5752 lines
190 KiB
Plaintext
5752 lines
190 KiB
Plaintext
_ _ ____ _
|
||
___| | | | _ \| |
|
||
/ __| | | | |_) | |
|
||
| (__| |_| | _ <| |___
|
||
\___|\___/|_| \_\_____|
|
||
|
||
Changelog
|
||
|
||
Version 7.29.0 (6 Feb 2013)
|
||
|
||
Daniel Stenberg (6 Feb 2013)
|
||
- vms: config-vms.h is removed, no use trying to distribute it
|
||
|
||
- RELEASE-NOTES: mention the SASL buffer overflow
|
||
|
||
- [Eldar Zaitov brought this change]
|
||
|
||
Curl_sasl_create_digest_md5_message: fix buffer overflow
|
||
|
||
When negotiating SASL DIGEST-MD5 authentication, the function
|
||
Curl_sasl_create_digest_md5_message() uses the data provided from the
|
||
server without doing the proper length checks and that data is then
|
||
appended to a local fixed-size buffer on the stack.
|
||
|
||
This vulnerability can be exploited by someone who is in control of a
|
||
server that a libcurl based program is accessing with POP3, SMTP or
|
||
IMAP. For applications that accept user provided URLs, it is also
|
||
thinkable that a malicious user would feed an application with a URL to
|
||
a server hosting code targetting this flaw.
|
||
|
||
Bug: http://curl.haxx.se/docs/adv_20130206.html
|
||
|
||
Steve Holme (6 Feb 2013)
|
||
- FEATURES: Removed erroneous whitespace
|
||
|
||
Removed whitespace introduced in commit 5f8f20f5e65b that caused
|
||
formatting issues when generating the website docs.
|
||
|
||
Yang Tse (6 Feb 2013)
|
||
- setup-vms.h: post VMS patch cleanup - III
|
||
|
||
- rename post-config-vms.h to setup-vms.h
|
||
- move its inclusion into proper location in curl_setup.h
|
||
|
||
- vms_show: post VMS patch cleanup - II
|
||
|
||
- remove multiple declarations of vms_show and add comments
|
||
|
||
- tool_main.c: post VMS patch cleanup - I
|
||
|
||
- remove header inclusion already done in curl_setup_once.h
|
||
|
||
Steve Holme (6 Feb 2013)
|
||
- FEATURES: Added SSPI to list of NTLM libraries
|
||
|
||
- FEATURES: Added Secure Transport and qssl to list of SSL libraries
|
||
|
||
- FEATURES: Added email feature set
|
||
|
||
Added SMTP, SMTPS, POP3, POP3S, IMAP and IMAPS features.
|
||
|
||
- imap.h: Corrected incorrect comment clarification
|
||
|
||
Corrected comment clarification made in commit 167717b8069a.
|
||
|
||
- COPYING: Updated copyright year to include 2013
|
||
|
||
Daniel Stenberg (5 Feb 2013)
|
||
- RELEASE-NOTES: synced with 25f351424b3538
|
||
|
||
8 more bug fixes mentioned
|
||
|
||
- [John E. Malmberg brought this change]
|
||
|
||
VMS: fix and generate the VMS build config
|
||
|
||
config_h.com is a new file that generates a config.h file based on the
|
||
curl_config.h.in file and a quick scan of the configure script. This is
|
||
actually a generic procedure that is shared with other VMS packages.
|
||
|
||
The existing pre-built config-vms.h had over 100 entries that were not
|
||
correct and in some cases conflicted with the build options available in
|
||
the build_vms.com.
|
||
|
||
generate_config_vms_h_curl.com is a helper procedure to the
|
||
config_h.com. It covers the cases that the generic config_h.com is not
|
||
able to figure out, and accepts input from the build_vms.com procedure.
|
||
|
||
build_curlbuild_h.com is a new file to generate the curlbuild.h file
|
||
that Curl is now using when it is using a curl_config.h file.
|
||
|
||
post-config-vms.h is a new file that is needed to provide VMS specific
|
||
definitions, and most of them need to be set before the system header
|
||
files are included.
|
||
|
||
The VMS build procedure is fixed:
|
||
|
||
1. Fixed to link in the correct HP ssl library.
|
||
2. Fixed to detect if HP Kerberos is installed.
|
||
3. Fixed to detect if HP LDAP is installed.
|
||
4. Fixed to detect if gnv$libzshr is installed.
|
||
5. Simplified the input parameter parsing to not use a loop.
|
||
6. Warn that 64 bit pointer option support is not complete
|
||
in comments.
|
||
7. Default to IEEE floating if platform supports it so
|
||
resulting libcurl will be compatible with other
|
||
open source projects on VMS.
|
||
8. Default to LARGEFILE if platform supports it.
|
||
9. Default to enable SSL, LDAP, Kerberos, libz
|
||
if the libraries are present.
|
||
10. Build with exact case global symbols for libcurl.
|
||
11. Generate linker option file needed.
|
||
12. Compiler list option only commonly needed items.
|
||
13. fulllist option for those who really want it.
|
||
14. Create debug symbol file on Alpha, IA64.
|
||
|
||
- Curl_proxyCONNECT: return once CONNECT is sent
|
||
|
||
By doing this unconditionally, we infer a simpler and more defined
|
||
behavior. This also has the upside that test 1021 no longer fails for me
|
||
even if I run with valgrind.
|
||
|
||
Also fixed some wrong comments.
|
||
|
||
Steve Holme (5 Feb 2013)
|
||
- email: Reworked comments in the endofresp() functions
|
||
|
||
Tidied up the comments in the endofresp() functions to be more
|
||
meaningful prior to release.
|
||
|
||
Marc Hoersken (5 Feb 2013)
|
||
- schannel: Removed extended error connection setup flag
|
||
|
||
According KB975858 this flag may cause problems on Windows 7 and
|
||
Windows Server 2008 R2 systems. Extended error information is not
|
||
currently used by libcurl and therefore not a requirement.
|
||
|
||
The flag may improve the SSL-connection shutdown in case of an
|
||
error. This means it might be a good improvement in the future.
|
||
|
||
Fixes bug/issue #1187 - thanks for the report
|
||
|
||
Daniel Stenberg (5 Feb 2013)
|
||
- [Tor Arntsen brought this change]
|
||
|
||
singleipconnect: Update *sockp for all CURLE_OK
|
||
|
||
The 56b7c87c7 change left a case where a good sockfd was not copied to
|
||
*sockp before returning with CURLE_OK
|
||
|
||
- curl_easy_perform: Value stored to 'mcode' is never read
|
||
|
||
pointed out by clang-analyzer
|
||
|
||
- singleipconnect: remove dead assignment
|
||
|
||
pointed out by clang-analyzer
|
||
|
||
Linus Nielsen Feltzing (5 Feb 2013)
|
||
- CURLMOPT_MAXCONNECTS: restore functionality
|
||
|
||
When a connection is no longer used, it is kept in the cache. If the
|
||
cache is full, the oldest idle connection is closed. If no connection is
|
||
idle, the current one is closed instead.
|
||
|
||
Steve Holme (5 Feb 2013)
|
||
- RELEASE-NOTES: Updated following recent changes to the email protocols
|
||
|
||
Added recent additions and fixes following the changes to imap, pop3
|
||
and smtp. Additionally added another contributor that helped to test
|
||
the imap sasl changes.
|
||
|
||
- email: Provided extra comments following recent pop3/imap fixes
|
||
|
||
Provided additional clarification about the logic of the authenticate()
|
||
functions following commit 6b6bdc83bd36 and b4270a9af1d0.
|
||
|
||
Daniel Stenberg (5 Feb 2013)
|
||
- [Andrei Kurushin brought this change]
|
||
|
||
winbuild: include version info for .dll .exe
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=1186
|
||
|
||
- FAQ: clarify 5.13 How do I stop an ongoing transfer
|
||
|
||
Rich Gray provided good feedback and we now clarify that you can in fact
|
||
stop a multi transfer at any point you like by removing the easy handle.
|
||
|
||
- [Matt Arsenault brought this change]
|
||
|
||
cmake: Fix mingw build
|
||
|
||
- [Sergei Nikulov brought this change]
|
||
|
||
cmake: updated OpenSSL build
|
||
|
||
Steve Holme (4 Feb 2013)
|
||
- pop3.c: Updated variable names to use shorter / more readable variant
|
||
|
||
Tidied up code from commit 6b6bdc83bdUpdated where a few instances of
|
||
the pop3c struct variable used the longer conndata struct rather than
|
||
matching what other code in pop3_authenticate() used.
|
||
|
||
Guenter Knauf (4 Feb 2013)
|
||
- updated copyright years.
|
||
|
||
- configure: update the copyright years for the output.
|
||
|
||
Steve Holme (3 Feb 2013)
|
||
- imap: Fixed no known authentication mechanism when fallback is required
|
||
|
||
Fixed an issue where (lib)curl is compiled without support for a
|
||
supported challenge-response based SASL authentication mechanism, such
|
||
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
|
||
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
|
||
|
||
Note: In order to fallback to Clear Text authentication properly this
|
||
fix adds support for the LOGINDISABLED server capability.
|
||
imap: Fixed no known authentication mechanism when fallback is required
|
||
|
||
Fixed an issue where (lib)curl is compiled without support for a
|
||
supported challenge-response based SASL authentication mechanism, such
|
||
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
|
||
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
|
||
|
||
Note: In order to fallback to Clear Text authentication properly this
|
||
fix adds support for the LOGINDISABLED server capability.
|
||
|
||
Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
|
||
Reported by: Stanislav Ivochkin
|
||
|
||
- pop3: Fixed no known authentication mechanism when fallback is required
|
||
|
||
Fixed an issue where (lib)curl is compiled without support for a
|
||
supported challenge-response based SASL authentication mechanism, such
|
||
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
|
||
mechanisms and (lib)curl doesn't fallback to APOP or Clear Text
|
||
authentication.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
|
||
Reported by: Stanislav Ivochkin
|
||
|
||
Daniel Stenberg (1 Feb 2013)
|
||
- singleipconnect: simplify and clean up
|
||
|
||
Remove timeout argument that's never used.
|
||
|
||
Make the actual connection get detected on a single spot to reduce code
|
||
duplication.
|
||
|
||
Store the IPv6 state already when the connection is attempted.
|
||
|
||
- Curl_perfom: removed
|
||
|
||
Curl_perfom is no longer used anywhere since the always-multi commit
|
||
c43127414d89ccb9, and some related functions were used only from within
|
||
Curl_perfom.
|
||
|
||
Guenter Knauf (30 Jan 2013)
|
||
- Updated date.
|
||
|
||
Yang Tse (30 Jan 2013)
|
||
- zz40-xc-ovr.m4: fix 'wc' detection - follow-up 2
|
||
|
||
- Fix a pair of single quotes to double quotes.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0355.html
|
||
Reported by: Tor Arntsen
|
||
|
||
- zz40-xc-ovr.m4: fix 'wc' detection - follow-up
|
||
|
||
- Take into account that 'wc' may return leading spaces and/or tabs.
|
||
|
||
- Set initial IFS to space, tab and newline.
|
||
|
||
- zz40-xc-ovr.m4: fix 'wc' detection
|
||
|
||
- Take into account that 'wc' may return leading spaces.
|
||
|
||
- Set internationalization behavior variables.
|
||
|
||
Tor Arntsen analyzed and reported the issue.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0351.html
|
||
|
||
- zz40-xc-ovr.m4: check another three basic utilities
|
||
|
||
Guenter Knauf (29 Jan 2013)
|
||
- Fixed debug.c to work again unchanged.
|
||
|
||
Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.
|
||
|
||
Daniel Stenberg (29 Jan 2013)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: Fix bug where packets were sometimes transmitted twice
|
||
|
||
There was a bug where, if SSLWrite() returned errSSLWouldBlock but did
|
||
succeed in transmitting at least something, then we'd incorrectly
|
||
resend the packet. Now we never take errSSLWouldBlock as a sign that
|
||
nothing was transferred to/from the server.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html
|
||
Reported by: Bruno de Carvalho
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
FAQ: "Darwinssl" is AKA "Secure Transport" and supports NTLM
|
||
|
||
- RELEASE-NOTES: only list Nick once
|
||
|
||
Even though he's a fine dude, once is enough for this time!
|
||
|
||
Yang Tse (28 Jan 2013)
|
||
- zz40-xc-ovr.m4: 1.0 interface stabilization
|
||
|
||
- Stabilization results in 4 public interface m4 macros:
|
||
XC_CONFIGURE_PREAMBLE
|
||
XC_CONFIGURE_PREAMBLE_VER_MAJOR
|
||
XC_CONFIGURE_PREAMBLE_VER_MINOR
|
||
XC_CHECK_PATH_SEPARATOR
|
||
- Avoid one level of internal indirection
|
||
- Update comments
|
||
- Drop XC_OVR_ZZ40 macro
|
||
|
||
Kamil Dudka (28 Jan 2013)
|
||
- docs: fix typos in man pages
|
||
|
||
Reported by: Jiri Jaburek
|
||
Bug: https://bugzilla.redhat.com/896544
|
||
|
||
- docs: update the comments about loading CA certs with NSS
|
||
|
||
Bug: https://bugzilla.redhat.com/696783
|
||
|
||
Guenter Knauf (28 Jan 2013)
|
||
- Updated dependency libs.
|
||
|
||
- Fixed simple.c to work again unchanged.
|
||
|
||
Added CURLOPT_FOLLOWLOCATION since example.com is now redirected.
|
||
|
||
Steve Holme (27 Jan 2013)
|
||
- smtp.c: Fixed unnecessary state change if starttls fails
|
||
|
||
The state machine should only be changed to SMTP_STARTTLS when the
|
||
STARTTLS command has been successfully sent to the server.
|
||
|
||
- pop3.c: Fixed unnecessary state change if starttls fails
|
||
|
||
The state machine should only be changed to POP3_STARTTLS when the
|
||
STLS command has been successfully sent to the server.
|
||
|
||
- imap.c: Fixed unnecessary state change if starttls fails
|
||
|
||
The state machine should only be changed to IMAP_STARTTLS when the
|
||
STARTTLS command has been successfully sent to the server.
|
||
|
||
- email: Updated comment regarding ssldone usage
|
||
|
||
Updated the ssldone comment as multi mode is always used internally now.
|
||
|
||
Yang Tse (26 Jan 2013)
|
||
- zz40-xc-ovr.m4: emit witness message in configure BODY
|
||
|
||
This avoids witness message in output when running configure --help,
|
||
while sending the message to config.log for other configure runs.
|
||
|
||
Steve Holme (25 Jan 2013)
|
||
- smtp.c: Added comments to smtp_endofresp()
|
||
|
||
Minor code tidy up to add comments similar to those used in the pop3
|
||
and imap end of resp functions, in order to assist anyone reading the
|
||
code and highlight the similarities between each of these protocols.
|
||
|
||
Yang Tse (25 Jan 2013)
|
||
- zz40-xc-ovr.m4: truly do version conditional overriding
|
||
|
||
- version conditional overriding
|
||
- catch unexpanded XC macros
|
||
- fix double words in comments
|
||
|
||
- zz40-xc-ovr.m4: fix variable assignment of subshell output bashism
|
||
|
||
Tor Arntsen analyzed and reported the issue.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0306.html
|
||
|
||
- zz40-xc-ovr.m4: reinstate strict AC_REQUIRE macro dependencies
|
||
|
||
- zz40-xc-ovr.m4: avoid double single-quote usage
|
||
|
||
- zz40-xc-ovr.m4: parentheses balancing of 'case' statements
|
||
|
||
m4 quadrigraph shell comment technique allows proper autoconf
|
||
parentheses balancing in shell 'case' statements. The presence
|
||
of unbalanced parentheses may otherwise trigger expansion bugs.
|
||
|
||
Steve Holme (24 Jan 2013)
|
||
- smtp.c: Corrected RFC references
|
||
|
||
The most recent version of the SMTP RFC is RFC5321 and not RFC2821 as
|
||
previously documented.
|
||
|
||
Added RFC1870 and re-ordered list numerically.
|
||
|
||
- smtp.c: Fixed failure detection during TLS upgrade
|
||
|
||
smtp_state_upgrade_tls() would attempt to incorrectly complete the
|
||
upgrade to smtps and start the EHLO command if
|
||
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
|
||
was set to TRUE. This would only happen when a non-blocking API hadn't
|
||
been provided by the SSL implementation and curlssl_connect() was
|
||
called underneath.
|
||
|
||
- pop3.c: Fixed failure detection during TLS upgrade
|
||
|
||
pop3_state_upgrade_tls() would attempt to incorrectly complete the
|
||
upgrade to pop3s and start the CAPA command if
|
||
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
|
||
was set to TRUE. This would only happen when a non-blocking API hadn't
|
||
been provided by the SSL implementation and curlssl_connect() was
|
||
called underneath.
|
||
|
||
- imap.c: Fixed failure detection during TLS upgrade
|
||
|
||
imap_state_upgrade_tls() would attempt to incorrectly complete the
|
||
upgrade to imaps and start the CAPABILITY command if
|
||
Curl_ssl_connect_nonblocking() returned a failure code and if ssldone
|
||
was set to TRUE. This would only happen when a non-blocking API hadn't
|
||
been provided by the SSL implementation and curlssl_connect() was
|
||
called underneath.
|
||
|
||
Yang Tse (24 Jan 2013)
|
||
- zz40-xc-ovr.m4: internals overhauling
|
||
|
||
- Update comments
|
||
- Execute commands in subshells
|
||
- Faster path separator check
|
||
- Fix missing 'test' command
|
||
- Rename private macros
|
||
- Minimize AC_REQUIRE usage
|
||
|
||
Steve Holme (23 Jan 2013)
|
||
- email: Removed unnecessary return statements
|
||
|
||
Small tidy up to remove unnecessary return statements prior to the next
|
||
fix.
|
||
|
||
Yang Tse (23 Jan 2013)
|
||
- zz40-xc-ovr.m4: redirect errors and warnings to stderr
|
||
|
||
- zz40-xc-ovr.m4: AC_REQUIRE also XC_CONFIGURE_PREAMBLE success message
|
||
|
||
- zz60-xc-ovr.m4: tighten XC_OVR_ZZ60 macro placement requirements
|
||
|
||
- configure: use XC_CONFIGURE_PREAMBLE early checks
|
||
|
||
Some basic checks we make were placed early enough in generated
|
||
configure script when using autoconf 2.5X versions. Newer autoconf
|
||
versions expand these checks much further into the configure script,
|
||
rendering them useless. Using XC_CONFIGURE_PREAMBLE fixes placement
|
||
of early intended checks across all our autoconf supported versions.
|
||
|
||
- zz40-xc-ovr.m4: provide XC_CONFIGURE_PREAMBLE macro
|
||
|
||
Daniel Stenberg (23 Jan 2013)
|
||
- FAQ: update the SSL lib list and wording in question 2.2
|
||
|
||
Steve Holme (22 Jan 2013)
|
||
- curl_sasl.c: Corrected references to RFC
|
||
|
||
The most recent version of the RFC is RFC4422 and not RFC2222 as
|
||
previously documented.
|
||
|
||
- email: Corrected references to SASL RFC
|
||
|
||
The most recent version of the SASL RFC is RFC4422 and not RFC2222 as
|
||
previously documented.
|
||
|
||
Daniel Stenberg (22 Jan 2013)
|
||
- [Ulion brought this change]
|
||
|
||
formpost: support quotes, commas and semicolon in file names
|
||
|
||
- document the double-quote and backslash need be escaped if quoting.
|
||
- libcurl formdata escape double-quote in filename by backslash.
|
||
- curl formparse can parse filename both contains '"' and ',' or ';'.
|
||
- curl now can uploading file with ',' or ';' in filename.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=1171
|
||
|
||
- memanalyze.pl: handle fopen() of file names with quotes
|
||
|
||
Yang Tse (21 Jan 2013)
|
||
- xc-cc-check.m4: re-evaluate exporting and AC_SUBST'ing vars
|
||
|
||
Notes:
|
||
|
||
When running a configure script that has nested packages (for example
|
||
libcurl's configure with --enable-ares and c-ares sources embedded in
|
||
curl tree) and AC_CONFIG_SUBDIRS([nested-subdir]) machinery is used to
|
||
automatically run the nested configure script from within the parent
|
||
configure script, it happens that the nested _shell_ script will
|
||
inherit shell variables exported from the parent _shell_ script.
|
||
|
||
If for example parent configure script sets and exports LDFLAGS and LIBS
|
||
variables with proper values in order to link either a parent library or
|
||
program with a library which will be configured and built by a nested
|
||
package; It will happen that when the nested configure script runs, the
|
||
nested library does not exist yet and _any_ link-test done in the nested
|
||
configure will fail, such as those that autoconf macros perform in order
|
||
to detect existing compiler and its characteristics, the result is that
|
||
the nested configure script will fail with errors such as:
|
||
|
||
configure: error: C compiler cannot create executables
|
||
|
||
For now, we no longer export variables previously exported here.
|
||
|
||
On the other hand, AC_SUBST'ing them is appropriate and even with nested
|
||
packages each package's config.status gets its own package values.
|
||
|
||
So we reinstate AC_SUBST'ing previously AC_SUBST'ed variables.
|
||
|
||
Daniel Stenberg (21 Jan 2013)
|
||
- FAQ: 3.22 curl -X gives me HTTP problems
|
||
|
||
Yang Tse (21 Jan 2013)
|
||
- xc-cc-check.m4: avoid recursive package automake'ing breakage
|
||
|
||
- xc-cc-check.m4: mark earlier variables that are to be exported
|
||
|
||
- configure: autotools compatibility fixes - step I
|
||
|
||
Fix proper macro expansion order across autotools versions for
|
||
C compiler and preprocessor program checks.
|
||
|
||
Steve Holme (20 Jan 2013)
|
||
- pop3.c: Fixed conditional compilation of the apop response function
|
||
|
||
Extended the fix from commit 8b15c84ea91e to additionally exclude
|
||
pop3_state_apop_resp() if the CURL_DISABLE_CRYPTO_AUTH flag is
|
||
defined.
|
||
|
||
Yang Tse (20 Jan 2013)
|
||
- Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables
|
||
|
||
Daniel Stenberg (19 Jan 2013)
|
||
- formadd: reject trying to read a directory where a file is expected
|
||
|
||
Bug: http://curl.haxx.se/mail/archive-2013-01/0017.html
|
||
Reported by: Ulrich Doehner
|
||
|
||
- curl_easy_send.3: document return codes
|
||
|
||
Reported by: Craig Davison
|
||
Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html
|
||
|
||
- curl_easy_recv.3: document return codes
|
||
|
||
Reported by: Craig Davison
|
||
Bug: http://curl.haxx.se/mail/lib-2013-01/0234.html
|
||
|
||
Steve Holme (19 Jan 2013)
|
||
- email: General code tidy up
|
||
|
||
Corrected some function argument definitions to maximize the 80
|
||
character line length limit and be in keeping with the curl
|
||
coding style.
|
||
|
||
- pop3.c: Fixed a problem with pop3s connections not connecting properly
|
||
|
||
Fixed an issue where Curl_ssl_connect_nonblocking() wouldn't complete
|
||
correctly and the ssldone flag wouldn't be set to true for pop3s based
|
||
connections.
|
||
|
||
Bug introduced in commit: 4ffb8a6398ed.
|
||
|
||
Daniel Stenberg (18 Jan 2013)
|
||
- RELEASE-NOTES: add references to several bugfixes+changes
|
||
|
||
Steve Holme (18 Jan 2013)
|
||
- RELEASE-NOTES: Added missing imap fix
|
||
|
||
Added missing imap fix as per commit 709b3506cd9b.
|
||
|
||
Yang Tse (18 Jan 2013)
|
||
- runtests.pl: make VPATH builds find valgrind.supp
|
||
|
||
Daniel Stenberg (18 Jan 2013)
|
||
- RELEASE-NOTES: synced with c43127414d89
|
||
|
||
- always-multi: always use non-blocking internals
|
||
|
||
Remove internal separated behavior of the easy vs multi intercace.
|
||
curl_easy_perform() is now using the multi interface itself.
|
||
|
||
Several minor multi interface quirks and bugs have been fixed in the
|
||
process.
|
||
|
||
Much help with debugging this has been provided by: Yang Tse
|
||
|
||
Yang Tse (17 Jan 2013)
|
||
- url.c: fix HTTP CONNECT tunnel establishment upon delayed response
|
||
|
||
Fixes initial proxy response being processed by the tunneled protocol
|
||
handler instead of the HTTP wrapper handler. This issue would trigger
|
||
upon delayed CONNECT response from the proxy.
|
||
|
||
Additionally fixes a multi interface code-path in which connections
|
||
would not time out properly.
|
||
|
||
This does not fix known bug #39.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0191.html
|
||
|
||
Daniel Stenberg (16 Jan 2013)
|
||
- [Yves Arrouye brought this change]
|
||
|
||
--libcurl: fix for non-zero default options
|
||
|
||
If the default value for an option taking a long as its value is non
|
||
zero, and it is set by zero by a command line option, then that command
|
||
line option is not reflected in --libcurl's output. This is because line
|
||
520-521 of tool_setopt.c look like:
|
||
|
||
if(!lval)
|
||
skip = TRUE;
|
||
|
||
An example of a command-line option doing so is the -k option that sets
|
||
CURLOPT_SLL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to 0L, when the
|
||
defaults are non-zero.
|
||
|
||
- FTP: reject illegal port numbers in EPSV 229 responses
|
||
|
||
Yang Tse (15 Jan 2013)
|
||
- commit bc682cbd follow-up
|
||
|
||
- build: use per-target '_CPPFLAGS' for those currently using default
|
||
|
||
Automake documents that doing this will make it choose a different name
|
||
for intermediate object files even when sharing source files across
|
||
targets of same Makefile.am.
|
||
|
||
Up to automake 1.13.1 target's intermediate object files were placed
|
||
in the build subdirectory of the target. We depended on this, probably
|
||
undocumented behavior, to achieve same behavior as if a per-target flag
|
||
had been specified when building targets that actually belong to
|
||
different Makefile.am files.
|
||
|
||
It seems automake 1.13.2 is going to break behavior mentioned above.
|
||
|
||
So, lets use a documented behavior in order to achieve same purpose,
|
||
across automake versions, no matter where automake wishes to place
|
||
intermediate object files.
|
||
|
||
Our build targets that already were using a per-target '_CFLAGS' or
|
||
'_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only
|
||
Makefile.am or Makefile.in files in libcurl's source tree touched by
|
||
this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc.
|
||
|
||
- tests/libtest/Makefile.inc: sort build targets
|
||
|
||
- tests/Makefile.am: remove wildcard usage in EXTRA_DIST
|
||
|
||
Kamil Dudka (15 Jan 2013)
|
||
- nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
|
||
|
||
Do not use the error messages from NSS for errors not occurring in NSS.
|
||
|
||
Steve Holme (14 Jan 2013)
|
||
- TODO: Updated following IMAP SASL additions
|
||
|
||
Yang Tse (14 Jan 2013)
|
||
- configure: fix automake 1.13 compatibility
|
||
|
||
Tested with:
|
||
|
||
buildconf: autoconf version 2.69
|
||
buildconf: autom4te version 2.69
|
||
buildconf: autoheader version 2.69
|
||
buildconf: automake version 1.13.1
|
||
buildconf: aclocal version 1.13.1
|
||
buildconf: libtool version 2.4
|
||
buildconf: GNU m4 version 1.4.16
|
||
|
||
Daniel Stenberg (13 Jan 2013)
|
||
- BUGS: update bug tracker URL
|
||
|
||
... and refresh number of lines of code
|
||
|
||
- Curl_resolver_getsock: fix the function description comment
|
||
|
||
It referred to it by the wrong name and said it returned the wrong value.
|
||
|
||
Reported by: Gisle Vanem
|
||
|
||
Kamil Dudka (11 Jan 2013)
|
||
- nss: clear session cache if a client cert from file is used
|
||
|
||
This commit fixes a regression introduced in 052a08ff.
|
||
|
||
NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback
|
||
and if we connect second time to the same server, the cached cert/key
|
||
pair is used. If we use multiple client certificates for different
|
||
paths on the same server, we need to clear the session cache to force
|
||
NSS to call the hook again. The commit 052a08ff prevented the session
|
||
cache from being cleared if a client certificate from file was used.
|
||
|
||
The condition is now fixed to cover both cases: consssl->client_nickname
|
||
is not NULL if a client certificate from the NSS database is used and
|
||
connssl->obj_clicert is not NULL if a client certificate from file is
|
||
used.
|
||
|
||
Review by: Kai Engert
|
||
|
||
Yang Tse (11 Jan 2013)
|
||
- sockfilt.c: log file descriptor number on read/write error
|
||
|
||
- [Gisle Vanem brought this change]
|
||
|
||
packages/DOS/common.dj: remove COFF debug info generation
|
||
|
||
gcc on DOS hasn't really supported COFF-debug (-gcoff) on djgpp for a
|
||
long time.
|
||
|
||
"Sounds like the COFF debug info generation has bit-rotted in GCC.
|
||
Nothing new here, no other platform uses COFF AFAIK."
|
||
|
||
So lets drop it too.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0130.html
|
||
|
||
- curl: ignore SIGPIPE - compilation fix - follow-up
|
||
|
||
- test servers: handle W32/W64 SIGBREAK with exit_signal_handler
|
||
|
||
- test servers: fix errno, ERRNO and SOCKERRNO usage for W32/W64
|
||
|
||
- sockfilt.c: fix some W64 compiler warnings
|
||
|
||
Daniel Stenberg (9 Jan 2013)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
docs: the --with-darwinssl option is available on Apple OSes
|
||
|
||
Yang Tse (9 Jan 2013)
|
||
- curl: ignore SIGPIPE - compilation fix
|
||
|
||
- build: fix circular header inclusion with other packages
|
||
|
||
This commit renames lib/setup.h to lib/curl_setup.h and
|
||
renames lib/setup_once.h to lib/curl_setup_once.h.
|
||
|
||
Removes the need and usage of a header inclusion guard foreign
|
||
to libcurl. [1]
|
||
|
||
Removes the need and presence of an alarming notice we carried
|
||
in old setup_once.h [2]
|
||
|
||
----------------------------------------
|
||
|
||
1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
|
||
up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
|
||
this single inclusion guard is enough to ensure that inclusion of
|
||
lib/setup_once.h done from lib/setup.h is only done once.
|
||
|
||
Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
|
||
protect inclusion of setup_once.h even after commit ec691ca3, this
|
||
was to avoid a circular header inclusion triggered when building a
|
||
c-ares enabled version with c-ares sources available which also has
|
||
a setup_once.h header. Commit ec691ca3 exposes the real nature of
|
||
__SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
|
||
foreign to libcurl belonging to c-ares's setup_once.h
|
||
|
||
The renaming this commit does, fixes the circular header inclusion,
|
||
and as such removes the need and usage of a header inclusion guard
|
||
foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.
|
||
|
||
2 - Due to the circular interdependency of old lib/setup_once.h and the
|
||
c-ares setup_once.h header, old file lib/setup_once.h has carried
|
||
back from 2006 up to now days an alarming and prominent notice about
|
||
the need of keeping libcurl's and c-ares's setup_once.h in sync.
|
||
|
||
Given that this commit fixes the circular interdependency, the need
|
||
and presence of mentioned notice is removed.
|
||
|
||
All mentioned interdependencies come back from now old days when
|
||
the c-ares project lived inside a curl subdirectory. This commit
|
||
removes last traces of such fact.
|
||
|
||
Daniel Stenberg (8 Jan 2013)
|
||
- curl: ignore SIGPIPE
|
||
|
||
This is a work-around for bug #1180 which is really libcurl's inability
|
||
to ignore SIGPIPE in a few cases. With this work-around at least curl
|
||
won't suffer from it!
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=1180
|
||
Reported by: Lluís Batlle i Rossell
|
||
|
||
Yang Tse (8 Jan 2013)
|
||
- sockfilt.c: fix some compiler warnings
|
||
|
||
Daniel Stenberg (8 Jan 2013)
|
||
- Revert "configure: update req to 2.59"
|
||
|
||
This reverts commit 7a6d8b1b1a8fcc184c36d6b6e741e32250b4bacb.
|
||
|
||
URL: http://curl.haxx.se/mail/lib-2013-01/0103.html
|
||
|
||
Steve Holme (8 Jan 2013)
|
||
- pop3: Added support for non-blocking SSL upgrade
|
||
|
||
Added support for asynchronous SSL upgrade when using the
|
||
multi-interface.
|
||
|
||
Daniel Stenberg (8 Jan 2013)
|
||
- configure: update req to 2.59
|
||
|
||
I ran the 2.59 version of autoupdate that updates obsoleted configure.ac
|
||
constructs to the 2.59 standard. With a little hands-on fiddling I
|
||
prevented it from ruining the quoting in AS_HELP_STRING() uses.
|
||
|
||
I subsequently also bumped the required autoconf version to 2.59
|
||
(released in December 2003) as I don't have an older autoconf version
|
||
around to test with and I can't be bothered to install one either...
|
||
|
||
Inspired by: Björn Stenberg
|
||
Related blog post: http://cazfi.livejournal.com/195108.html
|
||
|
||
Steve Holme (7 Jan 2013)
|
||
- imap.c: Small tidy up to add missing comment
|
||
|
||
- imap: Added support for sasl digest-md5 authentication
|
||
|
||
- imap: Added support for sasl cram-md5 authentication
|
||
|
||
Marc Hoersken (7 Jan 2013)
|
||
- tests/server/sockfilt.c: Fixed integer comparison warning
|
||
|
||
- tests/server/sockfilt.c: Include required Win32 headers
|
||
|
||
Steve Holme (7 Jan 2013)
|
||
- imap: Added support for sasl ntlm authentication
|
||
|
||
- imap: Added support for sasl login authentication
|
||
|
||
- pop3.c: Fixed default authentication detection
|
||
|
||
Fixed an issue where a server may positively respond to the CAPA command
|
||
but not list clear text as a valid authentication type.
|
||
|
||
- curl_sasl.c: Small code tidy up following imap changes
|
||
|
||
- smtp.c: Small code tidy up following imap changes
|
||
|
||
- pop3.c: Small code tidy up following imap changes
|
||
|
||
- imap: Added support for sasl plain text authentication
|
||
|
||
Marc Hoersken (6 Jan 2013)
|
||
- tests/server/sockfilt.c: Fixed support for listening sockets
|
||
|
||
This commit fixes support for sockets that are ready to accept
|
||
a new connection and have previously been put into listening mode.
|
||
|
||
It also includes changes which are the result of investigation
|
||
regarding Windows STDIN. These changes are the preparation for further
|
||
improvements regarding support for reading data from STDIN on Windows.
|
||
|
||
Open issue: WaitForMultipleObjectsEx does not support PIPE handles
|
||
which are returned by GetStdHandle while running without a GUI.
|
||
|
||
- tests/server/sockfilt.c: Set Windows Console to binary mode
|
||
|
||
- tests/server/sockfilt.c: Improved log error messages
|
||
|
||
Include error code and parameters in error messages.
|
||
|
||
Steve Holme (6 Jan 2013)
|
||
- imap: Introduced the continue response in imap_endofresp()
|
||
|
||
- imap: Added support for SASL based authentication mechanism detection
|
||
|
||
Added support for detecting the supported SASL authentication mechanisms
|
||
via the CAPABILITY command.
|
||
|
||
Yang Tse (6 Jan 2013)
|
||
- Revert changes relative to lib/*.[ch] recent renaming
|
||
|
||
This reverts renaming and usage of lib/*.h header files done
|
||
28-12-2012, reverting 2 commits:
|
||
|
||
f871de0... build: make use of 76 lib/*.h renamed files
|
||
ffd8e12... build: rename 76 lib/*.h files
|
||
|
||
This also reverts removal of redundant include guard (redundant thanks
|
||
to changes in above commits) done 2-12-2013, reverting 1 commit:
|
||
|
||
c087374... curl_setup.h: remove redundant include guard
|
||
|
||
This also reverts renaming and usage of lib/*.c source files done
|
||
3-12-2013, reverting 3 commits:
|
||
|
||
13606bb... build: make use of 93 lib/*.c renamed files
|
||
5b6e792... build: rename 93 lib/*.c files
|
||
7d83dff... build: commit 13606bbfde follow-up 1
|
||
|
||
Start of related discussion thread:
|
||
|
||
http://curl.haxx.se/mail/lib-2013-01/0012.html
|
||
|
||
Asking for confirmation on pushing this revertion commit:
|
||
|
||
http://curl.haxx.se/mail/lib-2013-01/0048.html
|
||
|
||
Confirmation summary:
|
||
|
||
http://curl.haxx.se/mail/lib-2013-01/0079.html
|
||
|
||
NOTICE: The list of 2 files that have been modified by other
|
||
intermixed commits, while renamed, and also by at least one
|
||
of the 6 commits this one reverts follows below. These 2 files
|
||
will exhibit a hole in history unless git's '--follow' option
|
||
is used when viewing logs.
|
||
|
||
lib/curl_imap.h
|
||
lib/curl_smtp.h
|
||
|
||
Daniel Stenberg (6 Jan 2013)
|
||
- mk-ca-bundle.1: convert syntax to what's used elsewhere
|
||
|
||
... mostly to make sure roffit works better on it, but also to make our
|
||
man pages use a more unified style.
|
||
|
||
- mk-ca-bundle.1: mention new -f, fix outputfile output
|
||
|
||
also edited a few sentences to become more verbose
|
||
|
||
- mk-ca-bundle: add -f, support passing to stdout and more
|
||
|
||
1. When the downloaded data file from Mozilla is current, but the output
|
||
bundle does not exist: continue processing to create the bundle. The
|
||
goal is to have the output file - not just download the latest input.
|
||
|
||
2. added -f option to force re-processing the file. Useful for
|
||
debugging/testing the process.
|
||
|
||
3. added support for output to '-' (stdout), allowing the output to be
|
||
piped.
|
||
|
||
4. All progress and error messages go to STDERR rather than STDOUT (3)
|
||
|
||
5. The script opened and closed the output file many times
|
||
unnecessarily. It now opens it once, does the output and closes it.
|
||
|
||
6. Backup of the input files happens after successful processing, not
|
||
before.
|
||
|
||
7. The output is written to a temporary file, and renamed to the
|
||
requested name after backup - this greatly reduces the window where the
|
||
file can be seen partially written.
|
||
|
||
8. all die calls have a \n at the end to suppress perl's traceback - the
|
||
traceback isn't useful to end users.
|
||
|
||
Patch: http://curl.haxx.se/mail/lib-2013-01/0045.html
|
||
|
||
Yang Tse (5 Jan 2013)
|
||
- imap test server: fix typo in name of SELECT_imap() sub definition
|
||
|
||
IMAP test server breaking typo introduced with commit b708a522a1
|
||
|
||
Steve Holme (4 Jan 2013)
|
||
- imap test server: Added support for the CAPABILITY command
|
||
|
||
Added support for the CAPABILITY command in preparation of upcoming
|
||
changes.
|
||
|
||
Daniel Stenberg (3 Jan 2013)
|
||
- writeout: -w now supports remote_ip/port and local_ip/port
|
||
|
||
Added mention to the curl.1 man page.
|
||
|
||
Test case 1223 verifies remote_ip/port.
|
||
|
||
Yang Tse (3 Jan 2013)
|
||
- test 1222: 8 chars object name generation && test 1221: adjustments
|
||
|
||
Daniel Stenberg (3 Jan 2013)
|
||
- INTERNALS: remove "footnote" never used
|
||
|
||
Yang Tse (3 Jan 2013)
|
||
- build: commit 13606bbfde follow-up 1
|
||
|
||
Daniel Stenberg (3 Jan 2013)
|
||
- FAQ: Can I write a server with libcurl?
|
||
|
||
Yang Tse (3 Jan 2013)
|
||
- build: rename 93 lib/*.c files
|
||
|
||
93 lib/*.c source files renamed to use our standard naming scheme.
|
||
|
||
This commit only does the file renaming.
|
||
|
||
----------------------------------------
|
||
|
||
renamed: lib/amigaos.c -> lib/curl_amigaos.c
|
||
renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c
|
||
renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c
|
||
renamed: lib/axtls.c -> lib/curl_axtls.c
|
||
renamed: lib/base64.c -> lib/curl_base64.c
|
||
renamed: lib/bundles.c -> lib/curl_bundles.c
|
||
renamed: lib/conncache.c -> lib/curl_conncache.c
|
||
renamed: lib/connect.c -> lib/curl_connect.c
|
||
renamed: lib/content_encoding.c -> lib/curl_content_encoding.c
|
||
renamed: lib/cookie.c -> lib/curl_cookie.c
|
||
renamed: lib/cyassl.c -> lib/curl_cyassl.c
|
||
renamed: lib/dict.c -> lib/curl_dict.c
|
||
renamed: lib/easy.c -> lib/curl_easy.c
|
||
renamed: lib/escape.c -> lib/curl_escape.c
|
||
renamed: lib/file.c -> lib/curl_file.c
|
||
renamed: lib/fileinfo.c -> lib/curl_fileinfo.c
|
||
renamed: lib/formdata.c -> lib/curl_formdata.c
|
||
renamed: lib/ftp.c -> lib/curl_ftp.c
|
||
renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c
|
||
renamed: lib/getenv.c -> lib/curl_getenv.c
|
||
renamed: lib/getinfo.c -> lib/curl_getinfo.c
|
||
renamed: lib/gopher.c -> lib/curl_gopher.c
|
||
renamed: lib/gtls.c -> lib/curl_gtls.c
|
||
renamed: lib/hash.c -> lib/curl_hash.c
|
||
renamed: lib/hmac.c -> lib/curl_hmac.c
|
||
renamed: lib/hostasyn.c -> lib/curl_hostasyn.c
|
||
renamed: lib/hostcheck.c -> lib/curl_hostcheck.c
|
||
renamed: lib/hostip.c -> lib/curl_hostip.c
|
||
renamed: lib/hostip4.c -> lib/curl_hostip4.c
|
||
renamed: lib/hostip6.c -> lib/curl_hostip6.c
|
||
renamed: lib/hostsyn.c -> lib/curl_hostsyn.c
|
||
renamed: lib/http.c -> lib/curl_http.c
|
||
renamed: lib/http_chunks.c -> lib/curl_http_chunks.c
|
||
renamed: lib/http_digest.c -> lib/curl_http_digest.c
|
||
renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c
|
||
renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c
|
||
renamed: lib/http_proxy.c -> lib/curl_http_proxy.c
|
||
renamed: lib/idn_win32.c -> lib/curl_idn_win32.c
|
||
renamed: lib/if2ip.c -> lib/curl_if2ip.c
|
||
renamed: lib/imap.c -> lib/curl_imap.c
|
||
renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c
|
||
renamed: lib/inet_pton.c -> lib/curl_inet_pton.c
|
||
renamed: lib/krb4.c -> lib/curl_krb4.c
|
||
renamed: lib/krb5.c -> lib/curl_krb5.c
|
||
renamed: lib/ldap.c -> lib/curl_ldap.c
|
||
renamed: lib/llist.c -> lib/curl_llist.c
|
||
renamed: lib/md4.c -> lib/curl_md4.c
|
||
renamed: lib/md5.c -> lib/curl_md5.c
|
||
renamed: lib/memdebug.c -> lib/curl_memdebug.c
|
||
renamed: lib/mprintf.c -> lib/curl_mprintf.c
|
||
renamed: lib/multi.c -> lib/curl_multi.c
|
||
renamed: lib/netrc.c -> lib/curl_netrc.c
|
||
renamed: lib/non-ascii.c -> lib/curl_non_ascii.c
|
||
renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h
|
||
renamed: lib/nonblock.c -> lib/curl_nonblock.c
|
||
renamed: lib/nss.c -> lib/curl_nss.c
|
||
renamed: lib/nwlib.c -> lib/curl_nwlib.c
|
||
renamed: lib/nwos.c -> lib/curl_nwos.c
|
||
renamed: lib/openldap.c -> lib/curl_openldap.c
|
||
renamed: lib/parsedate.c -> lib/curl_parsedate.c
|
||
renamed: lib/pingpong.c -> lib/curl_pingpong.c
|
||
renamed: lib/polarssl.c -> lib/curl_polarssl.c
|
||
renamed: lib/pop3.c -> lib/curl_pop3.c
|
||
renamed: lib/progress.c -> lib/curl_progress.c
|
||
renamed: lib/qssl.c -> lib/curl_qssl.c
|
||
renamed: lib/rawstr.c -> lib/curl_rawstr.c
|
||
renamed: lib/rtsp.c -> lib/curl_rtsp.c
|
||
renamed: lib/security.c -> lib/curl_security.c
|
||
renamed: lib/select.c -> lib/curl_select.c
|
||
renamed: lib/sendf.c -> lib/curl_sendf.c
|
||
renamed: lib/share.c -> lib/curl_share.c
|
||
renamed: lib/slist.c -> lib/curl_slist.c
|
||
renamed: lib/smtp.c -> lib/curl_smtp.c
|
||
renamed: lib/socks.c -> lib/curl_socks.c
|
||
renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c
|
||
renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c
|
||
renamed: lib/speedcheck.c -> lib/curl_speedcheck.c
|
||
renamed: lib/splay.c -> lib/curl_splay.c
|
||
renamed: lib/ssh.c -> lib/curl_ssh.c
|
||
renamed: lib/sslgen.c -> lib/curl_sslgen.c
|
||
renamed: lib/ssluse.c -> lib/curl_ssluse.c
|
||
renamed: lib/strdup.c -> lib/curl_strdup.c
|
||
renamed: lib/strequal.c -> lib/curl_strequal.c
|
||
renamed: lib/strerror.c -> lib/curl_strerror.c
|
||
renamed: lib/strtok.c -> lib/curl_strtok.c
|
||
renamed: lib/strtoofft.c -> lib/curl_strtoofft.c
|
||
renamed: lib/telnet.c -> lib/curl_telnet.c
|
||
renamed: lib/tftp.c -> lib/curl_tftp.c
|
||
renamed: lib/timeval.c -> lib/curl_timeval.c
|
||
renamed: lib/transfer.c -> lib/curl_transfer.c
|
||
renamed: lib/url.c -> lib/curl_url.c
|
||
renamed: lib/version.c -> lib/curl_version.c
|
||
renamed: lib/warnless.c -> lib/curl_warnless.c
|
||
renamed: lib/wildcard.c -> lib/curl_wildcard.c
|
||
|
||
----------------------------------------
|
||
|
||
- build: make use of 93 lib/*.c renamed files
|
||
|
||
93 *.c source files renamed to use our standard naming scheme.
|
||
|
||
This change affects 77 files in libcurl's source tree.
|
||
|
||
Daniel Stenberg (3 Jan 2013)
|
||
- INSTALL: unify the SSL library texts
|
||
|
||
Make them smaller and more similar for each separate SSL library
|
||
supported by the configure build
|
||
|
||
Yang Tse (2 Jan 2013)
|
||
- curl_setup.h: remove redundant include guard
|
||
|
||
- build and tests: curl_10char_object_name() shell function
|
||
|
||
lib/objnames.inc provides definition of curl_10char_object_name() shell
|
||
function. The intended purpose of this function is to transliterate a
|
||
(*.c) source file name that may be longer than 10 characters, or not,
|
||
into a string with at most 10 characters which may be used as an OS/400
|
||
object name.
|
||
|
||
Test case 1221 does unit testng of this function and also verifies
|
||
that it is possible to generate distinct short object names for all
|
||
curl and libcurl *.c source file names.
|
||
|
||
lib/objnames-test.sh is the shell script used for test case 1221.
|
||
|
||
tests/runtests.pl modified to accept shell script test cases.
|
||
|
||
More details inside lib/objnames.inc and lib/objnames-test.sh
|
||
|
||
- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS
|
||
|
||
automake 1.13 errors if AM_CONFIG_HEADER is used in configure script.
|
||
automake 1.13 no longer autoupdates AM_CONFIG_HEADER to
|
||
AC_CONFIG_HEADERS, thing which automake has been doing since automake
|
||
version 1.7
|
||
|
||
Given that our first automake supported version is automake 1.7,
|
||
simply replacing AM_CONFIG_HEADER usage with AC_CONFIG_HEADERS seems
|
||
enough to yet support same automake versions.
|
||
|
||
Dave Reisner reported issue with 1.13 and provided patch.
|
||
|
||
http://curl.haxx.se/mail/lib-2012-12/0246.html
|
||
|
||
- curl-override.m4: provide AC_CONFIG_MACRO_DIR definition conditionally
|
||
|
||
Provide a 'traceable' AC_CONFIG_MACRO_DIR definition only when using
|
||
an autoconf version that does not provide it, instead of what we were
|
||
doing up to now of providing and overriding AC_CONFIG_MACRO_DIR for
|
||
all autoconf versions.
|
||
|
||
Steve Holme (30 Dec 2012)
|
||
- imap.c: Minor follow up tidy up
|
||
|
||
- imap: Code tidy up prior to adding support for the CAPABILITY command
|
||
|
||
* Changing the order of the state machine to represent the order in
|
||
which commands are sent to the server.
|
||
|
||
* Reworking the imap_endofresp() function as the FETCH response doesn't
|
||
include the command id and shouldn't be part of the length comparison
|
||
that takes into account the id string.
|
||
|
||
- pop3_doing: Applied debug info message when function fails
|
||
|
||
Applied the same debug message as used in smtp_doing() and imap_doing()
|
||
when pop3_multi_statemach() fails.
|
||
|
||
- imap_doing: don't call imap_dophase_done() if already failed
|
||
|
||
Applied the POP3 fix from commit 2897ce7dc2e1 so imap_dophase_done()
|
||
isn't called if imap_multi_statemach() fails.
|
||
|
||
- smtp_doing: don't call smtp_dophase_done() if already failed
|
||
|
||
Applied the POP3 fix from commit 2897ce7dc2e1 so smtp_dophase_done()
|
||
isn't called if smtp_multi_statemach() fails.
|
||
|
||
Yang Tse (29 Dec 2012)
|
||
- examples/certinfo.c: fix compiler warning
|
||
|
||
Steve Holme (29 Dec 2012)
|
||
- pop3.c: Removed unnecessary POP3_STOP state changes
|
||
|
||
Removed unnecessary state changes in pop3_state_starttls_resp()
|
||
following previous fix in IMAP module.
|
||
|
||
- smtp.c: Added extra comments around SMTP_STOP state change
|
||
|
||
Provided extra comments in the SMTP module following previous IMAP fix.
|
||
|
||
- imap.c: Fixed bad state error when logging in with invalid credentials
|
||
|
||
Fixed a problem with the state machine when attempting to log in with
|
||
invalid credentials. The server would report login failure but libcurl
|
||
would not read the response due to inappropriate IMAP_STOP states being
|
||
set after the login was sent.
|
||
|
||
Yang Tse (29 Dec 2012)
|
||
- imap.c: remove trailing whitespace
|
||
|
||
Steve Holme (28 Dec 2012)
|
||
- imap.c: Code tidy up - Part 2
|
||
|
||
- imap.c: Code tidy up - Part 1
|
||
|
||
Applied some of the comment and layout changes that had already been
|
||
applied to the pop3 and smtp code over the last 6 to 9 months.
|
||
|
||
This is in preparation of adding SASL based authentication.
|
||
|
||
- pop3.c: Minor code tidy up
|
||
|
||
Minor tidy up of comments and layout prior to next part of imap work.
|
||
|
||
- smtp: Minor code tidy up
|
||
|
||
Minor tidy up of comments and layout prior to next part of imap work.
|
||
|
||
- curl_imap.h: Tidy up of comments to be more readable
|
||
|
||
- imap.c: Code tidy up renaming imapsendf() to imap_sendf()
|
||
|
||
Renamed imapsendf() to imap_sendf() to be more in keeping with the
|
||
other imap functions as well as Curl_pp_sendf() that it replaces.
|
||
|
||
Yang Tse (28 Dec 2012)
|
||
- build: rename 76 lib/*.h files
|
||
|
||
76 private header files renamed to use our standard naming scheme.
|
||
|
||
This commit only does the file renaming.
|
||
|
||
----------------------------------------
|
||
|
||
renamed: amigaos.h -> curl_amigaos.h
|
||
renamed: arpa_telnet.h -> curl_arpa_telnet.h
|
||
renamed: asyn.h -> curl_asyn.h
|
||
renamed: axtls.h -> curl_axtls.h
|
||
renamed: bundles.h -> curl_bundles.h
|
||
renamed: conncache.h -> curl_conncache.h
|
||
renamed: connect.h -> curl_connect.h
|
||
renamed: content_encoding.h -> curl_content_encoding.h
|
||
renamed: cookie.h -> curl_cookie.h
|
||
renamed: cyassl.h -> curl_cyassl.h
|
||
renamed: dict.h -> curl_dict.h
|
||
renamed: easyif.h -> curl_easyif.h
|
||
renamed: escape.h -> curl_escape.h
|
||
renamed: file.h -> curl_file.h
|
||
renamed: fileinfo.h -> curl_fileinfo.h
|
||
renamed: formdata.h -> curl_formdata.h
|
||
renamed: ftp.h -> curl_ftp.h
|
||
renamed: ftplistparser.h -> curl_ftplistparser.h
|
||
renamed: getinfo.h -> curl_getinfo.h
|
||
renamed: gopher.h -> curl_gopher.h
|
||
renamed: gtls.h -> curl_gtls.h
|
||
renamed: hash.h -> curl_hash.h
|
||
renamed: hostcheck.h -> curl_hostcheck.h
|
||
renamed: hostip.h -> curl_hostip.h
|
||
renamed: http.h -> curl_http.h
|
||
renamed: http_chunks.h -> curl_http_chunks.h
|
||
renamed: http_digest.h -> curl_http_digest.h
|
||
renamed: http_negotiate.h -> curl_http_negotiate.h
|
||
renamed: http_proxy.h -> curl_http_proxy.h
|
||
renamed: if2ip.h -> curl_if2ip.h
|
||
renamed: imap.h -> curl_imap.h
|
||
renamed: inet_ntop.h -> curl_inet_ntop.h
|
||
renamed: inet_pton.h -> curl_inet_pton.h
|
||
renamed: krb4.h -> curl_krb4.h
|
||
renamed: llist.h -> curl_llist.h
|
||
renamed: memdebug.h -> curl_memdebug.h
|
||
renamed: multiif.h -> curl_multiif.h
|
||
renamed: netrc.h -> curl_netrc.h
|
||
renamed: non-ascii.h -> curl_non-ascii.h
|
||
renamed: nonblock.h -> curl_nonblock.h
|
||
renamed: nssg.h -> curl_nssg.h
|
||
renamed: parsedate.h -> curl_parsedate.h
|
||
renamed: pingpong.h -> curl_pingpong.h
|
||
renamed: polarssl.h -> curl_polarssl.h
|
||
renamed: pop3.h -> curl_pop3.h
|
||
renamed: progress.h -> curl_progress.h
|
||
renamed: qssl.h -> curl_qssl.h
|
||
renamed: rawstr.h -> curl_rawstr.h
|
||
renamed: rtsp.h -> curl_rtsp.h
|
||
renamed: select.h -> curl_select.h
|
||
renamed: sendf.h -> curl_sendf.h
|
||
renamed: setup.h -> curl_setup.h
|
||
renamed: setup_once.h -> curl_setup_once.h
|
||
renamed: share.h -> curl_share.h
|
||
renamed: slist.h -> curl_slist.h
|
||
renamed: smtp.h -> curl_smtp.h
|
||
renamed: sockaddr.h -> curl_sockaddr.h
|
||
renamed: socks.h -> curl_socks.h
|
||
renamed: speedcheck.h -> curl_speedcheck.h
|
||
renamed: splay.h -> curl_splay.h
|
||
renamed: ssh.h -> curl_ssh.h
|
||
renamed: sslgen.h -> curl_sslgen.h
|
||
renamed: ssluse.h -> curl_ssluse.h
|
||
renamed: strdup.h -> curl_strdup.h
|
||
renamed: strequal.h -> curl_strequal.h
|
||
renamed: strerror.h -> curl_strerror.h
|
||
renamed: strtok.h -> curl_strtok.h
|
||
renamed: strtoofft.h -> curl_strtoofft.h
|
||
renamed: telnet.h -> curl_telnet.h
|
||
renamed: tftp.h -> curl_tftp.h
|
||
renamed: timeval.h -> curl_timeval.h
|
||
renamed: transfer.h -> curl_transfer.h
|
||
renamed: url.h -> curl_url.h
|
||
renamed: urldata.h -> curl_urldata.h
|
||
renamed: warnless.h -> curl_warnless.h
|
||
renamed: wildcard.h -> curl_wildcard.h
|
||
|
||
----------------------------------------
|
||
|
||
- build: make use of 76 lib/*.h renamed files
|
||
|
||
76 private header files renamed to use our standard naming scheme.
|
||
|
||
This change affects 322 files in libcurl's source tree.
|
||
|
||
- lib/*.h: use our standard naming scheme for header inclusion guards
|
||
|
||
Steve Holme (28 Dec 2012)
|
||
- imsp.c: Fixed usernames and passwords that contain escape characters
|
||
|
||
Fixed a problem with sending usernames and passwords that contain
|
||
backslash, quotation mark and space characters.
|
||
|
||
Daniel Stenberg (27 Dec 2012)
|
||
- curl.1: extend the -X, --request description
|
||
|
||
- RELEASE-NOTES: synced with e3ed2b82e6
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: Fixed inability to disable peer verification
|
||
|
||
... on Snow Leopard and Lion
|
||
|
||
Snow Leopard introduced the SSLSetSessionOption() function, but it
|
||
doesn't disable peer verification as expected on Snow Leopard or
|
||
Lion (it works as expected in Mountain Lion). So we now use sysctl()
|
||
to detect whether or not the user is using Snow Leopard or Lion,
|
||
and if that's the case, then we now use the deprecated
|
||
SSLSetEnableCertVerify() function instead to disable peer verification.
|
||
|
||
Yang Tse (26 Dec 2012)
|
||
- curl tool: rename hugehelp files to tool_hugehelp
|
||
|
||
- curl tool: renaming hugehelp files to tool_hugehelp
|
||
|
||
- sockfilt.c: commit b44da5a82a follow-up 2
|
||
|
||
- sockfilt.c: commit b44da5a82a follow-up
|
||
|
||
- sockfilt.c: fix some compiler warnings
|
||
|
||
- curl_multi_remove_handle: commit 0aabfd9963 follow-up
|
||
|
||
Daniel Stenberg (25 Dec 2012)
|
||
- lib556: enable VERBOSE to ease debugging on failures
|
||
|
||
Marc Hoersken (25 Dec 2012)
|
||
- socklift.c: Quick fix to re-add missing code
|
||
|
||
- socklift.c: Added select_ws function to support Windows
|
||
|
||
WinSock select() does not support standard file descriptors,
|
||
it can only check SOCKETs. The following function is an attempt
|
||
to create a select() function with support for other handles.
|
||
|
||
Yang Tse (25 Dec 2012)
|
||
- Enable tests 1503, 1504 and 1505
|
||
|
||
- curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
|
||
|
||
- Curl_hash_clean: OOM handling fix
|
||
|
||
- test 1504 and 1505: same as 1502 but with different cleanup sequences
|
||
|
||
Daniel Stenberg (24 Dec 2012)
|
||
- Curl_conncache_foreach: allow callback to break loop
|
||
|
||
... and have it take a proper 'struct connectdata *' as first argument
|
||
|
||
- pop3_doing: don't call pop3_dophase_done() if already failed
|
||
|
||
... it also clobbered the 'result' return value so that it wouldn't
|
||
return the error back to the parent function properly, which broke test
|
||
809 when run with 'multi-always'.
|
||
|
||
Yang Tse (23 Dec 2012)
|
||
- test 1503: same as 1502 but with a different cleanup sequence
|
||
|
||
- test 1502: OOM handling fixes
|
||
|
||
- curl_multi_wait: OOM handling fix
|
||
|
||
- [Daniel Stenberg brought this change]
|
||
|
||
curl_multi_wait: avoid an unnecessary memory allocation
|
||
|
||
- runtests.pl: prepend $srcdir to HTTPTLS server config files path
|
||
|
||
- multi.c: OOM handling fix
|
||
|
||
- lib543.c: OOM handling fixes
|
||
|
||
- configure: add internal sanity check (warn only) on vars for makefiles
|
||
|
||
Daniel Stenberg (21 Dec 2012)
|
||
- SCP: relative path didn't work
|
||
|
||
When prefixing a path with /~/ it is supposed to be used relative to the
|
||
user's home directory but it didn't work. Now we cut off the entire
|
||
three byte sequenct "/~/" which seems to be how OpenSSH does it.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=1173
|
||
Reported by: Balaji Parasuram
|
||
|
||
Yang Tse (21 Dec 2012)
|
||
- configure: LIBMETALINK_CFLAGS actually is LIBMETALINK_CPPFLAGS
|
||
|
||
- configure: add minimal sanity check on user provided CFLAGS and CPPFLAGS
|
||
|
||
- bundles connection caching: some out of memory handling fixes
|
||
|
||
- libntlmconnect.c: fix compiler warnings and OOM handling
|
||
|
||
- configure.ac: clear local test intended variables before use
|
||
|
||
- VC6 IDE: link with advapi32.lib when using WIN32 crypto API (md5.c)
|
||
|
||
- curl-functions.m4: improve gethostname arg 2 data type check
|
||
|
||
- setup_once.h: HP-UX specific 'bool', 'false' and 'true' definitions.
|
||
|
||
Also reverts commit f254c59dc7
|
||
|
||
- configure: check if compiler halts on function prototype mismatch
|
||
|
||
- warnless.c: fix compiler warnings
|
||
|
||
- curl-functions.m4: add gethostname arg 2 data type check and definition
|
||
|
||
Daniel Stenberg (14 Dec 2012)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: Fix implicit conversion compiler warnings
|
||
|
||
The Clang compiler found a few implicit conversion problems that have
|
||
now been fixed.
|
||
|
||
Yang Tse (14 Dec 2012)
|
||
- setup_once.h: HP-UX <sys/socket.h> issue workaround
|
||
|
||
Issue: When building a 32bit target with large file support HP-UX
|
||
<sys/socket.h> header file may simultaneously provide two different
|
||
sets of declarations for sendfile and sendpath functions, one with
|
||
static and another with external linkage. Given that we do not use
|
||
mentioned functions we really don't care which linkage is the
|
||
appropriate one, but on the other hand, the double declaration emmits
|
||
warnings when using the HP-UX compiler and errors when using modern
|
||
gcc versions resulting in fatal compilation errors.
|
||
|
||
Mentioned issue is now fixed as long as we don't use sendfile nor
|
||
sendpath functions.
|
||
|
||
- setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>
|
||
|
||
Inclusion of top two most included header files now done in setup_once.h
|
||
|
||
- setup_once.h: HP-UX specific TRUE and FALSE definitions
|
||
|
||
Some HP-UX system headers require TRUE defined to 1 and FALSE to 0.
|
||
|
||
Daniel Stenberg (12 Dec 2012)
|
||
- gopher: #include cleanup
|
||
|
||
Remove all system file includes from this file as they're not needed
|
||
|
||
Reported by: Dan Fandrich
|
||
|
||
Yang Tse (11 Dec 2012)
|
||
- examples/simplessl.c: fix compiler warning
|
||
|
||
- examples/externalsocket.c: fix SunPro compilation issue
|
||
|
||
- examples/simplessl.c: fix compiler warning
|
||
|
||
- build: add bundles and conncache files to other build systems
|
||
|
||
- conncache: fix enumerated type mixed with another type
|
||
|
||
- examples/anyauthput.c: fix Tru64 compilation issue
|
||
|
||
Daniel Stenberg (8 Dec 2012)
|
||
- [Colin Watson brought this change]
|
||
|
||
configure: fix cross pkg-config detection
|
||
|
||
When cross-compiling, CURL_CHECK_PKGCONFIG was checking for the cross
|
||
pkg-config using ${host}-pkg-config.
|
||
|
||
The gold standard for doing this correctly is pkg-config's own macro,
|
||
PKG_PROG_PKG_CONFIG. However, on the assumption that you have a good
|
||
reason not to use that directly (reduced dependencies for maintainer
|
||
builds?), the behaviour of cURL's version should at least match.
|
||
PKG_PROG_PKG_CONFIG uses AC_PATH_TOOL, which ultimately ends up trying
|
||
${host_alias}-pkg-config; this is not quite the same as what cURL does,
|
||
and may differ because ${host} has been run through config.sub. For
|
||
instance, when cross-building to the armhf architecture on Ubuntu,
|
||
${host_alias} is arm-linux-gnueabihf while ${host} is
|
||
arm-unknown-linux-gnueabihf. This may also have been the cause of the
|
||
problem reported at http://curl.haxx.se/mail/lib-2012-04/0224.html.
|
||
|
||
AC_PATH_TOOL is significantly simpler than cURL's current code, and
|
||
dates back to well before the current minimum of Autoconf 2.57, so let's
|
||
use it instead.
|
||
|
||
- [Linus Nielsen Feltzing brought this change]
|
||
|
||
Introducing a new persistent connection caching system using "bundles".
|
||
|
||
A bundle is a list of all persistent connections to the same host.
|
||
The connection cache consists of a hash of bundles, with the
|
||
hostname as the key.
|
||
The benefits may not be obvious, but they are two:
|
||
|
||
1) Faster search for connections to reuse, since the hash
|
||
lookup only finds connections to the host in question.
|
||
2) It lays out the groundworks for an upcoming patch,
|
||
which will introduce multiple HTTP pipelines.
|
||
|
||
This patch also removes the awkward list of "closure handles",
|
||
which were needed to send QUIT commands to the FTP server
|
||
when closing a connection.
|
||
Now we allocate a separate closure handle and use that
|
||
one to close all connections.
|
||
|
||
This has been tested in a live system for a few weeks, and of
|
||
course passes the test suite.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
runtests and friends: Do not add undefined values to @INC
|
||
|
||
On FreeBSD this fixes the warning:
|
||
Use of uninitialized value $p in string eq at /usr/local/lib/perl5/5.14.2/BSDPAN/BSDPAN.pm line 36.
|
||
|
||
Steve Holme (5 Dec 2012)
|
||
- Merge pull request #52 from isn-/master
|
||
|
||
small compilation fix
|
||
|
||
Stanislav Ivochkin (5 Dec 2012)
|
||
- build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
|
||
|
||
Yang Tse (5 Dec 2012)
|
||
- libtest: fix some compiler warnings
|
||
|
||
- examples: fix compilation issues - commit 7332a7cafb follow-up
|
||
|
||
- examples: fix compilation issues - commit 23f8dca6fb follow-up
|
||
|
||
- examples: fix compilation issues
|
||
|
||
- build: explain current role of LIBS in our Makefile.am files
|
||
|
||
BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
|
||
LIBS variable used in generated makefile at makefile processing
|
||
time. Doing this functionally prevents LIBS from being used for
|
||
all link targets in given makefile.
|
||
|
||
Daniel Stenberg (4 Dec 2012)
|
||
- multi: fix re-sending request on early connection close
|
||
|
||
This handling already works with the easy-interface code. When a request
|
||
is sent on a re-used connection that gets closed by the server at the
|
||
same time as the request is sent, the situation may occur so that we can
|
||
send the request and we discover the broken connection as a RECV_ERROR
|
||
in the PERFORM state and then the request needs to be retried on a fresh
|
||
connection. Test 64 broke with 'multi-always-internally'.
|
||
|
||
Yang Tse (4 Dec 2012)
|
||
- configure: add minimal sanity check on user provided LIBS and LDFLAGS
|
||
|
||
- build: prevent global LIBS from influencing src and lib build targets
|
||
|
||
Currently, LIBS is already used through other macros.
|
||
|
||
Kamil Dudka (3 Dec 2012)
|
||
- nss: prevent NSS from crashing on client auth hook failure
|
||
|
||
Although it is not explicitly stated in the documentation, NSS uses
|
||
*pRetCert and *pRetKey even if the client authentication hook returns
|
||
a failure. Namely, if we destroy *pRetCert without clearing *pRetCert
|
||
afterwards, NSS destroys the certificate once again, which causes a
|
||
double free.
|
||
|
||
Reported by: Bob Relyea
|
||
|
||
Yang Tse (30 Nov 2012)
|
||
- testcurl.pl: build example programs for several autobuilds
|
||
|
||
Affected autobuilds: IRIX, AIX, Tru64 and AIX.
|
||
|
||
- build: prevent global LIBS from influencing examples build targets
|
||
|
||
- build: prevent global LIBS from influencing libtest build targets
|
||
|
||
- build: prevent global LIBS from influencing test server build targets
|
||
|
||
- build: fix Windows build targets damaged since commit 550e403f00
|
||
|
||
- build: avoid linkage of directly unused libraries
|
||
|
||
- dd missing NTLM feature for tests 2025, and 2028 to 2032
|
||
|
||
- avoid mixing of enumerated type with another type
|
||
|
||
- multi.c: disambiguate precedence of bitwise and relational operation
|
||
|
||
Daniel Stenberg (26 Nov 2012)
|
||
- [Fabian Keil brought this change]
|
||
|
||
Remove stray CRLF in chunk-encoded content-free request bodies
|
||
|
||
.. that are sent when auth-negotiating before a chunked
|
||
upload or when setting the 'Transfer-Encoding: chunked'
|
||
header and intentionally sending no content.
|
||
|
||
Adjust test565 and test1333 accordingly.
|
||
|
||
- FAQ: clarify the 3.4 section
|
||
|
||
You can do custom commands to FTP without sending anything by using the
|
||
CURLOPT_NOBODY, which -I sets.
|
||
|
||
- [Lijo Antony brought this change]
|
||
|
||
examples: Updated asiohiper.cpp to remove connect from opensocket
|
||
|
||
Blocking connect on the socket has been removed from opensocket
|
||
callback. opensocket just opens a new socket and gives it back to
|
||
libcurl and libcurl will take care of the connect. sockopt_callback has
|
||
also been removed, as it is no longer required.
|
||
|
||
Yang Tse (23 Nov 2012)
|
||
- build: fix AIX compilation and usage
|
||
|
||
AIX sys/poll.h header file defines 'events' and 'revents' as C
|
||
preprocessor macros. Usage of these literals in libcurl's external
|
||
API was introduced in commit de24d7bd4c causing AIX build failures.
|
||
Appropriate inclusion of sys/poll.h by libcurl's external interface
|
||
fixes AIX build and usage issues while avoiding a SONAME bump.
|
||
|
||
Steve Holme (23 Nov 2012)
|
||
- DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols
|
||
|
||
Daniel Stenberg (23 Nov 2012)
|
||
- test: offer "automake" output and check for perl better
|
||
|
||
runtests.pl -am now uses the "PASS/FAIL: [desc]" output for each
|
||
executed test. You can run 'make test-am' in the root build directory to
|
||
invoke that. The reason for this output style is to better allow generic
|
||
test suite parsers to also grok our test output.
|
||
|
||
The test Makefile now also tests that perl was indeed found and that the
|
||
PERL variable points to an executable before it tries to run the main
|
||
test perl script runtests.pl,
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Test 206: Use a Content-Length header for the 407 response
|
||
|
||
Otherwise curl would have to guess where the body ends.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Test 206: Don't respond to a succesful CONNECT request with a body
|
||
|
||
It's against the spec and caused test failures when header
|
||
and response were read from the network separately in which
|
||
case bug #39 wasn't triggered.
|
||
|
||
- htmltitle: use .cpp extension for C++ examples
|
||
|
||
- [Lijo Antony brought this change]
|
||
|
||
examples: Added a c++ example of using multi with boost::asio
|
||
|
||
Added an example for demonstrating the usage of curl multi interface
|
||
with boost::asio in c++
|
||
|
||
- VC Makefiles: add missing hostcheck
|
||
|
||
the newly introduced hostcheck.h/c is missing in the Visual Studio
|
||
Makefiles as obj file.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-11/0176.html
|
||
|
||
- compiler warning fixes
|
||
|
||
The conversions from ssize_t to int need to be typecasted.
|
||
|
||
- bump: start working on 7.28.2
|
||
|
||
- THANKS: added 14 contributors from the 7.28.1 release
|
||
|
||
Version 7.28.1 (20 Nov 2012)
|
||
|
||
Daniel Stenberg (20 Nov 2012)
|
||
- RELEASE-NOTES: synced with 52af6e69f079 / 7.28.1
|
||
|
||
Kamil Dudka (20 Nov 2012)
|
||
- [Anthony Bryan brought this change]
|
||
|
||
RELEASE-NOTES: NSS can be used for metalink hashing
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Get test 2032 working when using valgrind
|
||
|
||
If curl_multi_fdset() sets maxfd to -1, the socket detection
|
||
loop is skipped and thus !found_new_socket is no cause for alarm.
|
||
|
||
- test2032: spurious failure caused by premature termination
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-11/0095.html
|
||
|
||
Daniel Stenberg (19 Nov 2012)
|
||
- [Fabian Keil brought this change]
|
||
|
||
Fix comment typos in test 517
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Test 92 and 194: normalize spaces in the Server headers
|
||
|
||
It makes no difference from curl's point of view but
|
||
makes it more convenient to use the tests with a
|
||
lws-normalizing proxy between curl and the test server.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Add a HOSTIP precheck for tests 31 and 1105
|
||
|
||
They currently only work for 127.0.0.1 which
|
||
is hardcoded and can't be easily changed.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Let test 8 work as long as %HOSTIP ends with ".0.0.1"
|
||
|
||
.. and add a precheck to skip the test otherwise.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Add --resolve to the keywords and name of test 1318
|
||
|
||
This makes it easier to skip it automatically when
|
||
the test suite is used with external proxies.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Add FTP keywords for a couple of currently keyword-less FTP tests
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Add keywords for a couple of currently keyword-less HTTP tests
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Use carriage returns in all headers in test 31
|
||
|
||
Trailing spaces were left unmodifed, assuming they were intentional.
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Do not mix CRLF and LF header endings in a couple of HTTP tests
|
||
|
||
Consistently use CRLF instead. The mixed endings weren't
|
||
documented so I assume they were unintentional.
|
||
|
||
This change doesn't matter for curl itself but makes using
|
||
the tests with a proxy between curl and the test server
|
||
more convenient.
|
||
|
||
Tests that consistently use no carriage returns were
|
||
left unmodified as one can easily work around this.
|
||
|
||
- fixed memory leak: CURLOPT_RESOLVE with multi interface
|
||
|
||
DNS cache entries populated with CURLOPT_RESOLVE were not properly freed
|
||
again when done using the multi interface.
|
||
|
||
Test case 1502 added to verify.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3575448
|
||
Reported by: Alex Gruz
|
||
|
||
- RELEASE-NOTES: synced with ee588fe08807778
|
||
|
||
4 more bug fixes and 4 more contributors
|
||
|
||
- mem-include-scan: verify memory #includes
|
||
|
||
If we use memory functions (malloc, free, strdup etc) in C sources in
|
||
libcurl and we fail to include curl_memory.h or memdebug.h we either
|
||
fail to properly support user-provided memory callbacks or the memory
|
||
leak system of the test suite fails.
|
||
|
||
After Ajit's report of a failure in the first category in http_proxy.c,
|
||
I spotted a few in the second category as well. These problems are now
|
||
tested for by test 1132 which runs a perl program that scans for and
|
||
attempts to check that we use the correct include files if a memory
|
||
related function is used in the source code.
|
||
|
||
Reported by: Ajit Dhumale
|
||
Bug: http://curl.haxx.se/mail/lib-2012-11/0125.html
|
||
|
||
- tftp_rx: code style cleanup
|
||
|
||
Fixed checksrc warnings
|
||
|
||
- [Fabian Keil brought this change]
|
||
|
||
Fix the libauthretry changes from 7c0cbcf2f61
|
||
|
||
They broke the NTLM tests from 2023 to 2031.
|
||
|
||
- [Christian Vogt brought this change]
|
||
|
||
tftp_rx: handle resends
|
||
|
||
Re-send ACK for block X in case we receive block X data again while
|
||
waiting for block X+1.
|
||
|
||
Based on an earlier patch by Marcin Adamski.
|
||
|
||
- autoconf: don't force-disable compiler debug option
|
||
|
||
When nothing is told to configure, we should not enforce switching off
|
||
debug options with -g0 (or similar). We instead don't use -g at all in
|
||
that situaion and therefore allow the user's CFLAGS settings possibly
|
||
dictate what to do.
|
||
|
||
- [Mark Snelling brought this change]
|
||
|
||
winbuild: Fix PDB file output
|
||
|
||
And fix some newlines to be proper CRLF
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3586741
|
||
|
||
- RELEASE-NOTES: synced with fa1ae0abcde
|
||
|
||
- [Cristian Rodríguez brought this change]
|
||
|
||
OpenSSL: Disable SSL/TLS compression
|
||
|
||
It either causes increased memory usage or exposes users
|
||
to the "CRIME attack" (CVE-2012-4929)
|
||
|
||
- [Sebastian Rasmussen brought this change]
|
||
|
||
FILE: Make upload-writes unbuffered by not using FILE streams
|
||
|
||
Kamil Dudka (13 Nov 2012)
|
||
- tool_metalink: fix error detection of hash alg initialization
|
||
|
||
The {MD5,SHA1,SHA256}_Init functions from OpenSSL are called directly
|
||
without any wrappers and they return 1 for success, 0 otherwise. Hence,
|
||
we have to use the same approach in all the wrapper functions that are
|
||
used for the other crypto libraries.
|
||
|
||
This commit fixes a regression introduced in commit dca8ae5f.
|
||
|
||
Daniel Stenberg (13 Nov 2012)
|
||
- RELEASE-NOTES: synced with 7c0cbcf2f617b
|
||
|
||
- [Sergei Nikulov brought this change]
|
||
|
||
fixed Visual Studio 2010 compilation
|
||
|
||
- [Anton Malov brought this change]
|
||
|
||
ftp: EPSV-disable fix over SOCKS
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3586338
|
||
|
||
Patrick Monnerat (12 Nov 2012)
|
||
- Merge branch 'master' of github.com:bagder/curl
|
||
|
||
- OS400: upgrade wrappers for the 7.28.1 release.
|
||
|
||
Daniel Stenberg (12 Nov 2012)
|
||
- runtests: limit execessive logging/output
|
||
|
||
- [Gabriel Sjoberg brought this change]
|
||
|
||
Digst: Add microseconds into nounce calculation
|
||
|
||
When using only 1 second precision, curl doesn't create new cnonce
|
||
values quickly enough for all uses.
|
||
|
||
For example, issuing the following command multiple times to a recent
|
||
Tomcat causes authentication failures:
|
||
|
||
curl --digest -utest:test http://tomcat.test.com:8080/manager/list
|
||
|
||
This is because curl uses the same cnonce for several seconds, but
|
||
doesn't increment the nonce counter. Tomcat correctly interprets
|
||
this as a replay attack and rejects the request.
|
||
|
||
When microsecond-precision is available, this commit causes curl to
|
||
change cnonce values much more frequently.
|
||
|
||
With microsecond resolution, increasing the nounce length used in the
|
||
headers to 32 was made to further reduce the risk of duplication.
|
||
|
||
- SCP/SFTP: improve error code used for send failures
|
||
|
||
Instead of relying on the generic CURLE error for SCP or SFTP send
|
||
failures, try passing back a more suitable error if possible.
|
||
|
||
- Curl_write: remove unneeded typecast
|
||
|
||
Kamil Dudka (9 Nov 2012)
|
||
- tool_metalink: allow to use hash algorithms provided by NSS
|
||
|
||
Fixes bug #3578163:
|
||
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=3578163&group_id=976
|
||
|
||
- tool_metalink: allow to handle failure of hash alg initialization
|
||
|
||
- tool_metalink: introduce metalink_cleanup() in the internal API
|
||
|
||
... to release resources allocated at global scope
|
||
|
||
Daniel Stenberg (8 Nov 2012)
|
||
- hostcheck: only build for the actual users
|
||
|
||
and make local function static
|
||
|
||
- [Oscar Koeroo brought this change]
|
||
|
||
SSL: Several SSL-backend related fixes
|
||
|
||
axTLS:
|
||
|
||
This will make the axTLS backend perform the RFC2818 checks, honoring
|
||
the VERIFYHOST setting similar to the OpenSSL backend.
|
||
|
||
Generic for OpenSSL and axTLS:
|
||
|
||
Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
|
||
files to make them genericly available for both the OpenSSL, axTLS and
|
||
other SSL backends. They are now in the new lib/hostcheck.c file.
|
||
|
||
CyaSSL:
|
||
|
||
CyaSSL now also has the RFC2818 checks enabled by default. There is a
|
||
limitation that the verifyhost can not be enabled exclusively on the
|
||
Subject CN field comparison. This SSL backend will thus behave like the
|
||
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
|
||
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
|
||
too.
|
||
|
||
Schannel:
|
||
|
||
Updated the schannel information messages: Split the IP address usage
|
||
message from the verifyhost setting and changed the message about
|
||
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
|
||
into a message stating that the Subject Alternative Names checks are
|
||
being disabled when verifyhost is set to 0 or 1. As a side effect of
|
||
switching off the RFC2818 related servername checks with
|
||
SCH_CRED_NO_SERVERNAME_CHECK
|
||
(http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
|
||
is being disabled. This effect is not documented in MSDN, but Wireshark
|
||
output clearly shows the effect (details on the libcurl maillist).
|
||
|
||
PolarSSL:
|
||
|
||
Fix the prototype change in PolarSSL of ssl_set_session() and the move
|
||
of the peer_cert from the ssl_context to the ssl_session. Found this
|
||
change in the PolarSSL SVN between r1316 and r1317 where the
|
||
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
|
||
PolarSSL version 1.1.4 the check is to discriminate between lower then
|
||
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
|
||
trunk jumped from version 1.1.1 to 1.2.0.
|
||
|
||
Generic:
|
||
|
||
All the SSL backends are fixed and checked to work with the
|
||
ssl.verifyhost as a boolean, which is an internal API change.
|
||
|
||
- libcurl: VERSIONINFO update
|
||
|
||
Since we added the curl_multi_wait function, the VERSIONINFO needed
|
||
updating.
|
||
|
||
Reported by: Patrick Monnerat
|
||
|
||
Guenter Knauf (8 Nov 2012)
|
||
- Added .def file to output.
|
||
|
||
Requested by Johnny Luong on the libcurl list.
|
||
|
||
- Added deps for static metalink-aware MinGW builds.
|
||
|
||
Daniel Stenberg (8 Nov 2012)
|
||
- [Fabian Keil brought this change]
|
||
|
||
Fix compilation of lib1501
|
||
|
||
- Curl_readwrite: remove debug output
|
||
|
||
The text "additional stuff not fine" text was added for debug purposes a
|
||
while ago, but it isn't really helping anyone and for some reason some
|
||
Linux distributions provide their libcurls built with debug info still
|
||
present and thus (far too many) users get to read this info.
|
||
|
||
- RELEASE-NOTES: synced with 487538e87a3d5e
|
||
|
||
6 new bugfixes and 3 more contributors...
|
||
|
||
- http_perhapsrewind: consider NTLM over proxy too
|
||
|
||
The logic previously checked for a started NTLM negotiation only for
|
||
host and not also with proxy, leading to problems doing POSTs over a
|
||
proxy NTLM that are larger than 2000 bytes. Now it includes proxy in the
|
||
check.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3582321
|
||
Reported by: John Suprock
|
||
|
||
- [Lars Buitinck brought this change]
|
||
|
||
Curl_connecthost: friendlier "couldn't connect" message
|
||
|
||
- test1413: verify redirects to URLs with fragments
|
||
|
||
The bug report claimed it didn't work. This problem was probably fixed
|
||
in 473003fbdf.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3581898
|
||
|
||
- URL parser: cut off '#' fragments from URLs (better)
|
||
|
||
The existing logic only cut off the fragment from the separate 'path'
|
||
buffer which is used when sending HTTP to hosts. The buffer that held
|
||
the full URL used for proxies were not dealt with. It is now.
|
||
|
||
Test case 5 was updated to use a fragment on a URL over a proxy.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3579813
|
||
|
||
- OpenSSL/servercert: use correct buffer size, not size of pointer
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3579286
|
||
|
||
- curl: set CURLOPT_SSL_VERIFYHOST to 0 to disable
|
||
|
||
- test 2027/2030: take duplicate Digest requests into account
|
||
|
||
With the reversion of ce8311c7e49eca and the new clear logic, this flaw
|
||
is present and we allow it.
|
||
|
||
- Curl_pretransfer: clear out unwanted auth methods
|
||
|
||
As a handle can be re-used after having done HTTP auth in a previous
|
||
request, it must make sure to clear out the HTTP types that aren't
|
||
wanted in this new request.
|
||
|
||
- test1412: verify Digest with repeated URLs
|
||
|
||
This test case verifies that bug 3582718 is fixed.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3582718
|
||
Reported by: Nick Zitzmann (originally)
|
||
|
||
- Revert "Zero out auth structs before transfer"
|
||
|
||
This reverts commit ce8311c7e49eca93c136b58efa6763853541ec97.
|
||
|
||
The commit made test 2024 work but caused a regression with repeated
|
||
Digest authentication. We need to fix this differently.
|
||
|
||
- CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
|
||
|
||
After a research team wrote a document[1] that found several live source
|
||
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
|
||
option thinking it was a boolean, this change now bans 1 as a value and
|
||
will make libcurl return error for it.
|
||
|
||
1 was never a sensible value to use in production but was introduced
|
||
back in the days to help debugging. It was always documented clearly
|
||
this way.
|
||
|
||
1 was never supported by all SSL backends in libcurl, so this cleanup
|
||
makes the treatment of it unified.
|
||
|
||
The report's list of mistakes for this option were all PHP code and
|
||
while there's a binding layer between libcurl and PHP, the PHP team has
|
||
decided that they have an as thin layer as possible on top of libcurl so
|
||
they will not alter or specifically filter a 'TRUE' value for this
|
||
particular option. I sympathize with that position.
|
||
|
||
[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
|
||
|
||
- gnutls: fix compiler warnings
|
||
|
||
- [Alessandro Ghedini brought this change]
|
||
|
||
gnutls: print alerts during handshake
|
||
|
||
- [Alessandro Ghedini brought this change]
|
||
|
||
gnutls: fix the error_is_fatal logic
|
||
|
||
- RELEASE-NOTES: synced with fa6d78829fd30ad
|
||
|
||
- httpcustomheader.c: free the headers after use
|
||
|
||
- [Dave Reisner brought this change]
|
||
|
||
uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
|
||
|
||
Since automake 1.12.4, the warnings are issued on running automake:
|
||
|
||
warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
|
||
|
||
Avoid INCLUDES and roll these flags into AM_CPPFLAGS.
|
||
|
||
Compile tested on:
|
||
Ubuntu 10.04 (automake 1:1.11.1-1)
|
||
Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2)
|
||
Arch Linux (automake 1.12.4)
|
||
|
||
- libauthretry.c: shorten lines to fit within 80 cols
|
||
|
||
- ftp_readresp: fix build without krb4 support
|
||
|
||
Oops, my previous commit broke builds with krb support.
|
||
|
||
- test/README: mention the 1500 test number range
|
||
|
||
- FTP: prevent the multi interface from blocking
|
||
|
||
As pointed out in Bug report #3579064, curl_multi_perform() would
|
||
wrongly use a blocking mechanism internally for some commands which
|
||
could lead to for example a very long block if the LIST response never
|
||
showed.
|
||
|
||
The solution was to make sure to properly continue to use the multi
|
||
interface non-blocking state machine.
|
||
|
||
The new test 1501 verifies the fix.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3579064
|
||
Reported by: Guido Berhoerster
|
||
|
||
Marc Hoersken (1 Nov 2012)
|
||
- winbuild: Use machine type of development environment
|
||
|
||
This patch restores the original behavior instead of always
|
||
falling back to x86 if no MACHINE-type was specified.
|
||
|
||
- winbuild: Additional clean up
|
||
|
||
- [Sapien2 brought this change]
|
||
|
||
Even more winbuild refactoring
|
||
|
||
- [Sapien2 brought this change]
|
||
|
||
Minor winbuild refactoring
|
||
|
||
- [Sapien2 brought this change]
|
||
|
||
Architecture selection for winbuild and minor makefiles refactoring
|
||
|
||
Daniel Stenberg (1 Nov 2012)
|
||
- BUGS: fix the bug tracker URL
|
||
|
||
The URL we used before is the one that goes directly to 'add' a bug
|
||
report, but since you can only do that after first having logged in to
|
||
sourceforge, the link often doesn't work for visitors.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3582408
|
||
Reported by: Oscar Norlander
|
||
|
||
- evhiperfifo: fix the pointer passed to WRITEDATA
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3582407
|
||
Reported by: Oscar Norlander
|
||
|
||
Guenter Knauf (1 Nov 2012)
|
||
- Fixed MSVC libssh2 static build.
|
||
|
||
Since libssh2 supports now agent stuff it also depends on user32.lib.
|
||
Posted to the list by Jan Ehrhardt.
|
||
|
||
Daniel Stenberg (23 Oct 2012)
|
||
- tlsauthtype: deal with the string case insensitively
|
||
|
||
When given a string as 'srp' it didn't work, but required 'SRP'.
|
||
Starting now, the check disregards casing.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3578418
|
||
Reported by: Jeff Connelly
|
||
|
||
- asyn-ares: restore working with c-ares < 1.6.1
|
||
|
||
Back in those days the public ares.h header didn't include the
|
||
ares_version.h header so it needs to be included here.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3577710
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
metalink/md5: Use CommonCrypto on Apple operating systems
|
||
|
||
Previously the Metalink code used Apple's CommonCrypto library only if
|
||
curl was built using the --with-darwinssl option. Now we use CommonCrypto
|
||
on all Apple operating systems including Tiger or later, or iOS 5 or
|
||
later, so you don't need to build --with-darwinssl anymore. Also rolled
|
||
out this change to libcurl's md5 code.
|
||
|
||
- href_extractor.c: fix the URL
|
||
|
||
- [Michał Kowalczyk brought this change]
|
||
|
||
href_extractor: example code extracting href elements
|
||
|
||
It does so in a streaming manner using the "Streaming HTML parser".
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: un-broke iOS build, fix error on server disconnect
|
||
|
||
The iOS build was broken by a reference to a function that only existed
|
||
under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
|
||
server disconnected before libcurl got the chance to hang up first and
|
||
SecureTransport was in use, then we'd raise an error instead of failing
|
||
gracefully.
|
||
|
||
- [Alessandro Ghedini brought this change]
|
||
|
||
gnutls: put reset code into else block
|
||
|
||
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690551
|
||
|
||
Guenter Knauf (13 Oct 2012)
|
||
- Fix now broken libmetalink-aware OpenSSL build.
|
||
|
||
- Revert c44e674; add OpenSSL includes/defines.
|
||
|
||
The makefile is designed to build against a libmetalink devel package;
|
||
therefore is does not matter what will change inside libmetalink.
|
||
Add OpenSSL includes and defines for libmetalink-aware OpenSSL builds.
|
||
|
||
Daniel Stenberg (10 Oct 2012)
|
||
- version-bump: towards 7.28.1!
|
||
|
||
- THANKS: 14 new contributors from 7.28.0
|
||
|
||
Version 7.28.0 (10 Oct 2012)
|
||
|
||
Daniel Stenberg (10 Oct 2012)
|
||
- RELEASE-NOTES: synced with 8373ca3641
|
||
|
||
One bug, one contributor. Getting ready for release.
|
||
|
||
- curl_multi_wait: no wait if no descriptors to wait for
|
||
|
||
This is a minor change in behavior after having been pointed out by Mark
|
||
Tully and discussed on the list. Initially this case would internally
|
||
call poll() with no sockets and a timeout which would equal a sleep for
|
||
that specified time.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
|
||
Reported by: Mark Tully
|
||
|
||
- TODO-RELEASE: cleanup for 7.28.0
|
||
|
||
one issue is now KNOWN_BUG #79
|
||
|
||
the other we just skip since nobody is working on it or is planning to
|
||
start working on it anytime soon
|
||
|
||
- curl_multi_wait.3: style formatting mistake
|
||
|
||
Marc Hoersken (8 Oct 2012)
|
||
- ssluse.c: md5.h is required for Curl_ossl_md5sum
|
||
|
||
Daniel Stenberg (8 Oct 2012)
|
||
- curl_multi_wait.3: fix the name of the man page
|
||
|
||
- curl_multi_wait.3: renamed the last argument variable for clarity
|
||
|
||
Marc Hoersken (6 Oct 2012)
|
||
- curl_schannel.c: Fixed caching more data than required
|
||
|
||
Do not fill the decrypted data buffer with more data unless
|
||
required in order to return the requested amount of data.
|
||
|
||
- curl_schannel: Removed buffer limit and optimized buffer strategy
|
||
|
||
Since there are servers that seem to return very big encrypted
|
||
data packages, we need to be able to handle those without having
|
||
an internal size limit. To avoid the buffer growing to fast to
|
||
early the initial size was decreased and the minimum free space
|
||
in the buffer was decreased as well.
|
||
|
||
- lib/socks.c: Merged two size variables into one
|
||
|
||
- lib/socks.c: Avoid type conversions where possible
|
||
|
||
Streamlined variable names and types to avoid type conversions that
|
||
may result in data being lost on non 32-bit systems.
|
||
|
||
- lib/curl_schannel.c: Hide size_t conversion warning
|
||
|
||
- krb5/curl_rtmp.c: Hide size_t to int type conversion warning
|
||
|
||
- security.c: Aligned internal type to return type
|
||
|
||
Use ssize_t instead of int to avoid conversion problems on 64-bit
|
||
systems. Also added curlx_sztosi where necessary.
|
||
|
||
- lib/curl_schannel: Increased maximum buffer size to factor 128
|
||
|
||
- winbuild/MakefileBuild.vc: Follow up on 0c8ccf7
|
||
|
||
Daniel Stenberg (2 Oct 2012)
|
||
- RELEASE-NOTES: synced with 971f5bcedd418
|
||
|
||
9 new bug fixes, 5 changes, 6 more contributors
|
||
|
||
- multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation
|
||
|
||
During the periods of rate limitation, the speedcheck function wasn't
|
||
called and thus the values weren't updated accordingly and it would then
|
||
easily trigger wrongly once data got transferred again.
|
||
|
||
Also, the progress callback's return code was not acknowledged in this
|
||
state so it could make an "abort" return code to get ignored and not
|
||
have the documented effect of aborting an ongoing transfer.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
|
||
Reported by: Jie He
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
tool_metalink.c: Filtered resource URLs by type
|
||
|
||
In Metalink v3, the type attribute of url element indicates the
|
||
type of the resource the URL points to. It can include URL to the
|
||
meta data, such as BitTorrent metainfo file. In Curl, we are not
|
||
interested in these meta data URLs. Instead, we are only
|
||
interested in the HTTP and FTP URLs. This change filters out
|
||
non-HTTP and FTP URLs. If we don't filter out them, it will be
|
||
downloaded by curl and hash check will fail if hash is provided
|
||
and next URL will be tried. This change will cut this useless
|
||
network transfer.
|
||
|
||
Kamil Dudka (1 Oct 2012)
|
||
- https.c example: remember to call curl_global_init()
|
||
|
||
... in order not to leak memory on initializing an SSL library.
|
||
|
||
Reported by: Tomas Mlcoch
|
||
|
||
Daniel Stenberg (28 Sep 2012)
|
||
- FAQ: remove the date from the topmost line
|
||
|
||
- FAQ: 5.16 I want a different time-out!
|
||
|
||
- Curl_reconnect_request: clear pointer on failure
|
||
|
||
The Curl_reconnect_request() function could end up returning a pointer
|
||
to a free()d struct when Curl_done() failed inside. Clearing the pointer
|
||
unconditionally after Curl_done() avoids this risk.
|
||
|
||
Reported by: Ho-chi Chen
|
||
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html
|
||
|
||
- CURLOPT_CONNECTTIMEOUT: works without signals or posix too!
|
||
|
||
Marc Hoersken (24 Sep 2012)
|
||
- Makefile.vc6: Follow up on 0c8ccf7
|
||
|
||
- Makefile.vc6: Added missing default library advapi32.lib
|
||
|
||
Daniel Stenberg (19 Sep 2012)
|
||
- HTTP_ONLY: disable more protocols
|
||
|
||
- test2006: Updated expected output to include hash name
|
||
|
||
Output changed in commit a34197ef77cb
|
||
|
||
- [Sergei Nikulov brought this change]
|
||
|
||
cmake: use standard findxxx modules for cmake v2.8+
|
||
|
||
- [Sergei Nikulov brought this change]
|
||
|
||
setup.h: fixed for MS VC10 build
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3568327
|
||
|
||
- TODO-RELEASE: push new features to 7.29
|
||
|
||
Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
|
||
working on them I have little hope...
|
||
|
||
Marc Hoersken (17 Sep 2012)
|
||
- metalink tests: Updated expected output to include hash name
|
||
|
||
Daniel Stenberg (16 Sep 2012)
|
||
- [Sara Golemon brought this change]
|
||
|
||
curl_multi_wait: Add parameter to return number of active sockets
|
||
|
||
Minor change to recently introduced function. BC breaking, but since
|
||
curl_multi_wait() doesn't exist in any releases that should be fine.
|
||
|
||
Marc Hoersken (14 Sep 2012)
|
||
- socks.c: Fixed warning: conversion to 'int' from 'long unsigned int'
|
||
|
||
- http_negotiate.c: Fxied warning: unused variable 'rc'
|
||
|
||
- ssh.c: Fixed warning: implicit conversion from enumeration type
|
||
|
||
- socks.c: Check that IPv6 is enabled before using it's features
|
||
|
||
- checksrc: Fixed line length and comment indentation
|
||
|
||
- socks.c: Updated error messages to handle hostname and IPv6
|
||
|
||
- socks.c: Added support for IPv6 connections through SOCKSv5 proxy
|
||
|
||
Daniel Stenberg (13 Sep 2012)
|
||
- parse_proxy: treat "socks://x" as a socks4 proxy
|
||
|
||
Selected socks proxy in Google's Chrome browser. Resulting in the
|
||
following environment variables:
|
||
|
||
NO_PROXY=localhost,127.0.0.0/8
|
||
ALL_PROXY=socks://localhost:1080/
|
||
all_proxy=socks://localhost:1080/
|
||
no_proxy=localhost,127.0.0.0/8
|
||
|
||
... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
|
||
proxy.
|
||
|
||
Reported by: Scott Bailey
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3566860
|
||
|
||
Kamil Dudka (12 Sep 2012)
|
||
- ssh: do not crash if MD5 fingerprint is not provided by libssh2
|
||
|
||
The MD5 fingerprint cannot be computed when running in FIPS mode.
|
||
|
||
- ssh: move the fingerprint checking code to a separate fnc
|
||
|
||
Marc Hoersken (12 Sep 2012)
|
||
- tool_metalink.c: Added name of validation hash to messages
|
||
|
||
This makes it easier to debug broken hashes or hash functions.
|
||
|
||
- wincrypt: Fixed cross-compilation issues caused by include name
|
||
|
||
For some reason WinCrypt.h is named wincrypt.h under MinGW.
|
||
|
||
- md5.c: Added support for Microsoft Windows CryptoAPI
|
||
|
||
- Makefile.m32: Updated to build against libmetalink 0.1.2
|
||
|
||
The include and library path were moved within libmetalink, this
|
||
patch adjusts the defaults provided within the curl MinGW makefile.
|
||
|
||
- tool_metalink.c: Added support for Microsoft Windows CryptoAPI
|
||
|
||
Since Metalink support requires a crypto library for hash functions
|
||
and Windows comes with the builtin CryptoAPI, this patch adds that
|
||
API as a fallback to the supported crypto libraries.
|
||
It is automatically used on Windows if no other library is provided.
|
||
|
||
- libntlmconnect.c: Fixed typo and conversion
|
||
|
||
- libntlmconnect.c: Fixed warning: curl_easy_getinfo expects long pointer
|
||
|
||
Fixed tests/libtest/libntlmconnect.c:52: warning: call to
|
||
'_curl_easy_getinfo_err_long' declared with attribute warning:
|
||
curl_easy_getinfo expects a pointer to long for this info
|
||
|
||
- sws.c: Fixed warning: 'err' may be used uninitialized in this function
|
||
|
||
- libntlmconnect.c: Fixed warning: comparison of signed/unsigned integer
|
||
|
||
Windows does not use -1 to represent invalid sockets and the
|
||
SOCKET type is unsigned.
|
||
|
||
- nss.c: Fixed warning: 'err' may be used uninitialized in this function
|
||
|
||
- tool_metalink.c: Fixed error: 'O_BINARY' undeclared
|
||
|
||
Check for O_BINARY which is not available on every system.
|
||
|
||
- tool_metalink.c: Fixed validation of binary files containing EOF
|
||
|
||
Since Windows/MinGW threat 0x1A as the EOF character, reading binary
|
||
files which contain that byte does not work using text mode.
|
||
The read function will only read until the first 0x1A byte. This
|
||
means that the hash is not computed from the whole file and the
|
||
final validation check using hash comparision fails.
|
||
|
||
- winbuild: Added support for building with SPNEGO enabled
|
||
|
||
Since Simple and Protected GSSAPI Negotiation Mechanism
|
||
is already implemented in curl and supported by the MinGW
|
||
builds, this change adds build support to winbuild makefiles.
|
||
|
||
- winbuild: Adjusted order of options to generated config name
|
||
|
||
Cleaned up order of handled build options by ordering them
|
||
nearly alphabetically by using the order of the generated
|
||
config name. Preparation for future/more build options.
|
||
|
||
Daniel Stenberg (9 Sep 2012)
|
||
- [Anthony Bryan brought this change]
|
||
|
||
MANUAL: clarified user+password in HTTP URLs
|
||
|
||
- RELEASE-NOTES: synced with 6c6f1f64c2
|
||
|
||
6 bug fixes to mention, 5 contributors
|
||
|
||
- TODO-RELEASE: CURLSSH_AUTH_AGENT and curl_multi_wait() are done
|
||
|
||
-321 - CURLSSH_AUTH_AGENT patch by Armel Asselin
|
||
|
||
-324 - curl_multi_select() vs curl_multi_fdvec() etc
|
||
|
||
Marc Hoersken (9 Sep 2012)
|
||
- curl_schannel.c: Reference count the credential/session handle
|
||
|
||
Reference counting the credential handle should avoid that such a
|
||
handle is freed while it is still required for connection shutdown
|
||
|
||
Daniel Stenberg (8 Sep 2012)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: fixed for older Mac OS X versions
|
||
|
||
SSL didn't work on older cats if built on a newer cat with weak-linking
|
||
turned on to support the older cat
|
||
|
||
- [David Blaikie brought this change]
|
||
|
||
tool_easysrc.c: Test pointers against NULL
|
||
|
||
While validating a new Clang diagnostic (-Wnon-literal-null-conversion -
|
||
yes, the name isn't quite correct in this case, but it suffices) I found
|
||
a few violations of it in Curl.
|
||
|
||
- SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3561305
|
||
|
||
Patch by: Marcel Raad
|
||
|
||
- mk-ca-bundle: detect start of trust section better
|
||
|
||
Each certificate section of the input certdata.txt file has a trust
|
||
section following it with details.
|
||
|
||
This script failed to detect the start of the trust for at least one
|
||
cert[*], which made the script continue pass that section into the next
|
||
one where it found an 'untrusted' marker and as a result that certficate
|
||
was not included in the output.
|
||
|
||
[*] = "Hellenic Academic and Research Institutions RootCA 2011"
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html
|
||
|
||
- [Alessandro Ghedini brought this change]
|
||
|
||
gnutls: do not fail on non-fatal handshake errors
|
||
|
||
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
|
||
|
||
- FILEFORMAT: the FTP commands work for more protocols
|
||
|
||
- test1411: verify SMTP without SIZE support
|
||
|
||
- [František Kučera brought this change]
|
||
|
||
SMTP: only send SIZE if supported
|
||
|
||
SMTP client will send SIZE parameter in MAIL FROM command only if server
|
||
supports it. Without this patch server might say "504 Command parameter
|
||
not implemented" and reject the message.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3564114
|
||
|
||
- ftpserver: respond with a 250 to SMTP EHLO
|
||
|
||
... and specify that SIZE is supported. 250 is the "correct" response
|
||
code according to RFC 2821
|
||
|
||
- RELEASE-NOTES: synced with abb0da919300e
|
||
|
||
Dan Fandrich (3 Sep 2012)
|
||
- Updated Symbian build files
|
||
|
||
This is untested, but at least Symbian still has a chance of
|
||
still working now.
|
||
|
||
- Updated build docs w.r.t. Android and binary sizes
|
||
|
||
Daniel Stenberg (1 Sep 2012)
|
||
- symbols-in-versions: new CURL_WAIT_* symbols
|
||
|
||
- [Sara Golemon brought this change]
|
||
|
||
Unit test for curl_multi_wait()
|
||
|
||
- [Sara Golemon brought this change]
|
||
|
||
Manpage for curl_multi_wait().
|
||
|
||
- [Sara Golemon brought this change]
|
||
|
||
multi: add curl_multi_wait()
|
||
|
||
/*
|
||
* Name: curl_multi_wait()
|
||
*
|
||
* Desc: Poll on all fds within a CURLM set as well as any
|
||
* additional fds passed to the function.
|
||
*
|
||
* Returns: CURLMcode type, general multi error code.
|
||
*/
|
||
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
|
||
struct curl_waitfd extra_fds[],
|
||
unsigned int extra_nfds,
|
||
int timeout_ms);
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: Bugfix for previous commit for older cats
|
||
|
||
I accidentally broke functionality for versions of OS X prior to Mountain
|
||
Lion in the previous commit. This commit fixes the problems.
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
Use MAX_EASY_HANDLES instead of hardcoding the number of handles twice
|
||
|
||
- test2032: bail out after last transfer
|
||
|
||
The test would hang and get aborted with a "ABORTING TEST, since it
|
||
seems that it would have run forever." until I prevented that from
|
||
happening.
|
||
|
||
I also fixed the data file which got broken CRLF line endings when I
|
||
sucked down the path from Joe's repo == my fault.
|
||
|
||
Removed #37 from KNOWN_BUGS as this fix and test case verifies exactly
|
||
this.
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
NTLM: re-use existing connection better
|
||
|
||
If we need an NTLM connection and one already exists, always choose that
|
||
one.
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
NTLM: verify multiple connections work
|
||
|
||
Add test2032 to test that NTLM does not switch connections in the middle
|
||
of the handshake
|
||
|
||
- curl.1: list the -w variables sorted alphabetically
|
||
|
||
- libcurl-share.3: remove wrong info of what can be shared
|
||
|
||
"Currently you can only share DNS and/or COOKIE data" is incorrect since
|
||
also SSL sessions can be shared.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3562261
|
||
Reported by: Joe Mason
|
||
|
||
- [Dave Reisner brought this change]
|
||
|
||
examples: use do/while loop for multi examples
|
||
|
||
It's conceivable that after the first time curl_multi_perform returns,
|
||
the outvalue still_running will be 0, but work will have been done. This
|
||
is shown by a workload of small, purely file:// based URLs. Ensure that
|
||
we always read pending messages off the multi handle by forcing the
|
||
while loop to run at least once.
|
||
|
||
- curl.h: fix comment to refer to current names
|
||
|
||
CURLOPT_USE_SSL should be set to CURLUSESSL_* and nothing else in modern
|
||
libcurl versions.
|
||
|
||
- ftpsget: simple example showing a FTPS fetch
|
||
|
||
- sftpget: SFTP is not "SSH FTP"
|
||
|
||
- [Armel Asselin brought this change]
|
||
|
||
sftpget: example showing a simple SFTP download
|
||
|
||
... using SSH-agent
|
||
|
||
- curl_multi_perform.3: extended/clarified
|
||
|
||
- INSTALL.cmake: clarify some flaws/limits in the cmake build
|
||
|
||
- https.c example: spell check used define
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3559845
|
||
Reported by: Olivier Berger
|
||
|
||
- configure: update the copyright years for the output
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
|
||
|
||
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
|
||
of SecureTransport functions, some of which we were using. We now check
|
||
to see if the replacement functions are present, and if so, we use them
|
||
instead. The old functions are still present for users of older
|
||
cats. Also fixed a build warning that started to appear under Mountain
|
||
Lion
|
||
|
||
- curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION
|
||
|
||
- [Gokhan Sengun brought this change]
|
||
|
||
ftp: active conn, place calling sockopt callback at the end of function
|
||
|
||
Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
|
||
|
||
- [Gokhan Sengun brought this change]
|
||
|
||
ftp: active conn, allow application to set sockopt after accept() call
|
||
|
||
For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
|
||
|
||
- configure: remove the --enable/disable-nonblocking options
|
||
|
||
Removing this option as it currently only functions to lure people into
|
||
wrongly using it and falsely believing that libcurl will work fine
|
||
without using nonblocking sockets internally - which leads to hard to
|
||
track or understand errors.
|
||
|
||
- [Ant Bryan brought this change]
|
||
|
||
MANUAL review
|
||
|
||
- curl.1: shorten lines, avoid referring to libcurl instead of curl
|
||
|
||
- [Ant Bryan brought this change]
|
||
|
||
curl.1: fix more consistent wording
|
||
|
||
"If this option is used several times, the last one will be used."
|
||
uniformity
|
||
|
||
- ssh: use the libssh2 agent API conditionally
|
||
|
||
Commit e351972bc89aa4c brought in the ssh agent support but some uses of
|
||
the libssh2 agent API was done unconditionally which wasn't good enough
|
||
since that API hasn't always been present.
|
||
|
||
- white space fix: shorten long line
|
||
|
||
... to please checksrc.pl
|
||
|
||
Kamil Dudka (9 Aug 2012)
|
||
- docs: update the links to cipher-suites supported by NSS
|
||
|
||
... and make the list of cipher-suites in nss.c readable by humans.
|
||
|
||
Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
|
||
|
||
- nss: do not print misleading NSS error codes
|
||
|
||
Daniel Stenberg (8 Aug 2012)
|
||
- RELEASE-NOTES: synced with 0774386b23
|
||
|
||
5 more bug fixes, one change, 6 contributors
|
||
|
||
- [Armel Asselin brought this change]
|
||
|
||
docs: mention CURLSSH_AUTH_AGENT
|
||
|
||
- [Armel Asselin brought this change]
|
||
|
||
SSH: added agent based authentication
|
||
|
||
CURLSSH_AUTH_AGENT is a new auth type for SSH
|
||
|
||
- bump version to 7.28.0
|
||
|
||
I am about to merge the first patch that adds changes into the pending
|
||
release, and thus we bump the minor number.
|
||
|
||
- RELEASE-NOTES: added missing link
|
||
|
||
- curl_version: fixed Value stored to 'len' is never read
|
||
|
||
Fixed this (harmless) clang-analyzer warning. Also fixed the source
|
||
indentation level.
|
||
|
||
- TODO-RELEASE: the (nil) bug is fixed
|
||
|
||
- add_next_timeout: minor restructure of code
|
||
|
||
By reading the ->head pointer and using that instead of the ->size
|
||
number to figure out if there's a list remaining we avoid the (false
|
||
positive) clang-analyzer warning that we might dereference of a null
|
||
pointer.
|
||
|
||
- verbose messages: fixed output of hostnames in re-used connections
|
||
|
||
I suspect this is a regression introduced in commit 207cf150, included
|
||
since 7.24.0.
|
||
|
||
Avoid showing '(nil)' as hostname in verbose output by making sure the
|
||
hostname fixup function is called early enough to set the pointers that
|
||
are used for this. The name data is set again for each request even for
|
||
re-used connections to handle multiple hostnames over the same
|
||
connection (like with proxy) or that the casing etc of the host name is
|
||
changed between requests (which has proven to be important at least once
|
||
in the past).
|
||
|
||
Test1011 was modified to use a redirect with a re-used a connection
|
||
since it then showed the bug and now lo longer does. There's currently
|
||
no easy way to have the test suite detect 'nil' texts in verbose ouputs
|
||
so no tests will detect if this problem gets reintroduced.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
|
||
Reported by: Gisle Vanem
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
metalink: Un-broke the build when building --with-darwinssl
|
||
|
||
Guenter Knauf (8 Aug 2012)
|
||
- Fix some compiler warnings.
|
||
|
||
Daniel Stenberg (8 Aug 2012)
|
||
- TODO-RELEASE: two bugs fixed
|
||
|
||
These are now addressed:
|
||
|
||
323 - patch - select.c / Curl_socket_check() interrupted
|
||
|
||
325 - Avoid leak of local device string when reusing connection
|
||
|
||
- curl.1: minor format fix for --data-ascii
|
||
|
||
... and removal of trailing whitespace on a single line
|
||
|
||
- [Ant Bryan brought this change]
|
||
|
||
curl man page cleanup
|
||
|
||
- [Mike Crowe brought this change]
|
||
|
||
Avoid leak of local device string when reusing connection
|
||
|
||
Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
|
||
decide we can reuse an existing connection.
|
||
|
||
- Curl_socket_check: fix timeout return value for select users
|
||
|
||
This is the same fix applied for the conditional code that uses select()
|
||
that was already done for the poll specific code in commit
|
||
b61e8b81f5038.
|
||
|
||
- [Maxime Larocque brought this change]
|
||
|
||
Curl_socket_check: fix return code for timeout
|
||
|
||
We found a problem with ftp transfer using libcurl (7.23 and 7.25)
|
||
inside an application which is receiving unix signals (SIGUSR1,
|
||
SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
|
||
defined).
|
||
|
||
Curl_socket_check() uses poll() to wait for the socket, and retries it
|
||
when a signal is received (EINTR). However, if a signal is received and
|
||
it also happens that the timeout has been reached, Curl_socket_check()
|
||
returns -1 instead of 0 (indicating an error instead of a timeout).
|
||
|
||
In our case, the result is an aborted connection even before the ftp
|
||
banner is received from the server, and a return value of
|
||
CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
|
||
in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
|
||
Funny to debug on a system on which OOM is a possible cause).
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
|
||
|
||
- RELEASE-NOTES: synced with b4a558041fdf65c0
|
||
|
||
- TODO-RELEASE: fixed another bug
|
||
|
||
bug #3544688 "crash during retry with libcurl and SFTP"
|
||
|
||
- WSAPoll: disabled on all windows builds
|
||
|
||
Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
|
||
library is used to setup a connection to an incorrect port, normally the
|
||
result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
|
||
the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
|
||
reached */.
|
||
|
||
On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
|
||
Online (https://premier.microsoft.com/). The support engineer handling
|
||
the case wrote that the case description is quite clear. He will try to
|
||
reproduce the issue and then proceed with troubleshooting it.
|
||
|
||
Reported by: Jan Koen Annot
|
||
Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
|
||
|
||
- retry request: only access the HTTP data if in fact HTTP
|
||
|
||
When figuring out if the data stream needs to be rewound when the
|
||
request is to be resent, we must not access the HTTP struct unless the
|
||
protocol used is indeed HTTP...
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
|
||
|
||
- TODO: support DANE, we already support gnutls without gcrypt
|
||
|
||
- curl-config: parentheses fix
|
||
|
||
Braces, not parentheses, should be used for shell variable names.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3551460
|
||
Reported by: Edward Sheldrake
|
||
|
||
- VC build: add define for openssl
|
||
|
||
This fixes a build failure of lib/ssluse.c.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
|
||
|
||
- TODO-RELEASE: two bugs fixed!
|
||
|
||
- globbing: fix segfault when >9 globs were used
|
||
|
||
Stupid lack of range checks caused the code to overwrite local variables
|
||
after glob number nine. Added checks now.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3546353
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
sws: close sockets properly
|
||
|
||
Fix a bug where closed sockets (fd -1) were left in the all_sockets
|
||
list, because of missing parens in a pointer arithmetic expression
|
||
|
||
Reenable the tests that were locking up due to this bug.
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
Remove debug logs that were accidentally checked in
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
Use select in sws, which has better cross-platform support than poll
|
||
|
||
- [Joe Mason brought this change]
|
||
|
||
Use cross-platform curlx_nonblock instead of fcntl in sws
|
||
|
||
- operate: fix clang-analyzer warnings for never read variables
|
||
|
||
Two separate "Value stored to 'XXX' is never read" warnings
|
||
|
||
- operate: fix clang-analyzer warning
|
||
|
||
Value stored to 'separator' is never read
|
||
|
||
- metalink: change code order to build with gnutls-nettle
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
|
||
Reported by: Anthony G. Basile
|
||
|
||
- gtls: fix build failure by including nettle-specific headers
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
|
||
Reported by: Anthony G. Basile
|
||
|
||
Guenter Knauf (6 Aug 2012)
|
||
- Fixed compiler warning - argument is type long.
|
||
|
||
Daniel Stenberg (6 Aug 2012)
|
||
- DISABLED: disable the new tests that do NTLM
|
||
|
||
The tests 2025, 2028 and 2031 don't work for me so I'll have them
|
||
disabled for now until we solve the problem.
|
||
|
||
Joe Mason (3 Aug 2012)
|
||
- Add tests of auth retries
|
||
|
||
- Cleanup handshake after clean NTLM failure
|
||
|
||
- Zero out auth structs before transfer
|
||
|
||
- Add a polling loop in main to read from more than one socket at once. Add the O_NONBLOCK and
|
||
SO_KEEPALIVE flag to all sockets. Note that several loops which used to continue on a return value
|
||
of 0 (theoretical since 0 would never be returned without O_NONBLOCK) now break on 0 so that they
|
||
won't continue reading until after poll is called again.
|
||
|
||
- Change return values of get_request, accept_connection and service_connection to add a return code
|
||
for non-blocking sockets: now -1 means error or connection finished, 1 means data was read, and 0
|
||
means there is no data available now so need to wait for poll (new return value)
|
||
|
||
- Hoist the loop out of get_request, and make sure that it can be reentered when a request is
|
||
half-finished.
|
||
|
||
Note the the req struct used to be re-initialized AFTER reading pipeline data, so now that we
|
||
initialize it from the caller we must be careful not to overwrite the pipeline data.
|
||
|
||
Also we now need to handle the case where the buffer is already full when get_request is called -
|
||
previously this never happened as it was always called with an empty buffer and looped until done.
|
||
|
||
Now get_request is called in a loop, so the next step is to run the loop on a socket only when poll
|
||
signals it is readable.
|
||
|
||
- Move blocks of code from the sws main loop into their own functions for easier refactoring later.
|
||
The next step will be to call the correct function after a poll, rather than looping unconditionally
|
||
|
||
- Remove the --fork option of sws, since it makes refactoring to use poll more complicated and should
|
||
be redundant once we poll
|
||
|
||
Kamil Dudka (30 Jul 2012)
|
||
- file: use fdopen() for uploaded files if available
|
||
|
||
It eliminates noisy events when using inotify and fixes a TOCTOU issue.
|
||
|
||
Bug: https://bugzilla.redhat.com/844385
|
||
|
||
Guenter Knauf (29 Jul 2012)
|
||
- Added DWANT_IDN_PROTOTYPES define for MSVC too.
|
||
|
||
Discussion on the list: http://curl.haxx.se/mail/lib-2012-07/0271.html
|
||
|
||
- Added Win32 problems.
|
||
|
||
- Added hint to read docs/INSTALL too.
|
||
|
||
- Added new file to distro.
|
||
|
||
Steve Holme (28 Jul 2012)
|
||
- TODO: Updated after 7.27.0 release
|
||
|
||
Removed APOP and SASL authentication from the POP3 section and metalink
|
||
support from the client section as these features were implemented in
|
||
this release.
|
||
|
||
Moved adding gssapi to SASL into it's own section rather than repeat it
|
||
for each protocol.
|
||
|
||
Daniel Stenberg (28 Jul 2012)
|
||
- TODO-RELEASE: updated after 7.27.0 release
|
||
|
||
- THANKS: 12 new contributors from the 7.27.0 release
|
||
|
||
- version bump: start towards next release
|
||
|
||
Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
|
||
when released.
|
||
|
||
Version 7.27.0 (27 Jul 2012)
|
||
|
||
Guenter Knauf (27 Jul 2012)
|
||
- Fixed compiler warning 'unused parameter'.
|
||
|
||
- Added prototypes to kill compiler warning.
|
||
|
||
- Added --with-winidn to configure.
|
||
|
||
This needs another look from the configure experts. I tested that
|
||
it works so far with MinGW64 cross-compiler; libcurl builds and
|
||
links fine, but curl not yet ...
|
||
|
||
Daniel Stenberg (27 Jul 2012)
|
||
- [Ant Bryan brought this change]
|
||
|
||
Update man page info on --metalink and typo.
|
||
|
||
- RELEASE-NOTES: remove mentioned of bug never in a release
|
||
|
||
The --silent bug came with 7561a0fc834c435 which was never in a release.
|
||
Pointed out by Kamil Dudka
|
||
|
||
- RELEASE-NOTES: synced with 33b815e894fb
|
||
|
||
4 more bugfixes, 3 more contributors
|
||
|
||
Guenter Knauf (26 Jul 2012)
|
||
- Changed Windows IDN text to 'WinIDN'.
|
||
|
||
Synced the output to the same short form as we now use for
|
||
Windows SSL (WinSSL).
|
||
|
||
Daniel Stenberg (25 Jul 2012)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: fixed freeze involving the multi interface
|
||
|
||
Previously the curl_multi interface would freeze if darwinssl was
|
||
enabled and at least one of the handles tried to connect to a Web site
|
||
using HTTPS. Removed the "wouldblock" state darwinssl was using because
|
||
I figured out a solution for our "would block but in which direction?"
|
||
dilemma.
|
||
|
||
Guenter Knauf (25 Jul 2012)
|
||
- Added support for tls-srp to MinGW builds.
|
||
|
||
Daniel Stenberg (24 Jul 2012)
|
||
- curl_easy_setopt: fix typo
|
||
|
||
Reported by: Santhana Todatry
|
||
|
||
- keepalive: multiply value for OS-specific units
|
||
|
||
DragonFly uses milliseconds, while our API and Linux use full seconds.
|
||
|
||
Reported by: John Marino
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3546257
|
||
|
||
Kamil Dudka (22 Jul 2012)
|
||
- http: print reason phrase from HTTP status line on error
|
||
|
||
Bug: https://bugzilla.redhat.com/676596
|
||
|
||
- tool_operate: fix misplaced initialization of orig_noprogress
|
||
|
||
... and orig_isatty which caused --silent to be entirely ignored in case
|
||
the standard output was redirected to a file!
|
||
|
||
Daniel Stenberg (21 Jul 2012)
|
||
- [Anton Yabchinskiy brought this change]
|
||
|
||
Client's "qop" value should not be quoted (RFC2617, section 3.2.2).
|
||
|
||
Guenter Knauf (21 Jul 2012)
|
||
- Fixed typo.
|
||
|
||
Daniel Stenberg (20 Jul 2012)
|
||
- make: make distclean work again
|
||
|
||
The clean-local hook needed some polish to make sure make distclean
|
||
works. Added comment describing why.
|
||
|
||
- test Makefile: only feature 'unit' once in the list of dirs
|
||
|
||
Dan Fandrich (20 Jul 2012)
|
||
- Fixed some typos in documentation
|
||
|
||
Guenter Knauf (20 Jul 2012)
|
||
- Fixed CR issue with Win32 version on MSYS.
|
||
|
||
Previous fix didnt work on Linux ...
|
||
|
||
- Fixed CR issue with Win32 version on MSYS.
|
||
|
||
- Fixed MSYS <-> Windows path convertion.
|
||
|
||
Replaced the Windows real path from mount hack with a more
|
||
reliable and simpler hack: the MSYS shell has a builtin pwd
|
||
which understands a -W option which does convertion to Windows
|
||
paths. Tested and confirmed that this works on all MSYS versions
|
||
I have back to a 3 year old one.
|
||
|
||
- Follow-up fix to detect SSL libs with MinGW.
|
||
|
||
1) the check for winssl needs to come before nss check
|
||
2) the SSL checks must begin with a new if or else we will
|
||
never find any SSL lib with MinGW.
|
||
|
||
- Tell git to not convert configure-related files.
|
||
|
||
- Trial to teach runtests.pl about WinSSL.
|
||
|
||
- Fixed warning 'uninitialized value in numeric gt'.
|
||
|
||
This is a MSYS/MinGW-only warning; full warning text is:
|
||
Use of uninitialized value in numeric gt (>) at ../../curl/tests/runtests.pl line 2227.
|
||
|
||
Daniel Stenberg (15 Jul 2012)
|
||
- RELEASE-NOTES: synced with 9d11716933616
|
||
|
||
Fixed 6 bugs, added 3 contributors
|
||
|
||
- multi_runsingle: added precaution against easy_conn NULL pointer
|
||
|
||
In many states the easy_conn pointer is referenced and just assumed to
|
||
be working. This is an added extra check since analyzing indicates
|
||
there's a risk we can end up in these states with a NULL pointer there.
|
||
|
||
- getparam: fix the GetStr() macro
|
||
|
||
It should return PARAM_NO_MEM if the strdup fails. Spotted by
|
||
clang-analyzer
|
||
|
||
Guenter Knauf (15 Jul 2012)
|
||
- Tell git to not convert configure-related files.
|
||
|
||
Daniel Stenberg (13 Jul 2012)
|
||
- parse_proxy: remove dead assignment
|
||
|
||
Spotted by clang-analyzer
|
||
|
||
- ftp_do_more: add missing check of return code
|
||
|
||
Spotted by clang-analyzer. The return code was never checked, just
|
||
stored.
|
||
|
||
- getinfo: use va_end and cut off Curl_ from static funcs
|
||
|
||
va_end() needs to be used after va_start() and we don't normally use
|
||
Curl_ prefixes for purely static functions.
|
||
|
||
- [Philip Craig brought this change]
|
||
|
||
Split up Curl_getinfo
|
||
|
||
This avoids false positives from clang's scan-build.
|
||
|
||
Guenter Knauf (12 Jul 2012)
|
||
- Added error checking for curl_global_init().
|
||
|
||
- Added curl_global_* functions.
|
||
|
||
- Minor fixes to MinGW makefiles.
|
||
|
||
Daniel Stenberg (12 Jul 2012)
|
||
- docs: mention CURL_GLOBAL_DEFAULT
|
||
|
||
Guenter Knauf (12 Jul 2012)
|
||
- Added curl_global_* functions.
|
||
|
||
Daniel Stenberg (12 Jul 2012)
|
||
- tests: verify the stricter numeric option parser
|
||
|
||
Test 1409 and 1410 verifies the stricter numeric option parser
|
||
introduced the other day in commit f2b6ebed7b.
|
||
|
||
- SWS: use of uninitialized memory fix
|
||
|
||
I made "connmon" not get initialized properly before use, and I use the
|
||
big hammer and make sure we always clear the entire struct to avoid any
|
||
problem like this in the future.
|
||
|
||
- test48: verify that HEAD doesn't close extra
|
||
|
||
Two commits ago, we fixed a bug where the connction would be closed
|
||
prematurely after a HEAD. Now I added connection-monitor to test 48 and
|
||
added a second HEAD and make sure that both are sent over the same
|
||
connection.
|
||
|
||
This triggered a failure before the bug fix and now works. Will help us
|
||
avoid a future regression of this kind.
|
||
|
||
- connection-monitor: always log disconnect when enabled
|
||
|
||
This makes verifying easier and makes us more sure curl closes the
|
||
connection only at the correct point in time. Adjusted test 206 and 1008
|
||
accordingly and updated the docs for it.
|
||
|
||
- HEAD: don't force-close after response-headers
|
||
|
||
A HEAD response has no body length and gets the headers like the
|
||
corresponding GET would so it should not get closed after the response
|
||
based on the same rules. This mistake caused connections that did HEAD
|
||
to get closed too often without a valid reason.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3542731
|
||
Reported by: Eelco Dolstra
|
||
|
||
Guenter Knauf (12 Jul 2012)
|
||
- Removed trailing empty strings from awk script.
|
||
|
||
- Cleaned up version awk script.
|
||
|
||
- Added project copyright header.
|
||
|
||
- Removed libcurl.imp from Makefile.am.
|
||
|
||
Updated .gitignore for NetWare created files.
|
||
|
||
- Added missing dependency to export list.
|
||
|
||
- Fixed export list path.
|
||
|
||
- Changed NetWare build to generate export list.
|
||
|
||
- Added pointer to FAQ for linkage errors.
|
||
|
||
- Small NetWare makefile tweak.
|
||
|
||
- Changed MinGW makefiles to use WINSSL now.
|
||
|
||
Daniel Stenberg (10 Jul 2012)
|
||
- test231: fix wrong -C use!
|
||
|
||
- cmdline: parse numerical options stricter
|
||
|
||
1 - str2offset() no longer accepts negative numbers since offsets are by
|
||
nature positive.
|
||
|
||
2 - introduced str2unum() for the command line parser that accepts
|
||
numericals which are not supposed to be negative, so that it will
|
||
properly complain on apparent bad uses and mistakes.
|
||
|
||
Bug: http://curl.haxx.se/mail/archive-2012-07/0013.html
|
||
|
||
- docs: switch to proper UTF-8 for text file encoding
|
||
|
||
Yang Tse (9 Jul 2012)
|
||
- Make Curl_schannel_version() return "WinSSL"
|
||
|
||
Modification based on voting result:
|
||
|
||
http://curl.haxx.se/mail/lib-2012-07/0104.html
|
||
|
||
Daniel Stenberg (9 Jul 2012)
|
||
- test 46: use different path lengths to get reliable sort order
|
||
|
||
Since the order of the cookies is sorted by the length of the paths,
|
||
having them on the same path length will make the test depend on what
|
||
order the qsort() implementation will put them. As seen in the
|
||
windows/msys output posted by Guenter in this posting:
|
||
http://curl.haxx.se/mail/lib-2012-07/0105.html
|
||
|
||
- cookie: fixed typo in comment
|
||
|
||
- [Christian Hägele brought this change]
|
||
|
||
https_getsock: provided for schannel backend as well
|
||
|
||
The function https_getsock was only implemented properly when USE_SSLEAY
|
||
or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL.
|
||
|
||
The problem occurs when Curl_read_plain or Curl_write_plain returns
|
||
CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an
|
||
the used socket is set to state CURL_POLL_REMOVE and the easy-state is
|
||
set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket
|
||
should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's
|
||
where https_getsock is called and doesn't return any sockets.
|
||
|
||
- RELEASE-NOTES: added a URL reference to cookie docs
|
||
|
||
Guenter Knauf (8 Jul 2012)
|
||
- Removed obsolete include path to project root.
|
||
|
||
Daniel Stenberg (8 Jul 2012)
|
||
- TODO-RELEASE: issue 316 NTLM over proxy is fixed
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: don't use arc4random_buf
|
||
|
||
Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the
|
||
function is not available prior to iOS 4.3 and OS X 10.7.
|
||
|
||
- KNOWN_BUGS: #80 Curl doesn't recognize certs in DER format
|
||
|
||
- KNOWN_BUGS: #79 - any RCPT TO failure makes and error
|
||
|
||
Marc Hoersken (8 Jul 2012)
|
||
- winbuild: Aligned BUILD.WINDOWS.txt and Makefile.vc usage help
|
||
|
||
- winbuild: Make USE_WINSSL depend on USE_SSPI
|
||
|
||
Since WinSSL cannot be build without SSPI being enabled,
|
||
USE_WINSSL now defaults to the value of USE_SSPI.
|
||
|
||
The makefile does now raise an error if WinSSL is enabled
|
||
while SSPI is disabled.
|
||
|
||
- winbuild: Aligned USE_SSPI with other USE_x defines
|
||
|
||
Renamed external parameter USE_SSPI = yes/no to ENABLE_SSPI = yes/no.
|
||
Backwards compatible change: USE_SSPI can still be passed as external
|
||
parameter with yes/no value as long as ENABLE_SSPI is not given.
|
||
|
||
USE_x defines are passed around with true/false values internally,
|
||
USE_SSPI is now aligned to this approach, but still accepts external
|
||
values yes/no being passed, just like the other defines.
|
||
|
||
- winbuild: Clean up formatting and variable naming
|
||
|
||
- Changed space usage to line up with the whole file
|
||
- Renamed CFLAGS_SSPI/IPV6 to SSPI/IPV6_CFLAGS to be
|
||
consistent with the other CFLAGS_x variables
|
||
- Make use of existing CFLAGS_IPV6 (previously IPV6_CFLAGS)
|
||
instead of appending directly to CFLAGS
|
||
|
||
Daniel Stenberg (7 Jul 2012)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: output cipher with text, remove SNI warning
|
||
|
||
The code was printing a warning when SNI was set up successfully. Oops.
|
||
|
||
Printing the cipher number in verbose mode was something only TLS/SSL
|
||
programmers might understand, so I had it print the name of the cipher,
|
||
just like in the OpenSSL code. That'll be at least a little bit easier
|
||
to understand. The SecureTransport API doesn't have a method of getting
|
||
a string from a cipher like OpenSSL does, so I had to generate the
|
||
strings manually.
|
||
|
||
- RELEASE-NOTES: synced with 5a99bce07d
|
||
|
||
- KNOWN_BUGS: NTLM with unicode works with schannel/winssl!
|
||
|
||
Bug #75 updated with additional info, still remains for builds with
|
||
other backends.
|
||
|
||
- code police: narrow source to < 80 columns
|
||
|
||
Yang Tse (5 Jul 2012)
|
||
- unicode NTLM SSPI: cleanup follow-up
|
||
|
||
- unicode NTLM SSPI: cleanup
|
||
|
||
Reduce the number of #ifdef UNICODE directives used in source files.
|
||
|
||
Daniel Stenberg (5 Jul 2012)
|
||
- tests: use connection-monitor and verify results
|
||
|
||
Test 1008 and 206 don't show the disconnect since it happens when SWS
|
||
awaits a new request, but 503 does and so the verify section needs that
|
||
string added.
|
||
|
||
- http-proxy: keep CONNECT connections alive (for NTLM)
|
||
|
||
When doing CONNECT requests, libcurl must make sure the connection is
|
||
alive as much as possible. NTLM requires it and it is generally good for
|
||
other cases as well.
|
||
|
||
NTLM over CONNECT requests has been broken since this regression I
|
||
introduced in my CONNECT cleanup commits that started with 41b02378342,
|
||
included since 7.25.0.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3538625
|
||
Reported by: Marcel Raad
|
||
|
||
- sws: support <servercmd> for CONNECT requests
|
||
|
||
I moved out the servercmd parsing into a its own function called
|
||
parse_servercmd() and made sure it gets used also when the test number
|
||
is extracted from CONNECT requests. It turned out sws didn't do that
|
||
previously!
|
||
|
||
- FILEFORMAT: provided a full description of connection-monitor
|
||
|
||
- lib503: enable verbose to ease debugging this
|
||
|
||
- sws: add 'connection-monitor' command support
|
||
|
||
Using this, the server will output in the protocol log when the
|
||
connection gets disconnected and thus we will verify correctly in the
|
||
test cases that the connection doesn't get closed prematurely. This is
|
||
important for example NTLM to work.
|
||
|
||
Documentation added to FILEFORMAT, test 503 updated to use this.
|
||
|
||
Guenter Knauf (4 Jul 2012)
|
||
- Removed non-used variable.
|
||
|
||
- Added error checking for samples.
|
||
|
||
- Renamed vars to avoid shadow global declaration.
|
||
|
||
Daniel Stenberg (3 Jul 2012)
|
||
- docs: clarify how to start with curl_multi_socket_action
|
||
|
||
Mention the CURL_SOCKET_TIMEOUT argument in step 6 of the typical
|
||
application.
|
||
|
||
Guenter Knauf (3 Jul 2012)
|
||
- Moved some patterns to subfolder's .gitignore.
|
||
|
||
- Merge branch 'master' of ssh://github.com/bagder/curl
|
||
|
||
- MinGW makefile tweaks for running from sh.
|
||
|
||
Added function macros to make path converting easier.
|
||
Added CROSSPREFIX to all compile tools.
|
||
|
||
Yang Tse (3 Jul 2012)
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_ntlm_msgs.c: Removed unused variable passwd
|
||
|
||
Guenter Knauf (3 Jul 2012)
|
||
- Added files generated by mingw32, eclipse and VC.
|
||
|
||
Posted by Marc Hoersken.
|
||
|
||
Daniel Stenberg (3 Jul 2012)
|
||
- cookies: change the URL in the cookie jar file header
|
||
|
||
- HTTP-COOKIES: clarified and modified layout
|
||
|
||
- HTTP-COOKIES: use the FAQ document layout
|
||
|
||
- HTTP-COOKIES: added cookie documentation
|
||
|
||
Yang Tse (3 Jul 2012)
|
||
- curl_ntlm_msgs.c: include <tchar.h> for prototypes
|
||
|
||
- [Neil Bowers brought this change]
|
||
|
||
testcurl.pl: fix missing semicolon
|
||
|
||
Daniel Stenberg (2 Jul 2012)
|
||
- [Christian Hägele brought this change]
|
||
|
||
unicode NTLM SSPI: heap corruption fixed
|
||
|
||
When compiling libcurl with UNICODE defined and using unicode characters
|
||
in username.
|
||
|
||
Yang Tse (2 Jul 2012)
|
||
- testcurl.pl: allow non in-tree c-ares enabled autobuild
|
||
|
||
- configure.ac: verify that libmetalink is new enough
|
||
|
||
Enabling test2017 to test2022.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl: Added runtime version check for libmetalink
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Include metalink/metalink.h for libmetalink functions
|
||
|
||
Daniel Stenberg (2 Jul 2012)
|
||
- errors: CURLM_CALL_MULTI_PERFORM is not returned anymore
|
||
|
||
- release: cleaned up plans for this and coming release
|
||
|
||
Yang Tse (29 Jun 2012)
|
||
- curl-compilers.m4: remove -Wstrict-aliasing=3 from clang
|
||
|
||
Currently it is unknown if there is any version of clang that
|
||
actually supports -Wstrict-aliasing. What is known is that there
|
||
are several that don't support it.
|
||
|
||
- test2017 to test2022: more metalink tests
|
||
|
||
With this commit, checks done in previous test2017 are now done in test2018.
|
||
|
||
Whole range test2017 to test2022 DISABLED until configure is capable of
|
||
requiring a new-enough metalink library.
|
||
|
||
Don't try these without mentioned check in place!
|
||
|
||
- test2005 to test2016: improve failure detection
|
||
|
||
- lib582.c: fix conversion warning
|
||
|
||
- nss.c: #include warnless.h for curlx_uztosi and curlx_uztoui prototypes
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
nss.c: Fixed size_t conversion warnings
|
||
|
||
- sslgen.c: cleanup temporary compile-time SSL-backend check
|
||
|
||
Daniel Stenberg (28 Jun 2012)
|
||
- schannel: provide two additional (dummy) API defines
|
||
|
||
Yang Tse (28 Jun 2012)
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Metalink: message updates
|
||
|
||
Print "parsing (...) OK" only when no warnings are generated. If
|
||
no file is found in Metalink, treat it FAILED.
|
||
|
||
If no digest is provided, print WARNING in parse_metalink().
|
||
Also print validating FAILED after download.
|
||
|
||
These changes make tests 2012 to 2016 pass.
|
||
|
||
Daniel Stenberg (27 Jun 2012)
|
||
- sslgen: avoid compiler error in SSPI builds
|
||
|
||
Yang Tse (27 Jun 2012)
|
||
- ssluse.c: fix compiler warning: conversion to 'int' from 'size_t'
|
||
|
||
Reported by Tatsuhiro Tsujikawa
|
||
|
||
http://curl.haxx.se/mail/lib-2012-06/0371.html
|
||
|
||
- sslgen.c: add compile-time check for SSL-backend completeness
|
||
|
||
- build: add our standard includes to curl_darwinssl.c and curl_multibyte.c
|
||
|
||
- build: add curl_schannel and curl_darwinssl files to other build systems
|
||
|
||
- tests: add five more Metalink test cases
|
||
|
||
- tests: update Metalink message format
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Metalink: updated message format
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
DarwinSSL: allow using NTLM authentication
|
||
|
||
Allow NTLM authentication when building using SecureTransport (Darwin) for SSL.
|
||
|
||
This uses CommonCrypto, a cryptography library that ships with all versions of
|
||
iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few
|
||
less-common cyphers and doesn't have a big number data structure.
|
||
|
||
- curl_darwinssl.h: add newline at end of file
|
||
|
||
Daniel Stenberg (26 Jun 2012)
|
||
- ossl_seed: remove leftover RAND_screen check
|
||
|
||
Before commit 2dded8fedba (dec 2010) there was logic that used
|
||
RAND_screen() at times and now I remove the leftover #ifdef check for
|
||
it.
|
||
|
||
The seeding code that uses Curl_FormBoundary() in ossl_seed() is dubious
|
||
to keep since it hardly increases randomness but I fear I'll break
|
||
something if I remove it now...
|
||
|
||
Yang Tse (26 Jun 2012)
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
DarwinSSL: several adjustments
|
||
|
||
- Renamed st_ function prefix to darwinssl_
|
||
- Renamed Curl_st_ function prefix to Curl_darwinssl_
|
||
- Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h
|
||
- Fixed a teensy little bug that made non-blocking connection attempts block
|
||
- Made it so that it builds cleanly against the iOS 5.1 SDK
|
||
|
||
- curl-compilers.m4: -Wstrict-aliasing=3 for warning enabled gcc and clang builds
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
sockaddr.h: Fixed dereferencing pointer breakin strict-aliasing
|
||
|
||
Fixed warning: dereferencing pointer does break strict-aliasing rules
|
||
by using a union inside the struct Curl_sockaddr_storage declaration.
|
||
|
||
Daniel Stenberg (26 Jun 2012)
|
||
- SSL cleanup: use crypto functions through the sslgen layer
|
||
|
||
curl_ntlm_msgs.c would previously use an #ifdef maze and direct
|
||
SSL-library calls instead of using the SSL layer we have for this
|
||
purpose.
|
||
|
||
- [Nick Zitzmann brought this change]
|
||
|
||
darwinssl: add support for native Mac OS X/iOS SSL
|
||
|
||
- RELEASE-NOTES: link to more metalink info
|
||
|
||
- RELEASE-NOTES: synced with d025af9bb576
|
||
|
||
Yang Tse (25 Jun 2012)
|
||
- curl_schannel.c: Remove redundant NULL assignments following Curl_safefree()
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_schannel.c: Replace free() with Curl_safefree()
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl.1: Updated Metalink description in man page
|
||
|
||
Documented that --include will be ignored if both --metalink
|
||
and --include are specified.
|
||
Also documented that a Metalink file in the local file system
|
||
cannot be used if FILE protocol is disabled.
|
||
|
||
Steve Holme (24 Jun 2012)
|
||
- DOCS: Added clarification to CURLOPT_CUSTOMREQUEST for the POP3 protocol
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-06/0302.html
|
||
Reported by: Nagai H
|
||
|
||
- smtp: Corrected result code for MAIL, RCPT and DATA commands
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-06/0094.html
|
||
Reported by: Dan
|
||
|
||
Daniel Stenberg (24 Jun 2012)
|
||
- [Ghennadi Procopciuc brought this change]
|
||
|
||
test: Added test HTTP receive cookies over IPv6
|
||
|
||
Yang Tse (22 Jun 2012)
|
||
- tests: add another Metalink test case
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
tests: Enable test2010 and fixed hash value
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Metalink: ignore --include if --metalink is used.
|
||
|
||
Including headers in response body will break Metalink XML parser.
|
||
If it is included in the file described in Metalink XML, hash check
|
||
will fail. Therefore, --include should be ignored if --metalink is
|
||
used.
|
||
|
||
- tests: add six Metalink test cases
|
||
|
||
- test 2005: add verification of hash checking outcome
|
||
|
||
- getpart.pm: remove misleading comment
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl: Prefixed all Metalink related messages with "Metalink: "
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
tests: Added Metalink test case # 2005
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl: Restore noprogress and isatty config values.
|
||
|
||
The noprogress and isatty in Configurable are global, in a sense
|
||
that they persist in one curl invocation. Currently once one
|
||
download writes its response data to tty, they are set to FALSE
|
||
and they are not restored on successive downloads. This change
|
||
first backups the current noprogress and isatty, and restores
|
||
them when download does not write its data to tty.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl: Made --metalink option toggle Metalink functionality
|
||
|
||
In this change, --metalink option no longer takes argument. If
|
||
it is specified, given URIs are processed as Metalink XML file.
|
||
If given URIs are remote (e.g., http URI), curl downloads it
|
||
first. Regardless URI is local file (e.g., file URI scheme) or
|
||
remote, Metalink XML file is not written to local file system and
|
||
the received data is fed into Metalink XML parser directly. This
|
||
means with --metalink option, filename related options like -O
|
||
and -o are ignored.
|
||
|
||
Usage examples:
|
||
|
||
$ curl --metalink http://example.org/foo.metalink
|
||
|
||
This will download foo.metalink and parse it and then download
|
||
the URI described there.
|
||
|
||
$ curl --metalink file://foo.metalink
|
||
|
||
This will parse local file foo.metalink and then download the URI
|
||
described there.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
curl: Refactored metalink_checksum
|
||
|
||
When creating metalink_checksum from metalink_checksum_t, first
|
||
check hex digest is valid for the given hash function. We do
|
||
this check in the order of digest_aliases so that first good
|
||
match will be chosen (strongest hash function available). As a
|
||
result, the metalinkfile now only contains at most one
|
||
metalink_checksum because other entries are just redundant.
|
||
|
||
- [Gisle Vanem brought this change]
|
||
|
||
tool_doswin.c: fix djgpp function _use_lfn() used without a prototype
|
||
|
||
http://curl.haxx.se/mail/archive-2012-06/0028.html
|
||
|
||
- build: fix RESOURCE bug in lib/Makefile.vc*
|
||
|
||
Removed two, not intended to exist, RESOURCE declarations.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3535977
|
||
|
||
And sorted configuration hunks to reflect same internal order
|
||
as the one shown in the usage message.
|
||
|
||
Daniel Stenberg (20 Jun 2012)
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Implement new buffer size strategy
|
||
|
||
Increase decrypted and encrypted cache buffers using limitted
|
||
doubling strategy. More information on the mailinglist:
|
||
http://curl.haxx.se/mail/lib-2012-06/0255.html
|
||
|
||
It updates the two remaining reallocations that have already been there
|
||
and fixes the other one to use the same "do we need to increase the
|
||
buffer"-condition as the other two. CURL_SCHANNEL_BUFFER_STEP_SIZE was
|
||
renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it
|
||
is now. Since we don't know how much more data we are going to read
|
||
during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the
|
||
minimum free space required in the buffer for the next operation.
|
||
CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since
|
||
we don't have a step size now, the define was renamed.
|
||
|
||
Yang Tse (20 Jun 2012)
|
||
- schannel SSL: fix compiler warning
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: fix for renegotiate problem
|
||
|
||
In schannel_connect_step2() doread should be initialized based
|
||
on connssl->connecting_state.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
runtests.pl: make it support metalink feature
|
||
|
||
- getpart.pm: make test definition section/part parser more robust
|
||
|
||
Test definition section parts which needed to include xml-lingo as contents
|
||
of that part required that the xml-blurb was written as a single line. Now the
|
||
xml-data inside the part can be written multiline making it more readable.
|
||
|
||
Tested with <client><file> part which is written to disk before <command> runs.
|
||
|
||
Daniel Stenberg (20 Jun 2012)
|
||
- schannel_connect_step2: checksrc whitespace fix
|
||
|
||
Yang Tse (20 Jun 2012)
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: changes in schannel_connect_step2
|
||
|
||
Process extra data buffer before returning from schannel_connect_step2.
|
||
Without this change I've seen WinCE hang when schannel_connect_step2
|
||
returns and calls Curl_socket_ready.
|
||
|
||
If the encrypted handshake does not fit in the intial buffer (seen with
|
||
large certificate chain), increasing the encrypted data buffer is necessary.
|
||
|
||
Fixed warning in curl_schannel.c line 1215.
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
config-win32ce.h: WinCE config adjustment
|
||
|
||
process.h is not present on WinCE
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: Made send method handle unexpected cases better
|
||
|
||
Implemented timeout loop in schannel_send while sending data. This
|
||
is as close as I think we can get to write buffering; I put a big
|
||
comment in to explain my thinking.
|
||
|
||
With some committer adjustments
|
||
|
||
Daniel Stenberg (19 Jun 2012)
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer size
|
||
|
||
Yang Tse (19 Jun 2012)
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: Use standard Curl read/write methods
|
||
|
||
Replaced calls to swrite with Curl_write_plain and calls to sread
|
||
with Curl_read_plain.
|
||
|
||
With some committer adjustments
|
||
|
||
- schannel SSL: make wording of some trace messages better reflect reality
|
||
|
||
Daniel Stenberg (19 Jun 2012)
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_schannel.h: Use BUFSIZE as the initial buffer size if available
|
||
|
||
Make the Schannel implementation use libcurl's default buffer size
|
||
for the initial received encrypted and decrypted data cache buffers.
|
||
The implementation still needs to handle more data since more data
|
||
might have already been received or decrypted during the handshake
|
||
or a read operation which needs to be cached for the next read.
|
||
|
||
Guenter Knauf (19 Jun 2012)
|
||
- Fixed NetWare makefile broken from last commit.
|
||
|
||
Yang Tse (19 Jun 2012)
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: Implemented SSL shutdown
|
||
|
||
curl_schannel.c - implemented graceful SSL shutdown. If we fail to
|
||
shutdown the connection gracefully, I've seen schannel try to use a
|
||
session ID for future connects and the server aborts the connection
|
||
during the handshake.
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: certificate validation on WinCE
|
||
|
||
curl_schannel.c - auto certificate validation doesn't seem to work
|
||
right on CE. I added a method to perform the certificate validation
|
||
which uses CertGetCertificateChain and manually handles the result.
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
schannel SSL: Added helper methods to simplify code
|
||
|
||
Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it
|
||
easier to set up SecBuffer & SecBufferDesc structs.
|
||
|
||
Guenter Knauf (18 Jun 2012)
|
||
- Some more NetWare makefile tweaks for metalink.
|
||
|
||
Yang Tse (18 Jun 2012)
|
||
- tool_cb_see.c: WinCE build adjustment
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
setup.h: WinCE build adjustment
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
ftplistparser.c: do not compile if FTP protocol is not enabled
|
||
|
||
- Win32: downplay MS bazillion type synonyms game
|
||
|
||
Avoid usage of some MS type synonyms to allow compilation with
|
||
compiler headers that don't define these, using simpler synonyms.
|
||
|
||
Daniel Stenberg (15 Jun 2012)
|
||
- Curl_rtsp_parseheader: avoid useless malloc/free
|
||
|
||
Coverity actually pointed out flawed logic in the previous call to
|
||
Curl_strntoupper() where the code used sizeof() of a pointer to pass in
|
||
a size argument. That code still worked since it only needed to
|
||
uppercase 4 letters. Still, the entire malloc/uppercase/free sequence
|
||
was pointless since the code has already matched the string once in the
|
||
condition that starts the block of code.
|
||
|
||
- curl_share_setopt: use va_end()
|
||
|
||
As spotted by Coverity, va_end() was not used previously. To make it
|
||
used I took away a bunch of return statements and made them into
|
||
assignments instead.
|
||
|
||
Yang Tse (15 Jun 2012)
|
||
- SSPI related code: Unicode support for WinCE - kill compiler warnings
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
SSPI related code: Unicode support for WinCE - commit 46480bb9 follow-up
|
||
|
||
- build: add curl_multibyte files to build systems
|
||
|
||
- [Mark Salisbury brought this change]
|
||
|
||
SSPI related code: Unicode support for WinCE
|
||
|
||
SSPI related code now compiles with ANSI and WCHAR versions of security
|
||
methods (WinCE requires WCHAR versions of methods).
|
||
|
||
Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file.
|
||
|
||
curl_sasl.c - include curl_memory.h to use correct memory functions.
|
||
|
||
getenv.c and telnet.c - WinCE compatibility fix
|
||
|
||
With some committer adjustments
|
||
|
||
Guenter Knauf (15 Jun 2012)
|
||
- Fixed typo.
|
||
|
||
Yang Tse (14 Jun 2012)
|
||
- winbuild/MakefileBuild.vc: convert line endings to DOS style
|
||
|
||
As per request on mailing list: http://curl.haxx.se/mail/lib-2012-06/0222.html
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
winbuild: Allow SSPI build with or without Schannel
|
||
|
||
The changes introduced in commit 2bfa57bc32 are not enough
|
||
to make it actually possible to use the USE_WINSSL option.
|
||
Makefile.vc was not updated and the configuration name which is
|
||
used in the build path did not match between both build files.
|
||
|
||
This patch fixes those issues and introduces the following changes:
|
||
|
||
- Replaced the -schannel name with -winssl in order to be consistent
|
||
with the other options
|
||
- Added ENABLE_WINSSL option to winbuild/Makefile.vc (default yes)
|
||
- Changed winbuild/MakefileBuild.vc to set USE_WINSSL to true if
|
||
USE_SSL is false and USE_WINSSL was not specified as a parameter
|
||
- Separated WINSSL handling from SSPI handling to be consistent with
|
||
the other options and their corresponding code path
|
||
|
||
- curl.1: 7.27.0 seems next release
|
||
|
||
- schannel: fix printf-style format strings
|
||
|
||
- Fix bad failf() and info() usage
|
||
|
||
Calls to failf() are not supposed to provide trailing newline.
|
||
Calls to infof() must provide trailing newline.
|
||
|
||
Fixed 30 or so strings.
|
||
|
||
- schannel: fix unused parameter warnings
|
||
|
||
- schannel: fix comparisons between signed and unsigned
|
||
|
||
- schannel: fix discarding qualifier from pointer type
|
||
|
||
- schannel: fix shadowing of global declarations
|
||
|
||
- schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarations
|
||
|
||
- [Gisle Vanem brought this change]
|
||
|
||
urldata.h: fix cyassl/openssl/ssl.h build clash with wincrypt.h
|
||
|
||
Building with CyaSSL failed compilation. Reason being that OCSP_REQUEST and
|
||
OCSP_RESPONSE are enum values in CyaSSL and defines in <wincrypt.h> included
|
||
via <winldap.h> in ldap.c.
|
||
|
||
http://curl.haxx.se/mail/lib-2012-06/0196.html
|
||
|
||
- MakefileBuild.vc: Allow building without SSL
|
||
|
||
In order to use Windows native SSL support define 'USE_WINSSL'
|
||
|
||
- configure: new option --with-winssl
|
||
|
||
This option may be used to build curl/libcurl using SSL/TLS support provided
|
||
by MS windows system libraries. Option is mutually exclusive with any other
|
||
SSL library. Default value is --without-winssl.
|
||
|
||
--with-winssl option implies --with-sspi option.
|
||
|
||
Option meaningful only for Windows builds.
|
||
|
||
Guenter Knauf (13 Jun 2012)
|
||
- Changed Schannel string to SSL-Windows-native.
|
||
|
||
This is more descriptive for the user who might
|
||
not even know what schannnel is at all.
|
||
|
||
Yang Tse (13 Jun 2012)
|
||
- schannel: remove version number and identify its use with 'schannel' literal
|
||
|
||
Version number is removed in order to make this info consistent with
|
||
how we do it with other MS and Linux system libraries for which we don't
|
||
provide this info.
|
||
|
||
Identifier changed from 'WinSSPI' to 'schannel' given that this is the
|
||
actual provider of the SSL/TLS support. libcurl can still be built with
|
||
SSPI and without SCHANNEL support.
|
||
|
||
Daniel Stenberg (12 Jun 2012)
|
||
- singlesocket: remove dead code
|
||
|
||
No need to check if 'entry' is non-NULL in a spot where it is already checked
|
||
and guaranteed to be non-NULL.
|
||
|
||
(Spotted by a Coverity scan)
|
||
|
||
- netrc: remove dead code
|
||
|
||
Remove two states from the enum and the corresponding code for them as
|
||
these states were never reached or used.
|
||
|
||
(Spotted by a Coverity scan)
|
||
|
||
Yang Tse (12 Jun 2012)
|
||
- Revert "connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing"
|
||
|
||
This reverts commit 9c94236e6cc078a0dc5a78b6e2fefc1403e5375e.
|
||
|
||
It didn't server its purpose, so lets go back to long-time working code.
|
||
|
||
- socks_sspi.c: further cleanup
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
socks_sspi.c: Clean up and removal of obsolete minor status
|
||
|
||
Removed obsolete minor status variable and parameter of status function
|
||
which was never used or set at all. Also Curl_sspi_strerror does support
|
||
only one status and there is no need for a second sub status.
|
||
|
||
Guenter Knauf (12 Jun 2012)
|
||
- Removed trailing whitespaces.
|
||
|
||
Yang Tse (12 Jun 2012)
|
||
- strerror.c: make Curl_sspi_strerror() always return code for errors
|
||
|
||
- curl_sspi.h: provide sspi status definitions missing in old headers
|
||
|
||
- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function
|
||
|
||
- sspi: make Curl_sspi_strerror() libcurl's sspi status code string function
|
||
|
||
Daniel Stenberg (11 Jun 2012)
|
||
- Revert: 634f7cfee40d4658 partially
|
||
|
||
Make sure CURL_VERSION_SSPI is present and works as in previous releases
|
||
for ABI and API compatibility reasons.
|
||
|
||
- checksrc: shorten a few lines to comply
|
||
|
||
- cleanup: remove trailing whitespace
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
winbuild: Removed WITH_SSL=schannel and tie schannel to SSPI
|
||
|
||
Removed specific WITH_SSL=schannel paramter that did not fit the general
|
||
schema and complicated the parameters. For now Schannel will be enabled
|
||
if SSPI is enabled and OpenSSL is disabled.
|
||
|
||
- [Steve Holme brought this change]
|
||
|
||
Makefile.vc6: Added version.lib if built with SSPI
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
winbuild: Updated winbuild scripts to add schannel
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
mingw32: Fixed warning of USE_SSL being redefined
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
sspi: Fixed incompatible parameter pointer type in Curl_sspi_version
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
sspi: Updated RELEASE-NOTES, FEATURES and THANKS
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
setup.h: Automatically define USE_SSL if USE_SCHANNEL is defined
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
version: Replaced SSPI feature information with version string details
|
||
|
||
Added Windows SSPI version information to the curl version string when
|
||
SCHANNEL SSL is not enabled, as the version of the library should also
|
||
be included when SSPI is used to generate security contexts.
|
||
|
||
Removed SSPI from the feature list as the features are GSS-Negotiate,
|
||
NTLM and SSL depending on the usage of the SSPI library.
|
||
|
||
- [Steve Holme brought this change]
|
||
|
||
sspi.c: Post Curl_sspi_version() rework code tidy up
|
||
|
||
Removed duplicate blank lines.
|
||
Removed spaces between the not and test in various if statements.
|
||
Removed explicit test of NULL in an if statement.
|
||
Placed function returns on same line as function declarations.
|
||
Replaced the use of curl_maprintf() with aprintf() as it is the
|
||
preprocessor job to do this substitution if ENABLE_CURLX_PRINTF
|
||
is set.
|
||
|
||
- [Steve Holme brought this change]
|
||
|
||
sspi: Reworked Curl_sspi_version() to return version components
|
||
|
||
Reworked the version function to return four version components rather
|
||
than a string that has to be freed by the caller.
|
||
|
||
- [Guenter Knauf brought this change]
|
||
|
||
configure.ac: Added -lversion if built with SSPI
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Code cleanup and bug fixes
|
||
|
||
curl_sspi.c: Fixed mingw32-gcc compiler warnings
|
||
curl_sspi.c: Fixed length of error code hex output
|
||
|
||
The hex value was printed as signed 64-bit value on 64-bit systems:
|
||
SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322)
|
||
|
||
It is now correctly printed as the following:
|
||
SEC_E_WRONG_PRINCIPAL (0x80090322)
|
||
|
||
curl_sspi.c: Fallback to security function table version number
|
||
Instead of reporting an unknown version, the interface version is used.
|
||
|
||
curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version
|
||
curl_schannel: Replaced static buffer sizes with defined names
|
||
curl_schannel.c: First brace when declaring functions on column 0
|
||
curl_schannel.c: Put the pointer sign directly at variable name
|
||
curl_schannel.c: Use structs directly instead of typedef'ed structs
|
||
curl_schannel.c: Removed space before opening brace
|
||
curl_schannel.c: Fixed lines being longer than 80 chars
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_sspi: Added Curl_sspi_version function
|
||
|
||
Added new function to get SSPI version as string.
|
||
Added required library version.lib to makefiles.
|
||
Changed curl_schannel.c to use Curl_sspi_version.
|
||
|
||
- [Guenter Knauf brought this change]
|
||
|
||
schannel: Updated mingw32 makefiles
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Replace ASCII specific code with general defines
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Added definitions which are missing in mingw32
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Moved interal struct types to urldata.h
|
||
|
||
Moved type definitions in order to avoid inclusion loop
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Fixed compiler warnings about pointer type assignments
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Fixed critical typo in conditions and added buffer length checks
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
sspi: Refactored socks_sspi and schannel to use same error message functions
|
||
|
||
Moved the error constant switch to curl_sspi.c and added two new helper
|
||
functions to curl_sspi.[ch] which either return the constant or a fully
|
||
translated message representing the SSPI security status.
|
||
Updated socks_sspi.c and curl_schannel.c to use the new functions.
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Added special shutdown check for Windows 2000 Professional
|
||
|
||
Windows 2000 Professional: Schannel returns SEC_E_OK instead
|
||
of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer
|
||
is zero and the first byte of the encrypted packet is 0x15,
|
||
the application can safely assume that the message was a
|
||
close_notify message and change the return value to
|
||
SEC_I_CONTEXT_EXPIRED.
|
||
|
||
Connection shutdown does not mean that there is no data to read
|
||
Correctly handle incomplete message and ask curl to re-read
|
||
Fixed buffer for decrypted being to small
|
||
Re-structured read condition to be more effective
|
||
Removed obsolete verbose messages
|
||
Changed memory reduction method to keep a minimum buffer of size 4096
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Implemented SSL/TLS renegotiation
|
||
|
||
Updated TODO information and added related MSDN articles
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Save session credential handles in session cache
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Code cleanup
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Check for required context attributes
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Allow certificate and revocation checks being deactivated
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPI
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
http: Replaced specific SSL libraries list in https_getsock fallback
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing
|
||
|
||
Fixed warning: dereferencing pointer does break strict-aliasing rules
|
||
by using a union instead of separate pointer variables.
|
||
Internal union sockaddr_u could probably be moved to generic header.
|
||
Thanks to Paul Howarth for the hint about using unions for this.
|
||
|
||
Important for winbuild: Separate declaration of sockaddr_u pointer.
|
||
The pointer variable *sock cannot be declared and initialized right
|
||
after the union declaration. Therefore it has to be a separate statement.
|
||
|
||
- [Marc Hoersken brought this change]
|
||
|
||
curl_ntlm_msgs.c: Fixed passwdlen not being used and recalculated
|
||
|
||
Yang Tse (11 Jun 2012)
|
||
- tests: fix test definitions # 1355, 1363, 1385 and 1393
|
||
|
||
-i without HTTP protocol shall not include headers in the output
|
||
|
||
Daniel Stenberg (10 Jun 2012)
|
||
- Curl_pgrsDone: return int and acknowledge return code
|
||
|
||
Since Curl_pgrsDone() itself calls Curl_pgrsUpdate() which may return an
|
||
abort instruction or similar we need to return that info back and
|
||
subsequently properly handle return codes from Curl_pgrsDone() where
|
||
used.
|
||
|
||
(Spotted by a Coverity scan)
|
||
|
||
Steve Holme (10 Jun 2012)
|
||
- [Marc Hoersken brought this change]
|
||
|
||
winbuild: Fixed environment variables being lost
|
||
|
||
Fixed USE_IPV6 and USE_IDN not being passed
|
||
from Makefile.vc to MakefileBuild.vc
|
||
Fixed whitespace and formatting issues
|
||
Fixed typo and format in help message
|
||
|
||
Guenter Knauf (9 Jun 2012)
|
||
- Added metalink support to NetWare builds.
|
||
|
||
Steve Holme (9 Jun 2012)
|
||
- smtp.c: Removed unused variable
|
||
|
||
- smtp: Post apop feature code tidy up
|
||
|
||
- pop3: Post apop feature code tidy up
|
||
|
||
- pop3: Added support for apop authentication
|
||
|
||
- pop3: Enhanced the extended authentication mechanism detection
|
||
|
||
Enhanced the authentication type / mechanism detection in preparation
|
||
for the introduction of APOP support.
|
||
|
||
- pop3.c: Fixed length of SASL check
|
||
|
||
Yang Tse (9 Jun 2012)
|
||
- Fixes allowing 26 more test cases in 1334 to 1393 range to succeed
|
||
|
||
- tests: fix test definitions # 1370 and 1371
|
||
|
||
-J without -O shall not honor C-D filename
|
||
|
||
Daniel Stenberg (9 Jun 2012)
|
||
- OpenSSL: support longer certificate subject names
|
||
|
||
Previously it would use a 256 byte buffer and thus cut off very long
|
||
subject names. The limit is now upped to the receive buffer size, 16K.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3533045
|
||
Reported by: Anthony G. Basile
|
||
|
||
Kamil Dudka (8 Jun 2012)
|
||
- ssl: fix duplicated SSL handshake with multi interface and proxy
|
||
|
||
Bug: https://bugzilla.redhat.com/788526
|
||
Reported by: Enrico Scholz
|
||
|
||
Daniel Stenberg (8 Jun 2012)
|
||
- tool_getparam.h: fix compiler error
|
||
|
||
forward declare the Configurable struct
|
||
|
||
- metalink: restore some includes
|
||
|
||
Commit eeeba1496cbca removed them and thus broke my Linux build
|
||
|
||
- openldap: OOM fixes
|
||
|
||
when calloc fails, return error! (Detected by Fortify)
|
||
|
||
Reported by: Robert B. Harris
|
||
|
||
Steve Holme (8 Jun 2012)
|
||
- sasl: Re-factored mechanism constants in preparation for APOP work
|
||
|
||
Yang Tse (8 Jun 2012)
|
||
- metalink: build fixes and adjustments II
|
||
|
||
Additionally, make hash checking ability mandatory in order to allow metalink
|
||
support in curl.
|
||
|
||
A command line option could be introduced to skip hash checking at runtime,
|
||
but the ability to check hashes should always be built-in when providing
|
||
metalink support.
|
||
|
||
Guenter Knauf (8 Jun 2012)
|
||
- Added metalink support to MinGW builds.
|
||
|
||
Daniel Stenberg (7 Jun 2012)
|
||
- log2changes.pl: fix the Version output
|
||
|
||
Previously it could easily wrongly get repeated
|
||
|
||
Yang Tse (7 Jun 2012)
|
||
- metalink: build fixes and adjustments I
|
||
|
||
Daniel Stenberg (7 Jun 2012)
|
||
- lib554.c: use curl_formadd() properly
|
||
|
||
The length/size options take longs so make sure to pass on such types.
|
||
|
||
Reported by: Neil Bowers
|
||
Bug: http://curl.haxx.se/mail/lib-2012-06/0001.html
|
||
|
||
Steve Holme (7 Jun 2012)
|
||
- smtp.c: Re-factored the smtp_state_*_resp() functions
|
||
|
||
Re-factored the smtp_state_*_resp() functions to 1) Match the constants
|
||
that were refactored in commit 00fddba6727c, 2) To be more readable and
|
||
3) To match their counterparties in pop3.c.
|
||
|
||
Yang Tse (7 Jun 2012)
|
||
- Fixes allowing HTTP test cases 1338, 1339, 1368 and 1369 to succeed
|
||
|
||
- tests 1364 to 1393: several -o filename -J -i -D combinations for HTTP and FTP
|
||
|
||
- tests 1348 to 1363: test definition polishing
|
||
|
||
Verify that the "Saved to filename 'blabla'" message is only displayed when
|
||
the 'blabla' filename being used _actually_ has been specified by the server
|
||
in the Content-Disposition header.
|
||
|
||
Use relative path for unintended file creation postcheck.
|
||
|
||
Steve Holme (6 Jun 2012)
|
||
- smtp: Re-factored the SMTP_AUTH* state machine constants
|
||
|
||
Re-factored the SMTP_AUTH* constants, that are used by the state
|
||
machine, to be clearer to read.
|
||
|
||
Guenter Knauf (6 Jun 2012)
|
||
- Added hint for pkg-config wrapper script.
|
||
|
||
- Updated Android section with recent NDK.
|
||
|
||
The r7b had some bugs, and shouldnt be used.
|
||
|
||
Yang Tse (6 Jun 2012)
|
||
- Disable non-HTTP header related tests
|
||
|
||
These now detect incompleate header data and fail
|
||
|
||
- tests 1348 to 1363: compleate header data part of test definition
|
||
|
||
- tests 1334 to 1363 revisited.
|
||
|
||
Add a postcheck section to verify unintended file creation.
|
||
|
||
Remove needless <file> checks in verify section. Renumbering where appropriate.
|
||
|
||
- tests: adjust file part behavior in test verify section.
|
||
|
||
When a <file> part is now specified with no contents at all, this
|
||
will actually verify that the specified file has no contents at all.
|
||
Previously file contents would be ignored.
|
||
|
||
Steve Holme (5 Jun 2012)
|
||
- smtp.c: Removed whitespace
|
||
|
||
- pop3: Another small code tidy up
|
||
|
||
Missed some comments that we identified during the SMTP tidy up earlier.
|
||
|
||
- smtp: Post authentication code tidy up
|
||
|
||
Corrected lines longer than 78 characters.
|
||
|
||
Removed unnecessary braces in smtp_state_helo_resp().
|
||
|
||
Introduced some comments in data sending functions.
|
||
|
||
Tidied up comments to match changes made in pop3.c.
|
||
|
||
Yang Tse (5 Jun 2012)
|
||
- tests 1348 to 1363: add a comma in test description
|
||
|
||
Steve Holme (5 Jun 2012)
|
||
- email: Removed duplicated header file
|
||
|
||
- sasl: Renamed Curl_sasl_decode_ntlm_type2_message()
|
||
|
||
For consistency with other SASL based functions renamed this function
|
||
to Curl_sasl_create_ntlm_type3_message() which better describes its
|
||
usage.
|
||
|
||
- pop3: Post authentication code tidy up
|
||
|
||
Corrected lines longer than 78 characters.
|
||
|
||
Changed POP3_AUTH_FINAL to POP3_AUTH to match SMTP code now that the
|
||
AUTH command is no longer sent on its own.
|
||
|
||
Introduced some comments in data sending functions.
|
||
|
||
Another attempt at trying to rational code and comment style.
|
||
|
||
- pop3: Added support for sasl digest-md5 authentication
|
||
|
||
Yang Tse (4 Jun 2012)
|
||
- sasl: add reference for curl_sasl
|
||
|
||
- Makefile.inc: tab adjustment
|
||
|
||
Daniel Stenberg (4 Jun 2012)
|
||
- pop3 tests: CAPA instead of AUTH
|
||
|
||
After Steve's commit e336bc7c42c7340 test 1319 and 1407 need to check
|
||
for CAPA instead of AUTH.
|
||
|
||
Steve Holme (4 Jun 2012)
|
||
- sasl: Added service parameter to Curl_sasl_create_digest_md5_message()
|
||
|
||
Added a service type parameter to Curl_sasl_create_digest_md5_message()
|
||
to allow the function to be used by different services rather than being
|
||
hard coded to "smtp".
|
||
|
||
Yang Tse (4 Jun 2012)
|
||
- tests 1356 to 1363: several -O -J -i -D combinations with FTP protocol
|
||
|
||
Currently 1356 to 1362 succeed but a write failure is logged in traceNNNN.
|
||
|
||
Currently 1363 fails, so disabled for now.
|
||
|
||
Steve Holme (4 Jun 2012)
|
||
- tests: Updated pop3 tests for change in auth mechanism detection
|
||
|
||
- pop3: Changed the sasl mechanism detection from auth to capa
|
||
|
||
Not all SASL enabled POP3 servers support the AUTH command on its own
|
||
when trying to detect the supported mechanisms. As such changed the
|
||
mechanism detection to use the CAPA command instead.
|
||
|
||
Daniel Stenberg (4 Jun 2012)
|
||
- curl_easy_setopt.3: proto updates + cleanups
|
||
|
||
- For all *FUNCTION options, they now all show the complete prototype in
|
||
the description. Previously some of them would just refer to a
|
||
typedef'ed function pointer in the curl.h header.
|
||
|
||
- I made the phrasing of that "Pass a pointer to a function that matches
|
||
the following prototype" the same for all *FUNCTION option descriptions.
|
||
|
||
- I removed some uses of 'should'. I think I sometimes over-use this
|
||
word as in many places I actually mean MUST or otherwise more specific
|
||
and not-so-optional synonyms.
|
||
|
||
Yang Tse (4 Jun 2012)
|
||
- tests 1348 to 1355: several -O -J -i -D combinations with FTP protocol
|
||
|
||
Currently 1348 to 1354 succeed but a write failure is logged in traceNNNN.
|
||
|
||
Currently 1355 fails, so disabled for now.
|
||
|
||
- tests 1346 to 1347: several -O -J -i -D combinations with HTTP protocol
|
||
|
||
Steve Holme (4 Jun 2012)
|
||
- sasl: Small code tidy up
|
||
|
||
Reworked variable names in Curl_sasl_create_cram_md5_message() to match
|
||
those in Curl_sasl_create_digest_md5_message() as they are more
|
||
appropriate.
|
||
|
||
- sasl: Moved digest-md5 authentication message creation from smtp.c
|
||
|
||
Moved the digest-md5 message creation from smtp.c into the sasl module
|
||
to allow for use by other modules such as pop3.
|
||
|
||
- sasl: Small code tidy up before moving digest-md5 over
|
||
|
||
Correction of comments and variable names.
|
||
|
||
- RELEASE-NOTES: Added missing addition of sasl login support
|
||
|
||
- pop3: Added support for sasl cram-md5 authentication
|
||
|
||
Daniel Stenberg (3 Jun 2012)
|
||
- Curl_sasl_create_plain_message: remove TAB
|
||
|
||
Steve Holme (3 Jun 2012)
|
||
- sasl: Small code tidy up
|
||
|
||
Added some comments and removed an unreferenced variable.
|
||
|
||
- pop3.c: Added conditional compilation for NTLM function calls
|
||
|
||
Added USE_NTLM condition compilation around the NTLM functions called
|
||
from pop3_statemach_act() introduced in commit 69f7156ad96877.
|
||
|
||
- sasl: Moved cram-md5 authentication message creation from smtp.c
|
||
|
||
Moved the cram-md5 message creation from smtp.c into the sasl module
|
||
to allow for use by other modules such as pop3.
|
||
|
||
- pop3: Fixed an issue with changes introduced in commit c267c53017bc
|
||
|
||
Because pop3_endofresp() is called for each line of data yet is not
|
||
passed the line and line length, so we have to use the data pointed to
|
||
by pp->linestart_resp which contains the whole packet, the mechanisms
|
||
were being detected in one call yet the function would be called for
|
||
each line of data.
|
||
|
||
Using curl with verbose mode enabled would show that one line of data
|
||
would be received in response to the AUTH command, before the AUTH
|
||
<mechanism> command was sent to the server and then the next few lines
|
||
of the original AUTH command would be displayed before the response from
|
||
the AUTH <mechanism> command. This would then cause problems when
|
||
parsing the CRAM-MD5 challenge data as extra data was contained in the
|
||
buffer.
|
||
|
||
Changed the parsing so that each line is checked for the mechanisms
|
||
and the function returns FALSE until the whole of the AUTH response has
|
||
been processed.
|
||
|
||
Daniel Stenberg (3 Jun 2012)
|
||
- version: bump to 7.27.0 for next release
|
||
|
||
Due to new features
|
||
|
||
- RELEASE-NOTES: synced with c4e3578e4bf
|
||
|
||
Also bumped the contributor number and next release is to become 7.27.0
|
||
|
||
- THANKS: 16 new contributors from the 7.26.0 release
|
||
|
||
Steve Holme (3 Jun 2012)
|
||
- DOCS: Fixed list in Section 18.2 not displaying correctly on web site
|
||
|
||
- DOCS: Corrected missed heading renumbering from commit 530675a1ad7
|
||
|
||
- DOCS: Added IMAP and LDAP sections
|
||
|
||
Added new sections 11. IMAP and 12. LDAP to document adding SASL based
|
||
authentication.
|
||
|
||
Renumbered current sections 11 to 17 as 13 to 19.
|
||
|
||
Additionally added 19.10 Add CURLOPT_MAIL_CLIENT option.
|
||
|
||
- sasl.c: Fix to avoid warnings introduced in commit d9ca9e9869e8
|
||
|
||
Applied a fix to avoid warnings on systems where Curl_ntlm_sspi_cleanup()
|
||
is just a nop.
|
||
|
||
- pop3.c:Corrected typo in commit 69ba0da8272d
|
||
|
||
- pop3: Fixed the issue of having to supply the user name for all requests
|
||
|
||
Previously it wasn't possible to connect to POP3 and not specify the
|
||
user name as a CURLE_ACCESS_DENIED error would be returned. This error
|
||
occurred because USER would be sent to the server with a blank user name
|
||
if no mailbox user was specified as the server would reply with -ERR.
|
||
|
||
This wasn't a problem prior to the 7.26.0 release but with the
|
||
introduction of custom commands the user and/or application developer
|
||
might want to issue a CAPA command without having to log in as a
|
||
specific mailbox user.
|
||
|
||
Additionally this fix won't send the newly introduced AUTH command if no
|
||
user name is specified.
|
||
|
||
- pop3.c: Small code tidy up
|
||
|
||
Corrected lines exceeding 78 characters.
|
||
|
||
Repositioned some comments and added extra clarity.
|
||
|
||
- sasl: Corrected variable names in comments and parameters
|
||
|
||
- pop3: Added support for sasl ntlm authentication
|
||
|
||
- sasl: Small comment style tidy up following ntlm commit
|
||
|
||
- sasl: Moved ntlm authentication message handling from smtp.c
|
||
|
||
Moved the ntlm message creation and decoding from smtp.c into the sasl
|
||
module to allow for use by other modules such as pop3.
|
||
|
||
- pop3: Added support for sasl login authentication
|
||
|
||
Yang Tse (1 Jun 2012)
|
||
- tests 1334 to 1345: several -O -J -i -D combinations with HTTP protocol
|
||
|
||
- tests: support test definitions with up to 5 file checks in <verify> section
|
||
|
||
This is done introducing tags <file1> to <file4> besides existing <file> one,
|
||
as well as corresponding <stripfile1> to <stripfile4> ones, that can be used
|
||
in the <verify> section in the same way as the non-numbered ones.
|
||
|
||
Steve Holme (31 May 2012)
|
||
- sasl: Moved login authentication message creation from smtp.c
|
||
|
||
Moved the login message creation from smtp.c into the sasl module
|
||
to allow for use by other modules such as pop3.
|
||
|
||
- smtp.c: Reworked message encoding in smtp_state_authpasswd_resp()
|
||
|
||
Rather than encoding the password message itself the
|
||
smtp_state_authpasswd_resp() function now delegates the work to the same
|
||
function that smtp_state_authlogin_resp() and smtp_authenticate() use
|
||
when constructing the encoded user name.
|
||
|
||
- smtp.c: Re-factored smtp_auth_login_user() for use with passwords
|
||
|
||
In preparation for moving to the SASL module re-factored the
|
||
smtp_auth_login_user() function to smtp_auth_login() so that it can be
|
||
used for both user names and passwords as sending both of these under
|
||
the login authentication mechanism is the same.
|
||
|
||
- pop3: Added support for sasl plain text authentication
|
||
|
||
- curl_ntlm_msgs.c: Corrected small spelling mistake in comments
|
||
|
||
- sasl: Moved plain text authentication message creation from smtp.c
|
||
|
||
Moved the plain text message creation from smtp.c into the sasl module
|
||
to allow for use by other modules such as pop3.
|
||
|
||
Yang Tse (30 May 2012)
|
||
- configure: fix LDAPS disabling related misplaced closing parenthesis
|
||
|
||
- pop3 test server: allow pop3 test server verification to succeed again
|
||
|
||
Introduce SUPPORTCAPA and SUPPORTAUTH config commands to allow further
|
||
pop3 test server expansion for tests that require CAPA or AUTH support,
|
||
although this will need some extra work to make it fully functional.
|
||
|
||
Steve Holme (28 May 2012)
|
||
- pop3: Introduced the continue response in pop3_endofresp()
|
||
|
||
- pop3: Changed response code from O and E to + and -
|
||
|
||
The POP3 protocol doesn't really have the concept of error codes and
|
||
uses +, +OK and -ERR in response to commands to indicate continue,
|
||
success and error.
|
||
|
||
The AUTH command is one of those commands that requires multiple pieces
|
||
of data to be sent to the server where the server will respond with + as
|
||
part of the handshaking. This meant changing the values before
|
||
continuing with the next stage of adding authentication support.
|
||
|
||
- pop3: Small code tidy up following authentication work so far
|
||
|
||
Changed the order of the state machine to match the order of actual
|
||
events.
|
||
|
||
Reworked some comments and function parameter positioning that I missed
|
||
the other day.
|
||
|
||
Kamil Dudka (28 May 2012)
|
||
- nss: use human-readable error messages provided by NSS
|
||
|
||
Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html
|
||
|
||
Daniel Stenberg (27 May 2012)
|
||
- test1013.pl: filter out Metalink
|
||
|
||
Since it isn't a feature supported by curl-config we can't compare that
|
||
with the --version output
|
||
|
||
- pop3: remove variable-not-used warnings
|
||
|
||
Steve Holme (27 May 2012)
|
||
- DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH
|
||
|
||
Additionally corrected another RFC link that I missed yesterday.
|
||
|
||
- pop3: Added support for SASL based authentication mechanism detection
|
||
|
||
Added support for detecting the supported SASL authentication mechanisms
|
||
via the AUTH command. There are two ways of detecting them, either by
|
||
using the AUTH command, that will return -ERR if not supported or by
|
||
using the CAPA command which will return SASL and the list of mechanisms
|
||
if supported, not include SASL if SASL authentication is not supported
|
||
or -ERR if the CAPA command is not supported. As such it seems simpler
|
||
to use the AUTH command and fallback to normal clear text authentication
|
||
if the the command is not supported.
|
||
|
||
Additionally updated the test cases to return -ERR when the AUTH command
|
||
is encountered. Additional test cases will be added when support for the
|
||
individual authentication mechanisms is added.
|
||
|
||
Daniel Stenberg (27 May 2012)
|
||
- pop3: remove trailing whitespace
|
||
|
||
Steve Holme (27 May 2012)
|
||
- pop3: Code tidy up before the introduction of authentication code
|
||
|
||
Moved EOB definition into header file.
|
||
|
||
Switched the logic around in pop3_endofresp() to allow for the
|
||
introduction of auth-mechanism detection.
|
||
|
||
Repositioned second and third function variables where they will fit
|
||
within the 78 character line limit.
|
||
|
||
Tidied up some comments.
|
||
|
||
Guenter Knauf (27 May 2012)
|
||
- Enabled OpenSSL static linkage.
|
||
|
||
- Enabled OpenSSL static linkage.
|
||
|
||
- Try to detect OpenSSL build type automatically.
|
||
|
||
Daniel Stenberg (26 May 2012)
|
||
- metalink: fix build errors when disabled
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Reduced #ifdef HAVE_METALINK
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Disable hash check if neither OpenSSL nor GNUTLS is installed.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Format GETOUT_METALINK nicely
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Minimize usage of structs from libmetalink
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Check checksum of downloaded file if checksum is available
|
||
|
||
Metalink file contains several hash types of checksums, such as
|
||
md5, sha-1, sha-256, etc. To deal with these checksums, I created
|
||
abstraction layer based on lib/curl_md5.h and
|
||
lib/md5.c. Basically, they are almost the same but I changed the
|
||
code so that it is not hash type dependent. Currently,
|
||
GNUTLS(nettle or gcrypt) and OpenSSL functions are supported.
|
||
|
||
Checksum checking is done by reopening download file. If there
|
||
is an I/O error, the current implementation just prints error
|
||
message and does not try next resource.
|
||
|
||
In this patch, the supported hash types are: md5, sha-1 and sha-256.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Always create directory hierarchy for Metalink.
|
||
|
||
Filenames contained in Metalink file can include directory information.
|
||
Filenames are unique in Metalink file, taking into account the directory
|
||
information. So we need to create the directory hierarchy.
|
||
|
||
Curl has --create-dirs option, but we create directory hierarchy for
|
||
Metalink downloads regardless of the option value.
|
||
|
||
This patch also put metalink int variable outside of HAVE_LIBMETALINK
|
||
guard. This reduces the number of #ifdefs.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Fixed segmentation fault when Metalink has no valid file or no resource.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Support media-type parameter in Content-Type
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Print "Metalink" in Features if Metalink support is enabled.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Removed trailing space
|
||
|
||
- [ant brought this change]
|
||
|
||
Add --metalink to --help
|
||
|
||
- [ant brought this change]
|
||
|
||
Add Metalink information and --metalink option to man page
|
||
|
||
- [ant brought this change]
|
||
|
||
Add Metalink information and --metalink option to man page
|
||
|
||
- [ant brought this change]
|
||
|
||
Adds Metalink information to INSTALL
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
--metalink option is available regardless of Metalink support.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
metalink: parse downloaded Metalink file
|
||
|
||
Parse downloaded Metalink file and add downloads described there. Fixed
|
||
compile error without metalink support.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Fixed HAVE_LIBMETALINK conditional is always true
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
metalink: minor metalinkfile fix
|
||
|
||
Don't update config->metalinkfile_last in operate(). Use local variable
|
||
to point to the current metalinkfile.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
metalink: show help message even if disabled
|
||
|
||
Print message if --metalink is used while metalink support is not
|
||
enabled. Migrated Metalink support in tool_operate.c and removed
|
||
operatemetalink().
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Applied patches from Daniel
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Support Metalink.
|
||
|
||
This change adds experimental Metalink support to curl.
|
||
To enable Metalink support, run configure with --with-libmetalink.
|
||
To feed Metalink file to curl, use --metalink option like this:
|
||
|
||
$ curl -O --metalink foo.metalink
|
||
|
||
We use libmetalink to parse Metalink files.
|
||
|
||
Steve Holme (26 May 2012)
|
||
- DOCS: Fixed line spacing of authentication examples in CURLOPT_URL
|
||
|
||
- DOCS: Changed domain names in various examples to example.com
|
||
|
||
Updated various references of real domain names to example.com as per
|
||
RFC-2606.
|
||
|
||
- DOCS: Fixed meaning of bit 2 in CURLOPT_POSTREDIR
|
||
|
||
Setting bit 2 for this value was documented as having a constant value
|
||
defined as CURL_REDIR_POST_303 yet referenced a 302 request.
|
||
|
||
Additionally corrected the meaning of CURL_REDIR_POST_ALL for all three
|
||
bits and fixed problems with the bolding of keywords in this section.
|
||
|
||
- DOCS: Standardised how RFCs are referenced.
|
||
|
||
Standardised how RFCs are referenced so that the website may autolink to
|
||
the correct documentation on ietf.org. Additionally removed the one link
|
||
to RFC3986 on curl.haxx.se.
|
||
|
||
Yang Tse (26 May 2012)
|
||
- Fix libcurl.pc and curl-config generation for static MingW* cross builds
|
||
|
||
Daniel Stenberg (25 May 2012)
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Made -D option work with -O and -J.
|
||
|
||
To achieve this, first new structure HeaderData is defined to hold
|
||
necessary data to perform header-related work. Then tool_header_cb now
|
||
receives HeaderData pointer as userdata. All header-related work
|
||
(currently, dumping header and Content-Disposition inspection) are done
|
||
in this callback function. HeaderData.outs->config is used to determine
|
||
whether each work is done.
|
||
|
||
Unit tests were also updated because after this change, curl code always
|
||
sets CURLOPT_HEADERFUNCTION and CURLOPT_HEADERDATA.
|
||
|
||
Tested with -O -J -D, -O -J -i and -O -J -D -i and all worked fine.
|
||
|
||
Steve Holme (25 May 2012)
|
||
- sasl: Re-factored auth-mechanism constants to be more generic
|
||
|
||
- smtp: Moved auth-mechanism constants into a separate header file
|
||
|
||
Move the SMTP_AUTH constants into a separate header file in
|
||
preparation for adding SASL based authentication to POP3 as the two
|
||
protocols will need to share them.
|
||
|
||
Kamil Dudka (25 May 2012)
|
||
- nss: avoid using explicit casts of code pointers
|
||
|
||
Steve Holme (24 May 2012)
|
||
- DOCS: Added LDAP to the CURLOPT_URL section
|
||
|
||
- TODO: Removed DIGEST-MD5 authentication from SMTP to do list
|
||
|
||
Removed DIGEST-MD5 from Section 9.1 Other authentication mechanisms as
|
||
the feature was added to SMTP in 7.26.0.
|
||
|
||
Also corrected small spelling mistake.
|
||
|
||
Daniel Stenberg (24 May 2012)
|
||
- bump to 7.26.1: start working towards next release
|
||
|
||
Version 7.26.0 (24 May 2012)
|
||
|
||
Daniel Stenberg (24 May 2012)
|
||
- RELEASE-NOTES: synced with ef60fdbd73
|
||
|
||
Just before 7.26.0 is about to ship
|
||
|
||
Steve Holme (22 May 2012)
|
||
- smtp: Fixed an issue with the multi-interface always sending postdata
|
||
|
||
Due to the result code being reset to CURLE_OK when smtp_dophase_done()
|
||
was called, postdata would incorrectly be sent to the server when the
|
||
MAIL FROM or RCPT command was rejected.
|
||
|
||
As such, libcurl would return the wrong result code from performing the
|
||
operation and additionally set CURLINFO_RESPONSE_CODE to be that
|
||
returned by the postdata command.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-05/0108.html
|
||
Reported by: Gokhan Sengun
|
||
|
||
- DOCS: Updated version number for features added in the pending release
|
||
|
||
Daniel Stenberg (22 May 2012)
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
Fixed compile error with GNUTLS+NETTLE
|
||
|
||
In nettle/md5.h, md5_init and md5_update are defined as macros to
|
||
nettle_md5_init and nettle_md5_update respectively. This causes
|
||
error when using MD5_params.md5_init and md5_update. This patch
|
||
renames these members as md5_init_func and md5_update_func to
|
||
avoid name conflict. For completeness, MD5_params.md5_final was
|
||
also renamed as md5_final_func.
|
||
|
||
The changes in curl_ntlm_core.c is conversion error and fixed by
|
||
casting to proper type.
|
||
|
||
- TODO-RELEASE: mention the pending biggies for 7.27.0
|
||
|
||
- [Jan Ehrhardt brought this change]
|
||
|
||
winbuild: fix IPv6 enabled build
|
||
|
||
The existing check was wrong so IPv6 support would never be enabled
|
||
|
||
- 7.26.0: will be the next release version
|
||
|
||
- RELEASE-NOTES: synced with 8ae1e657e82a
|
||
|
||
And mention that this will become 7.26.0
|
||
|
||
Guenter Knauf (22 May 2012)
|
||
- Updated dependency libary versions.
|
||
|
||
Daniel Stenberg (20 May 2012)
|
||
- curl-config.1: fix curl-config usage in example
|
||
|
||
The curl-config command must be used twice in the single command line to
|
||
work properly in some environments.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3528241
|
||
Reported by: Julian Taylor
|
||
|
||
Steve Holme (17 May 2012)
|
||
- smtp: Fixed non-escaping of dot character at beginning of line
|
||
|
||
A dot character at the beginning of a line would not be escaped to a
|
||
double dot as required by RFC-2821, instead it would be deleted by the
|
||
mail server. Please see section 4.5.2 of the RFC for more information.
|
||
|
||
Note: This fix also simplifies the detection of repeated CRLF.CRLF
|
||
combinations, such as CRLF.CRLF.CRLF, a little rather than having to
|
||
advance the eob counter to 2.
|
||
|
||
Daniel Stenberg (16 May 2012)
|
||
- FAQ: updated 1.10 How many are using curl?
|
||
|
||
Now linking to http://daniel.haxx.se/blog/2012/05/16/300m-users/
|
||
|
||
- disable-versioned-symbols: removed superfluous 'fi'
|
||
|
||
The commit e315927a1a left this in
|
||
|
||
- MakefileBuild.vc: use the correct IDN variable
|
||
|
||
The variable that control IDN enablement is called USE_IDN within these
|
||
Makefiles
|
||
|
||
- [Pierre Chapuis brought this change]
|
||
|
||
autoconf: improve handling of versioned symbols
|
||
|
||
It checks whether versioned symbols should be enabled before checking
|
||
whether it is possible (i.e. the linker supports --version-script) or
|
||
not. This avoids a useless warning when building cURL on a platform that
|
||
does not use GNU ld.
|
||
|
||
Moreover, it fixes broken indentation of this chunk of code.
|
||
|
||
- curl.1: clarify -x usage
|
||
|
||
1 - fix the syntax in the .IP line
|
||
|
||
2 - Provided user names and passwords are URL decoded by libcurl
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3525935
|
||
|
||
- NTLM: is supported in GnuTLS builds too
|
||
|
||
... since commit 9a4c887c4a7 introduced in libcurl 7.19.4
|
||
|
||
- TODO: happy eyeballs is now RFC6555
|
||
|
||
- my_useragent: shorten user-agent
|
||
|
||
The built-in user-agent will now only say curl/[version] and nothing
|
||
else in an attempt to decrease overhead in HTTP requests.
|
||
|
||
- CURLOPT_HEADERFUNCTION: works for non-HTTP protocols too
|
||
|
||
Claes Jakobsson (3 May 2012)
|
||
- Add note about default timeout in CURLOPT_TIMEOUT
|
||
|
||
Daniel Stenberg (2 May 2012)
|
||
- [Gokhan Sengun brought this change]
|
||
|
||
MD5: OOM fix
|
||
|
||
check whether md5 initialization succeeded before updating digest of
|
||
buffers onto it
|
||
|
||
- REALEASE-NOTES: synced with 64f48e884e3c1
|
||
|
||
- [Jan Schaumann brought this change]
|
||
|
||
add newly created manual page
|
||
|
||
- [Jan Schaumann brought this change]
|
||
|
||
add a manual page for mk-ca-bundle
|
||
|
||
Guenter Knauf (26 Apr 2012)
|
||
- Updated dependency lib versions.
|
||
|
||
Daniel Stenberg (23 Apr 2012)
|
||
- URL parse: reject numerical IPv6 addresses outside brackets
|
||
|
||
Roman Mamedov spotted (in
|
||
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670126) that curl would
|
||
not complain when given a URL with an IPv6 numerical address without
|
||
brackets. It would simply cut off the last ":[hex]" part and thus not
|
||
work correctly.
|
||
|
||
That's a URL using an illegal syntax and now libcurl will instead return
|
||
a clear error code and error message detailing the error.
|
||
|
||
The above mentioned bug report claims this to be a regression but
|
||
libcurl does not guarantee functionality when given URLs that aren't
|
||
following the URL spec (RFC3986 mostly). I consider the fact that it
|
||
used to handle this differently a mere coincidence.
|
||
|
||
- Curl_MD5_init: fix OOM memory leak
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-04/0246.html
|
||
Reported by: Michael Mueller
|
||
|
||
- [Gokhan Sengun brought this change]
|
||
|
||
OpenSSL cert: provide more details when cert check fails
|
||
|
||
curl needs to be more chatty regarding certificate verification failure
|
||
during SSL handshake
|
||
|
||
Yang Tse (23 Apr 2012)
|
||
- Revert "sspi: Added version information"
|
||
|
||
This reverts commit 2976de480808119dae08fc6f52c8d75ba1aedb1a.
|
||
|
||
- Revert "sspi - Small code tidy up"
|
||
|
||
This reverts commit 46cd5f1daddad3b3e542e6d93eee52e8bb9a8687.
|
||
|
||
- Revert "Fixed 'extra tokens at end of #endif directive'."
|
||
|
||
This reverts commit 77172a242fc0c820f97eae39d0e3e0f265222fe6.
|
||
|
||
- Revert "Fixed 'Trailing whitespace' found by checksrc."
|
||
|
||
This reverts commit 683bfa60ad0b52505947e59b03515e5f44378523.
|
||
|
||
- Revert "sspi: Code tidy up to remove unused variable."
|
||
|
||
This reverts commit 412510f97407d617426d93b80e6b6bf0a8ff11ac.
|
||
|
||
- Revert "Add -lversion if build with SSPI."
|
||
|
||
This reverts commit 9ec0b7e0c44d29eca6f45916fe5af3501168fe85.
|
||
|
||
Guenter Knauf (23 Apr 2012)
|
||
- Add -lversion if build with SSPI.
|
||
|
||
Steve Holme (22 Apr 2012)
|
||
- sspi: Code tidy up to remove unused variable.
|
||
|
||
Guenter Knauf (22 Apr 2012)
|
||
- Fixed 'Trailing whitespace' found by checksrc.
|
||
|
||
- Fixed 'extra tokens at end of #endif directive'.
|
||
|
||
Steve Holme (22 Apr 2012)
|
||
- sspi - Small code tidy up
|
||
|
||
- sspi: Added version information
|
||
|
||
Added version information for Windows SSPI to curl's main version
|
||
string and removed SSPI from the features string.
|
||
|
||
Daniel Stenberg (20 Apr 2012)
|
||
- HTTP: empty chunked POST ended up in two zero size chunks
|
||
|
||
When doing a chunked-encoded POST with -d (CURLOPT_POSTFIELDS) and the
|
||
size of the POST was zero length, it made libcurl first send a zero
|
||
chunk and then the terminating one. This could confuse a receiver and it
|
||
should rather just send the terminating chunk as it does with this fix.
|
||
|
||
Test case 1333 is added to verify.
|
||
|
||
Bug: http://curl.haxx.se/mail/archive-2012-04/0060.html
|
||
Reported by: Arnaud Compan
|
||
|
||
Guenter Knauf (20 Apr 2012)
|
||
- Updated dependency lib versions.
|
||
|
||
Daniel Stenberg (19 Apr 2012)
|
||
- singleipconnect: return OK even when Curl_socket() fails
|
||
|
||
Commit 9109cdec11ee5a brought this regression (shipped since 7.24.0).
|
||
|
||
The singleipconnect() function must not return an error if Curl_socket()
|
||
returns an error. It should then simply return OK and pass a SOCKET_BAD
|
||
back simply because that is how the user of this function expects it to
|
||
work and something else is not fine.
|
||
|
||
Reported by: Blaise Potard
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3516508
|
||
|
||
Yang Tse (19 Apr 2012)
|
||
- Take in account that CURLAUTH_* bitmasks are now 'unsigned long' - follow-up
|
||
|
||
MIPSPro compiler detected curl_easy_getinfo() related missing adjustments.
|
||
SunPro compiler detected curl tool --libcurl option related missing adjustments.
|
||
|
||
- url.c: CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH fixes
|
||
|
||
Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported.
|
||
|
||
Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE.
|
||
|
||
- Take in account that CURLAUTH_* bitmasks are now 'unsigned long'
|
||
|
||
Data type of internal vars holding CURLAUTH_* bitmasks changed from 'long' to
|
||
'unsigned long' for proper handling and operating.
|
||
|
||
- curl.h: CURLAUTH_* bitmasks adjusted to become 'unsigned long' typed
|
||
|
||
Info: http://curl.haxx.se/mail/lib-2012-04/0170.html
|
||
|
||
- Some explicit conversion to 'long' of curl_easy_setopt() third argument
|
||
|
||
Explicit conversion to 'long' of curl_easy_setopt() third argument for options
|
||
CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH given that this is how its bitmasks are
|
||
docummented to be used.
|
||
|
||
- build adjustments: commit 9e24b9c7 follow-up
|
||
|
||
Daniel Stenberg (17 Apr 2012)
|
||
- -# progress meter: avoid superfluous updates and duplicate lines
|
||
|
||
By comparing if a different "progress point" is reached or not since the
|
||
previous update, the progress function callback for this now avoids many
|
||
superfluous screen updates. This has the nice side-effect that it fixes
|
||
a problem that causes a second progress meter line.
|
||
|
||
The second line output happened because when we use the -# progress
|
||
meter, we force a newline output after the transfer in the main loop in
|
||
curl, but when libcurl calls the progress callback from
|
||
curl_easy_cleanup() it would then output the progress display
|
||
again. Possibly the naive newline output is wrong but this optimization
|
||
was suitable anyway...
|
||
|
||
Reported by: Daniel Theron
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3517418
|
||
|
||
Yang Tse (16 Apr 2012)
|
||
- nss.c: fix compiler warning
|
||
|
||
- curl-compilers.m4: -Wno-pedantic-ms-format for Windows gcc 4.5 builds
|
||
|
||
When building a Windows target with gcc 4.5 or newer and strict compiler
|
||
warnings enabled use -Wno-pedantic-ms-format in addition to other flags.
|
||
|
||
Kamil Dudka (16 Apr 2012)
|
||
- tests/valgrind.pm: suppress memleaks of NSS_InitContext()
|
||
|
||
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=745224
|
||
|
||
Yang Tse (14 Apr 2012)
|
||
- setup_once.h: tighten requirements for stdbool.h header inclusion
|
||
|
||
Include stdbool.h only when it is available and configure is capable of
|
||
detecting a proper 'bool' data type when the header is included.
|
||
|
||
Compilation fix for old or unpatched versions of XL C compiler.
|
||
|
||
Report: http://curl.haxx.se/mail/archive-2012-04/0022.html
|
||
|
||
- headers: require GCC 2.7 or newer in order to allow attribute GCC'isms usage
|
||
|
||
Usage in other code paths already protected and requiring even newer versions.
|
||
|
||
- [Jonathan Nieder brought this change]
|
||
|
||
headers: surround GCC attribute names with double underscores
|
||
|
||
This protects from attribute names being defined by third party's code.
|
||
|
||
Improvement: http://curl.haxx.se/mail/lib-2012-04/0127.html
|
||
|
||
Guenter Knauf (13 Apr 2012)
|
||
- Updated copyright year.
|
||
|
||
Yang Tse (13 Apr 2012)
|
||
- testcurl.pl: build example programs for Android cross-compiles
|
||
|
||
- nss.c: fix compiler warning
|
||
|
||
- examples: fix compiler warnings
|
||
|
||
Kamil Dudka (13 Apr 2012)
|
||
- nss: provide human-readable names for NSS errors
|
||
|
||
- nss: use NSS_InitContext() to initialize NSS if available
|
||
|
||
NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
|
||
collisions on NSS initialization/shutdown with other libraries.
|
||
|
||
Bug: https://bugzilla.redhat.com/738456
|
||
|
||
- nss: unconditionally require PK11_CreateGenericObject()
|
||
|
||
This bumps the minimal supported version of NSS to 3.12.x.
|
||
|
||
Guenter Knauf (13 Apr 2012)
|
||
- Set batch mode to 755 to make Cygwin git pulls work.
|
||
|
||
- Added section for Android configure cross-compile.
|
||
|
||
- Added NetWare export.
|
||
|
||
Yang Tse (12 Apr 2012)
|
||
- testcurl.pl: build example programs for MinGW cross-compiles
|
||
|
||
- tool_operate.c: fix compiler warning
|
||
|
||
- url.c: fix compiler warning
|
||
|
||
Guenter Knauf (12 Apr 2012)
|
||
- Updated dependency lib versions (2nd try).
|
||
|
||
- Updated dependency lib versions.
|
||
|
||
Yang Tse (12 Apr 2012)
|
||
- tool_formparse.c: rename a couple of vars to avoid declaration shadowing
|
||
|
||
- OS400/initscript.sh: fix db2_name() module name generation
|
||
|
||
Allow repeatable file name length reduction on file names with underscore or
|
||
dash characters. This is done in order to better support libcurl's existing
|
||
source file names and allow OS/400 package to build out of the box again.
|
||
|
||
- testcurl.pl: log more environment vars that modify configure and build behavior
|
||
|
||
- configure: NATIVE_WINDOWS no longer defined in config files
|
||
|
||
- build adjustments: CURL_HIDDEN_SYMBOLS no longer defined in config files
|
||
|
||
configure script now provides conditional definitions for Makefile.am
|
||
that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles
|
||
when appropriate.
|
||
|
||
Additionally, configure script option for symbol hiding control is now
|
||
named --enable-symbol-hiding --disable-symbol-hiding. While still valid,
|
||
old option name --enable-hidden-symbols --disable-hidden-symbols will
|
||
be deprecated in some future release.
|
||
|
||
- build adjustments: functionally revert commits 4d3fb91f and bbfe1182
|
||
|
||
Undefining CURL_HIDDEN_SYMBOLS in source files isn't the proper fix.
|
||
|
||
- test servers: build adjustment
|
||
|
||
Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might
|
||
leak from lib/setup.h into source files where this should not be defined.
|
||
|
||
- libtests: build adjustment
|
||
|
||
Undefine CURL_HIDDEN_SYMBOLS libcurl private preprocessor macro that might
|
||
leak from lib/setup.h into source files where this should not be defined.
|
||
|
||
- curl tool: make setup.h first header included in tool_setup.h again
|
||
|
||
- curl tool: use configuration files from lib directory - follow-up II
|
||
|
||
lib/config-win32.h no longer copied to src/config-win32.h
|
||
|
||
- configure: Windows cross-compilation fixes
|
||
|
||
BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h,
|
||
configure will generate appropriate conditionals so that mentioned symbols
|
||
get defined and used in Makefiles at compilation time
|
||
|
||
- curl tool: make curl.h first header included in tool_setup.h
|
||
|
||
- curl tool: use configuration files from lib directory - follow-up I
|
||
|
||
amigaos.[ch] now integrates nicely with any libcurl build
|
||
|
||
- curl tool: use configuration files from lib directory
|
||
|
||
Configuration files such as curl_config.h and all config-*.h no longer exist
|
||
nor are generated/copied into 'src' directory, now these only exist in 'lib'
|
||
directory from where curl tool sources uses them.
|
||
|
||
Additionally old src/setup.h has been refactored into src/tool_setup.h which
|
||
now pulls lib/setup.h
|
||
|
||
The possibility of a makefile needing an include path adjustment exists.
|
||
|
||
Daniel Stenberg (6 Apr 2012)
|
||
- PolarSSL: correct return code for CRL matches
|
||
|
||
When a server certificate matches one in the given CRL file, the code
|
||
now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
|
||
|
||
- PolarSSL: include version number in version string
|
||
|
||
Previously it would say PolarSSL only, now it says PolarSSL/1.1.0 in the
|
||
same style other libs and components do.
|
||
|
||
- test: added test 1332 that tests --post303
|
||
|
||
- curl: add --post303 to set the CURL_REDIR_POST_303 option
|
||
|
||
- [Andrei Cipu brought this change]
|
||
|
||
CURLOPT_POSTREDIR: also allow 303 to do POST on the redirected URL
|
||
|
||
As it turns out, some people do want that after all.
|
||
|
||
- test1331: cookies on a 407 response
|
||
|
||
Verify that cookies are sent back even after a 407 response has been
|
||
received
|
||
|
||
- [Dag Ekengren brought this change]
|
||
|
||
PolarSSL: add support for asynchronous connect
|
||
|
||
- [Tim Heckman brought this change]
|
||
|
||
Revert "access the CA source file using HTTPS"
|
||
|
||
This reverts commit f7e2ab6.
|
||
|
||
This change caused fetching of the certificates to become unreliable.
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
|
||
Reported by: Tim Heckman
|
||
|
||
- [Andrei Cipu brought this change]
|
||
|
||
IPv6 cookie domain: get rid of the first bracket before the second.
|
||
|
||
Commit 97b66ebe was copying a smaller buffer, thus duplicating the last
|
||
character.
|
||
|
||
- MAIL-ETIQUETTE: Added "How to unsubscribe"
|
||
|
||
... as it seems to hard for some people
|
||
|
||
Yang Tse (4 Apr 2012)
|
||
- ftp.c: ftplistparser related OOM handling fix
|
||
|
||
- smtp.c: fix compiler warnings
|
||
|
||
- lib599.c: fix compiler warning
|
||
|
||
Daniel Stenberg (4 Apr 2012)
|
||
- runtests: yassl and polarssl are not openssl
|
||
|
||
Don't set the "has_openssl" variable if yassl or polarssl is found as
|
||
they will simply not work as 100% drop-in replacements for some of the
|
||
stuff the "OpenSSL" feature is used for.
|
||
|
||
I spotted this problem when doing test runs with PolarSSL builds.
|
||
|
||
- [Lijo Antony brought this change]
|
||
|
||
connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
|
||
|
||
Curl_socket returns CURLE_COULDNT_CONNECT when the opensocket callback
|
||
returns CURL_SOCKET_BAD. Previous return value CURLE_FAILED_INIT
|
||
conveys incorrect information to the user.
|
||
|
||
Steve Holme (2 Apr 2012)
|
||
- pop3: Reworked the command sending and handling
|
||
|
||
Reworked the command sending from two specific LIST and RETR command
|
||
functions into a single command based function as well as the two
|
||
associated response handlers into a generic command handler.
|
||
|
||
Daniel Stenberg (1 Apr 2012)
|
||
- [Dave Reisner brought this change]
|
||
|
||
curl tool: add filename_effective token for --write-out
|
||
|
||
By modifying the parameter list for ourWriteOut() and passing the
|
||
OutStruct that collects data in tool_operate, we get access to the
|
||
remote name that we're writing to. Shell scripters should find this
|
||
useful when used in conjuntion with the --remote-header-name option.
|
||
|
||
Steve Holme (1 Apr 2012)
|
||
- smtp.c: Code policing and tidy up
|
||
|
||
Daniel Stenberg (1 Apr 2012)
|
||
- [Armel Asselin brought this change]
|
||
|
||
SSH: public key can now be an empty string
|
||
|
||
If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will
|
||
pass no public key to libssh2 which then tries to compute it from the
|
||
private key. This is known to work when libssh2 1.4.0+ is linked against
|
||
OpenSSL.
|
||
|
||
- [Tatsuhiro Tsujikawa brought this change]
|
||
|
||
OpenSSL: Made cert hostname check conform to RFC 6125
|
||
|
||
This change replaces RFC 2818 based hostname check in OpenSSL build with
|
||
RFC 6125 [1] based one.
|
||
|
||
The hostname check in RFC 2818 is ambiguous and each project implements
|
||
it in the their own way and they are slightly different. I check curl,
|
||
gnutls, Firefox and Chrome and they are all different.
|
||
|
||
I don't think there is a bug in current implementation of hostname
|
||
check. But it is not as strict as the modern browsers do. Currently,
|
||
curl allows multiple wildcard character '*' and it matches '.'. (as
|
||
described in the comment in ssluse.c).
|
||
|
||
Firefox implementation is also based on RFC 2818 but it only allows at
|
||
most one wildcard character and it must be in the left-most label in the
|
||
pattern and the wildcard must not be followed by any character in the
|
||
label.[2] Chromium implementation is based on RFC 6125 as my patch does.
|
||
Firefox and Chromium both require wildcard in the left-most label in the
|
||
presented identifier.
|
||
|
||
This patch is more strict than the current implementation, so there may
|
||
be some cases where old curl works but new one does not. But at the same
|
||
time I think it is good practice to follow the modern browsers do and
|
||
follow the newer RFC.
|
||
|
||
[1] http://tools.ietf.org/html/rfc6125#section-6.4.3
|
||
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=159483
|
||
|
||
- HTTP: reset expected DL/UL sizes on redirects
|
||
|
||
With FOLLOWLOCATION enabled. When a 3xx page is downloaded and the
|
||
download size was known (like with a Content-Length header), but the
|
||
subsequent URL (transfered after the 3xx page) was chunked encoded, then
|
||
the previous "known download size" would linger and cause the progress
|
||
meter to get incorrect information, ie the former value would remain
|
||
being sent in. This could easily result in downloads that were WAY
|
||
larger than "expected" and would cause >100% outputs with the curl
|
||
command line tool.
|
||
|
||
Test case 599 was created and it was used to repeat the bug and then
|
||
verify the fix.
|
||
|
||
Bug: http://curl.haxx.se/bug/view.cgi?id=3510057
|
||
Reported by: Michael Wallner
|
||
|
||
Steve Holme (31 Mar 2012)
|
||
- [Gökhan Şengün brought this change]
|
||
|
||
smtp: Add support for DIGEST-MD5 authentication
|
||
|
||
- [Gökhan Şengün brought this change]
|
||
|
||
smtp: Cody tidy up of md5 digest length
|
||
|
||
Replaced the hard coded md5 digest length (16) with a preprocessor
|
||
constant
|
||
|
||
- [Gökhan Şengün brought this change]
|
||
|
||
md5: Add support for calculating the md5 sum of buffers incrementally
|
||
|
||
It is now possible to calculate the md5 sum as the stream of buffers
|
||
becomes known where as previously it was only possible to calculate the
|
||
md5 sum of a pre-prepared buffer.
|
||
|
||
Daniel Stenberg (31 Mar 2012)
|
||
- Revert "mk-ca-bundle.pl: use LWP::UserAgent for https"
|
||
|
||
This reverts commit 9f0e1689f169b83b8fbdae23e0024cc57dcbc770.
|
||
|
||
It turned out that "improvement" instead made the fetching of the
|
||
certificates unreliable
|
||
|
||
Bug: http://curl.haxx.se/mail/lib-2012-03/0238.html
|
||
Reported by: Tim Heckman
|
||
|
||
Steve Holme (31 Mar 2012)
|
||
- DOCS: Added information regarding POP3 commands to CURLOPT_CUSTOMREQUEST
|
||
|
||
- pop3: Added support for additional pop3 commands
|
||
|
||
This feature allows the user to specify and use additional POP3
|
||
commands such as UIDL and DELE via libcurl's CURLOPT_CUSTOMREQUEST or
|
||
curl's -X command line option.
|
||
|
||
Yang Tse (30 Mar 2012)
|
||
- [tetetest tetetest brought this change]
|
||
|
||
CMakeLists.txt: fix Windows LDAP/LDAPS option handling
|
||
|
||
bug: http://curl.haxx.se/mail/lib-2012-03/0278.html
|
||
|
||
- [tetetest tetetest brought this change]
|
||
|
||
CMakeLists.txt: fix MS Visual Studio x64 unsigned long long literal suffix
|
||
|
||
bug: http://curl.haxx.se/mail/lib-2012-03/0255.html
|
||
|
||
Steve Holme (28 Mar 2012)
|
||
- TODO: Corrected POP3 section heading
|
||
|
||
Yang Tse (28 Mar 2012)
|
||
- curl-functions.m4: update detection logic of getaddrinfo() thread-safeness
|
||
|
||
Take in account that h_errno might be a modifiable lvalue not defined as
|
||
a C preprocessor macro
|
||
|
||
Steve Holme (27 Mar 2012)
|
||
- TODO: Added SMTP and POP3 specific features
|
||
|
||
Yang Tse (27 Mar 2012)
|
||
- [Olaf Flebbe brought this change]
|
||
|
||
tool_cb_dbg.c: fix tool_cb_dbg() to behave properly even for size 0
|
||
|
||
curl segfault in debug callback triggered with CURLINFO_HEADER_OUT and size 0
|
||
|
||
bug: http://curl.haxx.se/bug/view.cgi?id=3511794
|
||
|
||
- test #1405: support HTTP disabled builds
|
||
|
||
Steve Holme (26 Mar 2012)
|
||
- test #809: Updated error code to match recent pop3 changes
|
||
|
||
Yang Tse (25 Mar 2012)
|
||
- ssh.c: code cleanup, Curl_safefree() already nullifies pointer
|
||
|
||
- fix some compiler warnings
|
||
|
||
Steve Holme (25 Mar 2012)
|
||
- pop3.c: Corrected problem with state() introduced in 01690ed2bce5
|
||
|
||
- pop.c: Small code tidy up
|
||
|
||
- pop3: Removed the need for the single message LIST command handler
|
||
|
||
Simplified the code to remove the need for a separate "LIST <msg id>"
|
||
command handler and state machine and instead use the LIST command
|
||
handler for both operations.
|