metalink. - -Yang Tse (18 Jun 2012) -- tool_cb_see.c: WinCE build adjustment - -- [Mark Salisbury brought this change] - - setup.h: WinCE build adjustment - -- [Mark Salisbury brought this change] - - ftplistparser.c: do not compile if FTP protocol is not enabled - -- Win32: downplay MS bazillion type synonyms game - - Avoid usage of some MS type synonyms to allow compilation with - compiler headers that don't define these, using simpler synonyms. - -Daniel Stenberg (15 Jun 2012) -- Curl_rtsp_parseheader: avoid useless malloc/free - - Coverity actually pointed out flawed logic in the previous call to - Curl_strntoupper() where the code used sizeof() of a pointer to pass in - a size argument. That code still worked since it only needed to - uppercase 4 letters. Still, the entire malloc/uppercase/free sequence - was pointless since the code has already matched the string once in the - condition that starts the block of code. - -- curl_share_setopt: use va_end() - - As spotted by Coverity, va_end() was not used previously. To make it - used I took away a bunch of return statements and made them into - assignments instead. - -Yang Tse (15 Jun 2012) -- SSPI related code: Unicode support for WinCE - kill compiler warnings - -- [Mark Salisbury brought this change] - - SSPI related code: Unicode support for WinCE - commit 46480bb9 follow-up - -- build: add curl_multibyte files to build systems - -- [Mark Salisbury brought this change] - - SSPI related code: Unicode support for WinCE - - SSPI related code now compiles with ANSI and WCHAR versions of security - methods (WinCE requires WCHAR versions of methods). - - Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file. - - curl_sasl.c - include curl_memory.h to use correct memory functions. - - getenv.c and telnet.c - WinCE compatibility fix - - With some committer adjustments - -Guenter Knauf (15 Jun 2012) -- Fixed typo. - -Yang Tse (14 Jun 2012) -- winbuild/MakefileBuild.vc: convert line endings to DOS style - - As per request on mailing list: http://curl.haxx.se/mail/lib-2012-06/0222.html - -- [Marc Hoersken brought this change] - - winbuild: Allow SSPI build with or without Schannel - - The changes introduced in commit 2bfa57bc32 are not enough - to make it actually possible to use the USE_WINSSL option. - Makefile.vc was not updated and the configuration name which is - used in the build path did not match between both build files. - - This patch fixes those issues and introduces the following changes: - - - Replaced the -schannel name with -winssl in order to be consistent - with the other options - - Added ENABLE_WINSSL option to winbuild/Makefile.vc (default yes) - - Changed winbuild/MakefileBuild.vc to set USE_WINSSL to true if - USE_SSL is false and USE_WINSSL was not specified as a parameter - - Separated WINSSL handling from SSPI handling to be consistent with - the other options and their corresponding code path - -- curl.1: 7.27.0 seems next release - -- schannel: fix printf-style format strings - -- Fix bad failf() and info() usage - - Calls to failf() are not supposed to provide trailing newline. - Calls to infof() must provide trailing newline. - - Fixed 30 or so strings. - -- schannel: fix unused parameter warnings - -- schannel: fix comparisons between signed and unsigned - -- schannel: fix discarding qualifier from pointer type - -- schannel: fix shadowing of global declarations - -- schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarations - -- [Gisle Vanem brought this change] - - urldata.h: fix cyassl/openssl/ssl.h build clash with wincrypt.h - - Building with CyaSSL failed compilation. Reason being that OCSP_REQUEST and - OCSP_RESPONSE are enum values in CyaSSL and defines in <wincrypt.h> included - via <winldap.h> in ldap.c. - - http://curl.haxx.se/mail/lib-2012-06/0196.html - -- MakefileBuild.vc: Allow building without SSL - - In order to use Windows native SSL support define 'USE_WINSSL' - -- configure: new option --with-winssl - - This option may be used to build curl/libcurl using SSL/TLS support provided - by MS windows system libraries. Option is mutually exclusive with any other - SSL library. Default value is --without-winssl. - - --with-winssl option implies --with-sspi option. - - Option meaningful only for Windows builds. - -Guenter Knauf (13 Jun 2012) -- Changed Schannel string to SSL-Windows-native. - - This is more descriptive for the user who might - not even know what schannnel is at all. - -Yang Tse (13 Jun 2012) -- schannel: remove version number and identify its use with 'schannel' literal - - Version number is removed in order to make this info consistent with - how we do it with other MS and Linux system libraries for which we don't - provide this info. - - Identifier changed from 'WinSSPI' to 'schannel' given that this is the - actual provider of the SSL/TLS support. libcurl can still be built with - SSPI and without SCHANNEL support. - -Daniel Stenberg (12 Jun 2012) -- singlesocket: remove dead code - - No need to check if 'entry' is non-NULL in a spot where it is already checked - and guaranteed to be non-NULL. - - (Spotted by a Coverity scan) - -- netrc: remove dead code - - Remove two states from the enum and the corresponding code for them as - these states were never reached or used. - - (Spotted by a Coverity scan) - -Yang Tse (12 Jun 2012) -- Revert "connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing" - - This reverts commit 9c94236e6cc078a0dc5a78b6e2fefc1403e5375e. - - It didn't server its purpose, so lets go back to long-time working code. - -- socks_sspi.c: further cleanup - -- [Marc Hoersken brought this change] - - socks_sspi.c: Clean up and removal of obsolete minor status - - Removed obsolete minor status variable and parameter of status function - which was never used or set at all. Also Curl_sspi_strerror does support - only one status and there is no need for a second sub status. - -Guenter Knauf (12 Jun 2012) -- Removed trailing whitespaces. - -Yang Tse (12 Jun 2012) -- strerror.c: make Curl_sspi_strerror() always return code for errors - -- curl_sspi.h: provide sspi status definitions missing in old headers - -- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function - -- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function - -Daniel Stenberg (11 Jun 2012) -- Revert: 634f7cfee40d4658 partially - - Make sure CURL_VERSION_SSPI is present and works as in previous releases - for ABI and API compatibility reasons. - -- checksrc: shorten a few lines to comply - -- cleanup: remove trailing whitespace - -- [Marc Hoersken brought this change] - - winbuild: Removed WITH_SSL=schannel and tie schannel to SSPI - - Removed specific WITH_SSL=schannel paramter that did not fit the general - schema and complicated the parameters. For now Schannel will be enabled - if SSPI is enabled and OpenSSL is disabled. - -- [Steve Holme brought this change] - - Makefile.vc6: Added version.lib if built with SSPI - -- [Marc Hoersken brought this change] - - winbuild: Updated winbuild scripts to add schannel - -- [Marc Hoersken brought this change] - - mingw32: Fixed warning of USE_SSL being redefined - -- [Marc Hoersken brought this change] - - sspi: Fixed incompatible parameter pointer type in Curl_sspi_version - -- [Marc Hoersken brought this change] - - sspi: Updated RELEASE-NOTES, FEATURES and THANKS - -- [Marc Hoersken brought this change] - - setup.h: Automatically define USE_SSL if USE_SCHANNEL is defined - -- [Marc Hoersken brought this change] - - version: Replaced SSPI feature information with version string details - - Added Windows SSPI version information to the curl version string when - SCHANNEL SSL is not enabled, as the version of the library should also - be included when SSPI is used to generate security contexts. - - Removed SSPI from the feature list as the features are GSS-Negotiate, - NTLM and SSL depending on the usage of the SSPI library. - -- [Steve Holme brought this change] - - sspi.c: Post Curl_sspi_version() rework code tidy up - - Removed duplicate blank lines. - Removed spaces between the not and test in various if statements. - Removed explicit test of NULL in an if statement. - Placed function returns on same line as function declarations. - Replaced the use of curl_maprintf() with aprintf() as it is the - preprocessor job to do this substitution if ENABLE_CURLX_PRINTF - is set. - -- [Steve Holme brought this change] - - sspi: Reworked Curl_sspi_version() to return version components - - Reworked the version function to return four version components rather - than a string that has to be freed by the caller. - -- [Guenter Knauf brought this change] - - configure.ac: Added -lversion if built with SSPI - -- [Marc Hoersken brought this change] - - schannel: Code cleanup and bug fixes - - curl_sspi.c: Fixed mingw32-gcc compiler warnings - curl_sspi.c: Fixed length of error code hex output - - The hex value was printed as signed 64-bit value on 64-bit systems: - SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322) - - It is now correctly printed as the following: - SEC_E_WRONG_PRINCIPAL (0x80090322) - - curl_sspi.c: Fallback to security function table version number - Instead of reporting an unknown version, the interface version is used. - - curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version - curl_schannel: Replaced static buffer sizes with defined names - curl_schannel.c: First brace when declaring functions on column 0 - curl_schannel.c: Put the pointer sign directly at variable name - curl_schannel.c: Use structs directly instead of typedef'ed structs - curl_schannel.c: Removed space before opening brace - curl_schannel.c: Fixed lines being longer than 80 chars - -- [Marc Hoersken brought this change] - - curl_sspi: Added Curl_sspi_version function - - Added new function to get SSPI version as string. - Added required library version.lib to makefiles. - Changed curl_schannel.c to use Curl_sspi_version. - -- [Guenter Knauf brought this change] - - schannel: Updated mingw32 makefiles - -- [Marc Hoersken brought this change] - - schannel: Replace ASCII specific code with general defines - -- [Marc Hoersken brought this change] - - schannel: Added definitions which are missing in mingw32 - -- [Marc Hoersken brought this change] - - schannel: Moved interal struct types to urldata.h - - Moved type definitions in order to avoid inclusion loop - -- [Marc Hoersken brought this change] - - schannel: Fixed compiler warnings about pointer type assignments - -- [Marc Hoersken brought this change] - - schannel: Fixed critical typo in conditions and added buffer length checks - -- [Marc Hoersken brought this change] - - sspi: Refactored socks_sspi and schannel to use same error message functions - - Moved the error constant switch to curl_sspi.c and added two new helper - functions to curl_sspi.[ch] which either return the constant or a fully - translated message representing the SSPI security status. - Updated socks_sspi.c and curl_schannel.c to use the new functions. - -- [Marc Hoersken brought this change] - - schannel: Added special shutdown check for Windows 2000 Professional - - Windows 2000 Professional: Schannel returns SEC_E_OK instead - of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer - is zero and the first byte of the encrypted packet is 0x15, - the application can safely assume that the message was a - close_notify message and change the return value to - SEC_I_CONTEXT_EXPIRED. - - Connection shutdown does not mean that there is no data to read - Correctly handle incomplete message and ask curl to re-read - Fixed buffer for decrypted being to small - Re-structured read condition to be more effective - Removed obsolete verbose messages - Changed memory reduction method to keep a minimum buffer of size 4096 - -- [Marc Hoersken brought this change] - - schannel: Implemented SSL/TLS renegotiation - - Updated TODO information and added related MSDN articles - -- [Marc Hoersken brought this change] - - schannel: Save session credential handles in session cache - -- [Marc Hoersken brought this change] - - schannel: Code cleanup - -- [Marc Hoersken brought this change] - - schannel: Check for required context attributes - -- [Marc Hoersken brought this change] - - schannel: Allow certificate and revocation checks being deactivated - -- [Marc Hoersken brought this change] - - schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPI - -- [Marc Hoersken brought this change] - - http: Replaced specific SSL libraries list in https_getsock fallback - -- [Marc Hoersken brought this change] - - connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing - - Fixed warning: dereferencing pointer does break strict-aliasing rules - by using a union instead of separate pointer variables. - Internal union sockaddr_u could probably be moved to generic header. - Thanks to Paul Howarth for the hint about using unions for this. - - Important for winbuild: Separate declaration of sockaddr_u pointer. - The pointer variable *sock cannot be declared and initialized right - after the union declaration. Therefore it has to be a separate statement. - -- [Marc Hoersken brought this change] - - curl_ntlm_msgs.c: Fixed passwdlen not being used and recalculated - -Yang Tse (11 Jun 2012) -- tests: fix test definitions # 1355, 1363, 1385 and 1393 - - -i without HTTP protocol shall not include headers in the output - -Daniel Stenberg (10 Jun 2012) -- Curl_pgrsDone: return int and acknowledge return code - - Since Curl_pgrsDone() itself calls Curl_pgrsUpdate() which may return an - abort instruction or similar we need to return that info back and - subsequently properly handle return codes from Curl_pgrsDone() where - used. - - (Spotted by a Coverity scan) - -Steve Holme (10 Jun 2012) -- [Marc Hoersken brought this change] - - winbuild: Fixed environment variables being lost - - Fixed USE_IPV6 and USE_IDN not being passed - from Makefile.vc to MakefileBuild.vc - Fixed whitespace and formatting issues - Fixed typo and format in help message - -Guenter Knauf (9 Jun 2012) -- Added metalink support to NetWare builds. - -Steve Holme (9 Jun 2012) -- smtp.c: Removed unused variable - -- smtp: Post apop feature code tidy up - -- pop3: Post apop feature code tidy up - -- pop3: Added support for apop authentication - -- pop3: Enhanced the extended authentication mechanism detection - - Enhanced the authentication type / mechanism detection in preparation - for the introduction of APOP support. - -- pop3.c: Fixed length of SASL check - -Yang Tse (9 Jun 2012) -- Fixes allowing 26 more test cases in 1334 to 1393 range to succeed - -- tests: fix test definitions # 1370 and 1371 - - -J without -O shall not honor C-D filename - -Daniel Stenberg (9 Jun 2012) -- OpenSSL: support longer certificate subject names - - Previously it would use a 256 byte buffer and thus cut off very long - subject names. The limit is now upped to the receive buffer size, 16K. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3533045 - Reported by: Anthony G. Basile - -Kamil Dudka (8 Jun 2012) -- ssl: fix duplicated SSL handshake with multi interface and proxy - - Bug: https://bugzilla.redhat.com/788526 - Reported by: Enrico Scholz - -Daniel Stenberg (8 Jun 2012) -- tool_getparam.h: fix compiler error - - forward declare the Configurable struct - -- metalink: restore some includes - - Commit eeeba1496cbca removed them and thus broke my Linux build - -- openldap: OOM fixes - - when calloc fails, return error! (Detected by Fortify) - - Reported by: Robert B. Harris - -Steve Holme (8 Jun 2012) -- sasl: Re-factored mechanism constants in preparation for APOP work - -Yang Tse (8 Jun 2012) -- metalink: build fixes and adjustments II - - Additionally, make hash checking ability mandatory in order to allow metalink - support in curl. - - A command line option could be introduced to skip hash checking at runtime, - but the ability to check hashes should always be built-in when providing - metalink support. - -Guenter Knauf (8 Jun 2012) -- Added metalink support to MinGW builds. - -Daniel Stenberg (7 Jun 2012) -- log2changes.pl: fix the Version output - - Previously it could easily wrongly get repeated - -Yang Tse (7 Jun 2012) -- metalink: build fixes and adjustments I - -Daniel Stenberg (7 Jun 2012) -- lib554.c: use curl_formadd() properly - - The length/size options take longs so make sure to pass on such types. - - Reported by: Neil Bowers - Bug: http://curl.haxx.se/mail/lib-2012-06/0001.html - -Steve Holme (7 Jun 2012) -- smtp.c: Re-factored the smtp_state_*_resp() functions - - Re-factored the smtp_state_*_resp() functions to 1) Match the constants - that were refactored in commit 00fddba6727c, 2) To be more readable and - 3) To match their counterparties in pop3.c. - -Yang Tse (7 Jun 2012) -- Fixes allowing HTTP test cases 1338, 1339, 1368 and 1369 to succeed - -- tests 1364 to 1393: several -o filename -J -i -D combinations for HTTP and FTP - -- tests 1348 to 1363: test definition polishing - - Verify that the "Saved to filename 'blabla'" message is only displayed when - the 'blabla' filename being used _actually_ has been specified by the server - in the Content-Disposition header. - - Use relative path for unintended file creation postcheck. - -Steve Holme (6 Jun 2012) -- smtp: Re-factored the SMTP_AUTH* state machine constants - - Re-factored the SMTP_AUTH* constants, that are used by the state - machine, to be clearer to read. - -Guenter Knauf (6 Jun 2012) -- Added hint for pkg-config wrapper script. - -- Updated Android section with recent NDK. - - The r7b had some bugs, and shouldnt be used. - -Yang Tse (6 Jun 2012) -- Disable non-HTTP header related tests - - These now detect incompleate header data and fail - -- tests 1348 to 1363: compleate header data part of test definition - -- tests 1334 to 1363 revisited. - - Add a postcheck section to verify unintended file creation. - - Remove needless <file> checks in verify section. Renumbering where appropriate. - -- tests: adjust file part behavior in test verify section. - - When a <file> part is now specified with no contents at all, this - will actually verify that the specified file has no contents at all. - Previously file contents would be ignored. - -Steve Holme (5 Jun 2012) -- smtp.c: Removed whitespace - -- pop3: Another small code tidy up - - Missed some comments that we identified during the SMTP tidy up earlier. - -- smtp: Post authentication code tidy up - - Corrected lines longer than 78 characters. - - Removed unnecessary braces in smtp_state_helo_resp(). - - Introduced some comments in data sending functions. - - Tidied up comments to match changes made in pop3.c. - -Yang Tse (5 Jun 2012) -- tests 1348 to 1363: add a comma in test description - -Steve Holme (5 Jun 2012) -- email: Removed duplicated header file - -- sasl: Renamed Curl_sasl_decode_ntlm_type2_message() - - For consistency with other SASL based functions renamed this function - to Curl_sasl_create_ntlm_type3_message() which better describes its - usage. - -- pop3: Post authentication code tidy up - - Corrected lines longer than 78 characters. - - Changed POP3_AUTH_FINAL to POP3_AUTH to match SMTP code now that the - AUTH command is no longer sent on its own. - - Introduced some comments in data sending functions. - - Another attempt at trying to rational code and comment style. - -- pop3: Added support for sasl digest-md5 authentication - -Yang Tse (4 Jun 2012) -- sasl: add reference for curl_sasl - -- Makefile.inc: tab adjustment - -Daniel Stenberg (4 Jun 2012) -- pop3 tests: CAPA instead of AUTH - - After Steve's commit e336bc7c42c7340 test 1319 and 1407 need to check - for CAPA instead of AUTH. - -Steve Holme (4 Jun 2012) -- sasl: Added service parameter to Curl_sasl_create_digest_md5_message() - - Added a service type parameter to Curl_sasl_create_digest_md5_message() - to allow the function to be used by different services rather than being - hard coded to "smtp". - -Yang Tse (4 Jun 2012) -- tests 1356 to 1363: several -O -J -i -D combinations with FTP protocol - - Currently 1356 to 1362 succeed but a write failure is logged in traceNNNN. - - Currently 1363 fails, so disabled for now. - -Steve Holme (4 Jun 2012) -- tests: Updated pop3 tests for change in auth mechanism detection - -- pop3: Changed the sasl mechanism detection from auth to capa - - Not all SASL enabled POP3 servers support the AUTH command on its own - when trying to detect the supported mechanisms. As such changed the - mechanism detection to use the CAPA command instead. - -Daniel Stenberg (4 Jun 2012) -- curl_easy_setopt.3: proto updates + cleanups - - - For all *FUNCTION options, they now all show the complete prototype in - the description. Previously some of them would just refer to a - typedef'ed function pointer in the curl.h header. - - - I made the phrasing of that "Pass a pointer to a function that matches - the following prototype" the same for all *FUNCTION option descriptions. - - - I removed some uses of 'should'. I think I sometimes over-use this - word as in many places I actually mean MUST or otherwise more specific - and not-so-optional synonyms. - -Yang Tse (4 Jun 2012) -- tests 1348 to 1355: several -O -J -i -D combinations with FTP protocol - - Currently 1348 to 1354 succeed but a write failure is logged in traceNNNN. - - Currently 1355 fails, so disabled for now. - -- tests 1346 to 1347: several -O -J -i -D combinations with HTTP protocol - -Steve Holme (4 Jun 2012) -- sasl: Small code tidy up - - Reworked variable names in Curl_sasl_create_cram_md5_message() to match - those in Curl_sasl_create_digest_md5_message() as they are more - appropriate. - -- sasl: Moved digest-md5 authentication message creation from smtp.c - - Moved the digest-md5 message creation from smtp.c into the sasl module - to allow for use by other modules such as pop3. - -- sasl: Small code tidy up before moving digest-md5 over - - Correction of comments and variable names. - -- RELEASE-NOTES: Added missing addition of sasl login support - -- pop3: Added support for sasl cram-md5 authentication - -Daniel Stenberg (3 Jun 2012) -- Curl_sasl_create_plain_message: remove TAB - -Steve Holme (3 Jun 2012) -- sasl: Small code tidy up - - Added some comments and removed an unreferenced variable. - -- pop3.c: Added conditional compilation for NTLM function calls - - Added USE_NTLM condition compilation around the NTLM functions called - from pop3_statemach_act() introduced in commit 69f7156ad96877. - -- sasl: Moved cram-md5 authentication message creation from smtp.c - - Moved the cram-md5 message creation from smtp.c into the sasl module - to allow for use by other modules such as pop3. - -- pop3: Fixed an issue with changes introduced in commit c267c53017bc - - Because pop3_endofresp() is called for each line of data yet is not - passed the line and line length, so we have to use the data pointed to - by pp->linestart_resp which contains the whole packet, the mechanisms - were being detected in one call yet the function would be called for - each line of data. - - Using curl with verbose mode enabled would show that one line of data - would be received in response to the AUTH command, before the AUTH - <mechanism> command was sent to the server and then the next few lines - of the original AUTH command would be displayed before the response from - the AUTH <mechanism> command. This would then cause problems when - parsing the CRAM-MD5 challenge data as extra data was contained in the - buffer. - - Changed the parsing so that each line is checked for the mechanisms - and the function returns FALSE until the whole of the AUTH response has - been processed. - -Daniel Stenberg (3 Jun 2012) -- version: bump to 7.27.0 for next release - - Due to new features - -- RELEASE-NOTES: synced with c4e3578e4bf - - Also bumped the contributor number and next release is to become 7.27.0 - -- THANKS: 16 new contributors from the 7.26.0 release - -Steve Holme (3 Jun 2012) -- DOCS: Fixed list in Section 18.2 not displaying correctly on web site - -- DOCS: Corrected missed heading renumbering from commit 530675a1ad7 - -- DOCS: Added IMAP and LDAP sections - - Added new sections 11. IMAP and 12. LDAP to document adding SASL based - authentication. - - Renumbered current sections 11 to 17 as 13 to 19. - - Additionally added 19.10 Add CURLOPT_MAIL_CLIENT option. - -- sasl.c: Fix to avoid warnings introduced in commit d9ca9e9869e8 - - Applied a fix to avoid warnings on systems where Curl_ntlm_sspi_cleanup() - is just a nop. - -- pop3.c:Corrected typo in commit 69ba0da8272d - -- pop3: Fixed the issue of having to supply the user name for all requests - - Previously it wasn't possible to connect to POP3 and not specify the - user name as a CURLE_ACCESS_DENIED error would be returned. This error - occurred because USER would be sent to the server with a blank user name - if no mailbox user was specified as the server would reply with -ERR. - - This wasn't a problem prior to the 7.26.0 release but with the - introduction of custom commands the user and/or application developer - might want to issue a CAPA command without having to log in as a - specific mailbox user. - - Additionally this fix won't send the newly introduced AUTH command if no - user name is specified. - -- pop3.c: Small code tidy up - - Corrected lines exceeding 78 characters. - - Repositioned some comments and added extra clarity. - -- sasl: Corrected variable names in comments and parameters - -- pop3: Added support for sasl ntlm authentication - -- sasl: Small comment style tidy up following ntlm commit - -- sasl: Moved ntlm authentication message handling from smtp.c - - Moved the ntlm message creation and decoding from smtp.c into the sasl - module to allow for use by other modules such as pop3. - -- pop3: Added support for sasl login authentication - -Yang Tse (1 Jun 2012) -- tests 1334 to 1345: several -O -J -i -D combinations with HTTP protocol - -- tests: support test definitions with up to 5 file checks in <verify> section - - This is done introducing tags <file1> to <file4> besides existing <file> one, - as well as corresponding <stripfile1> to <stripfile4> ones, that can be used - in the <verify> section in the same way as the non-numbered ones. - -Steve Holme (31 May 2012) -- sasl: Moved login authentication message creation from smtp.c - - Moved the login message creation from smtp.c into the sasl module - to allow for use by other modules such as pop3. - -- smtp.c: Reworked message encoding in smtp_state_authpasswd_resp() - - Rather than encoding the password message itself the - smtp_state_authpasswd_resp() function now delegates the work to the same - function that smtp_state_authlogin_resp() and smtp_authenticate() use - when constructing the encoded user name. - -- smtp.c: Re-factored smtp_auth_login_user() for use with passwords - - In preparation for moving to the SASL module re-factored the - smtp_auth_login_user() function to smtp_auth_login() so that it can be - used for both user names and passwords as sending both of these under - the login authentication mechanism is the same. - -- pop3: Added support for sasl plain text authentication - -- curl_ntlm_msgs.c: Corrected small spelling mistake in comments - -- sasl: Moved plain text authentication message creation from smtp.c - - Moved the plain text message creation from smtp.c into the sasl module - to allow for use by other modules such as pop3. - -Yang Tse (30 May 2012) -- configure: fix LDAPS disabling related misplaced closing parenthesis - -- pop3 test server: allow pop3 test server verification to succeed again - - Introduce SUPPORTCAPA and SUPPORTAUTH config commands to allow further - pop3 test server expansion for tests that require CAPA or AUTH support, - although this will need some extra work to make it fully functional. - -Steve Holme (28 May 2012) -- pop3: Introduced the continue response in pop3_endofresp() - -- pop3: Changed response code from O and E to + and - - - The POP3 protocol doesn't really have the concept of error codes and - uses +, +OK and -ERR in response to commands to indicate continue, - success and error. - - The AUTH command is one of those commands that requires multiple pieces - of data to be sent to the server where the server will respond with + as - part of the handshaking. This meant changing the values before - continuing with the next stage of adding authentication support. - -- pop3: Small code tidy up following authentication work so far - - Changed the order of the state machine to match the order of actual - events. - - Reworked some comments and function parameter positioning that I missed - the other day. - -Kamil Dudka (28 May 2012) -- nss: use human-readable error messages provided by NSS - - Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html - -Daniel Stenberg (27 May 2012) -- test1013.pl: filter out Metalink - - Since it isn't a feature supported by curl-config we can't compare that - with the --version output - -- pop3: remove variable-not-used warnings - -Steve Holme (27 May 2012) -- DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH - - Additionally corrected another RFC link that I missed yesterday. - -- pop3: Added support for SASL based authentication mechanism detection - - Added support for detecting the supported SASL authentication mechanisms - via the AUTH command. There are two ways of detecting them, either by - using the AUTH command, that will return -ERR if not supported or by - using the CAPA command which will return SASL and the list of mechanisms - if supported, not include SASL if SASL authentication is not supported - or -ERR if the CAPA command is not supported. As such it seems simpler - to use the AUTH command and fallback to normal clear text authentication - if the the command is not supported. - - Additionally updated the test cases to return -ERR when the AUTH command - is encountered. Additional test cases will be added when support for the - individual authentication mechanisms is added. - -Daniel Stenberg (27 May 2012) -- pop3: remove trailing whitespace - -Steve Holme (27 May 2012) -- pop3: Code tidy up before the introduction of authentication code - - Moved EOB definition into header file. - - Switched the logic around in pop3_endofresp() to allow for the - introduction of auth-mechanism detection. - - Repositioned second and third function variables where they will fit - within the 78 character line limit. - - Tidied up some comments. - -Guenter Knauf (27 May 2012) -- Enabled OpenSSL static linkage. - -- Enabled OpenSSL static linkage. - -- Try to detect OpenSSL build type automatically. - -Daniel Stenberg (26 May 2012) -- metalink: fix build errors when disabled - -- [Tatsuhiro Tsujikawa brought this change] - - Reduced #ifdef HAVE_METALINK - -- [Tatsuhiro Tsujikawa brought this change] - - Disable hash check if neither OpenSSL nor GNUTLS is installed. - -- [Tatsuhiro Tsujikawa brought this change] - - Format GETOUT_METALINK nicely - -- [Tatsuhiro Tsujikawa brought this change] - - Minimize usage of structs from libmetalink - -- [Tatsuhiro Tsujikawa brought this change] - - Check checksum of downloaded file if checksum is available - - Metalink file contains several hash types of checksums, such as - md5, sha-1, sha-256, etc. To deal with these checksums, I created - abstraction layer based on lib/curl_md5.h and - lib/md5.c. Basically, they are almost the same but I changed the - code so that it is not hash type dependent. Currently, - GNUTLS(nettle or gcrypt) and OpenSSL functions are supported. - - Checksum checking is done by reopening download file. If there - is an I/O error, the current implementation just prints error - message and does not try next resource. - - In this patch, the supported hash types are: md5, sha-1 and sha-256. - -- [Tatsuhiro Tsujikawa brought this change] - - Always create directory hierarchy for Metalink. - - Filenames contained in Metalink file can include directory information. - Filenames are unique in Metalink file, taking into account the directory - information. So we need to create the directory hierarchy. - - Curl has --create-dirs option, but we create directory hierarchy for - Metalink downloads regardless of the option value. - - This patch also put metalink int variable outside of HAVE_LIBMETALINK - guard. This reduces the number of #ifdefs. - -- [Tatsuhiro Tsujikawa brought this change] - - Fixed segmentation fault when Metalink has no valid file or no resource. - -- [Tatsuhiro Tsujikawa brought this change] - - Support media-type parameter in Content-Type - -- [Tatsuhiro Tsujikawa brought this change] - - Print "Metalink" in Features if Metalink support is enabled. - -- [Tatsuhiro Tsujikawa brought this change] - - Removed trailing space - -- [ant brought this change] - - Add --metalink to --help - -- [ant brought this change] - - Add Metalink information and --metalink option to man page - -- [ant brought this change] - - Add Metalink information and --metalink option to man page - -- [ant brought this change] - - Adds Metalink information to INSTALL - -- [Tatsuhiro Tsujikawa brought this change] - - --metalink option is available regardless of Metalink support. - -- [Tatsuhiro Tsujikawa brought this change] - - metalink: parse downloaded Metalink file - - Parse downloaded Metalink file and add downloads described there. Fixed - compile error without metalink support. - -- [Tatsuhiro Tsujikawa brought this change] - - Fixed HAVE_LIBMETALINK conditional is always true - -- [Tatsuhiro Tsujikawa brought this change] - - metalink: minor metalinkfile fix - - Don't update config->metalinkfile_last in operate(). Use local variable - to point to the current metalinkfile. - -- [Tatsuhiro Tsujikawa brought this change] - - metalink: show help message even if disabled - - Print message if --metalink is used while metalink support is not - enabled. Migrated Metalink support in tool_operate.c and removed - operatemetalink(). - -- [Tatsuhiro Tsujikawa brought this change] - - Applied patches from Daniel - -- [Tatsuhiro Tsujikawa brought this change] - - Support Metalink. - - This change adds experimental Metalink support to curl. - To enable Metalink support, run configure with --with-libmetalink. - To feed Metalink file to curl, use --metalink option like this: - - $ curl -O --metalink foo.metalink - - We use libmetalink to parse Metalink files. - -Steve Holme (26 May 2012) -- DOCS: Fixed line spacing of authentication examples in CURLOPT_URL - -- DOCS: Changed domain names in various examples to example.com - - Updated various references of real domain names to example.com as per - RFC-2606. - -- DOCS: Fixed meaning of bit 2 in CURLOPT_POSTREDIR - - Setting bit 2 for this value was documented as having a constant value - defined as CURL_REDIR_POST_303 yet referenced a 302 request. - - Additionally corrected the meaning of CURL_REDIR_POST_ALL for all three - bits and fixed problems with the bolding of keywords in this section. - -- DOCS: Standardised how RFCs are referenced. - - Standardised how RFCs are referenced so that the website may autolink to - the correct documentation on ietf.org. Additionally removed the one link - to RFC3986 on curl.haxx.se. - -Yang Tse (26 May 2012) -- Fix libcurl.pc and curl-config generation for static MingW* cross builds - -Daniel Stenberg (25 May 2012) -- [Tatsuhiro Tsujikawa brought this change] - - Made -D option work with -O and -J. - - To achieve this, first new structure HeaderData is defined to hold - necessary data to perform header-related work. Then tool_header_cb now - receives HeaderData pointer as userdata. All header-related work - (currently, dumping header and Content-Disposition inspection) are done - in this callback function. HeaderData.outs->config is used to determine - whether each work is done. - - Unit tests were also updated because after this change, curl code always - sets CURLOPT_HEADERFUNCTION and CURLOPT_HEADERDATA. - - Tested with -O -J -D, -O -J -i and -O -J -D -i and all worked fine. - -Steve Holme (25 May 2012) -- sasl: Re-factored auth-mechanism constants to be more generic - -- smtp: Moved auth-mechanism constants into a separate header file - - Move the SMTP_AUTH constants into a separate header file in - preparation for adding SASL based authentication to POP3 as the two - protocols will need to share them. - -Kamil Dudka (25 May 2012) -- nss: avoid using explicit casts of code pointers - -Steve Holme (24 May 2012) -- DOCS: Added LDAP to the CURLOPT_URL section - -- TODO: Removed DIGEST-MD5 authentication from SMTP to do list - - Removed DIGEST-MD5 from Section 9.1 Other authentication mechanisms as - the feature was added to SMTP in 7.26.0. - - Also corrected small spelling mistake. - -Daniel Stenberg (24 May 2012) -- bump to 7.26.1: start working towards next release - -Version 7.26.0 (24 May 2012) - -Daniel Stenberg (24 May 2012) -- RELEASE-NOTES: synced with ef60fdbd73 - - Just before 7.26.0 is about to ship - -Steve Holme (22 May 2012) -- smtp: Fixed an issue with the multi-interface always sending postdata - - Due to the result code being reset to CURLE_OK when smtp_dophase_done() - was called, postdata would incorrectly be sent to the server when the - MAIL FROM or RCPT command was rejected. - - As such, libcurl would return the wrong result code from performing the - operation and additionally set CURLINFO_RESPONSE_CODE to be that - returned by the postdata command. - - Bug: http://curl.haxx.se/mail/lib-2012-05/0108.html - Reported by: Gokhan Sengun - -- DOCS: Updated version number for features added in the pending release - -Daniel Stenberg (22 May 2012) -- [Tatsuhiro Tsujikawa brought this change] - - Fixed compile error with GNUTLS+NETTLE - - In nettle/md5.h, md5_init and md5_update are defined as macros to - nettle_md5_init and nettle_md5_update respectively. This causes - error when using MD5_params.md5_init and md5_update. This patch - renames these members as md5_init_func and md5_update_func to - avoid name conflict. For completeness, MD5_params.md5_final was - also renamed as md5_final_func. - - The changes in curl_ntlm_core.c is conversion error and fixed by - casting to proper type. - -- TODO-RELEASE: mention the pending biggies for 7.27.0 - -- [Jan Ehrhardt brought this change] - - winbuild: fix IPv6 enabled build - - The existing check was wrong so IPv6 support would never be enabled - -- 7.26.0: will be the next release version - -- RELEASE-NOTES: synced with 8ae1e657e82a - - And mention that this will become 7.26.0 - -Guenter Knauf (22 May 2012) -- Updated dependency libary versions. - -Daniel Stenberg (20 May 2012) -- curl-config.1: fix curl-config usage in example - - The curl-config command must be used twice in the single command line to - work properly in some environments. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3528241 - Reported by: Julian Taylor - -Steve Holme (17 May 2012) -- smtp: Fixed non-escaping of dot character at beginning of line - - A dot character at the beginning of a line would not be escaped to a - double dot as required by RFC-2821, instead it would be deleted by the - mail server. Please see section 4.5.2 of the RFC for more information. - - Note: This fix also simplifies the detection of repeated CRLF.CRLF - combinations, such as CRLF.CRLF.CRLF, a little rather than having to - advance the eob counter to 2. - -Daniel Stenberg (16 May 2012) -- FAQ: updated 1.10 How many are using curl? - - Now linking to http://daniel.haxx.se/blog/2012/05/16/300m-users/ - -- disable-versioned-symbols: removed superfluous 'fi' - - The commit e315927a1a left this in - -- MakefileBuild.vc: use the correct IDN variable - - The variable that control IDN enablement is called USE_IDN within these - Makefiles - -- [Pierre Chapuis brought this change] - - autoconf: improve handling of versioned symbols - - It checks whether versioned symbols should be enabled before checking - whether it is possible (i.e. the linker supports --version-script) or - not. This avoids a useless warning when building cURL on a platform that - does not use GNU ld. - - Moreover, it fixes broken indentation of this chunk of code. - -- curl.1: clarify -x usage - - 1 - fix the syntax in the .IP line - - 2 - Provided user names and passwords are URL decoded by libcurl - - Bug: http://curl.haxx.se/bug/view.cgi?id=3525935 - -- NTLM: is supported in GnuTLS builds too - - ... since commit 9a4c887c4a7 introduced in libcurl 7.19.4 - -- TODO: happy eyeballs is now RFC6555 - -- my_useragent: shorten user-agent - - The built-in user-agent will now only say curl/[version] and nothing - else in an attempt to decrease overhead in HTTP requests. - -- CURLOPT_HEADERFUNCTION: works for non-HTTP protocols too - -Claes Jakobsson (3 May 2012) -- Add note about default timeout in CURLOPT_TIMEOUT - -Daniel Stenberg (2 May 2012) -- [Gokhan Sengun brought this change] - - MD5: OOM fix - - check whether md5 initialization succeeded before updating digest of - buffers onto it - -- REALEASE-NOTES: synced with 64f48e884e3c1 - -- [Jan Schaumann brought this change] - - add newly created manual page - -- [Jan Schaumann brought this change] - - add a manual page for mk-ca-bundle - -Guenter Knauf (26 Apr 2012) -- Updated dependency lib versions. - -Daniel Stenberg (23 Apr 2012) -- URL parse: reject numerical IPv6 addresses outside brackets - - Roman Mamedov spotted (in - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670126) that curl would - not complain when given a URL with an IPv6 numerical address without - brackets. It would simply cut off the last ":[hex]" part and thus not - work correctly. - - That's a URL using an illegal syntax and now libcurl will instead return - a clear error code and error message detailing the error. - - The above mentioned bug report claims this to be a regression but - libcurl does not guarantee functionality when given URLs that aren't - following the URL spec (RFC3986 mostly). I consider the fact that it - used to handle this differently a mere coincidence. - -- Curl_MD5_init: fix OOM memory leak - - Bug: http://curl.haxx.se/mail/lib-2012-04/0246.html - Reported by: Michael Mueller - -- [Gokhan Sengun brought this change] - - OpenSSL cert: provide more details when cert check fails - - curl needs to be more chatty regarding certificate verification failure - during SSL handshake - -Yang Tse (23 Apr 2012) -- Revert "sspi: Added version information" - - This reverts commit 2976de480808119dae08fc6f52c8d75ba1aedb1a. - -- Revert "sspi - Small code tidy up" - - This reverts commit 46cd5f1daddad3b3e542e6d93eee52e8bb9a8687. - -- Revert "Fixed 'extra tokens at end of #endif directive'." - - This reverts commit 77172a242fc0c820f97eae39d0e3e0f265222fe6. - -- Revert "Fixed 'Trailing whitespace' found by checksrc." - - This reverts commit 683bfa60ad0b52505947e59b03515e5f44378523. - -- Revert "sspi: Code tidy up to remove unused variable." - - This reverts commit 412510f97407d617426d93b80e6b6bf0a8ff11ac. - -- Revert "Add -lversion if build with SSPI." - - This reverts commit 9ec0b7e0c44d29eca6f45916fe5af3501168fe85. - -Guenter Knauf (23 Apr 2012) -- Add -lversion if build with SSPI. - -Steve Holme (22 Apr 2012) -- sspi: Code tidy up to remove unused variable. - -Guenter Knauf (22 Apr 2012) -- Fixed 'Trailing whitespace' found by checksrc. - -- Fixed 'extra tokens at end of #endif directive'. - -Steve Holme (22 Apr 2012) -- sspi - Small code tidy up - -- sspi: Added version information - - Added version information for Windows SSPI to curl's main version - string and removed SSPI from the features string. - -Daniel Stenberg (20 Apr 2012) -- HTTP: empty chunked POST ended up in two zero size chunks - - When doing a chunked-encoded POST with -d (CURLOPT_POSTFIELDS) and the - size of the POST was zero length, it made libcurl first send a zero - chunk and then the terminating one. This could confuse a receiver and it - should rather just send the terminating chunk as it does with this fix. - - Test case 1333 is added to verify. - - Bug: http://curl.haxx.se/mail/archive-2012-04/0060.html - Reported by: Arnaud Compan - -Guenter Knauf (20 Apr 2012) -- Updated dependency lib versions. - -Daniel Stenberg (19 Apr 2012) -- singleipconnect: return OK even when Curl_socket() fails - - Commit 9109cdec11ee5a brought this regression (shipped since 7.24.0). - - The singleipconnect() function must not return an error if Curl_socket() - returns an error. It should then simply return OK and pass a SOCKET_BAD - back simply because that is how the user of this function expects it to - work and something else is not fine. - - Reported by: Blaise Potard - Bug: http://curl.haxx.se/bug/view.cgi?id=3516508 - -Yang Tse (19 Apr 2012) -- Take in account that CURLAUTH_* bitmasks are now 'unsigned long' - follow-up - - MIPSPro compiler detected curl_easy_getinfo() related missing adjustments. - SunPro compiler detected curl tool --libcurl option related missing adjustments. - -- url.c: CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH fixes - - Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported. - - Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE. - -- Take in account that CURLAUTH_* bitmasks are now 'unsigned long' - - Data type of internal vars holding CURLAUTH_* bitmasks changed from 'long' to - 'unsigned long' for proper handling and operating. - -- curl.h: CURLAUTH_* bitmasks adjusted to become 'unsigned long' typed - - Info: http://curl.haxx.se/mail/lib-2012-04/0170.html - -- Some explicit conversion to 'long' of curl_easy_setopt() third argument - - Explicit conversion to 'long' of curl_easy_setopt() third argument for options - CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH given that this is how its bitmasks are - docummented to be used. - -- build adjustments: commit 9e24b9c7 follow-up - -Daniel Stenberg (17 Apr 2012) -- -# progress meter: avoid superfluous updates and duplicate lines - - By comparing if a different "progress point" is reached or not since the - previous update, the progress function callback for this now avoids many - superfluous screen updates. This has the nice side-effect that it fixes - a problem that causes a second progress meter line. - - The second line output happened because when we use the -# progress - meter, we force a newline output after the transfer in the main loop in - curl, but when libcurl calls the progress callback from - curl_easy_cleanup() it would then output the progress display - again. Possibly the naive newline output is wrong but this optimization - was suitable anyway... - - Reported by: Daniel Theron - Bug: http://curl.haxx.se/bug/view.cgi?id=3517418 - -Yang Tse (16 Apr 2012) -- nss.c: fix compiler warning - -- curl-compilers.m4: -Wno-pedantic-ms-format for Windows gcc 4.5 builds - - When building a Windows target with gcc 4.5 or newer and strict compiler - warnings enabled use -Wno-pedantic-ms-format in addition to other flags. - -Kamil Dudka (16 Apr 2012) -- tests/valgrind.pm: suppress memleaks of NSS_InitContext() - - Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=745224 - -Yang Tse (14 Apr 2012) -- setup_once.h: tighten requirements for stdbool.h header inclusion - - Include stdbool.h only when it is available and configure is capable of - detecting a proper 'bool' data type when the header is included. - - Compilation fix for old or unpatched versions of XL C compiler. - - Report: http://curl.haxx.se/mail/archive-2012-04/0022.html - -- headers: require GCC 2.7 or newer in order to allow attribute GCC'isms usage - - Usage in other code paths already protected and requiring even newer versions. - -- [Jonathan Nieder brought this change] - - headers: surround GCC attribute names with double underscores - - This protects from attribute names being defined by third party's code. - - Improvement: http://curl.haxx.se/mail/lib-2012-04/0127.html - -Guenter Knauf (13 Apr 2012) -- Updated copyright year. - -Yang Tse (13 Apr 2012) -- testcurl.pl: build example programs for Android cross-compiles - -- nss.c: fix compiler warning - -- examples: fix compiler warnings - -Kamil Dudka (13 Apr 2012) -- nss: provide human-readable names for NSS errors - -- nss: use NSS_InitContext() to initialize NSS if available - - NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent - collisions on NSS initialization/shutdown with other libraries. - - Bug: https://bugzilla.redhat.com/738456 - -- nss: unconditionally require PK11_CreateGenericObject() - - This bumps the minimal supported version of NSS to 3.12.x. - -Guenter Knauf (13 Apr 2012) -- Set batch mode to 755 to make Cygwin git pulls work. - -- Added section for Android configure cross-compile. - -- Added NetWare export. - -Yang Tse (12 Apr 2012) -- testcurl.pl: build example programs for MinGW cross-compiles - -- tool_operate.c: fix compiler warning - -- url.c: fix compiler warning - -Guenter Knauf (12 Apr 2012) -- Updated dependency lib versions (2nd try). - -- Updated dependency lib versions. - -Yang Tse (12 Apr 2012) -- tool_formparse.c: rename a couple of vars to avoid declaration shadowing - -- OS400/initscript.sh: fix db2_name() module name generation - - Allow repeatable file name length reduction on file names with underscore or - dash characters. This is done in order to better support libcurl's existing - source file names and allow OS/400 package to build out of the box again. - -- testcurl.pl: log more environment vars that modify configure and build behavior - -- configure: NATIVE_WINDOWS no longer defined in config files - -- build adjustments: CURL_HIDDEN_SYMBOLS no longer defined in config files - - configure script now provides conditional definitions for Makefile.am - that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles - when appropriate. - - Additionally, configure script option for symbol hiding control is now - named --enable-symbol-hiding --disable-symbol-hiding. While still valid, - old option name --enable-hidden-symbols --disable-hidden-symbols will - be deprecated in some future release. - -- build adjustments: functionally revert commits 4d3fb91f and bbfe1182 - - Undefining CURL_HIDDEN_SYMBOLS in source files isn't the proper fix. - -- test servers: build adjustment - - Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might - leak from lib/setup.h into source files where this should not be defined. - -- libtests: build adjustment - - Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might - leak from lib/setup.h into source files where this should not be defined. - -- curl tool: make setup.h first header included in tool_setup.h again - -- curl tool: use configuration files from lib directory - follow-up II - - lib/config-win32.h no longer copied to src/config-win32.h - -- configure: Windows cross-compilation fixes - - BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h, - configure will generate appropriate conditionals so that mentioned symbols - get defined and used in Makefiles at compilation time - -- curl tool: make curl.h first header included in tool_setup.h - -- curl tool: use configuration files from lib directory - follow-up I - - amigaos.[ch] now integrates nicely with any libcurl build - -- curl tool: use configuration files from lib directory - - Configuration files such as curl_config.h and all config-*.h no longer exist - nor are generated/copied into 'src' directory, now these only exist in 'lib' - directory from where curl tool sources uses them. - - Additionally old src/setup.h has been refactored into src/tool_setup.h which - now pulls lib/setup.h - - The possibility of a makefile needing an include path adjustment exists. - -Daniel Stenberg (6 Apr 2012) -- PolarSSL: correct return code for CRL matches - - When a server certificate matches one in the given CRL file, the code - now returns CURLE_SSL_CACERT as test case 313 expects and verifies. - -- PolarSSL: include version number in version string - - Previously it would say PolarSSL only, now it says PolarSSL/1.1.0 in the - same style other libs and components do. - -- test: added test 1332 that tests --post303 - -- curl: add --post303 to set the CURL_REDIR_POST_303 option - -- [Andrei Cipu brought this change] - - CURLOPT_POSTREDIR: also allow 303 to do POST on the redirected URL - - As it turns out, some people do want that after all. - -- test1331: cookies on a 407 response - - Verify that cookies are sent back even after a 407 response has been - received - -- [Dag Ekengren brought this change] - - PolarSSL: add support for asynchronous connect - -- [Tim Heckman brought this change] - - Revert "access the CA source file using HTTPS" - - This reverts commit f7e2ab6. - - This change caused fetching of the certificates to become unreliable. - - Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html - Reported by: Tim Heckman - -- [Andrei Cipu brought this change] - - IPv6 cookie domain: get rid of the first bracket before the second. - - Commit 97b66ebe was copying a smaller buffer, thus duplicating the last - character. - -- MAIL-ETIQUETTE: Added "How to unsubscribe" - - ... as it seems to hard for some people - -Yang Tse (4 Apr 2012) -- ftp.c: ftplistparser related OOM handling fix - -- smtp.c: fix compiler warnings - -- lib599.c: fix compiler warning - -Daniel Stenberg (4 Apr 2012) -- runtests: yassl and polarssl are not openssl - - Don't set the "has_openssl" variable if yassl or polarssl is found as - they will simply not work as 100% drop-in replacements for some of the - stuff the "OpenSSL" feature is used for. - - I spotted this problem when doing test runs with PolarSSL builds. - -- [Lijo Antony brought this change] - - connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails - - Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback - returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT - conveys incorrect information to the user. - -Steve Holme (2 Apr 2012) -- pop3: Reworked the command sending and handling - - Reworked the command sending from two specific LIST and RETR command - functions into a single command based function as well as the two - associated response handlers into a generic command handler. - -Daniel Stenberg (1 Apr 2012) -- [Dave Reisner brought this change] - - curl tool: add filename_effective token for --write-out - - By modifying the parameter list for ourWriteOut() and passing the - OutStruct that collects data in tool_operate, we get access to the - remote name that we're writing to. Shell scripters should find this - useful when used in conjuntion with the --remote-header-name option. - -Steve Holme (1 Apr 2012) -- smtp.c: Code policing and tidy up - -Daniel Stenberg (1 Apr 2012) -- [Armel Asselin brought this change] - - SSH: public key can now be an empty string - - If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will - pass no public key to libssh2 which then tries to compute it from the - private key. This is known to work when libssh2 1.4.0+ is linked against - OpenSSL. - -- [Tatsuhiro Tsujikawa brought this change] - - OpenSSL: Made cert hostname check conform to RFC 6125 - - This change replaces RFC 2818 based hostname check in OpenSSL build with - RFC 6125 [1] based one. - - The hostname check in RFC 2818 is ambiguous and each project implements - it in the their own way and they are slightly different. I check curl, - gnutls, Firefox and Chrome and they are all different. - - I don't think there is a bug in current implementation of hostname - check. But it is not as strict as the modern browsers do. Currently, - curl allows multiple wildcard character '*' and it matches '.'. (as - described in the comment in ssluse.c). - - Firefox implementation is also based on RFC 2818 but it only allows at - most one wildcard character and it must be in the left-most label in the - pattern and the wildcard must not be followed by any character in the - label.[2] Chromium implementation is based on RFC 6125 as my patch does. - Firefox and Chromium both require wildcard in the left-most label in the - presented identifier. - - This patch is more strict than the current implementation, so there may - be some cases where old curl works but new one does not. But at the same - time I think it is good practice to follow the modern browsers do and - follow the newer RFC. - - [1] http://tools.ietf.org/html/rfc6125#section-6.4.3 - [2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483 - -- HTTP: reset expected DL/UL sizes on redirects - - With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the - download size was known (like with a Content-Length header), but the - subsequent URL (transfered after the 3xx page) was chunked encoded, then - the previous "known download size" would linger and cause the progress - meter to get incorrect information, ie the former value would remain - being sent in. This could easily result in downloads that were WAY - larger than "expected" and would cause >100% outputs with the curl - command line tool. - - Test case 599 was created and it was used to repeat the bug and then - verify the fix. - - Bug: http://curl.haxx.se/bug/view.cgi?id=3510057 - Reported by: Michael Wallner - -Steve Holme (31 Mar 2012) -- [Gökhan Şengün brought this change] - - smtp: Add support for DIGEST-MD5 authentication - -- [Gökhan Şengün brought this change] - - smtp: Cody tidy up of md5 digest length - - Replaced the hard coded md5 digest length (16) with a preprocessor - constant - -- [Gökhan Şengün brought this change] - - md5: Add support for calculating the md5 sum of buffers incrementally - - It is now possible to calculate the md5 sum as the stream of buffers - becomes known where as previously it was only possible to calculate the - md5 sum of a pre-prepared buffer. - -Daniel Stenberg (31 Mar 2012) -- Revert "mk-ca-bundle.pl: use LWP::UserAgent for https" - - This reverts commit 9f0e1689f169b83b8fbdae23e0024cc57dcbc770. - - It turned out that "improvement" instead made the fetching of the - certificates unreliable - - Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html - Reported by: Tim Heckman - -Steve Holme (31 Mar 2012) -- DOCS: Added information regarding POP3 commands to CURLOPT_CUSTOMREQUEST - -- pop3: Added support for additional pop3 commands - - This feature allows the user to specify and use additional POP3 - commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or - curl's -X command line option. - -Yang Tse (30 Mar 2012) -- [tetetest tetetest brought this change] - - CMakeLists.txt: fix Windows LDAP/LDAPS option handling - - bug: http://curl.haxx.se/mail/lib-2012-03/0278.html - -- [tetetest tetetest brought this change] - - CMakeLists.txt: fix MS Visual Studio x64 unsigned long long literal suffix - - bug: http://curl.haxx.se/mail/lib-2012-03/0255.html - -Steve Holme (28 Mar 2012) -- TODO: Corrected POP3 section heading - -Yang Tse (28 Mar 2012) -- curl-functions.m4: update detection logic of getaddrinfo() thread-safeness - - Take in account that h_errno might be a modifiable lvalue not defined as - a C preprocessor macro - -Steve Holme (27 Mar 2012) -- TODO: Added SMTP and POP3 specific features - -Yang Tse (27 Mar 2012) -- [Olaf Flebbe brought this change] - - tool_cb_dbg.c: fix tool_cb_dbg() to behave properly even for size 0 - - curl segfault in debug callback triggered with CURLINFO_HEADER_OUT and size 0 - - bug: http://curl.haxx.se/bug/view.cgi?id=3511794 - -- test #1405: support HTTP disabled builds - -Steve Holme (26 Mar 2012) -- test #809: Updated error code to match recent pop3 changes - -Yang Tse (25 Mar 2012) -- ssh.c: code cleanup, Curl_safefree() already nullifies pointer - -- fix some compiler warnings - -Steve Holme (25 Mar 2012) -- pop3.c: Corrected problem with state() introduced in 01690ed2bce5 - -- pop.c: Small code tidy up - -- pop3: Removed the need for the single message LIST command handler - - Simplified the code to remove the need for a separate "LIST <msg id>" - command handler and state machine and instead use the LIST command - handler for both operations. |