source: UsbWattMeter/trunk/curl-7.47.1/CHANGES@ 164

Last change on this file since 164 was 164, checked in by coas-nagasima, 6 years ago

TOPPERS/ECNLサンプルアプリ「USB充電器電力計」を追加

File size: 159.5 KB
Line 
1 _ _ ____ _
2 ___| | | | _ \| |
3 / __| | | | |_) | |
4 | (__| |_| | _ <| |___
5 \___|\___/|_| \_\_____|
6
7 Changelog
8
9Version 7.47.1 (8 Feb 2016)
10
11Daniel Stenberg (8 Feb 2016)
12- RELEASE-NOTES: curl 7.47.1 time!
13
14Jay Satiro (8 Feb 2016)
15- tool_operhlp: Check for backslashes in get_url_file_name
16
17 Extract the filename from the last slash or backslash. Prior to this
18 change backslashes could be part of the filename.
19
20 This change needed for the curl tool built for Cygwin. Refer to the
21 CYGWIN addendum in advisory 20160127B.
22
23 Bug: https://curl.haxx.se/docs/adv_20160127B.html
24
25Daniel Stenberg (7 Feb 2016)
26- RELEASE-NOTES: synced with d6a8869ea34
27
28Jay Satiro (6 Feb 2016)
29- openssl: Fix signed/unsigned mismatch warning in X509V3_ext
30
31 sk_X509_EXTENSION_num may return an unsigned integer, however the value
32 will fit in an int.
33
34 Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896
35 Reported-by: Gisle Vanem
36
37Daniel Stenberg (7 Feb 2016)
38- TODO: 17.11 -w output to stderr
39
40Jay Satiro (6 Feb 2016)
41- [Michael Kaufmann brought this change]
42
43 idn_win32: Better error checking
44
45 .. also fix a conversion bug in the unused function
46 curl_win32_ascii_to_idn().
47
48 And remove wprintfs on error (Jay).
49
50 Bug: https://github.com/curl/curl/pull/637
51
52- [Gisle Vanem brought this change]
53
54 examples/asiohiper: Avoid function name collision on Windows
55
56 closesocket => close_socket
57 Winsock already has the former.
58
59 Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html
60
61- [Gisle Vanem brought this change]
62
63 examples/htmltitle: Use _stricmp on Windows
64
65 Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html
66
67Daniel Stenberg (6 Feb 2016)
68- COPYING: clarify that Daniel is not the sole author
69
70 ... done on request and as it is a fair point.
71
72Jay Satiro (5 Feb 2016)
73- unit1604: Fix unit setup return code
74
75- tool_doswin: Use type SANITIZEcode in sanitize_file_name
76
77- tool_doswin: Improve sanitization processing
78
79 - Add unit test 1604 to test the sanitize_file_name function.
80
81 - Use -DCURL_STATICLIB when building libcurltool for unit testing.
82
83 - Better detection of reserved DOS device names.
84
85 - New flags to modify sanitize behavior:
86
87 SANITIZE_ALLOW_COLONS: Allow colons
88 SANITIZE_ALLOW_PATH: Allow path separators and colons
89 SANITIZE_ALLOW_RESERVED: Allow reserved device names
90 SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename
91
92 - Restore sanitization of banned characters from user-specified outfile.
93
94 Prior to this commit sanitization of a user-specified outfile was
95 temporarily disabled in 2b6dadc because there was no way to allow path
96 separators and colons through while replacing other banned characters.
97 Now in such a case we call the sanitize function with
98 SANITIZE_ALLOW_PATH which allows path separators and colons to pass
99 through.
100
101
102 Closes https://github.com/curl/curl/issues/624
103 Reported-by: Octavio Schroeder
104
105- [Viktor Szakats brought this change]
106
107 URLs: change more http to https
108
109- sasl_sspi: Fix memory leak in domain populate
110
111 Free an existing domain before replacing it.
112
113 Bug: https://github.com/curl/curl/issues/635
114 Reported-by: silveja1@users.noreply.github.com
115
116Daniel Stenberg (4 Feb 2016)
117- [Viktor Szakats brought this change]
118
119 URLs: follow GitHub project rename (also Travis CI)
120
121 Closes #632
122
123- CHANGES.o: fix references to curl.haxx.nu
124
125 I removed the scheme prefix from the URLs references this host name, as
126 we don't own/run that anymore but the name is kept for historic reasons.
127
128- HISTORY: add some info about when we used which host names
129
130Jay Satiro (2 Feb 2016)
131- [Viktor Szakats brought this change]
132
133 URLs: change more http to https
134
135Dan Fandrich (3 Feb 2016)
136- URLs: Change more haxx.se URLs from http: to https:
137
138Daniel Stenberg (3 Feb 2016)
139- RELEASE-NOTES: synced with 4af40b364
140
141- URLs: change all http:// URLs to https://
142
143- configure: update the copyright year range in output
144
145- dotdot: allow an empty input string too
146
147 It isn't used by the code in current conditions but for safety it seems
148 sensible to at least not crash on such input.
149
150 Extended unit test 1395 to verify this too as well as a plain "/" input.
151
152- HTTPS: update a bunch of URLs from HTTP to HTTPS
153
154- [Sergei Nikulov brought this change]
155
156 AppVeyor: updated to handle OpenSSL/WinSSL builds
157
158 Closes #621
159
160Jay Satiro (1 Feb 2016)
161- tool_operate: Don't sanitize --output path (Windows)
162
163 Due to path separators being incorrectly sanitized in --output
164 pathnames, eg -o c:\foo => c__foo
165
166 This is a partial revert of 3017d8a until I write a proper fix. The
167 remote-name will continue to be sanitized, but if the user specified an
168 --output with string replacement (#1, #2, etc) that data is unsanitized
169 until I finish a fix.
170
171 Bug: https://github.com/bagder/curl/issues/624
172 Reported-by: Octavio Schroeder
173
174- curl.1: Explain remote-name behavior if file already exists
175
176 .. also warn about letting the server pick the filename.
177
178- [Gisle Vanem brought this change]
179
180 urldata: Error on missing SSL backend-specific connect info
181
182Daniel Stenberg (28 Jan 2016)
183- bump: towards the next (7.47.1 ?)
184
185- [Sergei Nikulov brought this change]
186
187 cmake: fixed when OpenSSL enabled on Windows and schannel detected
188
189 Closes #617
190
191Jay Satiro (28 Jan 2016)
192- [Sergei Nikulov brought this change]
193
194 urldata: moved common variable out of ifdef
195
196 Closes https://github.com/bagder/curl/pull/618
197
198- [Viktor Szakats brought this change]
199
200 tool_doswin: silence unused function warning
201
202 tool_doswin.c:185:14: warning: 'msdosify' defined but not used
203 [-Wunused-function]
204
205 Closes https://github.com/bagder/curl/pull/616
206
207Daniel Stenberg (27 Jan 2016)
208- getredirect.c: fix variable name
209
210 Reported-by: Bernard Spil
211
212Version 7.47.0 (27 Jan 2016)
213
214Daniel Stenberg (27 Jan 2016)
215- examples/Makefile.inc: specify programs without .c!
216
217- THANKS: 6 new contributors from 7.47.0 release notes
218
219- [Isaac Boukris brought this change]
220
221 NTLM: Fix ConnectionExists to compare Proxy credentials
222
223 Proxy NTLM authentication should compare credentials when
224 re-using a connection similar to host authentication, as it
225 authenticate the connection.
226
227 Example:
228 curl -v -x http://proxy:port http://host/ -U good_user:good_pwd
229 --proxy-ntlm --next -x http://proxy:port http://host/
230 [-U fake_user:fake_pwd --proxy-ntlm]
231
232 CVE-2016-0755
233
234 Bug: http://curl.haxx.se/docs/adv_20160127A.html
235
236- [Ray Satiro brought this change]
237
238 curl: avoid local drive traversal when saving file (Windows)
239
240 curl does not sanitize colons in a remote file name that is used as the
241 local file name. This may lead to a vulnerability on systems where the
242 colon is a special path character. Currently Windows/DOS is the only OS
243 where this vulnerability applies.
244
245 CVE-2016-0754
246
247 Bug: http://curl.haxx.se/docs/adv_20160127B.html
248
249- RELEASE-NOTES: 7.47.0
250
251- FAQ: language fix in 4.19
252
253- [paulehoffman brought this change]
254
255 FAQ: Update to point to GitHub
256
257 Current FAQ didn't make it clear where the main repo is.
258
259 Closes #612
260
261- maketgz: generate date stamp with LC_TIME=C
262
263 bug: http://curl.haxx.se/mail/lib-2016-01/0123.html
264
265- curl_multi_socket_action.3: line wrap
266
267- RELEASE-NOTES: synced with d58ba66eeceb
268
269Steve Holme (21 Jan 2016)
270- TODO: "Create remote directories" for SMB
271
272Jay Satiro (18 Jan 2016)
273- mbedtls: Fix pinned key return value on fail
274
275 - Switch from verifying a pinned public key in a callback during the
276 certificate verification to inline after the certificate verification.
277
278 The callback method had three problems:
279
280 1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH
281 was not returned.
282
283 2. If peer certificate verification was disabled the pinned key
284 verification did not take place as it should.
285
286 3. (related to #2) If there was no certificate of depth 0 the callback
287 would not have checked the pinned public key.
288
289 Though all those problems could have been fixed it would have made the
290 code more complex. Instead we now verify inline after the certificate
291 verification in mbedtls_connect_step2.
292
293 Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html
294 Ref: https://github.com/bagder/curl/pull/601
295
296- tests: Add a test for pinnedpubkey fail even when insecure
297
298 Because disabling the peer verification (--insecure) must not disable
299 the public key pinning check (--pinnedpubkey).
300
301- [Daniel Schauenberg brought this change]
302
303 CURLINFO_RESPONSE_CODE.3: add example
304
305Kamil Dudka (15 Jan 2016)
306- ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL
307
308 The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle
309 empty strings specially since curl-7_25_0-31-g05a443a but the behavior
310 was unintentionally removed in curl-7_38_0-47-gfa7d04f.
311
312 This commit restores the original behavior and clarifies it in the
313 documentation that NULL and "" have both the same meaning when passed
314 to CURLOPT_SSH_PUBLIC_KEYFILE.
315
316 Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html
317
318Daniel Stenberg (14 Jan 2016)
319- RELEASE-NOTES: synced with 35083ca60ed035a
320
321- openssl: improved error detection/reporting
322
323 ... by extracting the LIB + REASON from the OpenSSL error code. OpenSSL
324 1.1.0+ returned a new func number of another cerfificate fail so this
325 required a fix and this is the better way to catch this error anyway.
326
327- openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
328
329- CURLOPT_RESOLVE.3: minor language polish
330
331- configure: assume IPv6 works when cross-compiled
332
333 The configure test uses AC_TRY_RUN to figure out if an ipv6 socket
334 works, and testing like that doesn't work for cross-compiles. These days
335 IPv6 support is widespread so a blind guess is probably more likely to
336 be 'yes' than 'no' now.
337
338 Further: anyone who cross-compiles can use configure's --disable-ipv6 to
339 explicitly disable IPv6 and that also works for cross-compiles.
340
341 Made happen after discussions in issue #594
342
343- TODO: "Try to URL encode given URL"
344
345 Closes #514
346
347- ConnectionExists: only do pipelining/multiplexing when asked
348
349 When an HTTP/2 upgrade request fails (no protocol switch), it would
350 previously detect that as still possible to pipeline on (which is
351 acorrect) and do that when PIPEWAIT was enabled even if pipelining was
352 not explictily enabled.
353
354 It should only pipelined if explicitly asked to.
355
356 Closes #584
357
358- [Mohammad AlSaleh brought this change]
359
360 lib: Prefix URLs with lower-case protocol names/schemes
361
362 Before this patch, if a URL does not start with the protocol
363 name/scheme, effective URLs would be prefixed with upper-case protocol
364 names/schemes. This behavior might not be expected by library users or
365 end users.
366
367 For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
368 URL is "hostname/path". The effective URL would be
369 "HTTPS://hostname/path" instead of "https://hostname/path".
370
371 After this patch, effective URLs would be prefixed with a lower-case
372 protocol name/scheme.
373
374 Closes #597
375
376 Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
377
378- [Alessandro Ghedini brought this change]
379
380 scripts: don't generate and install zsh completion when cross-compiling
381
382- [Alessandro Ghedini brought this change]
383
384 scripts: fix zsh completion generation
385
386 The script should use the just-built curl, not the system one. This fixes
387 zsh completion generation when no system curl is installed.
388
389- [Alessandro Ghedini brought this change]
390
391 zsh.pl: fail if no curl is found
392
393 Instead of generation a broken completion file.
394
395- [Michael Kaufmann brought this change]
396
397 IDN host names: Remove the port number before converting to ACE
398
399 Closes #596
400
401Jay Satiro (10 Jan 2016)
402- runtests: Add mbedTLS to the SSL backends
403
404 .. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.
405
406Daniel Stenberg (10 Jan 2016)
407- [Thomas Glanzmann brought this change]
408
409 mbedtls: implement CURLOPT_PINNEDPUBLICKEY
410
411Jay Satiro (9 Jan 2016)
412- [Tatsuhiro Tsujikawa brought this change]
413
414 url: Fix compile error with --enable-werror
415
416- [Tatsuhiro Tsujikawa brought this change]
417
418 http2: Ensure that http2_handle_stream_close is called
419
420 Previously, when HTTP/2 is enabled and used, and stream has content
421 length known, Curl_read was not called when there was no bytes left to
422 read. Because of this, we could not make sure that
423 http2_handle_stream_close was called for every stream. Since we use
424 http2_handle_stream_close to emit trailer fields, they were
425 effectively ignored. This commit changes the code so that Curl_read is
426 called even if no bytes left to read, to ensure that
427 http2_handle_stream_close is called for every stream.
428
429 Discussed in https://github.com/bagder/curl/pull/564
430
431Daniel Stenberg (8 Jan 2016)
432- http2: handle the received SETTINGS frame
433
434 This regression landed in 5778e6f5 and made libcurl not act on received
435 settings and instead stayed with its internal defaults.
436
437 Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html
438 Reported-by: Bankde
439
440- Revert "multiplex: allow only once HTTP/2 is actually used"
441
442 This reverts commit 46cb70e9fa81c9a56de484cdd7c5d9d0d9fbec36.
443
444 Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html
445
446Jay Satiro (8 Jan 2016)
447- [Tatsuhiro Tsujikawa brought this change]
448
449 http2: Fix PUSH_PROMISE headers being treated as trailers
450
451 Discussed in https://github.com/bagder/curl/pull/564
452
453Daniel Stenberg (8 Jan 2016)
454- [Michael Kaufmann brought this change]
455
456 connection reuse: IDN host names fixed
457
458 Use the ACE form of IDN hostnames as key in the connection cache. Add
459 new tests.
460
461 Closes #592
462
463- tests: mark IPv6 FTP and FTPS tests with the FTP keyword
464
465Jay Satiro (7 Jan 2016)
466- mbedtls: Fix ALPN support
467
468 - Fix ALPN reply detection.
469
470 - Wrap nghttp2 code in ifdef USE_NGHTTP2.
471
472
473 Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS.
474
475- http2: Fix client write for trailers on stream close
476
477 Check that the trailer buffer exists before attempting a client write
478 for trailers on stream close.
479
480 Refer to comments in https://github.com/bagder/curl/pull/564
481
482Daniel Stenberg (7 Jan 2016)
483- COPYING: update general copyright year range
484
485- ConnectionExists: add missing newline in infof() call
486
487 Mistake from commit a464f33843ee1
488
489- multiplex: allow only once HTTP/2 is actually used
490
491 To make sure curl doesn't allow multiplexing before a connection is
492 upgraded to HTTP/2 (like when Upgrade: h2c fails), we must make sure the
493 connection uses HTTP/2 as well and not only check what's wanted.
494
495 Closes #584
496
497 Patch-by: c0ff
498
499Jay Satiro (4 Jan 2016)
500- curl_global_init.3: Add Windows-specific info for init via DLL
501
502 - Add to both curl_global_init.3 and libcurl.3 the caveat for Windows
503 that initializing libcurl via a DLL's DllMain or static initializer
504 could cause a deadlock.
505
506 Bug: https://github.com/bagder/curl/issues/586
507 Reported-by: marc-groundctl@users.noreply.github.com
508
509Daniel Stenberg (4 Jan 2016)
510- FAQ: clarify who to mail about ECCN clarifications
511
512- progressfunc.c: spellfix description
513
514- docs/examples/multi-app.c: fix bad desc formatting
515
516- examples: added descriptions
517
518- example/simple.c: add description
519
520- getredirect.c: a new example
521
522Marc Hoersken (27 Dec 2015)
523- RELEASE-NOTES: add 5e0e81a9c4e35f04ca
524
525Daniel Stenberg (26 Dec 2015)
526- RELEASE-NOTES: synced with 2aec4359db1088b10d
527
528Marc Hoersken (26 Dec 2015)
529- test 1515: add data check
530
531- test 1515: add MSYS support by passing a relative path
532
533 MSYS would otherwise turn a /-style path into a C:\-style path.
534
535- test 539: use datacheck mode text for ASCII-mode LISTings
536
537 While still using datacheck mode binary for the inline reply data.
538
539- runtests.pl: check up to 5 data parts with different text modes
540
541 Move the text-mode conversion for reply/replycheck from the verify
542 section into the load section and add support for 4 more check parts.
543
544Daniel Stenberg (24 Dec 2015)
545- CURLOPT_RANGE: for HTTP servers, range support is optional
546
547Marc Hoersken (24 Dec 2015)
548- tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings
549
550- tests 706 and 707: use datacheck mode text for ASCII-mode LISTings
551
552- tests 400,403,406: use datacheck mode text for ASCII-mode LISTings
553
554- sockfilt.c: fix calculation of sleep timeout on Windows
555
556 Not converting to double caused small timeouts to be skipped.
557
558- tests first.c: fix calculation of sleep timeout on Windows
559
560 Not converting to double caused small timeouts to be skipped.
561
562- test 573: add more debug output
563
564- ftplistparser.c: fix handling of file LISTings using Windows EOL
565
566 Previously file.txt[CR][LF] would have been returned as file.tx
567 (without the last t) if filetype is symlink. Now the t is
568 included and the internal item_length includes the zero byte.
569
570 Spotted using test 576 on Windows.
571
572- test 16: fix on Linux (and Windows) by using plain ASCII characters
573
574 Follow up on b064ff0c351bb287557228575ef4c1d079b866fb, thanks Daniel.
575
576- tftpd server: add Windows support by writing files in binary mode
577
578- tests 252-255: use datacheck mode text for ASCII-mode LISTings
579
580- test 16: fix on Windows by converting data file from ANSI to UTF-8
581
582Daniel Stenberg (23 Dec 2015)
583- Makefile.inc: s/curl_SOURCES/CURL_FILES
584
585 This allows the root Makefile.am to include the Makefile.inc without
586 causing automake to warn on it (variables named *_SOURCES are
587 magic). curl_SOURCES is then instead assigned properly in
588 src/Makefile.am only.
589
590 Closes #577
591
592- [Anders Bakken brought this change]
593
594 ConnectionExists: with *PIPEWAIT, wait for connections
595
596 Try harder to prevent libcurl from opening up an additional socket when
597 CURLOPT_PIPEWAIT is set. Accomplished by letting ongoing TCP and TLS
598 handshakes complete first before the decision is made.
599
600 Closes #575
601
602- [Anders Bakken brought this change]
603
604 Add .dir-locals and set c-basic-offset to 2.
605
606 This makes it easier for emacs users to automatically get the right
607 2-space indentation when they edit curl source files.
608
609 c++-mode is in there as well because Emacs can't easily know if
610 something is a C or C++ header.
611
612 Closes #574
613
614- [Johannes Schindelin brought this change]
615
616 configure: detect IPv6 support on Windows
617
618 This patch was "nicked" from the MINGW-packages project by Daniel.
619
620 https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007
621 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
622
623- configure: allow static builds on mingw
624
625 This patch is adopted from the MINGW-packages project. It makes it
626 possible to build curl both shared and static again.
627
628 URL: https://github.com/Alexpux/MINGW-packages/tree/master/mingw-w64-curl
629
630Marc Hoersken (17 Dec 2015)
631- test 1326: fix file check since curl is outputting binary data
632
633- test 1326: fix getting stuck on Windows due to incomplete request
634
635 The request needs to be read and send in binary mode in order to use
636 CRLF instead of LF. Adding --upload-file - causes curl to read stdin
637 in binary mode.
638
639Daniel Stenberg (17 Dec 2015)
640- RELEASE-NOTES: command line option recount
641
642Dan Fandrich (16 Dec 2015)
643- scripts/Makefile: build zsh script even in an out-of-tree build
644
645Marc Hoersken (16 Dec 2015)
646- sockfilt.c: added some debug output to select_ws
647
648- sockfilt.c: keep lines shorter than 80 chars
649
650- sockfilt.c: do not wait on unreliable file or pipe handle
651
652 The previous implementation caused issues on modern MSYS2 runtimes.
653
654Daniel Stenberg (16 Dec 2015)
655- cyassl: deal with lack of *get_peer_certificate
656
657 The function is only present in wolfssl/cyassl if it was built with
658 --enable-opensslextra. With these checks added, pinning support is disabled
659 unless the TLS lib has that function available.
660
661 Also fix the mistake in configure that checks for the wrong lib name.
662
663 Closes #566
664
665- wolfssl: handle builds without SSLv3 support
666
667- [Tatsuhiro Tsujikawa brought this change]
668
669 http2: Support trailer fields
670
671 This commit adds trailer support in HTTP/2. In HTTP/1.1, chunked
672 encoding must be used to send trialer fields. HTTP/2 deprecated any
673 trandfer-encoding, including chunked. But trailer fields are now
674 always available.
675
676 Since trailer fields are relatively rare these days (gRPC uses them
677 extensively though), allocating buffer for trailer fields is done when
678 we detect that HEADERS frame containing trailer fields is started. We
679 use Curl_add_buffer_* functions to buffer all trailers, just like we
680 do for regular header fields. And then deliver them when stream is
681 closed. We have to be careful here so that all data are delivered to
682 upper layer before sending trailers to the application.
683
684 We can deliver trailer field one by one using NGHTTP2_ERR_PAUSE
685 mechanism, but current method is far more simple.
686
687 Another possibility is use chunked encoding internally for HTTP/2
688 traffic. I have not tested it, but it could add another overhead.
689
690 Closes #564
691
692- RELEASE-NOTES: synced with 6c2c019654e658a
693
694Jay Satiro (15 Dec 2015)
695- x509asn1: Fix host altname verification
696
697 - In Curl_verifyhost check all altnames in the certificate.
698
699 Prior to this change only the first altname was checked. Only the GSKit
700 SSL backend was affected by this bug.
701
702 Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html
703 Reported-by: John Kohl
704
705Daniel Stenberg (15 Dec 2015)
706- curl --expect100-timeout: added
707
708 This is the new command line option to set the value for the existing
709 libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
710
711- cyassl: fix compiler warning on type conversion
712
713- curlver: the pending release will become 7.47.0
714
715- [Anders Bakken brought this change]
716
717 setstropt: const-correctness
718
719 Closes #565
720
721- ROADMAP: implemented HTTP2 for HTTPS-only
722
723- HTTP2.md: spell fix and remove TODO now implemented
724
725- libressl: the latest openssl x509 funcs are not in libressl
726
727- curl: use 2TLS by default
728
729 Make this the default for the curl tool (if built with HTTP/2 powers
730 enabled) unless a specific HTTP version is requested on the command
731 line.
732
733 This should allow more users to get HTTP/2 powers without having to
734 change anything.
735
736- http: add libcurl option to allow HTTP/2 for HTTPS only
737
738 ... and stick to 1.1 for HTTP. This is in line with what browsers do and
739 should have very little risk.
740
741- openssl: adapt to openssl >= 1.1.0 X509 opaque structs
742
743 Closes #491
744
745- openssl: avoid BIO_reset() warnings since it returns a value
746
747- openssl: adapt to 1.1.0+ name changes
748
749- scripts/makefile: add standard header
750
751- scripts/Makefile: fix GNUism and survive no perl
752
753 Closes #555
754
755 Reported-by: Thomas Klausner
756
757- fix b6d5cb40d7038fe
758
759- [Tatsuhiro Tsujikawa brought this change]
760
761 http2: Fix hanging paused stream
762
763 When NGHTTP2_ERR_PAUSE is returned from data_source_read_callback, we
764 might not process DATA frame fully. Calling nghttp2_session_mem_recv()
765 again will continue to process DATA frame, but if there is no incoming
766 frames, then we have to call it again with 0-length data. Without this,
767 on_stream_close callback will not be called, and stream could be hanged.
768
769 Bug: http://curl.haxx.se/mail/lib-2015-11/0103.html
770 Reported-by: Francisco Moraes
771
772- [Christian Stewart brought this change]
773
774 build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS
775
776 With curl disable verbose strings in http.c the compilation fails due to
777 the data variable being undefined later on in the function.
778
779 Closes #558
780
781Jay Satiro (7 Dec 2015)
782- [Gisle Vanem brought this change]
783
784 config-win32: Fix warning HAVE_WINSOCK2_H undefined
785
786- [Gisle Vanem brought this change]
787
788 openssl: BoringSSL doesn't have CONF_modules_free
789
790- [Gisle Vanem brought this change]
791
792 lwip: Fix compatibility issues with later versions
793
794 The name of the header guard in lwIP's <lwip/opt.h> has changed from
795 '__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015).
796
797 Other fixes:
798
799 - In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is
800 used.
801
802 - In memdebug.h, the 'socket' should be undefined first due to lwIP's
803 lwip_socket() macro.
804
805 - In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need
806 special handling because they were undef'ed in memdebug.h.
807
808 - In select.c we can't use preprocessor conditionals inside select if
809 MSVC and select is a macro, as it is with lwIP.
810
811 http://curl.haxx.se/mail/lib-2015-12/0023.html
812 http://curl.haxx.se/mail/lib-2015-12/0024.html
813
814Patrick Monnerat (7 Dec 2015)
815- os400: define CURL_VERSION_PSL in ILE/RPG binding
816
817Jay Satiro (7 Dec 2015)
818- [Gisle Vanem brought this change]
819
820 version: Add flag CURL_VERSION_PSL for libpsl
821
822- formdata: Check if length is too large for memory
823
824 - If the size of the length type (curl_off_t) is greater than the size
825 of the size_t type then check before allocating memory to make sure the
826 value of length will fit in a size_t without overflow. If it doesn't
827 then return CURLE_BAD_FUNCTION_ARGUMENT.
828
829 Bug: https://github.com/bagder/curl/issues/425#issuecomment-154518679
830 Reported-by: Steve Holme
831
832Steve Holme (3 Dec 2015)
833- tests: Corrected copy and pasted comments from commit e643c5c908
834
835Daniel Stenberg (3 Dec 2015)
836- curl: remove keepalive #ifdef checks done on libcurl's behalf
837
838 They didn't match the ifdef logic used within libcurl anyway so they
839 could indeed warn for the wrong case - plus the tool cannot know how the
840 lib actually performs at that level.
841
842Steve Holme (2 Dec 2015)
843- test947: Corrected typo in test name
844
845- tests: Disable the OAUTHBEARER tests when using a non-default port number
846
847 Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
848 if a custom port number is specified via the -b option of runtests.pl.
849
850 Suggested by: Kamil Dudka
851 Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
852
853Daniel Stenberg (2 Dec 2015)
854- bump: towards next release
855
856 for all we know now, it might be called 7.46.1
857
858Version 7.46.0 (1 Dec 2015)
859
860Daniel Stenberg (1 Dec 2015)
861- RELEASE-NOTES: updated contributor count for 7.46.0
862
863- THANKS: new contributors from the 7.46.0 release
864
865- THANKS-filter: single Tim Rühsen spelling
866
867- docs/examples: gitignore some more built examples
868
869- RELEASE-NOTES; this bug was never released
870
871- RELEASE-NOTES: synced with e55f15454efacb0
872
873- [Flavio Medeiros brought this change]
874
875 Curl_read_plain: clean up ifdefs that break statements
876
877 Closes #546
878
879- http2: convert some verbose output into debug-only output
880
881- http2 push: add missing inits of new stream
882
883 - set the correct stream_id for pushed streams
884 - init maxdownload and size properly
885
886- http2 push: set weight for new stream
887
888 give the new stream the old one's stream_weight internally to avoid
889 sending a PRIORITY frame unless asked for it
890
891- curl_setup.h: undef freeaddrinfo in c-ares block to fix build
892
893 Fixes warnings 78c25c854a added.
894
895- nonblock: fix setting non-blocking mode for Amiga
896
897 IoctlSocket() apparently wants a pointer to a long, passed as a char *
898 in its third parameter. This bug was introduced already back in commit
899 c5fdeef41d from October 1 2001!
900
901 Bug: http://curl.haxx.se/mail/lib-2015-11/0088.html
902 Reported-by: Norbert Kett
903
904- zsh install: fix DESTDIR support
905
906 Reported-by: Mohammad AlSaleh
907
908Dan Fandrich (27 Nov 2015)
909- lib: Only define curl_dofreeaddrinfo if struct addrinfo is available
910
911Steve Holme (27 Nov 2015)
912- tool_paramhlp: Fixed display of URL index in password prompt for --next
913
914 Commit f3bae6ed73 added the URL index to the password prompt when using
915 --next. Unfortunately, because the size_t specifier (%zu) is not
916 supported by all sprintf() implementations we use the curl_off_t format
917 specifier instead. The display of an incorrect value arises on platforms
918 where size_t and curl_off_t are of a different size.
919
920Daniel Stenberg (25 Nov 2015)
921- timecond: do not add if-modified-since without timecondition
922
923 The RTSP code path didn't skip adding the if-modified-since for certain
924 RTSP code paths, even if CURLOPT_TIMECONDITION was set to
925 CURL_TIMECOND_NONE.
926
927 Also, an unknown non-zero CURLOPT_TIMECONDITION value no longer equals
928 CURL_TIMECOND_IFMODSINCE.
929
930 Bug: http://stackoverflow.com/questions/33903982/curl-timecond-none-doesnt-work-how-to-remove-if-modified-since-header
931
932- RELEASE-NOTES: synced with 99d17a5e2ba77e58
933
934- examples/README: cut out the incomplete list
935
936 ... and add a generic explanation for them instead. Each example file
937 should contain its own description these days.
938
939- test1513: make sure the callback is only called once
940
941- [Daniel Shahaf brought this change]
942
943 build: Install zsh completion
944
945 Fixes #534
946 Closes #537
947
948- done: make sure the final progress update is made
949
950 It would previously be skipped if an existing error was returned, but
951 would lead to a previous value being left there and later used.
952 CURLINFO_TOTAL_TIME for example.
953
954 Still it avoids that final progress update if we reached DONE as the
955 result of a callback abort to avoid another callback to be called after
956 an abort-by-callback.
957
958 Reported-by: Lukas Ruzicka
959
960 Closes #538
961
962- curl: expanded the -XHEAD warning text
963
964 ... to also mention the specific options used.
965
966- Revert "cleanup: general removal of TODO (and similar) comments"
967
968 This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a.
969
970 Feedback-by: Dan Fandrich
971 URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
972
973- CURLOPT_HEADERFUNCTION.3: fix typo
974
975 Refer to _HEADERDATA not _WRITEDATA.
976
977 Reported-by: Michał Piechowski
978
979- TODO: TCP Fast Open
980
981Steve Holme (22 Nov 2015)
982- examples: Added website parse-able descriptions to the e-mail examples
983
984- TODO: Added another 'multi-interface' idea
985
986- smb.c: Fixed compilation warnings
987
988 smb.c:134:3: warning: conversion to 'short unsigned int' from 'int' may
989 alter its value
990 smb.c:146:42: warning: conversion to 'unsigned int' from 'long long
991 unsigned int' may alter its value
992 smb.c:146:65: warning: conversion to 'unsigned int' from 'long long
993 unsigned int' may alter its value
994
995- schannel: Corrected copy/paste error in commit 8d17117683
996
997- schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available
998
999 Regression from commit 7a8e861a5 as highlighted in the msys autobuilds.
1000
1001- examples: Fixed compilation warnings
1002
1003 pop3-multi.c:96:5: warning: implicit declaration of function 'memset'
1004 imap-multi.c:96:5: warning: implicit declaration of function 'memset'
1005 http2-download.c:226:5: warning: implicit declaration of function 'memset'
1006 http2-upload.c:290:5: warning: implicit declaration of function 'memset'
1007 http2-upload.c:290:5: warning: implicit declaration of function 'memset'
1008
1009- Makefile.inc: Fixed test run error
1010
1011 test845 not present in tests/data/Makefile.inc
1012
1013Daniel Stenberg (20 Nov 2015)
1014- TODO: remove duplicated title
1015
1016- TODO: added two more libcurl ideas
1017
1018 Moved some ideas from "next major" to just ordinary ideas since we can
1019 always add new things while keeping the old without doing a "next
1020 major".
1021
1022Steve Holme (20 Nov 2015)
1023- tests: Re-enabled tests 889 and 890 following POP3 fix
1024
1025- pop3: Differentiate between success and continuation responses
1026
1027- pop3: Added clarity on some server response codes
1028
1029Daniel Stenberg (20 Nov 2015)
1030- [Daniel Shahaf brought this change]
1031
1032 build: Fix theoretical infinite loops
1033
1034 Add error-checking to 'cd' in a few cases where omitting the checks
1035 might result in an infinite loop.
1036
1037 Closes #535
1038
1039Patrick Monnerat (19 Nov 2015)
1040- curl.h: s/#defien/#define/
1041
1042- os400: synchronize ILE/RPG header file
1043
1044- os400: Provide options for libssh2 use in compile scripts. Adjust README.
1045
1046Daniel Stenberg (19 Nov 2015)
1047- [danielsh@apache.org brought this change]
1048
1049 zsh completion: Preserve single quotes in output
1050
1051 When an option's help string contains literal single quotes, those
1052 single quotes would be stripped from the option's description in the
1053 completion output (unless the zsh RC_QUOTES option were set while the
1054 completion function was being sourced, which is not the default). This
1055 patch makes the completion output contain single quotes where the --help
1056 output does.
1057
1058 Closes #532
1059
1060Jay Satiro (18 Nov 2015)
1061- [MaxGiting brought this change]
1062
1063 FAQ: Grammar changes
1064
1065 Closes https://github.com/bagder/curl/pull/533
1066
1067Daniel Stenberg (17 Nov 2015)
1068- http2: http_done: don't free already-freed push headers
1069
1070 The push headers are freed after the push callback has been invoked,
1071 meaning this code should only free the headers if the callback was never
1072 invoked and thus the headers weren't freed at that time.
1073
1074 Reported-by: Davey Shafik
1075
1076- [Anders Bakken brought this change]
1077
1078 getconnectinfo: Don't call recv(2) if socket == -1
1079
1080 Closes #528
1081
1082- CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
1083
1084 ... if there are more than one using the same name
1085
1086- http2: minor comment typo
1087
1088- sasl; fix checksrc warnings
1089
1090Steve Holme (15 Nov 2015)
1091- RELEASE-NOTES: Adjusted for the recent OAuth 2.0 activity
1092
1093- tests: Disabled 889 and 890 until we support POP3 continuation responses
1094
1095 As POP3 final and continuation responses both begin with a + character,
1096 and both the finalcode and contcode variables in SASLprotoc are set as
1097 such, we cannot tell the difference between them when we are expecting
1098 an optional continuation from the server such as the following:
1099
1100 + something else from the server
1101 +OK final response
1102
1103 Disabled these tests until such a time we can tell the responses apart.
1104
1105- tests: Corrected typos from commit ba4d8f7eba
1106
1107- tests: Added OAUTHBEARER failure response tests
1108
1109- oauth2: Support OAUTHBEARER failures sent as continuation responses
1110
1111 According to RFC7628 a failure message may be sent by the server in a
1112 base64 encoded JSON string as a continuation response.
1113
1114 Currently only implemented for OAUTHBEARER and not XAUTH2.
1115
1116Daniel Stenberg (15 Nov 2015)
1117- RELEASE-NOTES: synced with 808a17ee675
1118
1119Steve Holme (14 Nov 2015)
1120- tests: Renamed existing OAuth 2.0 (XOAUTH) tests
1121
1122- tests: Added OAuth 2.0 (OAUTHBEARER) tests
1123
1124- oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP
1125
1126 OAUTHBEARER is now the official "registered" SASL mechanism name for
1127 OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some
1128 servers won't support the new mechanism yet.
1129
1130Daniel Stenberg (13 Nov 2015)
1131- RELEASE-NOTES: recounted curl_easy_setopt() options
1132
1133- typecheck-gcc.h: add missing slist-using options
1134
1135 CURLOPT_RESOLVE and CURLOPT_PROXYHEADER were missing
1136
1137 Also sorted the list.
1138
1139- typecheck-gcc.h: added CURLOPT_CLOSESOCKETDATA
1140
1141 ... and sorted curl_is_cb_data_option alphabetically
1142
1143Jay Satiro (13 Nov 2015)
1144- [Sebastian Pohlschmidt brought this change]
1145
1146 openssl: Free modules on cleanup
1147
1148 Curl_ossl_init calls OPENSSL_load_builtin_modules() but
1149 Curl_ossl_cleanup doesn't make a call to free these modules.
1150
1151 Bug: https://github.com/bagder/curl/issues/526
1152
1153Steve Holme (13 Nov 2015)
1154- symbols-in-versions: Added new CURLOPTTYPE_STRINGPOINT alias
1155
1156 ...following commit aba281e762 to fix test 1119.
1157
1158Daniel Stenberg (13 Nov 2015)
1159- curl: mark two more options strings for --libcurl output
1160
1161- typecheck-gcc.h: add some missing string types
1162
1163 Also sorted that list alphabetically
1164
1165- curl.h: introducing the STRINGPOINT alias
1166
1167 As an alias for OBJECTPOINT. Provided to allow us to grep for all string
1168 options easier.
1169
1170- cleanup: general removal of TODO (and similar) comments
1171
1172 They tend to never get updated anyway so they're frequently inaccurate
1173 and we never go back to revisit them anyway. We document issues to work
1174 on properly in KNOWN_BUGS and TODO instead.
1175
1176- ftplistparser: remove empty function
1177
1178- openssl: remove #if check for 0.9.7 for ENGINE_load_private_key
1179
1180- openssl: all supported versions have X509_STORE_set_flags
1181
1182 Simplify by removing #ifdefs and macros
1183
1184- openssl: remove 0.9.3 check
1185
1186- openssl: remove #ifdefs for < 0.9.5 support
1187
1188 We only support >= 0.9.7
1189
1190- lib/vtls/openssl: remove unused traces of yassl ifdefs
1191
1192Dan Fandrich (12 Nov 2015)
1193- [dfandrich brought this change]
1194
1195 unit1603: Demote hash mismatch failure to a warning
1196
1197 The hashes can vary between architectures (e.g. Sparc differs from x86_64).
1198 This is not a fatal problem but just reduces the coverage of these white-box
1199 tests, as the assumptions about into which hash bucket each key falls are no
1200 longer valid.
1201
1202- [dfandrich brought this change]
1203
1204 unit1603: Added unit tests for hash functions
1205
1206- [dfandrich brought this change]
1207
1208 unit1602: Fixed failure in torture test
1209
1210Steve Holme (12 Nov 2015)
1211- sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanism
1212
1213 Following the fix in commit d6d58dd558 it is necessary to re-introduce
1214 XOAUTH2 in the default enabled authentication mechanism, which was
1215 removed in commit 7b2012f262, otherwise users will have to specify
1216 AUTH=XOAUTH2 in the URL.
1217
1218 Note: OAuth 2.0 will only be used when the bearer is specified.
1219
1220- [Stefan Bühler brought this change]
1221
1222 sasl_sspi: fix identity memory leak in digest authentication
1223
1224- [Stefan Bühler brought this change]
1225
1226 sasl_sspi: fixed unicode build for digest authentication
1227
1228 Closes #525
1229
1230- oauth2: Re-factored OAuth 2.0 state variable
1231
1232- sasl: Don't choose OAuth 2.0 if mechanism not advertised
1233
1234 Regression from commit 9e8ced9890 which meant if --oauth2-bearer was
1235 specified but the SASL mechanism wasn't supported by the server then
1236 the mechanism would be chosen.
1237
1238Daniel Stenberg (12 Nov 2015)
1239- runtests: more compact "System characteristics" output
1240
1241 - no point in repeating curl features that is already listed as features
1242 from the curl -V output
1243
1244 - remove the port numbers/unix domain path from the output unless
1245 verbose is used, as that is rarely interesting to users.
1246
1247- runtests: rename conditional curl-features to $has_[name]
1248
1249Steve Holme (11 Nov 2015)
1250- oauth2: Introduced support for host and port details
1251
1252 Added support to the OAuth 2.0 message function for host and port, in
1253 order to accommodate the official OAUTHBEARER SASL mechanism which is
1254 to be added shortly.
1255
1256- curl_setup.h: Removed duplicate CURL_DISABLE_RTSP when HTTP_ONLY defined
1257
1258- cmake: Add missing feature macros in config header (Part 2)
1259
1260 In addition to commit a215381c94 added the RTSP, RTMP and SMB protocols.
1261
1262Daniel Stenberg (10 Nov 2015)
1263- [Douglas Creager brought this change]
1264
1265 cmake: Add missing feature macros in config header
1266
1267 The curl_config.h file can be generated either from curl_config.h.cmake
1268 or curl_config.h.in, depending on whether you're building using CMake or
1269 the autotools. The CMake template header doesn't include entries for
1270 all of the protocols that you can disable, which (I think) means that
1271 you can't actually disable those protocols when building via CMake.
1272
1273 Closes #523
1274
1275- [Douglas Creager brought this change]
1276
1277 BoringSSL: Work with stricter BIO_get_mem_data()
1278
1279 BoringSSL implements `BIO_get_mem_data` as a function, instead of a
1280 macro, and expects the output pointer to be a `char **`. We have to add
1281 an explicit cast to grab the pointer as a `const char **`.
1282
1283 Closes #524
1284
1285- http2: rectify the http2 version #if check
1286
1287 We need 1.0.0 or later. Also verified by configure.
1288
1289Steve Holme (9 Nov 2015)
1290- oauth2: Don't use XAUTH2 in OAuth 2.0 function name
1291
1292- oauth2: Don't use XOAUTH2 in OAuth 2.0 variables
1293
1294- oauth2: Use OAuth 2.0 rather than XOAUTH2 in comments
1295
1296 When referring to OAuth 2.0 we should use the official name rather the
1297 SASL mechanism name.
1298
1299Daniel Stenberg (9 Nov 2015)
1300- imap: avoid freeing constant string
1301
1302 The fix in 1a614c6c3 was wrong and would leed to free() of a fixed
1303 string.
1304
1305 Pointed-out-by: Kamil Dudka
1306
1307- ROADMAP: remove two items already done
1308
1309- RELEASE-NOTES: synced with 2200bf62054
1310
1311Jay Satiro (9 Nov 2015)
1312- acinclude: Remove check for 16-bit curl_off_t
1313
1314 Because it's illogical to check for a 16-bit curl_off_t.
1315
1316 Ref: https://github.com/bagder/curl/issues/425#issuecomment-154964205
1317
1318Dan Fandrich (8 Nov 2015)
1319- tool: Fixed a memory leak on OOM introduced in 19cb0c4a
1320
1321Steve Holme (8 Nov 2015)
1322- [Justin Ehlert brought this change]
1323
1324 imap: Don't check for continuation when executing a CUSTOMREQUEST
1325
1326 Bug: https://github.com/bagder/curl/issues/486
1327 Closes https://github.com/bagder/curl/pull/487
1328
1329Daniel Stenberg (7 Nov 2015)
1330- imap: checksrc: remove space after while before paren
1331
1332- checksrc.whitelist: "missing space after close paren"
1333
1334 ... when it was within a string!
1335
1336Steve Holme (7 Nov 2015)
1337- opts: Corrected TLS protocols list to include POP3S rather than POP3
1338
1339- imap: Quote other 'atom-specials' and not just the space character
1340
1341 Closes #517
1342
1343- imap: Fixed double quote in LIST command when mailbox contains spaces
1344
1345Daniel Stenberg (6 Nov 2015)
1346- imap: fix compiler warning
1347
1348 imap.c:657:13: error: assignment discards 'const' qualifier from pointer
1349 target type [-Werror=discarded-qualifiers]
1350
1351Steve Holme (6 Nov 2015)
1352- imap: Don't call imap_atom() when no mailbox specified in LIST command
1353
1354Daniel Stenberg (6 Nov 2015)
1355- curl.1: remove the overlap --range example
1356
1357 ... it is just weird to include by default even if it still works.
1358
1359- tftp tests: verify sent options too
1360
1361 The tftpd test server now logs all received options and thus all TFTP
1362 test cases need to match them exactly.
1363
1364 Extended test 283 to use and verify --tftp-blksize.
1365
1366Jay Satiro (6 Nov 2015)
1367- getinfo: CURLINFO_ACTIVESOCKET: fix bad socket value
1368
1369 - Set user info param to the socket returned by Curl_getconnectinfo,
1370 regardless of if the socket is bad. Effectively this means the user info
1371 param now will receive CURL_SOCKET_BAD instead of -1 on bad socket.
1372
1373 - Remove incorrect comments.
1374
1375 CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user
1376 info param but prior to this change it wrote -1.
1377
1378 Bug: https://github.com/bagder/curl/pull/518
1379 Reported-by: Marcel Raad
1380
1381Patrick Monnerat (5 Nov 2015)
1382- curl_ntlm_core: fix 2 curl_off_t constant overflows.
1383
1384- os400: adjust specific code to support new options.
1385
1386Daniel Stenberg (2 Nov 2015)
1387- [Lauri Kasanen brought this change]
1388
1389 rawstr: Speed up Curl_raw_toupper by 40%
1390
1391 Rationale: when starting up a curl-using app, all cookies from the jar
1392 are checked against each other. This was causing a startup delay in the
1393 Fifth browser.
1394
1395 All tests pass.
1396
1397 Signed-off-by: Lauri Kasanen <cand@gmx.com>
1398
1399- http redirects: %-encode bytes outside of ascii range
1400
1401 Apparently there are sites out there that do redirects to URLs they
1402 provide in plain UTF-8 or similar. Browsers and wget %-encode such
1403 headers when doing a subsequent request. Now libcurl does too.
1404
1405 Added test 1138 to verify.
1406
1407 Closes #473
1408
1409- RELEASE-NOTES: synced with cba5bc585410
1410
1411- symbols-in-version: add all CURL_HTTPPOST_* symbols
1412
1413- formadd: support >2GB files on windows
1414
1415 Closes #425
1416
1417- curl.h: s/HTTPPOST_/CURL_HTTPOST_
1418
1419 Fixes a name space pollution at the cost of programs using one of these
1420 defines will no longer compile. However, the vast majority of libcurl
1421 programs that do multipart formposts use curl_formadd() to build this
1422 list.
1423
1424 Closes #506
1425
1426- mbedtls: fix "Structurally dead code"
1427
1428 CID 1332129
1429
1430- mbedtls: fix "Logically dead code"
1431
1432 CID 1332128
1433
1434- Revert "openssl: engine: remove double-free"
1435
1436 This reverts commit 370ee919b37cc9a46c36428b2bb1527eae5db2bd.
1437
1438 Issue #509 has all the details but it was confirmed that the crash was
1439 not due to this, so the previous commit was wrong.
1440
1441- curl.1: -E: s/private certificate/client certificate
1442
1443 ... as the certificate is strictly speaking not private.
1444
1445 Reported-by: John Levon
1446
1447- openssl: engine: remove double-free
1448
1449 After a successful call to SSL_CTX_use_PrivateKey(), we must not call
1450 EVP_PKEY_free() on the key.
1451
1452 Reported-by: nased0
1453 Closes #509
1454
1455Jay Satiro (27 Oct 2015)
1456- socks: Fix incorrect port numbers in failed connect messages
1457
1458Daniel Stenberg (26 Oct 2015)
1459- DISTRO-DILEMMA: removed
1460
1461 Out of date and not kept accurate. It was sort of a problem of the past
1462 anyway.
1463
1464- [xiangbin li brought this change]
1465
1466 MacOSX-Framework: sdk regex fix for sdk 10.10 and later
1467
1468 closes #507
1469
1470Jay Satiro (24 Oct 2015)
1471- build: Fix support for PKG_CONFIG
1472
1473 - Allow the user to use PKG_CONFIG but not PKGCONFIG.
1474
1475 Background:
1476
1477 Last week in 14d5a86 a change was made to allow the user to set the
1478 PKGCONFIG variable. Today in 72d99f2 I supplemented that to allow the
1479 more common PKG_CONFIG as an alternative if PKGCONFIG is not set.
1480
1481 Neither of those changes worked as expected because PKGCONFIG is
1482 occasionally reset in configure and by the CURL_CHECK_PKGCONFIG macro.
1483 Instead in this commit I take the approach that the user may set
1484 PKG_CONFIG only.
1485
1486- build: Fix mingw ssl gdi32 order
1487
1488 - If mingw ssl make sure -lgdi32 comes after ssl libs
1489
1490 - Allow PKG_CONFIG to set pkg-config location and options
1491
1492 Bug: https://github.com/bagder/curl/pull/501
1493 Reported-by: Kang Lin
1494
1495Daniel Stenberg (23 Oct 2015)
1496- RELEASE-NOTES: synced with 03b6e078163f
1497
1498- polarssl/mbedtls: fix name space pollution
1499
1500 Global private symbols MUST start with Curl_!
1501
1502- [Dmitry S. Baikov brought this change]
1503
1504 mbedTLS: THREADING_SUPPORT compilation fix
1505
1506 Closes #505
1507
1508- test1137: verify --ignore-content-length for FTP
1509
1510- curl.1: --ignore-content-length now works for FTP too
1511
1512- [Kurt Fankhauser brought this change]
1513
1514 ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
1515
1516 This allows FTP transfers with growing (or shrinking) files without
1517 causing a transfer error.
1518
1519 Closes #480
1520
1521- CURLOPT_STREAM_WEIGHT.3: call argument 'weight' too
1522
1523 ... and add a little example of what the weight actually means. "Relative
1524 proportion of bandwidth".
1525
1526- http2: add stream options to dist and curl_easy_setopt.3
1527
1528- http2: s/priority/weight
1529
1530- http2: on_frame_recv: trust the conn/data input
1531
1532 Removed wrong assert()s
1533
1534 The 'conn' passed in as userdata can be used and there can be other
1535 sessionhandles ('data') than the single one this checked for.
1536
1537- http2: added three stream prio/deps options
1538
1539 CURLOPT_STREAM_DEPENDS
1540
1541 CURLOPT_STREAM_DEPENDS_E
1542
1543 CURLOPT_STREAM_PRIORITY
1544
1545- RELEASE-NOTES: synced with ace68fdc0cfed83d
1546
1547- [m-gardet brought this change]
1548
1549 mbedtls:new profile with RSA min key len = 1024.
1550
1551 Closes #502
1552
1553- checksrc: add crude // detection
1554
1555Jay Satiro (21 Oct 2015)
1556- [Gisle Vanem brought this change]
1557
1558 build: fix for MSDOS/djgpp
1559
1560 - Add a VPATH-statement for the vtls/*.c files.
1561
1562 - Due to 'vtls/*.c', remove that subdir part from $(OBJECTS).
1563
1564Daniel Stenberg (20 Oct 2015)
1565- copyrights: update Gisle Vanem's email
1566
1567- vtls: fix compiler warning for TLS backends without sha256
1568
1569 ... noticed with mbedTLS.
1570
1571- [Jonas Minnberg brought this change]
1572
1573 vtls: added support for mbedTLS
1574
1575 closes #496
1576
1577Jay Satiro (19 Oct 2015)
1578- [Javier G. Sogo brought this change]
1579
1580 cmake: Fix for add_subdirectory(curl) use-case
1581
1582 - Use CURL_BINARY_DIR instead of CMAKE_BINARY_DIR.
1583
1584 When including CURL using add_subdirectory the variables
1585 CMAKE_BINARY_DIR and CURL_BINARY_DIR hold different paths.
1586
1587 Closes https://github.com/bagder/curl/pull/488
1588 Closes https://github.com/bagder/curl/pull/498
1589
1590Daniel Stenberg (18 Oct 2015)
1591- RELEASE-NOTES: synced with 4c773bcb474e
1592
1593- tests/FILEFORMAT: mention PSL as a valid feture to check for
1594
1595 For example in test 1136
1596
1597- teste1136: only run when PSL is enabled
1598
1599- curl: slist_wc: remove curl_memory.h inclusion
1600
1601 ... that's for the library only.
1602
1603- configure: add PSL to the list of features
1604
1605 ... to make test 1014 work again after e77b5b7453.
1606
1607- [Daniel Hwang brought this change]
1608
1609 tool: Generate easysrc with last cache linked-list
1610
1611 Using a last cache linked-list improves the performance of easysrc
1612 generation.
1613
1614 Bug: https://github.com/bagder/curl/issues/444
1615 Ref: https://github.com/bagder/curl/issues/429
1616
1617 Closes #452
1618
1619- [Tim Rühsen brought this change]
1620
1621 cookies: Add support for Mozilla's Publix Suffix List
1622
1623 Use libpsl to check the domain value of Set-Cookie headers (and cookie
1624 jar entries) for not being a Publix Suffix.
1625
1626 The configure script checks for "libpsl" by default. Disable the check
1627 with --without-libpsl.
1628
1629 Ref: https://publicsuffix.org/
1630 Ref: https://github.com/publicsuffix/list
1631 Ref: https://github.com/rockdaboot/libpsl
1632
1633- [Richard Hosking brought this change]
1634
1635 curlbuild.h: Fix non-configure compiling to mips and sh4 targets
1636
1637- [Anders Bakken brought this change]
1638
1639 http2: Don't pass unitialized name+len pairs to nghttp2_submit_request
1640
1641 bug introduced by 18691642931e5c7ac8af83ac3a84fbcb36000f96.
1642
1643 Closes #493
1644
1645Dan Fandrich (16 Oct 2015)
1646- test1601: fix compilation with --enable-debug and --disable-crypto-auth
1647
1648Daniel Stenberg (16 Oct 2015)
1649- multi: fix off-by-one finit[] array size
1650
1651 introduced in c6aedf680f6. It needs to be CURLM_STATE_LAST big since it
1652 must hande the range 0 .. CURLM_STATE_MSGSENT (18) and CURLM_STATE_LAST
1653 is 19 right now.
1654
1655 Reported-by: Dan Fandrich
1656 Bug: http://curl.haxx.se/mail/lib-2015-10/0069.html
1657
1658- fread_func: move callback pointer from set to state struct
1659
1660 ... and assign it from the set.fread_func_set pointer in the
1661 Curl_init_CONNECT function. This A) avoids that we have code that
1662 assigns fields in the 'set' struct (which we always knew was bad) and
1663 more importantly B) it makes it impossibly to accidentally leave the
1664 wrong value for when the handle is re-used etc.
1665
1666 Introducing a state-init functionality in multi.c, so that we can set a
1667 specific function to get called when we enter a state. The
1668 Curl_init_CONNECT is thus called when switching to the CONNECT state.
1669
1670 Bug: https://github.com/bagder/curl/issues/346
1671
1672 Closes #346
1673
1674Dan Fandrich (14 Oct 2015)
1675- test1531: case the size to fix the test on non-largefile builds
1676
1677Daniel Stenberg (13 Oct 2015)
1678- acinclude: remove PKGCONFIG override
1679
1680 ... and allow it to get set by a caller easier.
1681
1682 Reported-by: Rainer Jung
1683 Bug: http://curl.haxx.se/mail/lib-2015-10/0035.html
1684
1685Dan Fandrich (12 Oct 2015)
1686- docs/INSTALL: Updated example minimal binary sizes
1687
1688Daniel Stenberg (11 Oct 2015)
1689- [Erik Johansson brought this change]
1690
1691 openssl: Fix set up of pkcs12 certificate verification chain
1692
1693 sk_X509_pop will decrease the size of the stack which means that the loop would
1694 end after having added only half of the certificates.
1695
1696 Also make sure that the X509 certificate is freed in case
1697 SSL_CTX_add_extra_chain_cert fails.
1698
1699- ntlm: error out without 64bit support as the code needs it
1700
1701 It makes it a clearer message for developers reaching that point without
1702 the necessary support.
1703
1704 Thanks-by: Jay Satiro
1705
1706 Closes #78
1707
1708- curl_global_init: set the memory function pointers correct
1709
1710 follow-up from 6f8ecea0
1711
1712- curl_global_init_mem: set function pointers before doing init
1713
1714 ... as in the polarssl TLS backend for example it uses memory functions.
1715
1716Jay Satiro (9 Oct 2015)
1717- http2: Fix http2_recv to return -1 if recv returned -1
1718
1719 If the underlying recv called by http2_recv returns -1 then that is the
1720 value http2_recv returns to the caller.
1721
1722Daniel Stenberg (8 Oct 2015)
1723- [Svyatoslav Mishyn brought this change]
1724
1725 curl_easy_recv.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
1726
1727 Closes #479
1728
1729- [Svyatoslav Mishyn brought this change]
1730
1731 curl_easy_send.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
1732
1733- [Svyatoslav Mishyn brought this change]
1734
1735 CURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
1736
1737- CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO
1738
1739- ntlm: get rid of unconditional use of long long
1740
1741 ... since some compilers don't have it and instead use other types, such
1742 as __int64.
1743
1744 Reported by: gkinseyhpw
1745 Closes #478
1746
1747Jay Satiro (8 Oct 2015)
1748- [Anders Bakken brought this change]
1749
1750 des: Fix header conditional for Curl_des_set_odd_parity
1751
1752 Follow up to 613e502.
1753
1754Daniel Stenberg (7 Oct 2015)
1755- configure: build silently by default
1756
1757 'make V=1' will make the build verbose like before
1758
1759- bump: start climbing toward 7.46.0
1760
1761- RELEASE-PROCEDURE: add the github HTTPS download step
1762
1763Version 7.45.0 (7 Oct 2015)
1764
1765Daniel Stenberg (7 Oct 2015)
1766- THANKS: 19 new contributors from the 7.45.0 announcement
1767
1768- RELEASE-NOTES: synced with 69ea57970080
1769
1770Jay Satiro (4 Oct 2015)
1771- getinfo: Fix return code for unknown CURLINFO options
1772
1773 - If a CURLINFO option is unknown return CURLE_UNKNOWN_OPTION.
1774
1775 Prior to this change CURLE_BAD_FUNCTION_ARGUMENT was returned on
1776 unknown. That return value is contradicted by the CURLINFO option
1777 documentation which specifies a return of CURLE_UNKNOWN_OPTION on
1778 unknown.
1779
1780- [rouzier brought this change]
1781
1782 hiperfifo: fix the pointer passed to WRITEDATA
1783
1784 Closes https://github.com/bagder/curl/pull/471
1785
1786- [Maksim Stsepanenka brought this change]
1787
1788 tool_setopt: fix c_escape truncated octal
1789
1790 Closes https://github.com/bagder/curl/pull/469
1791
1792Daniel Stenberg (1 Oct 2015)
1793- [Orange Tsai brought this change]
1794
1795 gopher: don't send NUL byte
1796
1797 Closes #466
1798
1799Jay Satiro (29 Sep 2015)
1800- runtests: Fix pid check in checkdied
1801
1802 Because the 'not' operator has a very low precedence and as a result the
1803 entire statement was erroneously negated and could never be true.
1804
1805Daniel Stenberg (30 Sep 2015)
1806- [Thorsten Schöning brought this change]
1807
1808 win32: make recent Borland compilers use long long
1809
1810- RELEASE-NOTES: synced with 69b89050d4
1811
1812Jay Satiro (28 Sep 2015)
1813- [Michael Kalinin brought this change]
1814
1815 openssl: Fix algorithm init
1816
1817 - Change algorithm init to happen after OpenSSL config load.
1818
1819 Additional algorithms may be available due to the user's config so we
1820 initialize the algorithms after the user's config is loaded.
1821
1822 Bug: https://github.com/bagder/curl/issues/447
1823 Reported-by: Denis Feklushkin
1824
1825- [Svyatoslav Mishyn brought this change]
1826
1827 docs: fix unescaped '\n' in man pages
1828
1829 Closes https://github.com/bagder/curl/pull/459
1830
1831Daniel Stenberg (27 Sep 2015)
1832- http2: set TCP_NODELAY unconditionally
1833
1834 For a single-stream download from localhost, we managed to increase
1835 transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of
1836 this single fix.
1837
1838- http2: avoid superfluous Curl_expire() calls
1839
1840 ... only call it when there is data arriving for another handle than the
1841 one that is currently driving it.
1842
1843 Improves single-stream download performance quite a lot.
1844
1845 Thanks-to: Tatsuhiro Tsujikawa
1846 Bug: http://curl.haxx.se/mail/lib-2015-09/0097.html
1847
1848- readwrite_data: set a max number of loops
1849
1850 ... as otherwise a really fast pipe can "lock" one transfer for some
1851 protocols, like with HTTP/2.
1852
1853- [Sergei Nikulov brought this change]
1854
1855 CI: Added AppVeyor-CI for curl
1856
1857 Closes #439
1858
1859- FTP: fix uploading ASCII with unknown size
1860
1861 ... don't try to increase the supposed file size on newlines if we don't
1862 know what file size it is!
1863
1864 Patch-by: lzsiga
1865
1866- [Tatsuhiro Tsujikawa brought this change]
1867
1868 build: fix failures with -Wcast-align and -Werror
1869
1870 Closes #457
1871
1872- [Tatsuhiro Tsujikawa brought this change]
1873
1874 curl-confopts.m4: Add missing ')'
1875
1876 ... for CURL_CHECK_OPTION_RT
1877
1878 Closes #456
1879
1880Jay Satiro (25 Sep 2015)
1881- curl_easy_getinfo.3: Add brief description for each CURLINFO
1882
1883Daniel Stenberg (23 Sep 2015)
1884- [Jakub Zakrzewski brought this change]
1885
1886 CMake: Ensure discovered include dirs are considered
1887
1888 ...during header checks. Otherwise some following header tests
1889 (incorrectly) fail.
1890
1891 Closes #436
1892
1893- [Jakub Zakrzewski brought this change]
1894
1895 CMake: Put "winsock2.h" before "windows.h" during configure checks
1896
1897 "windows.h" includes "winsock.h" what causes many redefinition errors
1898 if "winsock2.h" is included afterwards and can cause build to fail.
1899
1900- tests: disable 1510 due to CI-problems on github
1901
1902- [Mike Crowe brought this change]
1903
1904 gnutls: Report actual GnuTLS error message for certificate errors
1905
1906 If GnuTLS fails to read the certificate then include whatever reason it
1907 provides in the failure message reported to the client.
1908
1909 Signed-off-by: Mike Crowe <mac@mcrowe.com>
1910
1911- RELEASE-NOTES: synced with 6b56901b56e
1912
1913- [Mike Crowe brought this change]
1914
1915 gnutls: Support CURLOPT_KEYPASSWD
1916
1917 The gnutls vtls back-end was previously ignoring any password set via
1918 CURLOPT_KEYPASSWD. Presumably this was because
1919 gnutls_certificate_set_x509_key_file did not support encrypted keys.
1920
1921 gnutls now has a gnutls_certificate_set_x509_key_file2 function that
1922 does support encrypted keys. Let's determine at compile time whether the
1923 available gnutls supports this new function. If it does then use it to
1924 pass the password. If it does not then emit a helpful diagnostic if a
1925 password is set. This is preferable to the previous behaviour of just
1926 failing to read the certificate without giving a reason in that case.
1927
1928 Signed-off-by: Mike Crowe <mac@mcrowe.com>
1929
1930- CURLINFO_TLS_SESSION: always return backend info
1931
1932 ... even for those that don't support providing anything in the
1933 'internals' struct member since it offers a convenient way for
1934 applications to figure this out.
1935
1936- [Daniel Hwang brought this change]
1937
1938 tool: remove redundant libcurl check
1939
1940 The easysrc generation is run only when --libcurl is initialized.
1941
1942 Ref: https://github.com/bagder/curl/issues/429
1943
1944 Closes #448
1945
1946- [Richard van den Berg brought this change]
1947
1948 CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
1949
1950 Closes #449
1951
1952- TODO: 5.7 More compressions
1953
1954 Like for example brotli, as being implemented in Firefox now.
1955
1956Jay Satiro (21 Sep 2015)
1957- tool_operate: Don't call easysrc cleanup unless --libcurl
1958
1959 - Review of 4d95491.
1960
1961 The author changed it so easysrc only initializes when --libcurl but did
1962 not do the same for the call to easysrc cleanup.
1963
1964 Ref: https://github.com/bagder/curl/issues/429
1965
1966Daniel Stenberg (20 Sep 2015)
1967- [Viktor Szakats brought this change]
1968
1969 CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
1970
1971 closes #443
1972
1973- KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL"
1974
1975 Closes #334
1976
1977- KNOWN_BUGS: add link to #85
1978
1979- tests: disable 1801 until fixed
1980
1981 It is unreliable and causes CI problems on github
1982
1983 Closes #380
1984
1985- RELEASE-NOTES: synced with 4d95491636ee
1986
1987- [Daniel Lee Hwang brought this change]
1988
1989 tool: generate easysrc only on --libcurl
1990
1991 Code should only be generated when --libcurl is used.
1992
1993 Bug: https://github.com/bagder/curl/issues/429
1994 Reported-by: @greafhe, Jay Satiro
1995
1996 Closes #429
1997 Closes #442
1998
1999Jay Satiro (19 Sep 2015)
2000- vtls: Change designator name for server's pubkey hash
2001
2002 - Change the designator name we use to show the base64 encoded sha256
2003 hash of the server's public key from 'pinnedpubkey' to
2004 'public key hash'.
2005
2006 Though the server's public key hash is only shown when comparing pinned
2007 public key hashes, the server's hash may not match one of the pinned.
2008
2009Daniel Stenberg (19 Sep 2015)
2010- [Isaac Boukris brought this change]
2011
2012 NTLM: Reset auth-done when using a fresh connection
2013
2014 With NTLM a new connection will always require authentication.
2015 Fixes #435
2016
2017- [Daniel Hwang brought this change]
2018
2019 ssl: add server cert's "sha256//" hash to verbose
2020
2021 Add a "pinnedpubkey" section to the "Server Certificate" verbose
2022
2023 Bug: https://github.com/bagder/curl/issues/410
2024 Reported-by: W. Mark Kubacki
2025
2026 Closes #430
2027 Closes #410
2028
2029- [Jakub Zakrzewski brought this change]
2030
2031 openldap: only part of LDAP query results received
2032
2033 Introduced with commit 65d141e6da5c6003a1592bbc87ee550b0ad75c2f
2034
2035 Closes #440
2036
2037- [Alessandro Ghedini brought this change]
2038
2039 openssl: don't output certinfo data
2040
2041- [Alessandro Ghedini brought this change]
2042
2043 openssl: refactor certificate parsing to use OpenSSL memory BIO
2044
2045 Fixes #427
2046
2047Kamil Dudka (18 Sep 2015)
2048- nss: prevent NSS from incorrectly re-using a session
2049
2050 Without this workaround, NSS re-uses a session cache entry despite the
2051 server name does not match. This causes SNI host name to differ from
2052 the actual host name. Consequently, certain servers (e.g. github.com)
2053 respond by 400 to such requests.
2054
2055 Bug: https://bugzilla.mozilla.org/1202264
2056
2057- nss: check return values of NSS functions
2058
2059Daniel Stenberg (17 Sep 2015)
2060- CURLOPT_PINNEDPUBLICKEY.3: mention error code
2061
2062- openssl: build with < 0.9.8
2063
2064 ... without sha256 support and no define saying so.
2065
2066 Reported-by: Rajkumar Mandal
2067
2068- libcurl-errors.3: add two missing error codes
2069
2070 CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS
2071
2072Jay Satiro (14 Sep 2015)
2073- CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
2074
2075 - Show how a certificate can be obtained using OpenSSL.
2076
2077 Bug: https://github.com/bagder/curl/pull/430
2078 Reported-by: Daniel Hwang
2079
2080Daniel Stenberg (13 Sep 2015)
2081- http2: removed unused function
2082
2083- CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET
2084
2085- opts: add CURLINFO_* man pages to dist
2086
2087- opts: 19 more CURLINFO_* options made into stand-alone man pages
2088
2089- RELEASE-NOTES: synced with fad9604613
2090
2091- curl: customrequest_helper: deal with NULL custom method
2092
2093- [Svyatoslav Mishyn brought this change]
2094
2095 CURLOPT_FNMATCH_FUNCTION.3: fix typo
2096
2097 s => is
2098
2099 Closes #428
2100
2101- curl: point out unnecessary uses of -X in verbose mode
2102
2103 It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take
2104 down the tone a bit.
2105
2106 It adds a warning for using -XHEAD on other methods becasue that may
2107 lead to a hanging connection.
2108
2109Jay Satiro (10 Sep 2015)
2110- curl_sspi: fix possibly undefined CRYPT_E_REVOKED
2111
2112 Bug: https://github.com/bagder/curl/pull/411
2113 Reported-by: Viktor Szakats
2114
2115- buildconf.bat: fix syntax error
2116
2117- [Benjamin Kircher brought this change]
2118
2119 winbuild: run buildconf.bat if necessary
2120
2121- [Svyatoslav Mishyn brought this change]
2122
2123 docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
2124
2125 long => double
2126
2127Daniel Stenberg (8 Sep 2015)
2128- [Sergei Nikulov brought this change]
2129
2130 cmake: IPv6 : disable Unix header check on Windows platform
2131
2132 Closes #409
2133
2134- parse_proxy: reject illegal port numbers
2135
2136 If the port number in the proxy string ended weirdly or the number is
2137 too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
2138 numerical address is used without enclosing brackets.
2139
2140 Also mention the bracket requirement for IPv6 numerical addresses to the
2141 man page for CURLOPT_PROXY.
2142
2143 Closes #415
2144
2145 Reported-by: Marcel Raad
2146
2147- FTP: do_more: add check for wait_data_conn in upload case
2148
2149 In some timing-dependnt cases when a 4xx response immediately followed
2150 after a 150 when a STOR was issued, this function would wrongly return
2151 'complete == true' while 'wait_data_conn' was still set.
2152
2153 Closes #405
2154
2155 Reported-by: Patricia Muscalu
2156
2157- [Svyatoslav Mishyn brought this change]
2158
2159 CURLOPT_TLSAUTH_TYPE.3: update description
2160
2161 Closes #414
2162 Closes #413
2163
2164- [Svyatoslav Mishyn brought this change]
2165
2166 CURLOPT_PATH_AS_IS.3: fix typo
2167
2168 leavit => leaveit
2169
2170 closes #412
2171
2172- [Svyatoslav Mishyn brought this change]
2173
2174 CURLINFO_SSL_VERIFYRESULT.3: add short description
2175
2176- [Svyatoslav Mishyn brought this change]
2177
2178 CURLINFO_SSL_ENGINES.3: add short description
2179
2180- [Svyatoslav Mishyn brought this change]
2181
2182 CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency
2183
2184- [Svyatoslav Mishyn brought this change]
2185
2186 CURLINFO_REDIRECT_TIME.3: remove redundant '!'
2187
2188Kamil Dudka (4 Sep 2015)
2189- Revert "has: generate the curl/has.h header"
2190
2191 This reverts commit a60bde79f9adeb135d5c642a07f0d783fbfbbc25 I have
2192 pushed by mistake. Apologies for my incompetent use of the git repo!
2193
2194- nss: do not directly access SSL_ImplementedCiphers[]
2195
2196 It causes dynamic linking issues at run-time after an update of NSS.
2197
2198 Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html
2199
2200- [Daniel Stenberg brought this change]
2201
2202 has: generate the curl/has.h header
2203
2204 changed macro name, moved and renamed script to become docs/libcurl/has.pl,
2205 generate code that is checksrc compliant
2206
2207Daniel Stenberg (3 Sep 2015)
2208- gitignore: ignore more generated VC Makefiles
2209
2210- projects/Windows/.gitignore: ignore generated files for release
2211
2212- http2: don't pass on Connection: headers
2213
2214 RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
2215 HTTP/2 message containing connection-specific header fields; any message
2216 containing connection-specific header fields MUST be treated as
2217 malformed"
2218
2219 Closes #401
2220
2221- curl.1: update RFC references
2222
2223- CURLOPT_POSTREDIR.3: update RFC number and section
2224
2225- CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
2226
2227 and some general cleaning up
2228
2229- [Marcel Raad brought this change]
2230
2231 inet_pton.c: Fix MSVC run-time check failure (2)
2232
2233 This fixes another run-time check failure because of a narrowing cast on
2234 Visual C++.
2235
2236 Closes #408
2237
2238Jay Satiro (3 Sep 2015)
2239- docs: Warn about any-domain cookies and multiple transfers
2240
2241 - Warn that cookies without a domain are sent to any domain:
2242 CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie
2243
2244 - Note that imported Set-Cookie cookies without a domain are no longer
2245 exported:
2246 CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
2247
2248Steve Holme (2 Sep 2015)
2249- tool_sdecls.h: Fixed compilation warning from commit 4a889441d3
2250
2251 tool_sdecls.h:139 warning: comma at end of enumerator list
2252
2253Daniel Stenberg (2 Sep 2015)
2254- opts: 8 more CURLINFO* options as stand-alone man pages
2255
2256- RELEASE-NOTES: synced with c764cb4add1a8
2257
2258- man-pages: more SEE ALSO links
2259
2260- opts: more CURLINFO_* options as stand-alone man pages
2261
2262Steve Holme (31 Aug 2015)
2263- sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled
2264
2265 Introduced in commit 59f3f92ba6 this function is only implemented when
2266 CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define
2267 the function in the header file either.
2268
2269- sasl: Updated SPN variables and comments for consistency
2270
2271 In places the "host name" and "realm" variable was referred to as
2272 "instance" whilst in others it was referred to as "host".
2273
2274Daniel Stenberg (30 Aug 2015)
2275- configure: check for HMAC_Update in openssl
2276
2277 Turns out HMAC_Init is now deprecated in openssl master (and I spelled
2278 HMAC_Init_ex wrong in previous commit)
2279
2280Steve Holme (30 Aug 2015)
2281- win32: Use DES_set_odd_parity() from OpenSSL/BoringSSL by default
2282
2283 Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native
2284 Windows builds don't use the autoconf tools.
2285
2286- des: Fixed compilation warning from commit 613e5022fe
2287
2288 curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined;
2289 assuming extern returning int
2290
2291- buildconf.bat: Fixed double blank line in 'curl manual' warning output
2292
2293- makefiles: Added our standard copyright header
2294
2295 But kept the original author, when they were specified in a comment, as
2296 the initial copyright holder.
2297
2298Jay Satiro (29 Aug 2015)
2299- CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now
2300
2301Daniel Stenberg (29 Aug 2015)
2302- CURLINFO_RESPONSE_CODE.3: added short description
2303
2304- opts: 7 initial CURLINFO_* options as stand-alone man pages
2305
2306- [Nikolai Kondrashov brought this change]
2307
2308 libcurl.m4: Put braces around empty if body
2309
2310 Put braces around empty "if" body in libcurl.m4 check to avoid warning:
2311
2312 suggest braces around empty body in an 'if' statement
2313
2314 and make it work with -Werror builds.
2315
2316 Closes #402
2317
2318- [Svyatoslav Mishyn brought this change]
2319
2320 curl_easy_escape.3: escape '\n'
2321
2322 Closes #398
2323
2324- [Svyatoslav Mishyn brought this change]
2325
2326 curl_easy_{escape,setopt}.3: fix example
2327
2328 remove redundant '}'
2329
2330- [Sergei Nikulov brought this change]
2331
2332 cmake: added Windows SSL support
2333
2334 Closes #399
2335
2336- curl: point out the conflicting HTTP methods if used
2337
2338 It isn't always clear to the user which options that cause the HTTP
2339 methods to conflict so by spelling them out it should hopefully be
2340 easier to understand why curl complains.
2341
2342- curl: clarify that users can only specify one _METHOD_
2343
2344- [Svyatoslav Mishyn brought this change]
2345
2346 curl_easy_{escape,unescape}.3: "char *" vs. "const char *"
2347
2348 Closes #395
2349
2350Patrick Monnerat (24 Aug 2015)
2351- os400: include new options in wrappers and update ILE/RPG binding.
2352
2353Daniel Stenberg (24 Aug 2015)
2354- KNOWN_BUGS: #2, not reading a HEAD response-body is not a bug
2355
2356 ... since HTTP is forbidden to return any such.
2357
2358- KNOWN_BUGS: #78 zero-length files is already fixed!
2359
2360- [Razvan Cojocaru brought this change]
2361
2362 getinfo: added CURLINFO_ACTIVESOCKET
2363
2364 This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
2365 bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.
2366
2367 Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
2368
2369- http2: remove dead code
2370
2371 Leftovers from when we removed the private socket hash.
2372
2373 Coverity CID 1317365, "Logically dead code"
2374
2375- ntlm: mark deliberate switch case fall-through
2376
2377 Coverity CID 1317367, "Missing break in switch"
2378
2379- http2: on_frame_recv: get a proper 'conn' for the debug logging
2380
2381 "Explicit null dereferenced (FORWARD_NULL)"
2382
2383 Coverity CID 1317366
2384
2385- RELEASE-NOTES: synced with 2acaf3c804
2386
2387Dan Fandrich (23 Aug 2015)
2388- tool: fix memory leak with --proto-default option
2389
2390Jay Satiro (22 Aug 2015)
2391- [Nathaniel Waisbrot brought this change]
2392
2393 CURLOPT_DEFAULT_PROTOCOL: added
2394
2395 - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
2396 protocol for schemeless URLs.
2397
2398 - Add new tool option --proto-default to expose
2399 CURLOPT_DEFAULT_PROTOCOL.
2400
2401 In the case of schemeless URLs libcurl will behave in this way:
2402
2403 When the option is used libcurl will use the supplied default.
2404
2405 When the option is not used, libcurl will follow its usual plan of
2406 guessing from the hostname and falling back to 'http'.
2407
2408- runtests: Allow for spaces in server-verify curl custom path
2409
2410Daniel Stenberg (22 Aug 2015)
2411- NTLM: recent boringssl brought DES_set_odd_parity back
2412
2413 ... so improve the #ifdefs for using our local implementation.
2414
2415- configure: detect latest boringssl
2416
2417 Since boringssl brought back DES_set_odd_parity again, it cannot be used
2418 to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
2419 seems better anyway.
2420
2421 URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
2422 Original-patch-by: Bertrand Simonnet
2423
2424 Closes #393
2425
2426- configure: change functions to detect openssl (clones)
2427
2428 ... since boringssl moved the former ones and the check started to fail.
2429
2430 URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
2431 Original-patch-by: Bertrand Simonnet
2432
2433- [Alessandro Ghedini brought this change]
2434
2435 openssl: handle lack of server cert when strict checking disabled
2436
2437 If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
2438 and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
2439 doesn't present a certificate at all.
2440
2441 Closes #392
2442
2443- ftp: clear the do_more bit when the server has connected
2444
2445 The multi state machine would otherwise go into the DO_MORE state after
2446 DO, even for the case when the FTP state machine had already performed
2447 those duties, which caused libcurl to get stuck in that state and fail
2448 miserably. This occured for for active ftp uploads.
2449
2450 Reported-by: Patricia Muscalu
2451
2452- [Jactry Zeng brought this change]
2453
2454 travis.yml: Add OS X testbot.
2455
2456- [Rémy Léone brought this change]
2457
2458 travis: Upgrading to container based build
2459
2460 http://docs.travis-ci.com/user/migrating-from-legacy
2461
2462 Closes #388
2463
2464- RELEASE-NOTES: synced with 14ff86256b13e
2465
2466- [Erik Janssen brought this change]
2467
2468 rtsp: stop reading empty DESCRIBE responses
2469
2470 Based-on-patch-by: Jim Hollinger
2471
2472- [Erik Janssen brought this change]
2473
2474 rtsp: support basic/digest authentication
2475
2476- [Sam Roth brought this change]
2477
2478 CURLMOPT_PUSHFUNCTION.3: fix argument types
2479
2480 Closes #389
2481 Closes #386
2482
2483- [Marcel Raad brought this change]
2484
2485 inet_pton.c: Fix MSVC run-time check failure
2486
2487 Visual Studio complains with a message box:
2488
2489 "Run-Time Check Failure #1 - A cast to a smaller data type has caused a
2490 loss of data. If this was intentional, you should mask the source of
2491 the cast with the appropriate bitmask.
2492
2493 For example:
2494 char c = (i & 0xFF);
2495
2496 Changing the code in this way will not affect the quality of the
2497 resulting optimized code."
2498
2499 This is because only 'val' is cast to unsigned char, so the "& 0xff" has
2500 no effect.
2501
2502 Closes #387
2503
2504Jay Satiro (18 Aug 2015)
2505- docs: Update the redirect protocols disabled by default
2506
2507 - Clarify that FILE and SCP are disabled by default since 7.19.4
2508 - Add that SMB and SMBS are disabled by default since 7.40.0
2509 - Add CURLPROTO_SMBS to the list of protocols
2510
2511- gitignore: Sort for readability
2512
2513 find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}'
2514
2515Daniel Stenberg (15 Aug 2015)
2516- curl_easy_getinfo.3: fix superfluous space
2517
2518 ... and changed "oriented" to "related"
2519
2520 Closes #378
2521
2522- CURLOPT_HTTP_VERSION.3: connection re-use goes before version
2523
2524- [Daniel Kahn Gillmor brought this change]
2525
2526 curl.1: Document weaknesses in SSLv2 and SSLv3
2527
2528 Acknowledge that SSLv3 is also widely considered to be insecure.
2529
2530 Also, provide references for people who want to know more about why it's
2531 insecure.
2532
2533Steve Holme (14 Aug 2015)
2534- generate.bat: Added support for generating only the prerequisite files
2535
2536- generate.bat: Only call buildconf.bat if it exists
2537
2538- generate.bat: Fixed issues when ran in directories with special chars
2539
2540Daniel Stenberg (14 Aug 2015)
2541- [Brad King brought this change]
2542
2543 cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
2544
2545 Fix the check code to pass 5 arguments instead of 6. This typo was
2546 introduced by commit aebfd4cfbf (cmake: fix gethostby{addr,name}_r in
2547 CurlTests, 2014-10-31).
2548
2549Steve Holme (14 Aug 2015)
2550- * buildconf.bat: Fixed issues when ran in directories with special chars
2551
2552 Bug: https://github.com/bagder/curl/pull/379
2553 Reported-by: Daniel Seither
2554
2555Jay Satiro (13 Aug 2015)
2556- curl_global_init_mem.3: Stronger thread safety warning
2557
2558 Bug: http://curl.haxx.se/mail/lib-2015-08/0016.html
2559 Reported-by: Eric Ridge
2560
2561Daniel Stenberg (12 Aug 2015)
2562- [Svyatoslav Mishyn brought this change]
2563
2564 curl_multi_add_handle.3: fix a typo
2565
2566 "can not" => "cannot"
2567
2568 closes #377
2569
2570- [Alessandro Ghedini brought this change]
2571
2572 docs: fix typos
2573
2574 closes #376
2575
2576- bump: start working toward 7.45.0
2577
2578- THANKS: remove duplicate name
2579
2580- THANKS-filter: merge Todd's names
2581
2582- THANKS: 13 new contributors from the 7.44.0 RELEASE-NOTES
2583
2584Version 7.44.0 (11 Aug 2015)
2585
2586Daniel Stenberg (11 Aug 2015)
2587- RELEASE-NOTES: synced with c75a1e775061
2588
2589- [Svyatoslav Mishyn brought this change]
2590
2591 curl_formget.3: correct return code
2592
2593 Closes #375
2594
2595- [Svyatoslav Mishyn brought this change]
2596
2597 libcurl-tutorial.3: fix formatting
2598
2599 Closes #374
2600
2601- [Svyatoslav Mishyn brought this change]
2602
2603 curl_easy_recv.3: fix formatting
2604
2605- [Anders Bakken brought this change]
2606
2607 http2: discard frames with no SessionHandle
2608
2609 Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the
2610 SessionHandle. Apparently mod_h2 will sometimes send a frame for a
2611 stream_id we're finished with.
2612
2613 Use nghttp2_session_get_stream_user_data and
2614 nghttp2_session_set_stream_user_data to identify SessionHandles instead
2615 of a hash.
2616
2617 Closes #372
2618
2619- RELEASE-NOTES: synced with 9ee40ce2aba
2620
2621- [Viktor Szakats brought this change]
2622
2623 build: refer to fixed libidn versions
2624
2625 closes #371
2626
2627- Revert "configure: disable libidn by default"
2628
2629 This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3.
2630
2631 ... since libidn has since been fixed.
2632
2633- [Jakub Zakrzewski brought this change]
2634
2635 CMake: s/HAVE_GSS_API/HAVE_GSSAPI/ to match header define
2636
2637 Otherwise the build only pretended to use GSS-API
2638
2639 Closes #370
2640
2641- SFTP: fix range request off-by-one in size check
2642
2643 Reported-by: Tim Stack
2644
2645 Closes #359
2646
2647- test46: update cookie expire time
2648
2649 ... since it went old and thus was expired and caused the test to fail!
2650
2651Steve Holme (9 Aug 2015)
2652- generate.bat: Use buildconf.bat for prerequisite file generation
2653
2654- buildconf.bat: Tidy up of comments after recent commits
2655
2656- buildconf.bat: Added full generation of src\tool_hugehelp.c
2657
2658 Added support for generating the full man page based on code from
2659 generate.bat.
2660
2661- buildconf.bat: Added detection of groff, nroff, perl and gzip
2662
2663 To allow for the full generation of tool_hugehelp.c added detection of
2664 the required programs - based on code from generate.bat.
2665
2666- buildconf.bat: Move DOS variable clean-up code to separate function
2667
2668 Rather than duplicate future variables, during clean-up of both success
2669 and error conditions, use a common function that can be called by both.
2670
2671- RELEASE-NOTES: Synced with 39dcf352d2
2672
2673- buildconf.bat: Added error messages on failure
2674
2675- buildconf.bat: Generate and clean files in the same order
2676
2677- buildconf.bat: Maintain compatibility with DOS based systems
2678
2679 Commit f08e30d7bc broke compatibility with DOS and non Windows NT based
2680 versions of Windows due to the use of the setlocal command.
2681
2682Jay Satiro (9 Aug 2015)
2683- CURLOPT_RESOLVE.3: Note removal support was added in 7.42
2684
2685 Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html
2686 Reported-by: Inca R
2687
2688Steve Holme (8 Aug 2015)
2689- checksrc.bat: Fixed error when missing *.c and *.h files
2690
2691 File Not Found
2692
2693- checksrc.bat: Fixed incorrect 'lib\vtls' path check in commit 333c36b276
2694
2695- checksrc.bat: Fixed error when [directory] isn't a curl source directory
2696
2697 The system cannot find the file specified.
2698
2699- checksrc.bat: Added check for unknown arguments
2700
2701- scripts: Added missing comments
2702
2703- scripts: Always perform setlocal and endlocal calls in pairs
2704
2705 Ensure that there isn't a mismatch between setlocal and endlocal calls,
2706 which could have happened due to setlocal being called after certain
2707 error conditions were checked for.
2708
2709- scripts: Allow -help to be specified in any argument
2710
2711 Allow the -help command line argument to be specified in any argument
2712 and not just as the first.
2713
2714Daniel Stenberg (6 Aug 2015)
2715- [juef brought this change]
2716
2717 curl_multi_remove_handle.3: fix formatting
2718
2719 closes #366
2720
2721Steve Holme (6 Aug 2015)
2722- README: Added notes about 'Running DLL based configurations'
2723
2724 ...as well as a TODO for a future enhancement to the project files.
2725
2726 Thanks-to: Jay Satiro
2727
2728- RELEASE-NOTES: Synced with cf8975387f
2729
2730- buildconf.bat: Synchronise no repository error with generate.bat
2731
2732- generate.bat: Added a check for the presence of a git repository
2733
2734- [Jay Satiro brought this change]
2735
2736 build: Added wolfSSL configurations to VC10+ project files
2737
2738 URL: https://github.com/bagder/curl/pull/174
2739
2740- [Jay Satiro brought this change]
2741
2742 build: Added wolfSSL build script for Visual Studio projects
2743
2744 Added the wolfSSL build script, based on build-openssl.bat, as well as
2745 the property sheet and header file required for the upcoming additions
2746 to the Visual Studio project files.
2747
2748Daniel Stenberg (6 Aug 2015)
2749- CHANGES: refer to the online changelog
2750
2751 Suggested-by: mc0e
2752
2753- [Isaac Boukris brought this change]
2754
2755 NTLM: handle auth for only a single request
2756
2757 Currently when the server responds with 401 on NTLM authenticated
2758 connection (re-used) we consider it to have failed. However this is
2759 legitimate and may happen when for example IIS is set configured to
2760 'authPersistSingleRequest' or when the request goes thru a proxy (with
2761 'via' header).
2762
2763 Implemented by imploying an additional state once a connection is
2764 re-used to indicate that if we receive 401 we need to restart
2765 authentication.
2766
2767 Closes #363
2768
2769Steve Holme (5 Aug 2015)
2770- RELEASE-NOTES: Synced with 473807b95f
2771
2772- generate.bat: Use buildconf.bat for prerequisite file clean-up
2773
2774- buildconf.bat: Added support for file clean-up via -clean
2775
2776- buildconf.bat: Added progress output
2777
2778- buildconf.bat: Avoid using goto for file not in repository
2779
2780Daniel Stenberg (5 Aug 2015)
2781- curl_slist_append.3: add error checking to the example
2782
2783Steve Holme (5 Aug 2015)
2784- buildconf.bat: Added display of usage text with -help
2785
2786- buildconf.bat: Added exit codes for error handling
2787
2788- buildconf.bat: Added our standard copyright header
2789
2790- buildconf.bat: Use lower-case for commands and reserved keywords
2791
2792- generate.bat: Only clean prerequisite files when in ALL mode
2793
2794- generate.bat: Moved error messages out of sub-routines
2795
2796- generate.bat: More use of lower-case for commands and reserved keywords
2797
2798Daniel Stenberg (3 Aug 2015)
2799- libcurl.3: fix a single typo
2800
2801 Closes #361
2802
2803- RELEASE-NOTES: synced with c4eb10e2f06f
2804
2805- SSH: three state machine fixups
2806
2807 The SSH state machine didn't clear the 'rc' variable appropriately in a
2808 two places which prevented it from looping the way it should. And it
2809 lacked an 'else' statement that made it possible to erroneously get
2810 stuck in the SSH_AUTH_AGENT state.
2811
2812 Reported-by: Tim Stack
2813
2814 Closes #357
2815
2816- curl_gssapi: remove 'const' to fix compiler warnings
2817
2818 initialization discards 'const' qualifier from pointer target type
2819
2820- docs: formpost needs the full size at start of upload
2821
2822 Closes #360
2823
2824Steve Holme (1 Aug 2015)
2825- sspi: Fix typo from left over from old code which referenced NTLM
2826
2827 References to NTLM in the identity generation should have been removed
2828 in commit c469941293 but not all were.
2829
2830- win32: Fix compilation warnings from commit 40c921f8b8
2831
2832 connect.c:953:5: warning: initializer element is not computable at load
2833 time
2834 connect.c:953:5: warning: missing initializer for field 'dwMinorVersion'
2835 of 'OSVERSIONINFOEX'
2836 curl_sspi.c:97:5: warning: initializer element is not computable at load
2837 time
2838 curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion'
2839 of 'OSVERSIONINFOEX'
2840
2841- schannel: Fix compilation warning from commit 7a8e861a56
2842
2843 schannel.c:1125:5: warning: missing initializer for field 'dwMinorVersion'
2844 of 'OSVERSIONINFOEX' [-Wmissing-field-initializers
2845
2846Daniel Stenberg (31 Jul 2015)
2847- libcurl-thread.3: minor reformatting
2848
2849Jay Satiro (31 Jul 2015)
2850- curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs
2851
2852 Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
2853 Reported-by: Eric Ridge
2854
2855- libcurl-thread.3: Warn memory functions must be thread safe
2856
2857 Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
2858 Reported-by: Eric Ridge
2859
2860Steve Holme (31 Jul 2015)
2861- RELEASE-NOTES: Synced with 8b1d00ac1a
2862
2863- INSTALL: Minor formatting correction in 'Legacy Windows and SSL' section
2864
2865 ...as well as some rewording.
2866
2867Kamil Dudka (30 Jul 2015)
2868- http: move HTTP/2 cleanup code off http_disconnect()
2869
2870 Otherwise it would never be called for an HTTP/2 connection, which has
2871 its own disconnect handler.
2872
2873 I spotted this while debugging <https://bugzilla.redhat.com/1248389>
2874 where the http_disconnect() handler was called on an FTP session handle
2875 causing 'dnf' to crash. conn->data->req.protop of type (struct FTP *)
2876 was reinterpreted as type (struct HTTP *) which resulted in SIGSEGV in
2877 Curl_add_buffer_free() after printing the "Connection cache is full,
2878 closing the oldest one." message.
2879
2880 A previously working version of libcurl started to crash after it was
2881 recompiled with the HTTP/2 support despite the HTTP/2 protocol was not
2882 actually used. This commit makes it work again although I suspect the
2883 root cause (reinterpreting session handle data of incompatible protocol)
2884 still has to be fixed. Otherwise the same will happen when mixing FTP
2885 and HTTP/2 connections and exceeding the connection cache limit.
2886
2887 Reported-by: Tomas Tomecek
2888 Bug: https://bugzilla.redhat.com/1248389
2889
2890Daniel Stenberg (30 Jul 2015)
2891- [Viktor Szakats brought this change]
2892
2893 ABI doc: use secure URL
2894
2895- ABI: remove the ascii logo
2896
2897 and made the indent level to 1
2898
2899- libcurl-multi.3: mention curl_multi_wait
2900
2901 ... and some general rewordings to improve this docs.
2902
2903 Reported-by: Tim Stack
2904
2905 Closes #356
2906
2907Steve Holme (30 Jul 2015)
2908- maketgz: Fixed some VC makefiles missing from the release tarball
2909
2910 VC7, VC11, VC12 and VC14 makefiles were missing from the release
2911 tarball.
2912
2913- RELEASE-NOTES: Synced with 2d7e165761
2914
2915- build: Added VC14 project files to Makefile.am
2916
2917- build: Added VC14 project files
2918
2919 Updates to Makefile.am for the generation of the project files in
2920 the tarball to follow.
2921
2922Jay Satiro (29 Jul 2015)
2923- libcurl-thread.3: Clarify CURLOPT_NOSIGNAL takes long value 1L
2924
2925Steve Holme (28 Jul 2015)
2926- generate.bat: Use lower-case for commands and reserved keywords
2927
2928 Whilst there are no coding standards for the batch files used in curl,
2929 most tend to use lower-case for keywords and upper-case for variables.
2930
2931- build: Added initial VC14 support to generate.bat
2932
2933 Visual Studio project files and updates to makefile.am to follow.
2934
2935- build: Fixed missing .opensdf files from VC10+ .gitignore files
2936
2937- build: Use $(ProjectName) macro for curl.exe and curld.exe filenames
2938
2939 This wasn't possible with the old curlsrc project filenames, but like
2940 commit 2a615a2b64 and 11397eb6dd for libcurl use the built in Visual
2941 Studio macros for the output filenames.
2942
2943- build: Renamed curl src Visual Studio project files
2944
2945 Following commit 957fcd9049 and in preparation for adding the VC14
2946 project files renamed the curl source project files.
2947
2948Daniel Stenberg (28 Jul 2015)
2949- [Jay Satiro brought this change]
2950
2951 libcurl-thread.3: Revert to stricter handle wording
2952
2953 .. also update formatting and add WinSSL and wolfSSL to the SSL/TLS
2954 handlers list.
2955
2956- [Jay Satiro brought this change]
2957
2958 libcurl-thread.3: Consolidate thread safety info
2959
2960 This is a new document to consolidate our thread safety information from
2961 several documents (curl-www:features, libcurl.3, libcurl-tutorial.3).
2962 Each document's section on multi-threading will now point to this one.
2963
2964Steve Holme (27 Jul 2015)
2965- README: Corrected formatting for 'Legacy Windows and SSL' section
2966
2967 ...as well as some wording.
2968
2969- build-openssl.bat: Added support for VC14
2970
2971Daniel Stenberg (26 Jul 2015)
2972- RELEASE-NOTES: synced with 0f645adc95390e8
2973
2974- test1902: attempt to make the test more reliable
2975
2976 Closes #355
2977
2978- comment: fix comment about adding new option support
2979
2980Jay Satiro (25 Jul 2015)
2981- build-openssl.bat: Show syntax if required args are missing
2982
2983Daniel Stenberg (26 Jul 2015)
2984- TODO: improve how curl works in a windows console window
2985
2986 Closes #322 for now
2987
2988- 1.11 minimize dependencies with dynamicly loaded modules
2989
2990 Closes #349 for now
2991
2992Jay Satiro (25 Jul 2015)
2993- tool_operate: Fix CURLOPT_SSL_OPTIONS for builds without HTTPS
2994
2995 - Set CURLOPT_SSL_OPTIONS only if the tool enabled an SSL option.
2996
2997 Broken by me several days ago in 172b2be.
2998 https://github.com/bagder/curl/commit/172b2be#diff-70b44ee478e58d4e1ddcf9c9a73d257b
2999
3000 Bug: http://curl.haxx.se/mail/lib-2015-07/0119.html
3001 Reported-by: Dan Fandrich
3002
3003Daniel Stenberg (25 Jul 2015)
3004- configure: check if OpenSSL linking wants -ldl
3005
3006 To make it easier to link with static versions of OpenSSL, the configure
3007 script now checks if -ldl is needed for linking.
3008
3009 Help-by: TJ Saunders
3010
3011- [Michael Kaufmann brought this change]
3012
3013 HTTP: ignore "Content-Encoding: compress"
3014
3015 Currently, libcurl rejects responses with "Content-Encoding: compress"
3016 when CURLOPT_ACCEPT_ENCODING is set to "". I think that libcurl should
3017 treat the Content-Encoding "compress" the same as other
3018 Content-Encodings that it does not support, e.g. "bzip2". That means
3019 just ignoring it.
3020
3021- [Marcel Raad brought this change]
3022
3023 openssl: work around MSVC warning
3024
3025 MSVC 12 complains:
3026
3027 lib\vtls\openssl.c(1554): warning C4701: potentially uninitialized local
3028 variable 'verstr' used It's a false positive, but as it's normally not,
3029 I have enabled warning-as-error for that warning.
3030
3031- [Michał Fita brought this change]
3032
3033 configure: add --disable-rt option
3034
3035 This option disables any attempts in configure to create dependency on
3036 stuff requiring linking to librt.so and libpthread.so, in this case this
3037 means clock_gettime(CLOCK_MONOTONIC, &mt).
3038
3039 We were in need to build curl which doesn't link libpthread.so to avoid
3040 the following bug:
3041 https://sourceware.org/bugzilla/show_bug.cgi?id=16628.
3042
3043Kamil Dudka (23 Jul 2015)
3044- http2: verify success of strchr() in http2_send()
3045
3046 Detected by Coverity.
3047
3048 Error: NULL_RETURNS:
3049 lib/http2.c:1301: returned_null: "strchr" returns null (checked 103 out of 109 times).
3050 lib/http2.c:1301: var_assigned: Assigning: "hdbuf" = null return value from "strchr".
3051 lib/http2.c:1302: dereference: Incrementing a pointer which might be null: "hdbuf".
3052 1300|
3053 1301| hdbuf = strchr(hdbuf, 0x0a);
3054 1302|-> ++hdbuf;
3055 1303|
3056 1304| authority_idx = 0;
3057
3058Jay Satiro (22 Jul 2015)
3059- Windows: Fix VerifyVersionInfo calls
3060
3061 - Fix the VerifyVersionInfo calls, which we use to test for the OS major
3062 version, to also test for the minor version as well as the service pack
3063 major and minor versions.
3064
3065 MSDN: "If you are testing the major version, you must also test the
3066 minor version and the service pack major and minor versions."
3067
3068 https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx
3069
3070 Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098
3071 Reported-by: Marcel Raad <MarcelRaad@users.noreply.github.com>
3072
3073- [Marcel Raad brought this change]
3074
3075 schannel: Replace deprecated GetVersion with VerifyVersionInfo
3076
3077Steve Holme (21 Jul 2015)
3078- makefile: Added support for VC14
3079
3080Patrick Monnerat (21 Jul 2015)
3081- os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings.
3082
3083- libcurl: VERSIONINFO update
3084 Addition of new procedures curl_pushheader_bynum and curl_pushheader_byname
3085 requires VERSIONINFO updating.
3086
3087- http2: satisfy external references even if http2 is not compiled in.
3088
3089Daniel Stenberg (20 Jul 2015)
3090- http2: add stream != NULL checks for reliability
3091
3092 They should not trigger, but in case of internal problems we at least
3093 avoid crashes this way.
3094
3095Jay Satiro (18 Jul 2015)
3096- symbols-in-versions: Add new CURLSSLOPT_NO_REVOKE symbol
3097
3098- SSL: Add an option to disable certificate revocation checks
3099
3100 New tool option --ssl-no-revoke.
3101 New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.
3102
3103 Currently this option applies only to WinSSL where we have automatic
3104 certificate revocation checking by default. According to the
3105 ssl-compared chart there are other backends that have automatic checking
3106 (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
3107 some later point.
3108
3109 Bug: https://github.com/bagder/curl/issues/264
3110 Reported-by: zenden2k <zenden2k@gmail.com>
3111
3112- runtests: Allow for spaces in curl custom path
3113
3114 .. also fix some typos in test's FILEFORMAT spec.
3115
3116- [David Woodhouse brought this change]
3117
3118 ntlm_wb: Fix theoretical memory leak
3119
3120 Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix
3121 hard-coded limit on NTLM auth packet size") introduced a potential
3122 memory leak on an error path, because we forget to free the buffer
3123 before returning an error.
3124
3125 Fix this.
3126
3127 Although actually, it never happens in practice because we never *get*
3128 here with state == NTLMSTATE_TYPE1. The state is always zero. That
3129 might want cleaning up in a separate patch.
3130
3131 Reported-by: Terri Oda
3132
3133- strerror: Add CRYPT_E_REVOKED to SSPI error strings
3134
3135Kamil Dudka (14 Jul 2015)
3136- libtest: call PR_Cleanup() on exit if NSPR is used
3137
3138 This prevents valgrind from reporting possibly lost memory that NSPR
3139 uses for file descriptor cache and other globally allocated internal
3140 data structures.
3141
3142 Reported-by: Štefan Kremeň
3143
3144Jay Satiro (14 Jul 2015)
3145- [John Malmberg brought this change]
3146
3147 openssl: VMS support for SHA256
3148
3149 setup-vms.h: More symbols for SHA256, hacks for older VAX
3150
3151 openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.
3152
3153 openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
3154 allow building on VAX and 64 bit VMS.
3155
3156- examples: Fix typo in multi-single.c
3157
3158Daniel Stenberg (7 Jul 2015)
3159- [Tatsuhiro Tsujikawa brought this change]
3160
3161 http2: Fix memory leak in push header array
3162
3163Dan Fandrich (2 Jul 2015)
3164- test2041: fixed line endings in protocol part
3165
3166- cyassl: fixed mismatched sha256sum function prototype
3167
3168Daniel Stenberg (1 Jul 2015)
3169- [moparisthebest brought this change]
3170
3171 SSL: Pinned public key hash support
3172
3173- examples: provide <DESC> sections
3174
3175- [John Malmberg brought this change]
3176
3177 OpenVMS: VMS Software, Inc now the supplier.
3178
3179 setup-vms.h: Symbol case fixups submitted by Michael Steve
3180
3181 build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the
3182 supplier of new versions of VMS. The install kit needs to accept
3183 VSI as a producer.
3184
3185Jay Satiro (30 Jun 2015)
3186- multi: Move http2 push function declarations to header end
3187
3188 This change necessary for binary compatibility.
3189
3190 Prior to this change test 1135 failed due to the order of functions.
3191
3192- symbols-in-versions: Add new http2 push symbols
3193
3194 Prior to this change test 1119 failed due to the missing symbols.
3195
3196Daniel Stenberg (30 Jun 2015)
3197- RELEASE-NOTES: synced with e6749055d653
3198
3199- configure: disable libidn by default
3200
3201 For security reasons, until there is a fix.
3202
3203 Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html
3204 Reported-by: Gustavo Grieco, Feist Josselin
3205
3206- SSL-PROBLEMS: mention WinSSL problems in WinXP
3207
3208- CODE_OF_CONDUCT.md: added
3209
3210 Just to underscore how we treat each other in this project. Nothing new
3211 really, but could be useful for newcomers and outsiders to see our
3212 values.
3213
3214- tool_header_cb: fflush the header stream
3215
3216 Flush the header stream when -D is used so that they are sent off
3217 earlier.
3218
3219 Bug: https://github.com/bagder/curl/issues/324
3220 Reported-by: Cédric Connes
3221
3222- [Roger Leigh brought this change]
3223
3224 tests: Distribute CMakeLists.txt files in subdirectories
3225
3226- CURLOPT_FAILONERROR.3: mention that it closes the connection
3227
3228 Reported-by: bemoody
3229 Bug: https://github.com/bagder/curl/issues/325
3230
3231- curl_multi_setopt.3: alpha sort the options
3232
3233- curl_multi_setopt.3: add the new push options
3234
3235- [Tatsuhiro Tsujikawa brought this change]
3236
3237 http2: Use nghttp2 library error code for error return value
3238
3239- [Tatsuhiro Tsujikawa brought this change]
3240
3241 http2: Harden header validation for curl_pushheader_byname
3242
3243 Since we do prefix match using given header by application code
3244 against header name pair in format "NAME:VALUE", and VALUE part can
3245 contain ":", we have to careful about existence of ":" in header
3246 parameter. ":" should be allowed to match HTTP/2 pseudo-header field,
3247 and other use of ":" in header must be treated as error, and
3248 curl_pushheader_byname should return NULL. This commit implements
3249 this behaviour.
3250
3251- [Tatsuhiro Tsujikawa brought this change]
3252
3253 CURLMOPT_PUSHFUNCTION.3: Remove unused variable
3254
3255- CURLMOPT_PUSHFUNCTION.3: added example
3256
3257- http2: curl_pushheader_byname now takes a const char *
3258
3259- http2-serverpush.c: example code
3260
3261- http2: free all header memory after the push callback
3262
3263- http2: init the pushed transfer properly
3264
3265- http2: fixed the header accessor functions for the push callback
3266
3267- http2: setup the new pushed stream properly
3268
3269- http2: initial implementation of the push callback
3270
3271- http2: initial HTTP/2 server push types/docs
3272
3273- test1531: verify POSTFIELDSIZE set after add_handle
3274
3275 Following the fix made in 903b6e05565bf.
3276
3277- pretransfer: init state.infilesize here, not in add_handle
3278
3279 ... to properly support that options are set to the handle after it is
3280 added to the multi handle.
3281
3282 Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html
3283 Reported-by: Stefan Bühler
3284
3285Jay Satiro (21 Jun 2015)
3286- [Lior Kaplan brought this change]
3287
3288 tool_help: fix --tlsv1 help text to use >= for TLSv1
3289
3290- INSTALL: Advise use of non-native SSL for Windows <= XP
3291
3292 Advise that WinSSL in versions <= XP will not be able to connect to
3293 servers that no longer support the legacy handshakes and algorithms used
3294 by those versions, and to use an alternate backend like OpenSSL instead.
3295
3296 Bug: https://github.com/bagder/curl/issues/253
3297 Reported-by: zenden2k <zenden2k@gmail.com>
3298
3299Kamil Dudka (19 Jun 2015)
3300- curl_easy_setopt.3: restore contents removed by mistake
3301
3302 ... in commit curl-7_43_0-18-g570076e
3303
3304Daniel Stenberg (19 Jun 2015)
3305- curl_easy_setopt.3: mention CURLOPT_PIPEWAIT
3306
3307Jay Satiro (18 Jun 2015)
3308- cookie: Fix bug in export if any-domain cookie is present
3309
3310 In 3013bb6 I had changed cookie export to ignore any-domain cookies,
3311 however the logic I used to do so was incorrect, and would lead to a
3312 busy loop in the case of exporting a cookie list that contained
3313 any-domain cookies. The result of that is worse though, because in that
3314 case the other cookies would not be written resulting in an empty file
3315 once the application is terminated to stop the busy loop.
3316
3317Dan Fandrich (18 Jun 2015)
3318- FTP: fixed compiling with --disable-proxy, broken in b88f980a
3319
3320Daniel Stenberg (18 Jun 2015)
3321- tool: always provide negotiate/kerberos options
3322
3323 libcurl can still be built with it, even if the tool is not. Maintain
3324 independence!
3325
3326- TODO: Support IDNA2008
3327
3328- [Viktor Szakats brought this change]
3329
3330 Makefile.m32: add support for CURL_LDFLAG_EXTRAS
3331
3332 It is similar to existing CURL_CFLAG_EXTRAS, but for
3333 extra linker option.
3334
3335- RTSP: removed another piece of dead code
3336
3337 Coverity CID 1306668
3338
3339- openssl: fix use of uninitialized buffer
3340
3341 Make sure that the error buffer is always initialized and simplify the
3342 use of it to make the logic easier.
3343
3344 Bug: https://github.com/bagder/curl/issues/318
3345 Reported-by: sneis
3346
3347- examples: more descriptions
3348
3349- examples: add descriptions with <DESC>
3350
3351 Using this fixed format for example descriptions, we can generate a
3352 better list on the web site.
3353
3354- libcurl-errors.3: fix typo
3355
3356- curl_easy_setopt.3: option order doesn't matter
3357
3358- openssl: fix build with BoringSSL
3359
3360 OPENSSL_load_builtin_modules does not exist in BoringSSL. Regression
3361 from cae43a1
3362
3363- [Paul Howarth brought this change]
3364
3365 openssl: Fix build with openssl < ~ 0.9.8f
3366
3367 The symbol SSL3_MT_NEWSESSION_TICKET appears to have been introduced at
3368 around openssl 0.9.8f, and the use of it in lib/vtls/openssl.c breaks
3369 builds with older openssls (certainly with 0.9.8b, which is the latest
3370 older version I have to try with).
3371
3372- FTP: do the HTTP CONNECT for data connection blocking
3373
3374 ** WORK-AROUND **
3375
3376 The introduced non-blocking general behaviour for Curl_proxyCONNECT()
3377 didn't work for the data connection establishment unless it was very
3378 fast. The newly introduced function argument makes it operate in a more
3379 blocking manner, more like it used to work in the past. This blocking
3380 approach is only used when the FTP data connecting through HTTP proxy.
3381
3382 Blocking like this is bad. A better fix would make it work more
3383 asynchronously.
3384
3385 Bug: https://github.com/bagder/curl/issues/278
3386
3387- bump: start the journey toward 7.44.0
3388
3389Jay Satiro (17 Jun 2015)
3390- CURLOPT_ERRORBUFFER.3: Fix example, escape backslashes
3391
3392- CURLOPT_ERRORBUFFER.3: Improve example
3393
3394Version 7.43.0 (17 Jun 2015)
3395
3396Daniel Stenberg (17 Jun 2015)
3397- RELEASE-NOTES: 7.43.0 release
3398
3399- THANKS: updated with 7.43.0 names
3400
3401- [Kamil Dudka brought this change]
3402
3403 http: do not leak basic auth credentials on re-used connections
3404
3405 CVE-2015-3236
3406
3407 This partially reverts commit curl-7_39_0-237-g87c4abb
3408
3409 Reported-by: Tomas Tomecek, Kamil Dudka
3410 Bug: http://curl.haxx.se/docs/adv_20150617A.html
3411
3412- [Kamil Dudka brought this change]
3413
3414 test2040: verify basic auth on re-used connections
3415
3416- SMB: rangecheck values read off incoming packet
3417
3418 CVE-2015-3237
3419
3420 Detected by Coverity. CID 1299430.
3421
3422 Bug: http://curl.haxx.se/docs/adv_20150617B.html
3423
3424Jay Satiro (17 Jun 2015)
3425- schannel: schannel_recv overhaul
3426
3427 This commit is several drafts squashed together. The changes from each
3428 draft are noted below. If any changes are similar and possibly
3429 contradictory the change in the latest draft takes precedence.
3430
3431 Bug: https://github.com/bagder/curl/issues/244
3432 Reported-by: Chris Araman
3433
3434 %%
3435 %% Draft 1
3436 %%
3437 - return 0 if len == 0. that will have to be documented.
3438 - continue on and process the caches regardless of raw recv
3439 - if decrypted data will be returned then set the error code to CURLE_OK
3440 and return its count
3441 - if decrypted data will not be returned and the connection has closed
3442 (eg nread == 0) then return 0 and CURLE_OK
3443 - if decrypted data will not be returned and the connection *hasn't*
3444 closed then set the error code to CURLE_AGAIN --only if an error code
3445 isn't already set-- and return -1
3446 - narrow the Win2k workaround to only Win2k
3447
3448 %%
3449 %% Draft 2
3450 %%
3451 - Trying out a change in flow to handle corner cases.
3452
3453 %%
3454 %% Draft 3
3455 %%
3456 - Back out the lazier decryption change made in draft2.
3457
3458 %%
3459 %% Draft 4
3460 %%
3461 - Some formatting and branching changes
3462 - Decrypt all encrypted cached data when len == 0
3463 - Save connection closed state
3464 - Change special Win2k check to use connection closed state
3465
3466 %%
3467 %% Draft 5
3468 %%
3469 - Default to CURLE_AGAIN in cleanup if an error code wasn't set and the
3470 connection isn't closed.
3471
3472 %%
3473 %% Draft 6
3474 %%
3475 - Save the last error only if it is an unrecoverable error.
3476
3477 Prior to this I saved the last error state in all cases; unfortunately
3478 the logic to cover that in all cases would lead to some muddle and I'm
3479 concerned that could then lead to a bug in the future so I've replaced
3480 it by only recording an unrecoverable error and that state will persist.
3481
3482 - Do not recurse on renegotiation.
3483
3484 Instead we'll continue on to process any trailing encrypted data
3485 received during the renegotiation only.
3486
3487 - Move the err checks in cleanup after the check for decrypted data.
3488
3489 In either case decrypted data is always returned but I think it's easier
3490 to understand when those err checks come after the decrypted data check.
3491
3492 %%
3493 %% Draft 7
3494 %%
3495 - Regardless of len value go directly to cleanup if there is an
3496 unrecoverable error or a close_notify was already received. Prior to
3497 this change we only acknowledged those two states if len != 0.
3498
3499 - Fix a bug in connection closed behavior: Set the error state in the
3500 cleanup, because we don't know for sure it's an error until that time.
3501
3502 - (Related to above) In the case the connection is closed go "greedy"
3503 with the decryption to make sure all remaining encrypted data has been
3504 decrypted even if it is not needed at that time by the caller. This is
3505 necessary because we can only tell if the connection closed gracefully
3506 (close_notify) once all encrypted data has been decrypted.
3507
3508 - Do not renegotiate when an unrecoverable error is pending.
3509
3510 %%
3511 %% Draft 8
3512 %%
3513 - Don't show 'server closed the connection' info message twice.
3514
3515 - Show an info message if server closed abruptly (missing close_notify).
3516
3517Daniel Stenberg (16 Jun 2015)
3518- [Paul Oliver brought this change]
3519
3520 Fix typo in docs
3521
3522 s/curret/current/
3523
3524- [Viktor Szakats brought this change]
3525
3526 docs: update URLs
3527
3528- RELEASE-NOTES: synced with f29f2cbd00dbe5f
3529
3530- [Viktor Szakats brought this change]
3531
3532 README: use secure protocol for Git repository
3533
3534- [Viktor Szakats brought this change]
3535
3536 HTTP2.md: use SSL/TLS IETF URLs
3537
3538- [Viktor Szakats brought this change]
3539
3540 LICENSE-MIXING: update URLs
3541
3542 * use SSL/TLS where available
3543 * follow permanent redirects
3544
3545- LICENSE-MIXING: refreshed
3546
3547- curl_easy_duphandle: see also *reset
3548
3549- rtsp_do: fix DEAD CODE
3550
3551 "At condition p_request, the value of p_request cannot be NULL."
3552
3553 Coverity CID 1306668.
3554
3555- security:choose_mech fix DEAD CODE warning
3556
3557 ... by removing the "do {} while (0)" block.
3558
3559 Coverity CID 1306669
3560
3561- curl.1: netrc is in man section 5
3562
3563- curl.1: small format fix
3564
3565 use \fI-style instead of .BR for references
3566
3567- urldata: store POST size in state.infilesize too
3568
3569 ... to simplify checking when PUT _or_ POST have completed.
3570
3571 Reported-by: Frank Meier
3572 Bug: http://curl.haxx.se/mail/lib-2015-06/0019.html
3573
3574Dan Fandrich (14 Jun 2015)
3575- test1530: added http to required features
3576
3577Jay Satiro (14 Jun 2015)
3578- [Drake Arconis brought this change]
3579
3580 build: Fix typo from OpenSSL 1.0.2 version detection fix
3581
3582- [Drake Arconis brought this change]
3583
3584 build: Properly detect OpenSSL 1.0.2 when using configure
3585
3586- curl_multi_info_read.3: fix example formatting
3587
3588Daniel Stenberg (13 Jun 2015)
3589- BINDINGS: there's a new R binding in town!
3590
3591- BINDINGS: added the Xojo binding
3592
3593Jay Satiro (11 Jun 2015)
3594- [Joel Depooter brought this change]
3595
3596 schannel: Add support for optional client certificates
3597
3598 Some servers will request a client certificate, but not require one.
3599 This change allows libcurl to connect to such servers when using
3600 schannel as its ssl/tls backend. When a server requests a client
3601 certificate, libcurl will now continue the handshake without one,
3602 rather than terminating the handshake. The server can then decide
3603 if that is acceptable or not. Prior to this change, libcurl would
3604 terminate the handshake, reporting a SEC_I_INCOMPLETE_CREDENTIALS
3605 error.
3606
3607Daniel Stenberg (11 Jun 2015)
3608- curl_easy_cleanup.3: provide more SEE ALSO
3609
3610- debug: remove http2 debug leftovers
3611
3612- VERSIONS: now using markdown
3613
3614- RELEASE-PROCEDURE: remove ascii logo at the top of file
3615
3616- INTERNALS: absorbed docs/LIBCURL-STRUCTS
3617
3618- INTERNALS: cat lib/README* >> INTERNALS
3619
3620 and a conversion to markdown. Removed the lib/README.* files. The idea
3621 being to move toward having INTERNALS as the one and only "book" of
3622 internals documentation.
3623
3624 Added a TOC to top of the document.
3625
3626Jay Satiro (8 Jun 2015)
3627- openssl: LibreSSL and BoringSSL do not use TLS_client_method
3628
3629 Although OpenSSL 1.1.0+ deprecated SSLv23_client_method in favor of
3630 TLS_client_method LibreSSL and BoringSSL didn't and still use
3631 SSLv23_client_method.
3632
3633 Bug: https://github.com/bagder/curl/commit/49a6642#commitcomment-11578009
3634 Reported-by: asavah@users.noreply.github.com
3635
3636Daniel Stenberg (9 Jun 2015)
3637- RELEASE-NOTES: synced with 20ac3458068
3638
3639- CURLOPT_OPENSOCKETFUNCTION: return error at once
3640
3641 When CURL_SOCKET_BAD is returned in the callback, it should be treated
3642 as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently
3643 created when trying to connect to a server.
3644
3645 Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
3646
3647- fopen.c: fix a few compiler warnings
3648
3649- [Ville Skyttä brought this change]
3650
3651 docs: Spelling fixes
3652
3653- [Ville Skyttä brought this change]
3654
3655 docs: man page indentation and syntax fixes
3656
3657Linus Nielsen (8 Jun 2015)
3658- help: Add --proxy-service-name and --service-name to the --help output
3659
3660Jay Satiro (7 Jun 2015)
3661- openssl: Fix verification of server-sent legacy intermediates
3662
3663 - Try building a chain using issuers in the trusted store first to avoid
3664 problems with server-sent legacy intermediates.
3665
3666 Prior to this change server-sent legacy intermediates with missing
3667 legacy issuers would cause verification to fail even if the client's CA
3668 bundle contained a valid replacement for the intermediate and an
3669 alternate chain could be constructed that would verify successfully.
3670
3671 https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
3672
3673Daniel Stenberg (5 Jun 2015)
3674- BINDINGS: update several URLs
3675
3676 Stop linking to the curl.haxx.se anchor pages, they are usually only
3677 themselves pointers to the real page so better point there directly
3678 instead.
3679
3680- BINDINGS: the curl-rust binding
3681
3682- curl.h: add CURL_HTTP_VERSION_2
3683
3684 The protocol is named "HTTP/2" after all. It is an alias for the
3685 existing CURL_HTTP_VERSION_2_0 enum.
3686
3687- openssl: removed error string #ifdef
3688
3689 ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore
3690
3691- openssl: removed USERDATA_IN_PWD_CALLBACK kludge
3692
3693 Code for OpenSSL 0.9.4 serves no purpose anymore!
3694
3695- openssl: remove SSL_get_session()-using code
3696
3697 It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or
3698 later.
3699
3700- openssl: remove dummy callback use from SSL_CTX_set_verify()
3701
3702 The existing callback served no purpose.
3703
3704- LIBCURL-STRUCTS: clarify for multiplexing
3705
3706Jay Satiro (3 Jun 2015)
3707- cookie: Stop exporting any-domain cookies
3708
3709 Prior to this change any-domain cookies (cookies without a domain that
3710 are sent to any domain) were exported with domain name "unknown".
3711
3712 Bug: https://github.com/bagder/curl/issues/292
3713
3714Daniel Stenberg (3 Jun 2015)
3715- RELEASE-PROCEDURE: refreshed 'coming dates'
3716
3717Jay Satiro (2 Jun 2015)
3718- curl_setup: Change fopen text macros to use 't' for MSDOS
3719
3720 Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198
3721 Reported-by: Gisle Vanem
3722
3723Daniel Stenberg (2 Jun 2015)
3724- curl_multi_timeout.3: added example
3725
3726- curl_multi_perform.3: added example
3727
3728- curl_multi_info_read.3: added example
3729
3730- checksrc: detect fopen() for text without the FOPEN_* macros
3731
3732 Follow-up to e8423f9ce150 with discussionis in
3733 https://github.com/bagder/curl/pull/258
3734
3735 This check scans for fopen() with a mode string without 'b' present, as
3736 it may indicate that an FOPEN_* define should rather be used.
3737
3738- curl_getdate.3: update RFC reference
3739
3740Jay Satiro (1 Jun 2015)
3741- curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
3742
3743 - Change fopen calls to use FOPEN_READTEXT instead of "r" or "rt"
3744 - Change fopen calls to use FOPEN_WRITETEXT instead of "w" or "wt"
3745
3746 This change is to explicitly specify when we need to read/write text.
3747 Unfortunately 't' is not part of POSIX fopen so we can't specify it
3748 directly. Instead we now have FOPEN_READTEXT, FOPEN_WRITETEXT.
3749
3750 Prior to this change we had an issue on Windows if an application that
3751 uses libcurl overrides the default file mode to binary. The default file
3752 mode in Windows is normally text mode (translation mode) and that's what
3753 libcurl expects.
3754
3755 Bug: https://github.com/bagder/curl/pull/258#issuecomment-107093055
3756 Reported-by: Orgad Shaneh
3757
3758Daniel Stenberg (1 Jun 2015)
3759- http2-upload.c: use PIPEWAIT for playing HTTP/2 better
3760
3761- http2-download: check for CURLPIPE_MULTIPLEX properly
3762
3763 Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html
3764 Reported-by: Rafayel Mkrtchyan
3765
3766- [Isaac Boukris brought this change]
3767
3768 HTTP-NTLM: fail auth on connection close instead of looping
3769
3770 Bug: https://github.com/bagder/curl/issues/256
3771
3772- 5.6 Refuse "downgrade" redirects
3773
3774- README.pingpong: removed
3775
3776- ROADMAP: remove HTTP/2 multiplexing - its here now
3777
3778- HTTP2.md: formatted properly
3779
3780- HTTP2: moved docs into docs/ and make it markdown
3781
3782- README.http2: refreshed and added multiplexing info
3783
3784- dist: add the http2 examples
3785
3786- http2 examples: clean up some comments
3787
3788- examples: added two programs doing multiplexed HTTP/2
3789
3790- scripts: moved contributors.sh and contrithanks.sh into subdir
3791
3792- RELEASE-NOTES: synced with c005790ff1c0a
3793
3794- [Daniel Melani brought this change]
3795
3796 openssl: typo in comment
3797
3798Jay Satiro (27 May 2015)
3799- openssl: Use TLS_client_method for OpenSSL 1.1.0+
3800
3801 SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The
3802 equivalent is TLS_client_method.
3803
3804 https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
3805
3806Daniel Stenberg (26 May 2015)
3807- FAQ: How do I port libcurl to my OS?
3808
3809Jay Satiro (25 May 2015)
3810- CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
3811
3812 Document that if Set-Cookie is used without a domain then the cookie is
3813 sent for any domain and will not be modified.
3814
3815 Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
3816 Reported-by: Alexander Dyagilev
3817
3818Daniel Stenberg (25 May 2015)
3819- [Tatsuhiro Tsujikawa brought this change]
3820
3821 http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer
3822
3823 Previously, after seeing upgrade to HTTP/2, we feed data followed by
3824 upgrade response headers directly to nghttp2_session_mem_recv() in
3825 Curl_http2_switched(). But it turns out that passed buffer, mem, is
3826 part of stream->mem, and callbacks called by
3827 nghttp2_session_mem_recv() will write stream specific data into
3828 stream->mem, overwriting input data. This will corrupt input, and
3829 most likely frame length error is detected by nghttp2 library. The
3830 fix is first copy the passed data to HTTP/2 connection buffer,
3831 httpc->inbuf, and call nghttp2_session_mem_recv().
3832
3833Jay Satiro (24 May 2015)
3834- CURLOPT_COOKIE.3: Explain that the cookies won't be modified
3835
3836 The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
3837 outgoing request(s)." However there seems to be some user confusion
3838 about cookie modification. Document that the cookies set by this option
3839 are not modified by the cookie engine.
3840
3841 Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
3842 Reported-by: Alexander Dyagilev
3843
3844- CURLOPT_COOKIELIST.3: Add example
3845
3846Dan Fandrich (24 May 2015)
3847- testcurl.pl: use rel2abs to make the source directory absolute
3848
3849 This function makes a platform-specific absolute path which uses
3850 backslashes on Windows. This form works when passing it on the
3851 command-line, as well as if the source is on another drive.
3852
3853- conncache: fixed memory leak on OOM (torture tests)
3854
3855Daniel Stenberg (24 May 2015)
3856- perl: remove subdir, not touched in 9 years
3857
3858- log2changes.pl: moved to scripts/
3859
3860- [Alessandro Ghedini brought this change]
3861
3862 scripts: add zsh.pl for generating zsh completion
3863
3864Dan Fandrich (23 May 2015)
3865- test1510: another flaky test
3866
3867Daniel Stenberg (22 May 2015)
3868- security: fix "Unchecked return value" from sscanf()
3869
3870 By (void) prefixing it and adding a comment. Did some minor related
3871 cleanups.
3872
3873 Coverity CID 1299423.
3874
3875- security: simplify choose_mech
3876
3877 Coverity CID 1299424 identified dead code because of checks that could
3878 never equal true (if the mechanism's name was NULL).
3879
3880 Simplified the function by removing a level of pointers and removing the
3881 loop and array that weren't used.
3882
3883- RTSP: catch attempted unsupported requests better
3884
3885 Replace use of assert with code that properly catches bad input at
3886 run-time even in non-debug builds.
3887
3888 This flaw was sort of detected by Coverity CID 1299425 which claimed the
3889 "case RTSPREQ_NONE" was dead code.
3890
3891- share_init: fix OOM crash
3892
3893 A failed calloc() would lead to NULL pointer use.
3894
3895 Coverity CID 1299427.
3896
3897- parse_proxy: switch off tunneling if non-HTTP proxy
3898
3899 non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL
3900
3901 Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
3902 Reported-by: Sean Boudreau
3903
3904- curl: fix potential NULL dereference
3905
3906 Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
3907
3908- http2: on_frame_recv: return early on stream 0
3909
3910 Coverity CID 1299426 warned about possible NULL dereference otherwise,
3911 but that would only ever happen if we get invalid HTTP/2 data with
3912 frames for stream 0. Avoid this risk by returning early when stream 0 is
3913 used.
3914
3915- http: removed self assignment
3916
3917 Follow-up fix from b0143a2a33f0
3918
3919 Detected by coverity. CID 1299429
3920
3921- [Tatsuhiro Tsujikawa brought this change]
3922
3923 http2: Make HTTP Upgrade work
3924
3925 This commit just add implicitly opened stream 1 to streams hash.
3926
3927Jay Satiro (22 May 2015)
3928- strerror: Change SEC_E_ILLEGAL_MESSAGE description
3929
3930 Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS
3931 and language specific, and invariably translated to something not very
3932 helpful like: "The message received was unexpected or badly formatted."
3933
3934 Bug: https://github.com/bagder/curl/issues/267
3935 Reported-by: Michael Osipov
3936
3937- telnet: Fix read-callback change for Windows builds
3938
3939 Refer to b0143a2 for more information on the read-callback change.
3940
3941Daniel Stenberg (21 May 2015)
3942- CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy!
3943
3944Dan Fandrich (21 May 2015)
3945- testcurl.pl: allow source to be in an arbitrary directory
3946
3947 This way, the build directory can be located on an entirely different
3948 filesystem from the source code (e.g. a tmpfs).
3949
3950Daniel Stenberg (20 May 2015)
3951- read_callback: move to SessionHandle from connectdata
3952
3953 With many easy handles using the same connection for multiplexing, it is
3954 important we store and keep the transfer-oriented stuff in the
3955 SessionHandle so that callbacks and callback data work fine even when
3956 many easy handles share the same physical connection.
3957
3958- http2: show stream IDs in decimal
3959
3960 It makes them easier to match output from the nghttpd test server.
3961
3962- [Tatsuhiro Tsujikawa brought this change]
3963
3964 http2: Faster http2 upload
3965
3966 Previously, when we send all given buffer in data_source_callback, we
3967 return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream
3968 temporarily for writing. This itself is good. If this is the sole
3969 stream in the session, nghttp2_session_want_write() returns zero,
3970 which means that libcurl does not check writeability of the underlying
3971 socket. This leads to very slow upload, because it seems curl only
3972 upload 16k something per 1 second. To fix this, if we still have data
3973 to send, call nghttp2_session_resume_data after nghttp2_session_send.
3974 This makes nghttp2_session_want_write() returns nonzero (if connection
3975 window still opens), and as a result, socket writeability is checked,
3976 and upload speed becomes normal.
3977
3978- [Dmitry Eremin-Solenikov brought this change]
3979
3980 gtls: don't fail on non-fatal alerts during handshake
3981
3982 Stop curl from failing when non-fatal alert is received during
3983 handshake. This e.g. fixes lots of problems when working with https
3984 sites through proxies.
3985
3986- curl_easy_unescape.3: update RFC reference
3987
3988 Reported-by: bsammon
3989 Bug: https://github.com/bagder/curl/issues/282
3990
3991Jay Satiro (20 May 2015)
3992- CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
3993
3994 .. also correct some variable naming in curl_easy_escape.3
3995
3996 Bug: https://github.com/bagder/curl/issues/281
3997 Reported-by: bsammon@users.noreply.github.com
3998
3999Daniel Stenberg (19 May 2015)
4000- [Brian Prodoehl brought this change]
4001
4002 openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg
4003
4004 BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl
4005 and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and
4006 OpenSSL.
4007
4008 re #275
4009
4010Jay Satiro (19 May 2015)
4011- curl.1: fix missing space in section --data
4012
4013Daniel Stenberg (19 May 2015)
4014- transfer: remove erroneous and misleading comment
4015
4016Kamil Dudka (19 May 2015)
4017- http: silence compile-time warnings without USE_NGHTTP2
4018
4019 Error: CLANG_WARNING:
4020 lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read
4021
4022 Error: COMPILER_WARNING:
4023 lib/http.c: scope_hint: In function ‘http_disconnect’
4024 lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable]
4025
4026Jay Satiro (19 May 2015)
4027- transfer: Replace __func__ instances with function name
4028
4029 .. also make __func__ replacement in multi.
4030
4031 Prior to this change debug builds would fail to build if the compiler
4032 was building pre-c99 and didn't support __func__.
4033
4034Daniel Stenberg (19 May 2015)
4035- [Viktor Szakats brought this change]
4036
4037 build: bump version in default nghttp2 paths
4038
4039- INTERNALS: we require nghttp2 1.0.0+ now
4040
4041Jay Satiro (18 May 2015)
4042- http: Add some include guards for the new HTTP/2 stuff
4043
4044Daniel Stenberg (18 May 2015)
4045- http2: store upload state per stream
4046
4047 Use a curl_off_t for upload left
4048
4049- http2: fix build when NOT h2-enabled
4050
4051- http2: switch to use Curl_hash_destroy()
4052
4053 as after 4883f7019d3, the *_clean() function only flushes the hash.
4054
4055- curlver: restore LIBCURL_VERSION_NUM defined as a full number
4056
4057 As it breaks configure, curl-config and test 1023 if not.
4058
4059- [Anthony Avina brought this change]
4060
4061 hostip: fix unintended destruction of hash table
4062
4063 .. and added unit1602 for hash.c
4064
4065- curlver: introducing new version number (checking) macros
4066
4067- runtests.pl: use 'h2c' now, no -14 anymore
4068
4069- [Tatsuhiro Tsujikawa brought this change]
4070
4071 http2: Ignore if we have stream ID not in hash in on_stream_close
4072
4073 We could get stream ID not in the hash in on_stream_close. For
4074 example, if we decided to reject stream (e.g., PUSH_PROMISE), then we
4075 don't create stream and store it in hash with its stream ID.
4076
4077- [Tatsuhiro Tsujikawa brought this change]
4078
4079 Require nghttp2 v1.0.0
4080
4081 This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0,
4082 and utilize recent version of nghttp2 to simplify the code,
4083
4084 First we use nghttp2_option_set_no_recv_client_magic function to
4085 detect nghttp2 v1.0.0. That function only exists since v1.0.0.
4086
4087 Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and
4088 validates received header field. If it found error, RST_STREAM with
4089 PROTOCOL_ERROR is issued. Since we require v1.0.0, we can utilize
4090 this feature to simplify libcurl code. This commit does this.
4091
4092 Migration from 0.7 series are done based on nghttp2 migration
4093 document. For libcurl, we removed the code sending first 24 bytes
4094 client magic. It is now done by nghttp2 library.
4095 on_invalid_frame_recv callback signature changed, and is updated
4096 accordingly.
4097
4098- http2: infof length in on_frame_send()
4099
4100- pipeline: switch some code over to functions
4101
4102 ... to "compartmentalize" a bit and make it easier to change behavior
4103 when multiplexing is used instead of good old pipelining.
4104
4105- symbols-in-versions: add CURLOPT_PIPEWAIT
4106
4107- CURLOPT_PIPEWAIT: added
4108
4109 By setting this option to 1 libcurl will wait for a connection to reveal
4110 if it is possible to pipeline/multiplex on before it continues.
4111
4112- Curl_http_readwrite_headers: minor code simplification
4113
4114- IsPipeliningPossible: fixed for http2
4115
4116- http2: bump the h2 buffer size to 32K for speed
4117
4118- http2: remove the stream from the hash in stream_close callback
4119
4120 ... and suddenly things work much better!
4121
4122- http2: if there is paused data, do not clear the drain field
4123
4124- http2: rename s/data/pausedata
4125
4126- http2: "stream %x" in all outputs to make it easier to search for
4127
4128- http2: Curl_expire() all handles with incoming traffic
4129
4130 ... so that they'll get handled next in the multi loop.
4131
4132- http2: don't signal settings change for same values
4133
4134- http2: set default concurrency, fix ConnectionExists for multiplex
4135
4136- bundles: store no/default/pipeline/multiplex
4137
4138 to allow code to act differently on the situation.
4139
4140 Also added some more info message for the connection re-use function to
4141 make it clearer when connections are not re-used.
4142
4143- http2: lazy init header_recvbuf
4144
4145 It makes us use less memory when not doing HTTP/2 and subsequently also
4146 makes us not have to cleanup HTTP/2 related data when not using HTTP/2!
4147
4148- http2: separate multiplex/pipelining + cleanup memory leaks
4149
4150- CURLMOPT_PIPELINE: bit 1 is for multiplexing
4151
4152- [Tatsuhiro Tsujikawa brought this change]
4153
4154 http2: Fix bug that data to be drained are overwritten by pending "paused" data
4155
4156- [Tatsuhiro Tsujikawa brought this change]
4157
4158 http2: Don't call nghttp2_session_mem_recv while it is paused by a stream
4159
4160- [Tatsuhiro Tsujikawa brought this change]
4161
4162 http2: Read data left in connection buffer after pause
4163
4164 Previously when we do pause because of out of buffer, we just throw
4165 away unread data in connection buffer. This just broke protocol
4166 framing, and I saw occasional FRAME_SIZE_ERROR. This commit fix this
4167 issue by remembering how much data read, and in the next iteration, we
4168 process remaining data.
4169
4170- [Tatsuhiro Tsujikawa brought this change]
4171
4172 http2: Fix streams get stuck
4173
4174 This commit fixes the bug that streams get stuck if stream gets some
4175 DATA, and stream->closed becomes true at the same time. Previously,
4176 in this condition, after we processed DATA, we are going to try to
4177 read data from underlying transport, but there is no data, and gets
4178 EAGAIN. There was no code path to evaludate stream->closed.
4179
4180- http2: store incoming h2 SETTINGS
4181
4182- pipeline: move function to pipeline.c and make static
4183
4184 ... as it was only used from there.
4185
4186- IsPipeliningPossible: http2 can always "pipeline" (multiplex)
4187
4188- http2: remove debug logging from on_frame_recv
4189
4190- http2: remove the closed check in http2_recv
4191
4192 With the "drained" functionality we can get here slightly asynchronously
4193 so the stream have have been closed but there is pending data left to
4194 read.
4195
4196- http2: bump the h2 buffer to 8K
4197
4198- http2: Curl_read should not use the single buffer
4199
4200 ... as it does for pipelining when we're multiplexing, as we need the
4201 different buffers to store incoming data correctly for all streams.
4202
4203- http2: more debug outputs
4204
4205- http2: leave WAITPERFORM when conn is multiplexed
4206
4207 No need to wait for our "spot" like for pipelining
4208
4209- http2: force "drainage" of streams
4210
4211 ... which is necessary since the socket won't be readable but there is
4212 data waiting in the buffer.
4213
4214- http2: move the mem+len pair to the stream struct
4215
4216- http2: more stream-oriented data, stream ID 0 is for connections
4217
4218- http2: move lots of state data to the 'stream' struct
4219
4220 ... from the connection struct. The stream one being the 'struct HTTP'
4221 which is kept in the SessionHandle struct (easy handle).
4222
4223 lookup streams for incoming frames in the stream hash, hashing is based
4224 on the stream id and we get the SessionHandle for the incoming stream
4225 that way.
4226
4227- HTTP: partial start at fixing up hash-lookups on http2 frame receival
4228
4229- http: a stream hash for h2 multiplexing
4230
4231- http: a stream hash for h2 multiplexing
4232
4233- http2: debug log when receiving unexpected stream_id
4234
4235- http2: move stream_id to the HTTP struct (per-stream)
4236
4237- Curl_http2_setup: only do it once and enable multiplex on the server
4238
4239 Once we know we are HTTP/2 enabled we know the server can multiplex.
4240
4241- http: switch on "pipelining" (multiplexing) for HTTP/2 servers
4242
4243 ... and do not blacklist any.
4244
4245- README.pipelining: removed
4246
4247 All the details mentioned here are better documented in man pages
4248
4249Dan Fandrich (14 May 2015)
4250- build: removed bundles.c from make files
4251
4252 This file was removed in commit fd137786
4253
4254Daniel Stenberg (14 May 2015)
4255- Curl_conncache_add_conn: fix memory leak on OOM
4256
4257- CURLMOPT_MAX_HOST_CONNECTIONS: host = host name + port number
4258
4259- conncache: keep bundles on host+port bases, not only host names
4260
4261 Previously we counted all connections to a specific host name and that
4262 would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example,
4263 while servers on different port numbers are normally considered
4264 different "origins" on the web and should thus be considered different
4265 hosts.
4266
4267- bundles: merged into conncache.c
4268
4269 All the existing Curl_bundle* functions were only ever used from within
4270 the conncache.c file, so I moved them over and made them static (and
4271 removed the Curl_ prefix).
4272
4273- hostcache: made all host caches use structs, not pointers
4274
4275 This avoids unnecessary dynamic allocs and as this also removed the last
4276 users of *hash_alloc() and *hash_destroy(), those two functions are now
4277 removed.
4278
4279- multi: converted socket hash into non-allocated struct
4280
4281 avoids extra dynamic allocation
4282
4283- connection cache: avoid Curl_hash_alloc()
4284
4285 ... by using plain structs instead of pointers for the connection cache,
4286 we can avoid several dynamic allocations that weren't necessary.
4287
4288- proxy: add newline to info message
4289
4290Patrick Monnerat (8 May 2015)
4291- FTP: fix dangling conn->ip_addr dereference on verbose EPSV.
4292
4293- FTP: Make EPSV use the control IP address rather than the original host.
4294 This ensures an alternate address is not used.
4295 Does not apply to proxy tunnel.
4296
4297Daniel Stenberg (8 May 2015)
4298- [Alessandro Ghedini brought this change]
4299
4300 tool_help: fix formatting for --next option
4301
4302- [Egon Eckert brought this change]
4303
4304 opts: improved the TCP keepalive examples
4305
4306Jay Satiro (8 May 2015)
4307- winbuild: Document the option used to statically link the CRT
4308
4309 - Document option RTLIBCFG (runtime library configuration).
4310
4311 Bug: https://github.com/bagder/curl/issues/254
4312 Reported-by: Bert Huijben
4313
4314- [Orgad Shaneh brought this change]
4315
4316 netrc: Read in text mode when cygwin
4317
4318 Use text mode when cygwin to eliminate trailing carriage returns.
4319
4320 Bug: https://github.com/bagder/curl/pull/258
4321
4322Patrick Monnerat (5 May 2015)
4323- OS400: Add SPNEGO service name options to ILE/RPG binding.
4324
4325Daniel Stenberg (4 May 2015)
4326- curl_multi_info_read.3: fix typo
4327
4328 Reported-by: Liviu Chircu
4329
4330- MANUAL: language fix
4331
4332 Reported-by: Fred Stluka
4333 Bug: https://github.com/bagder/curl/issues/255
4334
4335- [Alessandro Ghedini brought this change]
4336
4337 gtls: properly retrieve certificate status
4338
4339 Also print the revocation reason if appropriate.
4340
4341- OpenSSL: conditional check for SSL3_RT_HEADER
4342
4343 The symbol is fairly new.
4344
4345 Reported-by: Kamil Dudka
4346
4347- openssl: skip trace outputs for ssl_ver == 0
4348
4349 The OpenSSL trace callback is wonderfully undocumented but given a
4350 journey in the source code, it seems the cases were ssl_ver is zero
4351 doesn't follow the same pattern and thus turned out confusing and
4352 misleading. For now, we skip doing any CURLINFO_TEXT logging on those
4353 but keep sending them as CURLINFO_SSL_DATA_OUT/IN.
4354
4355 Also, I added direction to the text info and I edited some functions
4356 slightly.
4357
4358 Bug: https://github.com/bagder/curl/issues/219
4359 Reported-by: Jay Satiro, Ashish Shukla
4360
4361Marc Hoersken (2 May 2015)
4362- schannel.c: Small changes
4363
4364- schannel.c: Improve code path and readability
4365
4366- schannel.c: Improve error and return code handling upon aa99a63f03
4367
4368- [Chris Araman brought this change]
4369
4370 schannel: fix regression in schannel_recv
4371
4372 https://github.com/bagder/curl/issues/244
4373
4374 Commit 145c263 changed the behavior when Curl_read_plain returns
4375 CURLE_AGAIN. We now handle CURLE_AGAIN and SEC_I_CONTEXT_EXPIRED
4376 correctly.
4377
4378- Bug born in changes made several days ago 9a91e80.
4379
4380 Commit: https://github.com/bagder/curl/commit/926cb9f
4381 Reported-by: Ray Satiro
4382
4383Daniel Stenberg (30 Apr 2015)
4384- [Michael Osipov brought this change]
4385
4386 configure: remove missing and make it autogenerate
4387
4388 The missing file has not been autogenerated because a temporary fix was
4389 employed in acinclude.m4 which blocked update. Removed that fix and a recent
4390 version of missing is copied to build root.
4391
4392- [Michael Osipov brought this change]
4393
4394 acinclude.m4: fix test for default CA cert bundle/path
4395
4396 test(1) on HP-UX requires a single equals sign and fails with two.
4397 Let's use one and make every OS happy.
4398
4399- CONTRIBUTING.md: remove the sourceforge mention
4400
4401 Reported-By: Michael Osipov
4402
4403Dan Fandrich (30 Apr 2015)
4404- http_negotiate_sspi: added missing data variable
4405
4406Daniel Stenberg (30 Apr 2015)
4407- [Michael Osipov brought this change]
4408
4409 configure: remove --automake from libtoolize call
4410
4411 That option is not mentioned in the man page of libtoolize 2.4.4.19-fda4.
4412 Moveover, a comment in line 2623 says "--automake is for 1.5 compatibility".
4413
4414 This option is redundant now.
4415
4416- [Viktor Szakats brought this change]
4417
4418 build: update depedency versions, urls, example makefiles
4419
4420 - update default versions of dependencies (except for rare/old platforms)
4421 - update urls
4422 - sync examples makefiles with main ones
4423 - remove line ending space
4424
4425- [Michael Osipov brought this change]
4426
4427 configure: remove autogenerated files by autoconf
4428
4429 * install-sh is always regenerated
4430 * mkinstalldirs was already redudant years ago. Automake uses install for
4431 that. See: http://lists.gnu.org/archive/html/automake/2007-03/msg00015.html
4432
4433- [Anders Bakken brought this change]
4434
4435 curl_multi_add_handle: next is already NULL
4436
4437Jay Satiro (30 Apr 2015)
4438- schannel: Fix out of bounds array
4439
4440 Bug born in changes made several days ago 9a91e80.
4441
4442 Bug: http://curl.haxx.se/mail/lib-2015-04/0199.html
4443 Reported-by: Brian Chrisman
4444
4445- docs/libcurl: gitignore libcurl-symbols.3
4446
4447 Bug: http://curl.haxx.se/mail/lib-2015-04/0191.html
4448 Reported-by: Michael Osipov
4449
4450- [Viktor Szakats brought this change]
4451
4452 lib/makefile.m32: add arch -m32/-m64 to LDFLAGS
4453
4454 This fixes using a multi-target mingw distro to build curl .dll for the
4455 non-default target.
4456 (mirroring the same patch present in src/makefile.m32)
4457
4458Daniel Stenberg (29 Apr 2015)
4459- RELEASE-NOTES: synced with cd39b944afc
4460
4461 I've not mentioned the bug fixes that were shipped in 7.42.1 from the
4462 7_42 branch.
4463
4464- THANKS: merged from the 7.42.1 release
4465
4466- CURLOPT_HEADEROPT: default to separate
4467
4468 Make the HTTP headers separated by default for improved security and
4469 reduced risk for information leakage.
4470
4471 Bug: http://curl.haxx.se/docs/adv_20150429.html
4472 Reported-by: Yehezkel Horowitz, Oren Souroujon
4473
4474Linus Nielsen (28 Apr 2015)
4475- docs/libcurl: Corrected a typo in the CURLOPT_PROXY_SERVICE_NAME documentation
4476
4477Daniel Stenberg (28 Apr 2015)
4478- hash: simplify Curl_str_key_compare()
4479
4480- dist: ship CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME
4481
4482- [Linus Nielsen brought this change]
4483
4484 Negotiate: custom service names for SPNEGO.
4485
4486 * Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
4487 * Add new curl options, --proxy-service-name and --service-name.
4488
4489- http2: unify http_conn variable names to 'c'
4490
4491- ConnectionExists: call it multi-use instead of pipelining
4492
4493 So that it fits HTTP/2 as well
4494
4495Kamil Dudka (27 Apr 2015)
4496- [Paul Howarth brought this change]
4497
4498 nss: fix compilation failure with old versions of NSS
4499
4500 Bug: http://curl.haxx.se/mail/lib-2015-04/0095.html
4501
4502Daniel Stenberg (27 Apr 2015)
4503- sws: init http2 state properly
4504
4505 It would otherwise cause problems when running tests after 1801 etc.
4506
4507- curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
4508
4509 ... as it was previouly undocumented what the pointer was.
4510
4511- runtests: use a DISABLED.local file too
4512
4513 ... and have git ignore that. Allows for a dev to add tests to ignore in
4514 local tests and yet don't obstruct a normal git work flow.
4515
4516Marc Hoersken (26 Apr 2015)
4517- schannel.c: Fix typo introduced with 3447c973d0
4518
4519- schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
4520
4521 Reported-by: Brian Chrisman
4522
4523Daniel Stenberg (26 Apr 2015)
4524- schannel: re-indented file to follow curl style better
4525
4526 white space changes only
4527
4528- Curl_ossl_init: load builtin modules
4529
4530 To have engine modules work, we must tell openssl to load builtin
4531 modules first.
4532
4533 Bug: https://github.com/bagder/curl/pull/206
4534
4535- configure: follow-up fix for krb5-config
4536
4537 commit 5b66860652 was incomplete so here's a follow-up fix
4538
4539 Reported-by: Dagobert Michelsen
4540 Bug: https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
4541
4542- openssl: fix serial number output
4543
4544 The code extracting the cert serial number was broken and didn't display
4545 it properly.
4546
4547 Bug: https://github.com/bagder/curl/issues/235
4548 Reported-by: dkjjr89
4549
4550- [Grant Pannell brought this change]
4551
4552 sasl_sspi: Populate domain from the realm in the challenge
4553
4554 Without this, SSPI based digest auth was broken.
4555
4556 Bug: https://github.com/bagder/curl/pull/141.patch
4557
4558Jay Satiro (25 Apr 2015)
4559- [Anthony Avina brought this change]
4560
4561 tool: New option --data-raw to HTTP POST data, '@' allowed.
4562
4563 Add new option --data-raw which is almost the same as --data but does
4564 not have a special interpretation of the @ character.
4565
4566 Prior to this change there was no (easy) way to pass the @ character as
4567 the first character in POST data without it being interpreted as a
4568 special character.
4569
4570 Bug: https://github.com/bagder/curl/issues/198
4571 Reported-by: Jens Rantil
4572
4573Dan Fandrich (25 Apr 2015)
4574- test2039: fixed line endings that caused a test failure
4575
4576Daniel Stenberg (24 Apr 2015)
4577- [Viktor Szakats brought this change]
4578
4579 netrc: add unit tests for 'default' support
4580
4581- [Viktor Szakats brought this change]
4582
4583 netrc: support 'default' token
4584
4585 The 'default' token has no argument and means to match _any_ domain.
4586 It must be placed last if there are 'machine <name>' tokens in the same file.
4587
4588 See full description here:
4589 https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-File.html
4590
4591- ROADMAP.md: extended the HTTP/2 section, reformatted
4592
4593 Elaborated on several of the remaining HTTP/2 parts and made document
4594 use a format that ends up nicer on the web page:
4595 http://curl.haxx.se/dev/roadmap.html
4596
4597Kamil Dudka (23 Apr 2015)
4598- curl -z: do not write empty file on unmet condition
4599
4600 This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
4601 It also introduces a regression test 1424 based on tests 78 and 1423.
4602
4603 Reported-by: Viktor Szakats
4604 Bug: https://github.com/bagder/curl/issues/237
4605
4606Dan Fandrich (23 Apr 2015)
4607- tool: fixed a comment typo
4608
4609- README: convert to UTF-8
4610
4611Jay Satiro (22 Apr 2015)
4612- cyassl: Implement public key pinning
4613
4614 Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
4615
4616Dan Fandrich (22 Apr 2015)
4617- [Alessandro Ghedini brought this change]
4618
4619 curl.1: fix typo
4620
4621Kamil Dudka (22 Apr 2015)
4622- docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
4623
4624- tests/unit/.gitignore: hide unit1601 and above, too
4625
4626Daniel Stenberg (22 Apr 2015)
4627- connectionexists: follow-up to fd9d3a1ef1f
4628
4629 PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
4630 enabled.
4631
4632 Mistake-caught-by: Kamil Dudka
4633
4634- connectionexists: fix build without NTLM
4635
4636 Do not access NTLM-specific struct fields when built without NTLM
4637 enabled!
4638
4639 bug: http://curl.haxx.se/?i=231
4640 Reported-by: Patrick Rapin
4641
4642- bump: start working toward 7.43.0
4643
4644Kamil Dudka (22 Apr 2015)
4645- nss: implement public key pinning for NSS backend
4646
4647 Bug: https://bugzilla.redhat.com/1195771
4648
4649Daniel Stenberg (22 Apr 2015)
4650- dist: include {src,lib}/checksrc.whitelist
4651
4652Version 7.42.0 (22 Apr 2015)
4653
4654Daniel Stenberg (22 Apr 2015)
4655- RELEASE-NOTES: updated for 7.42.0
4656
4657- THANKS: added contributors from 7.42.0 release notes
4658
4659- THANKS-filter: a few more alterations to squash
4660
4661- contrithanks.sh: helper script for maintaining THANKS
4662
4663- http_done: close Negotiate connections when done
4664
4665 When doing HTTP requests Negotiate authenticated, the entire connnection
4666 may become authenticated and not just the specific HTTP request which is
4667 otherwise how HTTP works, as Negotiate can basically use NTLM under the
4668 hood. curl was not adhering to this fact but would assume that such
4669 requests would also be authenticated per request.
4670
4671 CVE-2015-3148
4672
4673 Bug: http://curl.haxx.se/docs/adv_20150422B.html
4674 Reported-by: Isaac Boukris
4675
4676- fix_hostname: zero length host name caused -1 index offset
4677
4678 If a URL is given with a zero-length host name, like in "http://:80" or
4679 just ":80", `fix_hostname()` will index the host name pointer with a -1
4680 offset (as it blindly assumes a non-zero length) and both read and
4681 assign that address.
4682
4683 CVE-2015-3144
4684
4685 Bug: http://curl.haxx.se/docs/adv_20150422D.html
4686 Reported-by: Hanno Böck
4687
4688- cookie: cookie parser out of boundary memory access
4689
4690 The internal libcurl function called sanitize_cookie_path() that cleans
4691 up the path element as given to it from a remote site or when read from
4692 a file, did not properly validate the input. If given a path that
4693 consisted of a single double-quote, libcurl would index a newly
4694 allocated memory area with index -1 and assign a zero to it, thus
4695 destroying heap memory it wasn't supposed to.
4696
4697 CVE-2015-3145
4698
4699 Bug: http://curl.haxx.se/docs/adv_20150422C.html
4700 Reported-by: Hanno Böck
4701
4702- ConnectionExists: for NTLM re-use, require credentials to match
4703
4704 CVE-2015-3143
4705
4706 Bug: http://curl.haxx.se/docs/adv_20150422A.html
4707 Reported-by: Paras Sethia
4708
4709Jay Satiro (21 Apr 2015)
4710- [byronhe brought this change]
4711
4712 openssl: add OPENSSL_NO_SSL3_METHOD check
4713
4714Daniel Stenberg (20 Apr 2015)
4715- CURLOPT_HEADERFUNCTION.3: match parameter name in synopsis and desc
4716
4717 Bug: https://github.com/bagder/curl/issues/229
4718 Reported-by: bsammon
4719
4720Kamil Dudka (20 Apr 2015)
4721- [Mostyn Bramley-Moore brought this change]
4722
4723 configure --with-nss: remove unneeded libs from the fallback
4724
4725Daniel Stenberg (20 Apr 2015)
4726- contributors.sh: fix help output, filter out (-prefix from names
4727
4728- RELEASE-NOTES: synced with cc0e7ebc3be0
4729
4730- [Michael Stapelberg brought this change]
4731
4732 CURLMOPT_TIMERFUNCTION.3: Clarify, add an example
4733
4734- [Viktor Szakáts brought this change]
4735
4736 vtls/openssl: use https in URLs and a comment typo fixed
4737
4738- curl_version_info.3: fixed the 'protocols' variable type
4739
4740 Reported-by: John Marshall
4741 Bug: https://github.com/bagder/curl/issues/225
4742
4743Dan Fandrich (18 Apr 2015)
4744- test1423: added missing "file" to server section
4745
4746Daniel Stenberg (17 Apr 2015)
4747- TheArtOfHttpScripting: Multiple URLs + Multiple HTTP methods
4748
4749 ... and some minor edits
4750
4751- Revert "HTTP: don't abort connections with pending Negotiate authentication"
4752
4753 This reverts commit 5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6.
4754
4755 Bug: https://github.com/bagder/curl/issues/223
4756 Reported-by: Michael Osipov
4757
4758Jay Satiro (17 Apr 2015)
4759- cyassl: Fix include order
4760
4761 Prior to this change CyaSSL's build options could redefine some generic
4762 build symbols.
4763
4764 http://curl.haxx.se/mail/lib-2015-04/0069.html
4765
4766Kamil Dudka (17 Apr 2015)
4767- configure --with-nss: drop redundant if statement
4768
4769- configure --with-nss=PATH: query pkg-config if available
4770
4771 Bug: https://github.com/bagder/curl/pull/171
4772
4773Daniel Stenberg (17 Apr 2015)
4774- parsecfg: do not continue past a zero termination
4775
4776 When a config file line ends without newline, the parsing function could
4777 continue reading beyond that point in memory.
4778
4779 Reported-by: Hanno Böck
4780
4781Jay Satiro (16 Apr 2015)
4782- gitignore: Ignore Windows build output directories
4783
4784Daniel Stenberg (15 Apr 2015)
4785- RELEASE-NOTES: synced with 1ba6e4c88e0
4786
4787- TODO: 17.9 Choose the name of file in braces for complex URLs
4788
4789- TODO: a little caution that maybe not all ideas are still good
4790
4791- TODO: 17.8 offer color-coded HTTP header output
4792
4793- TODO: 17.7 warning when sending binary output to terminal
4794
4795- KNOWN_BUGS: #90 IMAP "SEARCH ALL" truncates output on large boxes
4796
4797Jay Satiro (14 Apr 2015)
4798- cyassl: Add support for TLS extension SNI
4799
4800Daniel Stenberg (13 Apr 2015)
4801- [Matthew Hall brought this change]
4802
4803 gitignore: ignore test-driver file
4804
4805- [Matthew Hall brought this change]
4806
4807 vtls_openssl: improve PKCS#12 load failure error message
4808
4809- [Matthew Hall brought this change]
4810
4811 vtls_openssl: fix minor typo in PKCS#12 load routine
4812
4813- [Matthew Hall brought this change]
4814
4815 vtls_openssl: improve client certificate load failure error messages
4816
4817- [Matthew Hall brought this change]
4818
4819 vtls_openssl: remove ambiguous SSL_CLIENT_CERT_ERR constant
4820
4821- BUGS: refer to the github issue tracker now as primary
4822
4823- firefox-db2pem: fix wildcard to find Firefox default profile
4824
4825 At some point, Firefox has changed and generates different directory
4826 names for the default profile that made this script fail to find them.
4827
4828 Bug: https://github.com/bagder/curl/issues/207
4829 Reported-by: sneakyimp
4830
4831Jay Satiro (11 Apr 2015)
4832- cyassl: Include the CyaSSL build config
4833
4834 CyaSSL >= 2.6.0 may have an options.h that was generated during
4835 its build by configure.
4836
4837- build: Generate source prerequisites for Visual Studio in generate.bat
4838
4839 Prior to this change Visual Studio builds could fail due to missing
4840 prerequisites src/tool_hugehelp.c and include/curl/curlbuild.h.
4841
4842 http://curl.haxx.se/mail/lib-2015-04/0034.html
4843
4844Daniel Stenberg (9 Apr 2015)
4845- [Viktor Szakats brought this change]
4846
4847 lib/makefile.m32: add missing libs to build libcurl.dll
4848
4849 Add 'gdi32' and 'crypt32' Windows implibs to avoid failure
4850 while building libcurl.dll using the mingw compiler.
4851 The same logic is used in 'src/makefile.m32' when
4852 building curl.exe.
4853
4854Kamil Dudka (8 Apr 2015)
4855- test142[23]: verify that an empty file is stored on success
4856
4857- src/tool_operate: create output file on successful download
4858
4859 ... of an empty file
4860
4861 Bug: https://github.com/bagder/curl/issues/183
4862
4863- src/tool_cb_wrt: separate fnc for output file creation
4864
4865Daniel Stenberg (7 Apr 2015)
4866- [Da-Yoon Chung brought this change]
4867
4868 lib/transfer.c: Remove factor of 8 from sleep time calculation
4869
4870 The factor of 8 is a bytes-to-bits conversion factor, but pkt_size and
4871 rate_bps are both in bytes. When using the rate limiting option, curl
4872 waits 8 times too long, and then transfers very quickly until the
4873 average rate reaches the limit. The average rate follows the limit over
4874 time, but the actual traffic is bursty.
4875
4876 Thanks-to: Benjamin Gilbert
4877
4878- [Jay Satiro brought this change]
4879
4880 x509asn1: Silence x64 loss-of-data warning on RSA key length assignment
4881
4882 The key length in bits will always fit in an unsigned long so the
4883 loss-of-data warning assigning the result of x64 pointer arithmetic to
4884 an unsigned long is unnecessary.
4885
4886- [Jay Satiro brought this change]
4887
4888 cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
4889
4890 Also fix it so that all ERR_error_string calls use an error buffer.
4891 CyaSSL's implementation of ERR_error_string only writes the error when
4892 an error buffer is passed.
4893
4894 http://www.yassl.com/forums/topic599-openssl-compatibility-and-errerrorstring.html
4895
4896- [Jay Satiro brought this change]
4897
4898 cyassl: Remove 'Connecting to' message from cyassl_connect_step2
4899
4900 Prior to this change libcurl could show multiple 'CyaSSL: Connecting to'
4901 messages since cyassl_connect_step2 is called multiple times, typically.
4902 The message is superfluous even once since libcurl already informs the
4903 user elsewhere in code that it is connecting.
4904
4905- [Viktor Szakats brought this change]
4906
4907 checksrc.bat: quotes to support an SRC_DIR with spaces
4908
4909- hostip: fix compiler warnings
4910
4911 introduced in the previous mini-series of 3 commits
4912
4913- [Stefan Bühler brought this change]
4914
4915 actually implement CURLOPT_RESOLVE removals
4916
4917 - also log when a CURLOPT_RESOLVE entry couldn't get parsed
4918
4919- [Stefan Bühler brought this change]
4920
4921 move Curl_share_lock and ref counting into Curl_fetch_addr
4922
4923- [Stefan Bühler brought this change]
4924
4925 fix refreshing of obsolete dns cache entries
4926
4927 - cache entries must be also refreshed when they are in use
4928 - have the cache count as inuse reference too, freeing timestamp == 0 special
4929 value
4930 - use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
4931 - remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
4932 - fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
4933 reference anymore, and it would also release non CURLOPT_RESOLVE references
4934 - fix locking in Curl_hostcache_clean
4935 - fix unit1305.c: hash now keeps a reference, need to set inuse = 1
4936
4937- RELEASE-NOTES: synced with abf6bddc14a
4938
4939- [Jay Satiro brought this change]
4940
4941 checksrc.bat: Check lib\vtls source
4942
4943- [Jay Satiro brought this change]
4944
4945 cyassl: Set minimum protocol version before CTX callback
4946
4947 This change is to allow the user's CTX callback to change the minimum
4948 protocol version in the CTX without us later overriding it, as we did
4949 prior to this change.
4950
4951- [Jay Satiro brought this change]
4952
4953 build-openssl.bat: Fix mixed line endings
4954
4955 Use LF not CRLF, throughout. msysgit will only convert a file to CRLF
4956 on checkout if it's not mixed.
4957
4958- [Jay Satiro brought this change]
4959
4960 cyassl: Fix certificate load check
4961
4962 SSL_CTX_load_verify_locations can return negative values on fail,
4963 therefore to check for failure we check if load is != 1 (success)
4964 instead of if load is == 0 (failure), the latter being incorrect given
4965 that behavior.
4966
4967- [Tatsuhiro Tsujikawa brought this change]
4968
4969 http2: Fix missing nghttp2_session_send call in Curl_http2_switched
4970
4971 Previously in Curl_http2_switched, we called nghttp2_session_mem_recv to
4972 parse incoming data which were already received while curl was handling
4973 upgrade. But we didn't call nghttp2_session_send, and it led to make
4974 curl not send any response to the received frames. Most likely, we
4975 received SETTINGS from server at this point, so we missed opportunity to
4976 send SETTINGS + ACK. This commit adds missing nghttp2_session_send call
4977 in Curl_http2_switched to fix this issue.
4978
4979 Bug: https://github.com/bagder/curl/issues/192
4980 Reported-by: Stefan Eissing
4981
4982- cookie: handle spaces after the name in Set-Cookie
4983
4984 "name =value" is fine and the space should just be skipped.
4985
4986 Updated test 31 to also test for this.
4987
4988 Bug: https://github.com/bagder/curl/issues/195
4989 Reported-by: cromestant
4990 Help-by: Frank Gevaerts
4991
4992- [Jay Satiro brought this change]
4993
4994 cyassl: Fix library initialization return value
4995
4996 (Curl_cyassl_init)
4997 - Return 1 on success, 0 in failure.
4998
4999 Prior to this change the fail path returned an incorrect value and the
5000 evaluation to determine whether CyaSSL_Init had succeeded was incorrect.
5001 Ironically that combined with the way curl_global_init tests SSL library
5002 initialization (!Curl_ssl_init()) meant that CyaSSL having been
5003 successfully initialized would be seen as that even though the code path
5004 and return value in Curl_cyassl_init were wrong.
5005
5006- [Thomas Ruecker brought this change]
5007
5008 CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
5009
5010 Icecast versions 1.3.0 through 1.3.12 would reply with "ICY 200"
5011 under certain conditions:
5012
5013 client_wants_icy_headers (connection_t *con)
5014 {
5015 const char *val;
5016
5017 if (!con)
5018 return 1;
5019
5020 val = get_user_agent (con);
5021 if (!val || !val[0] || strcmp (val, "(null)") == 0)
5022 return 1;
5023
5024 if (con->food.client->use_icy)
5025 return 1;
5026 if (strncasecmp (val, "winamp", 6) == 0)
5027 return 1;
5028 if (strncasecmp (val, "Shoutcast", 9) == 0)
5029 return 1;
5030
5031 return 0;
5032 }
5033
5034 So mainly if there is no 'user agent' or it is '(null)' or contains
5035 'winamp' or 'Shoutcast'.
5036
5037 No mainstream distribution carries Icecast 1.3.x anymore, after all
5038 it was released in 2002 and superseded by Icecast 2.x.
5039
5040Dan Fandrich (31 Mar 2015)
5041- axtls: add timeout within Curl_axtls_connect
5042
5043 This allows test 405 to pass on axTLS.
5044
5045Daniel Stenberg (30 Mar 2015)
5046- [Jay Satiro brought this change]
5047
5048 checksrc: Windows-specific input fixes
5049
5050 lib/config-win32ce.h
5051 - Fix whitespace for checksrc compliance.
5052
5053 lib/checksrc.pl
5054 - Remove trailing carriage returns from input.
5055
5056 projects/checksrc.bat
5057 - Ignore tool_hugehelp.c.
5058
5059- [Dagobert Michelsen brought this change]
5060
5061 configure: Use KRB5CONFIG for krb5-config
5062
5063 Allows the user to easier override its path.
5064
5065 Bug: http://curl.haxx.se/bug/view.cgi?id=1486
5066
5067- multi: remove_handle: move pending connections
5068
5069 If the handle removed from the multi handle happens to be the one
5070 "owning" the pipeline other transfers will be waiting indefinitely. Now
5071 we move such handles back to connect to have them race (again) for
5072 getting the connection and thus avoid hanging.
5073
5074 Bug: http://curl.haxx.se/bug/view.cgi?id=1465
5075 Reported-by: Jiri Dvorak
5076
5077- KNOWN_BUGS: 89 is bug #1411
5078
5079 Disabling pipelining on multi handle with in-progress pipelined requests
5080 leads to heap corruption and crash
5081
5082- [Jay Satiro brought this change]
5083
5084 cyassl: CTX callback cosmetic changes and doc fix
5085
5086 - More descriptive fail message for NO_FILESYSTEM builds.
5087 - Cosmetic changes.
5088 - Change more of CURLOPT_SSL_CTX_* doc to not be OpenSSL specific.
5089
5090- RELEASE-NOTES: synced with d2feb71752f
5091
5092Dan Fandrich (28 Mar 2015)
5093- tool_operate: only set SSL options if SSL is enabled
5094
5095- runtests.pl: detect WolfSSL as yassl
5096
5097Daniel Stenberg (27 Mar 2015)
5098- [Kyle L. Huff brought this change]
5099
5100 cyassl: add SSL context callback support for CyaSSL
5101
5102 Adds support for CURLOPT_SSL_CTX_FUNCTION when using CyaSSL, and better
5103 handles CyaSSL instances using NO_FILESYSTEM.
5104
5105- [Kyle L. Huff brought this change]
5106
5107 cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
5108
5109 CyaSSL_no_filesystem_verify is not (or no longer) defined by cURL or
5110 CyaSSL. This reference causes build errors when compiling with
5111 NO_FILESYSTEM.
5112
5113- [Jay Satiro brought this change]
5114
5115 build: Fix libcurl.sln erroneous mixed configurations
5116
5117 Prior to this change some Release configurations had an active
5118 configuration assignment to their Debug counterpart.
5119
5120- [Jay Satiro brought this change]
5121
5122 vtls: Don't accept unknown CURLOPT_SSLVERSION values
5123
5124- [Jay Satiro brought this change]
5125
5126 url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
5127
5128- [Paul Howarth brought this change]
5129
5130 build: link curl to openssl libraries when openssl support is enabled
5131
5132 This fixes a build failure where openssl and libmetalink are used
5133 together and the system linker does not do implicit linking (e.g.
5134 Fedora 13 and later releases). The MD5 functions required for
5135 metalink support must be pulled in from the openssl crypto library.
5136
5137 This is similar to commit c6e7cbb94e669b85d3eb8e015ec51d0072112133,
5138 which fixes the same sort of problem for NSS builds.
5139
5140- multi: on a request completion, check all CONNECT_PEND transfers
5141
5142 ... even if they don't have an associated connection anymore. It could
5143 leave the waiting transfers pending with no active one on the
5144 connection.
5145
5146 Bug: http://curl.haxx.se/bug/view.cgi?id=1465
5147 Reported-by: Jiri Dvorak
5148
5149- [Emil Lerner brought this change]
5150
5151 globbing: fix url number calculation when using range with step
5152
5153 In function glob_range, the number of urls was multiplied by (max - min
5154 + 1), regardless of step. The correct formula is (max - min) / step + 1
5155
5156- README.http2: refreshed and added TODO items
5157
5158- [Emil Lerner brought this change]
5159
5160 globbing: fix step parsing for character globbing ranges
5161
5162 The glob_range function used wrong offset (3 instead of 4) for parsing
5163 integer step inside character range specification, which led to 'bad
5164 range' error when using character ranges with explicitly specified step
5165 (such as '[a-z:2]')
5166
5167- polarssl: called mbedTLS in 1.3.10 and later
5168
5169- polarssl: remove dead code
5170
5171 and simplify code by changing if-elses to a switch()
5172
5173 CID 1291706: Logically dead code. Execution cannot reach this statement
5174
5175- polarssl: remove superfluous for(;;) loop
5176
5177 "unreachable: Since the loop increment is unreachable, the loop body
5178 will never execute more than once."
5179
5180 Coverity CID 1291707
5181
5182- Curl_ssl_md5sum: return CURLcode
5183
5184 ... since the funciton can fail on OOM. Check this return code.
5185
5186 Coverity CID 1291705.
5187
5188- [Jay Satiro brought this change]
5189
5190 cyassl: default to highest possible TLS version
5191
5192 (cyassl_connect_step1)
5193 - Use TLS 1.0-1.2 by default when available.
5194
5195 CyaSSL/wolfSSL >= v3.3.0 supports setting a minimum protocol downgrade
5196 version.
5197
5198 cyassl/cyassl@322f79f
5199
5200- [Jay Satiro brought this change]
5201
5202 cyassl: Check for invalid length parameter in Curl_cyassl_random
5203
5204- [Jay Satiro brought this change]
5205
5206 cyassl: If wolfSSL then identify as such in version string
5207
5208Dan Fandrich (24 Mar 2015)
5209- symbols-in-versions: added CURLOPT_PATH_AS_IS
5210
5211- testcurl.pl: add the --notes option to supply more info about a build
5212
5213 Support for notes has been in place for a while, but it required
5214 being added to the setup file manually.
5215
5216- curl_memory: make curl_memory.h the second-last header file loaded
5217
5218 This header file must be included after all header files except
5219 memdebug.h, as it does similar memory function redefinitions and can be
5220 similarly affected by conflicting definitions in system or dependent
5221 library headers.
5222
5223Daniel Stenberg (24 Mar 2015)
5224- openssl: do the OCSP work-around for libressl too
5225
5226 I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to
5227 still require the work-around for stapling to work.
5228
5229- openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
5230
5231 URL: http://curl.haxx.se/mail/lib-2015-03/0205.html
5232 Reported-by: Alessandro Ghedini
5233
5234- openssl: adapt to ASN1/X509 things gone opaque in 1.1
5235
5236Dan Fandrich (24 Mar 2015)
5237- [Jay Satiro brought this change]
5238
5239 curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description
5240
5241- [Viktor Szakáts brought this change]
5242
5243 CURLOPT_HTTPHEADER.3: fix typo in recent commit
5244
5245- [Viktor Szakáts brought this change]
5246
5247 CURLOPT_PATH_AS_IS.3: add type 'long' to prototype
5248
5249- vtls: fix compile with --disable-crypto-auth but with SSL
5250
5251 This is a strange combination of options, but is allowed.
5252
5253Patrick Monnerat (24 Mar 2015)
5254- os400: define new options in ILE/RPG binding.
5255
5256Daniel Stenberg (24 Mar 2015)
5257- RELEASE-NOTES: synced with f6878609361
5258
5259- curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS
5260
5261- CURLOPT_PATH_AS_IS: added
5262
5263 --path-as-is is the command line option
5264
5265 Added docs in curl.1 and CURLOPT_PATH_AS_IS.3
5266
5267 Added test in test 1241
5268
5269- [Yamada Yasuharu brought this change]
5270
5271 curl_easy_recv/send: make them work with the multi interface
5272
5273 By making sure Curl_getconnectinfo() uses the correct connection cache
5274 to find the last connection.
5275
5276- http2: move the init too for when its actually needed
5277
5278 ... it would otherwise lead to memory leakage if we never actually do
5279 the switch.
5280
5281Dan Fandrich (23 Mar 2015)
5282- dict: rename byte to avoid compiler shadowed declaration warning
5283
5284 This conflicted with a WolfSSL typedef.
5285
5286- cyassl: include version.h to ensure the version macros are defined
5287
5288- test1513: eliminated race condition in test run
5289
5290 It seems that some systems (e.g. fairly consistently in some recent
5291 Solaris autobuilds) would manage to get to the connect phase before the
5292 progress callback was called, resulting in a CURLE_COULDNT_CONNECT
5293 error. Reworked the test to point at a test server that never returns a
5294 full result so the progress callback always gets a chance to be called
5295 before the transfer can complete in some other way.
5296
5297Nick Zitzmann (21 Mar 2015)
5298- darwinsssl: add support for TLS False Start
5299
5300 TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
5301
5302Daniel Stenberg (21 Mar 2015)
5303- gtls: add check of return code
5304
5305 Coverity CID 1291167 pointed out that 'rc' was received but never used when
5306 gnutls_credentials_set() was used. Added return code check now.
5307
5308- gtls: dereferencing NULL pointer
5309
5310 Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
5311 NULL if gnutls_certificate_get_peers() had previously failed.
5312
5313- gtls: avoid uninitialized variable.
5314
5315 Coverity CID 1291166 pointed out that we could read this variable
5316 uninitialized.
5317
5318Dan Fandrich (21 Mar 2015)
5319- tests/certs: rebuild certificates with modified key usage bits
5320
5321 The certificates were missing the digitalSignature and keyAgreement
5322 usage types, of which at least digitalSignature was checked by CyaSSL.
5323 This caused the test server in test 310 (among others) to fail the
5324 startup verification and therefore run (see
5325 http://curl.haxx.se/mail/lib-2014-07/0303.html).
5326
5327- tests/certs: added make target to rebuild certificates
5328
5329 The certificate generation scripts were also updated to better match the
5330 format of the certificates currently checked in.
5331
5332Daniel Stenberg (21 Mar 2015)
5333- x509asn1: add /* fallthrough */ in switch() case
5334
5335- x509asn1: minor edit to unconfuse Coverity
5336
5337 CID 1202732 warns on the previous use, although I cannot fine any
5338 problems with it. I'm doing this change only to make the code use a more
5339 familiar approach to accomplish the same thing.
5340
5341- [Dagobert Michelsen brought this change]
5342
5343 testcurl: Allow '=' in values given on command line
5344
5345- nss: error: unused variable 'connssl'
5346
5347Dan Fandrich (21 Mar 2015)
5348- test938: added missing closing tags
5349
5350- cyassl: use new library version macro when available
5351
5352Kamil Dudka (20 Mar 2015)
5353- [Alessandro Ghedini brought this change]
5354
5355 curl: add --false-start option
5356
5357- [Alessandro Ghedini brought this change]
5358
5359 nss: add support for TLS False Start
5360
5361- [Alessandro Ghedini brought this change]
5362
5363 url: add CURLOPT_SSL_FALSESTART option
5364
5365 This option can be used to enable/disable TLS False Start defined in the RFC
5366 draft-bmoeller-tls-falsestart.
5367
5368Patrick Monnerat (20 Mar 2015)
5369- [Alessandro Ghedini brought this change]
5370
5371 gtls: implement CURLOPT_CERTINFO
5372
5373Daniel Stenberg (20 Mar 2015)
5374- [Alessandro Ghedini brought this change]
5375
5376 openssl: try to avoid accessing OCSP structs when possible
5377
5378- CURLOPT_URL.3: spelling!
5379
5380 Reported-by: Frank Gevaerts
5381
5382- CURLOPT_URL.3: Added "SECURITY CONCERNS"
5383
5384- CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
5385
5386Dan Fandrich (19 Mar 2015)
5387- cyassl: detect the library as renamed wolfssl
5388
5389 This change was made in CyaSSL/WolfSSL ver. 3.4.0
5390
5391Daniel Stenberg (19 Mar 2015)
5392- HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
5393
5394 We prematurely changed protocol handler to HTTP/2 which made things very
5395 slow (and wrong).
5396
5397 Reported-by: Stefan Eissing
5398 Bug: https://github.com/bagder/curl/issues/169
5399
5400Dan Fandrich (19 Mar 2015)
5401- axtls: version 1.5.2 now requires that config.h be manually included
5402
5403Daniel Stenberg (19 Mar 2015)
5404- metalink: fix resource leak in OOM
5405
5406 Coverity CID 1288826
5407
5408Dan Fandrich (18 Mar 2015)
5409- docs/libcurl: clean up libcurl-symbols.3
5410
5411- docs/libcurl: check that all options with man pages are referenced
5412
5413 If a man page exists in the opts/ directory, it must also be referenced
5414 either in curl_easy_setopt.3 or curl_multi_setopt.3
5415
5416- curl_easy_setopt.3: added a few missing options
5417
5418Kamil Dudka (18 Mar 2015)
5419- nss: explicitly tell NSS to disable NPN/ALPN
5420
5421 ... if disabled at libcurl level. Otherwise, we would allow to
5422 negotiate NPN despite curl was invoked with the --no-npn option.
5423
5424Daniel Stenberg (18 Mar 2015)
5425- [Jay Satiro brought this change]
5426
5427 mkhelp: Remove trailing carriage return from every line of input
5428
5429 - Get rid of this flood of warnings in Windows mingw build:
5430 warning: missing terminating " character
5431
5432 The warning is due to the carriage return. When msysgit checks out files
5433 from the repo by default it converts the line endings to CRLF. Prior to
5434 this change when mkhelp.pl processed the MANUAL and curl.1 in CRLF
5435 format the trailing carriage returns caused unnecessary CR in the
5436 output.
5437
5438- RELEASE-NOTES: synced with e539f01567
5439
5440- [Christian Weisgerber brought this change]
5441
5442 docs/libcurl: make portability fix
5443
5444 Using $< in a non-suffix rule context is a GNU make idiom. This bug was
5445 introduced in 7.41.0.
5446
5447Dan Fandrich (17 Mar 2015)
5448- checksrc: Fix whitelist on out-of-tree builds
5449
5450Daniel Stenberg (17 Mar 2015)
5451- [Stefan Bühler brought this change]
5452
5453 Curl_sh_entry: remove unused 'timestamp'
5454
5455- HTTP: don't use Expect: headers when on HTTP/2
5456
5457 Reported-by: Stefan Eissing
5458 Bug: https://github.com/bagder/curl/issues/169
5459
5460- checksrc: detect and remove space before trailing semicolons
5461
5462- checksrc: introduce a whitelisting concept
5463
5464- checksrc: use space after comma
Note: See TracBrowser for help on using the repository browser.