5 \___|\___/|_| \_\_____|
9 Version 7.44.0 (11 Aug 2015)
11 Daniel Stenberg (11 Aug 2015)
12 - RELEASE-NOTES: synced with c75a1e775061
14 - [Svyatoslav Mishyn brought this change]
16 curl_formget.3: correct return code
20 - [Svyatoslav Mishyn brought this change]
22 libcurl-tutorial.3: fix formatting
26 - [Svyatoslav Mishyn brought this change]
28 curl_easy_recv.3: fix formatting
30 - [Anders Bakken brought this change]
32 http2: discard frames with no SessionHandle
34 Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the
35 SessionHandle. Apparently mod_h2 will sometimes send a frame for a
36 stream_id we're finished with.
38 Use nghttp2_session_get_stream_user_data and
39 nghttp2_session_set_stream_user_data to identify SessionHandles instead
44 - RELEASE-NOTES: synced with 9ee40ce2aba
46 - [Viktor Szakats brought this change]
48 build: refer to fixed libidn versions
52 - Revert "configure: disable libidn by default"
54 This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3.
56 ... since libidn has since been fixed.
58 - [Jakub Zakrzewski brought this change]
60 CMake: s/HAVE_GSS_API/HAVE_GSSAPI/ to match header define
62 Otherwise the build only pretended to use GSS-API
66 - SFTP: fix range request off-by-one in size check
68 Reported-by: Tim Stack
72 - test46: update cookie expire time
74 ... since it went old and thus was expired and caused the test to fail!
76 Steve Holme (9 Aug 2015)
77 - generate.bat: Use buildconf.bat for prerequisite file generation
79 - buildconf.bat: Tidy up of comments after recent commits
81 - buildconf.bat: Added full generation of src\tool_hugehelp.c
83 Added support for generating the full man page based on code from
86 - buildconf.bat: Added detection of groff, nroff, perl and gzip
88 To allow for the full generation of tool_hugehelp.c added detection of
89 the required programs - based on code from generate.bat.
91 - buildconf.bat: Move DOS variable clean-up code to separate function
93 Rather than duplicate future variables, during clean-up of both success
94 and error conditions, use a common function that can be called by both.
96 - RELEASE-NOTES: Synced with 39dcf352d2
98 - buildconf.bat: Added error messages on failure
100 - buildconf.bat: Generate and clean files in the same order
102 - buildconf.bat: Maintain compatibility with DOS based systems
104 Commit f08e30d7bc broke compatibility with DOS and non Windows NT based
105 versions of Windows due to the use of the setlocal command.
107 Jay Satiro (9 Aug 2015)
108 - CURLOPT_RESOLVE.3: Note removal support was added in 7.42
110 Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html
113 Steve Holme (8 Aug 2015)
114 - checksrc.bat: Fixed error when missing *.c and *.h files
118 - checksrc.bat: Fixed incorrect 'lib\vtls' path check in commit 333c36b276
120 - checksrc.bat: Fixed error when [directory] isn't a curl source directory
122 The system cannot find the file specified.
124 - checksrc.bat: Added check for unknown arguments
126 - scripts: Added missing comments
128 - scripts: Always perform setlocal and endlocal calls in pairs
130 Ensure that there isn't a mismatch between setlocal and endlocal calls,
131 which could have happened due to setlocal being called after certain
132 error conditions were checked for.
134 - scripts: Allow -help to be specified in any argument
136 Allow the -help command line argument to be specified in any argument
137 and not just as the first.
139 Daniel Stenberg (6 Aug 2015)
140 - [juef brought this change]
142 curl_multi_remove_handle.3: fix formatting
146 Steve Holme (6 Aug 2015)
147 - README: Added notes about 'Running DLL based configurations'
149 ...as well as a TODO for a future enhancement to the project files.
151 Thanks-to: Jay Satiro
153 - RELEASE-NOTES: Synced with cf8975387f
155 - buildconf.bat: Synchronise no repository error with generate.bat
157 - generate.bat: Added a check for the presence of a git repository
159 - [Jay Satiro brought this change]
161 build: Added wolfSSL configurations to VC10+ project files
163 URL: https://github.com/bagder/curl/pull/174
165 - [Jay Satiro brought this change]
167 build: Added wolfSSL build script for Visual Studio projects
169 Added the wolfSSL build script, based on build-openssl.bat, as well as
170 the property sheet and header file required for the upcoming additions
171 to the Visual Studio project files.
173 Daniel Stenberg (6 Aug 2015)
174 - CHANGES: refer to the online changelog
178 - [Isaac Boukris brought this change]
180 NTLM: handle auth for only a single request
182 Currently when the server responds with 401 on NTLM authenticated
183 connection (re-used) we consider it to have failed. However this is
184 legitimate and may happen when for example IIS is set configured to
185 'authPersistSingleRequest' or when the request goes thru a proxy (with
188 Implemented by imploying an additional state once a connection is
189 re-used to indicate that if we receive 401 we need to restart
194 Steve Holme (5 Aug 2015)
195 - RELEASE-NOTES: Synced with 473807b95f
197 - generate.bat: Use buildconf.bat for prerequisite file clean-up
199 - buildconf.bat: Added support for file clean-up via -clean
201 - buildconf.bat: Added progress output
203 - buildconf.bat: Avoid using goto for file not in repository
205 Daniel Stenberg (5 Aug 2015)
206 - curl_slist_append.3: add error checking to the example
208 Steve Holme (5 Aug 2015)
209 - buildconf.bat: Added display of usage text with -help
211 - buildconf.bat: Added exit codes for error handling
213 - buildconf.bat: Added our standard copyright header
215 - buildconf.bat: Use lower-case for commands and reserved keywords
217 - generate.bat: Only clean prerequisite files when in ALL mode
219 - generate.bat: Moved error messages out of sub-routines
221 - generate.bat: More use of lower-case for commands and reserved keywords
223 Daniel Stenberg (3 Aug 2015)
224 - libcurl.3: fix a single typo
228 - RELEASE-NOTES: synced with c4eb10e2f06f
230 - SSH: three state machine fixups
232 The SSH state machine didn't clear the 'rc' variable appropriately in a
233 two places which prevented it from looping the way it should. And it
234 lacked an 'else' statement that made it possible to erroneously get
235 stuck in the SSH_AUTH_AGENT state.
237 Reported-by: Tim Stack
241 - curl_gssapi: remove 'const' to fix compiler warnings
243 initialization discards 'const' qualifier from pointer target type
245 - docs: formpost needs the full size at start of upload
249 Steve Holme (1 Aug 2015)
250 - sspi: Fix typo from left over from old code which referenced NTLM
252 References to NTLM in the identity generation should have been removed
253 in commit c469941293 but not all were.
255 - win32: Fix compilation warnings from commit 40c921f8b8
257 connect.c:953:5: warning: initializer element is not computable at load
259 connect.c:953:5: warning: missing initializer for field 'dwMinorVersion'
261 curl_sspi.c:97:5: warning: initializer element is not computable at load
263 curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion'
266 - schannel: Fix compilation warning from commit 7a8e861a56
268 schannel.c:1125:5: warning: missing initializer for field 'dwMinorVersion'
269 of 'OSVERSIONINFOEX' [-Wmissing-field-initializers
271 Daniel Stenberg (31 Jul 2015)
272 - libcurl-thread.3: minor reformatting
274 Jay Satiro (31 Jul 2015)
275 - curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs
277 Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
278 Reported-by: Eric Ridge
280 - libcurl-thread.3: Warn memory functions must be thread safe
282 Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html
283 Reported-by: Eric Ridge
285 Steve Holme (31 Jul 2015)
286 - RELEASE-NOTES: Synced with 8b1d00ac1a
288 - INSTALL: Minor formatting correction in 'Legacy Windows and SSL' section
290 ...as well as some rewording.
292 Kamil Dudka (30 Jul 2015)
293 - http: move HTTP/2 cleanup code off http_disconnect()
295 Otherwise it would never be called for an HTTP/2 connection, which has
296 its own disconnect handler.
298 I spotted this while debugging <https://bugzilla.redhat.com/1248389>
299 where the http_disconnect() handler was called on an FTP session handle
300 causing 'dnf' to crash. conn->data->req.protop of type (struct FTP *)
301 was reinterpreted as type (struct HTTP *) which resulted in SIGSEGV in
302 Curl_add_buffer_free() after printing the "Connection cache is full,
303 closing the oldest one." message.
305 A previously working version of libcurl started to crash after it was
306 recompiled with the HTTP/2 support despite the HTTP/2 protocol was not
307 actually used. This commit makes it work again although I suspect the
308 root cause (reinterpreting session handle data of incompatible protocol)
309 still has to be fixed. Otherwise the same will happen when mixing FTP
310 and HTTP/2 connections and exceeding the connection cache limit.
312 Reported-by: Tomas Tomecek
313 Bug: https://bugzilla.redhat.com/1248389
315 Daniel Stenberg (30 Jul 2015)
316 - [Viktor Szakats brought this change]
318 ABI doc: use secure URL
320 - ABI: remove the ascii logo
322 and made the indent level to 1
324 - libcurl-multi.3: mention curl_multi_wait
326 ... and some general rewordings to improve this docs.
328 Reported-by: Tim Stack
332 Steve Holme (30 Jul 2015)
333 - maketgz: Fixed some VC makefiles missing from the release tarball
335 VC7, VC11, VC12 and VC14 makefiles were missing from the release
338 - RELEASE-NOTES: Synced with 2d7e165761
340 - build: Added VC14 project files to Makefile.am
342 - build: Added VC14 project files
344 Updates to Makefile.am for the generation of the project files in
345 the tarball to follow.
347 Jay Satiro (29 Jul 2015)
348 - libcurl-thread.3: Clarify CURLOPT_NOSIGNAL takes long value 1L
350 Steve Holme (28 Jul 2015)
351 - generate.bat: Use lower-case for commands and reserved keywords
353 Whilst there are no coding standards for the batch files used in curl,
354 most tend to use lower-case for keywords and upper-case for variables.
356 - build: Added initial VC14 support to generate.bat
358 Visual Studio project files and updates to makefile.am to follow.
360 - build: Fixed missing .opensdf files from VC10+ .gitignore files
362 - build: Use $(ProjectName) macro for curl.exe and curld.exe filenames
364 This wasn't possible with the old curlsrc project filenames, but like
365 commit 2a615a2b64 and 11397eb6dd for libcurl use the built in Visual
366 Studio macros for the output filenames.
368 - build: Renamed curl src Visual Studio project files
370 Following commit 957fcd9049 and in preparation for adding the VC14
371 project files renamed the curl source project files.
373 Daniel Stenberg (28 Jul 2015)
374 - [Jay Satiro brought this change]
376 libcurl-thread.3: Revert to stricter handle wording
378 .. also update formatting and add WinSSL and wolfSSL to the SSL/TLS
381 - [Jay Satiro brought this change]
383 libcurl-thread.3: Consolidate thread safety info
385 This is a new document to consolidate our thread safety information from
386 several documents (curl-www:features, libcurl.3, libcurl-tutorial.3).
387 Each document's section on multi-threading will now point to this one.
389 Steve Holme (27 Jul 2015)
390 - README: Corrected formatting for 'Legacy Windows and SSL' section
392 ...as well as some wording.
394 - build-openssl.bat: Added support for VC14
396 Daniel Stenberg (26 Jul 2015)
397 - RELEASE-NOTES: synced with 0f645adc95390e8
399 - test1902: attempt to make the test more reliable
403 - comment: fix comment about adding new option support
405 Jay Satiro (25 Jul 2015)
406 - build-openssl.bat: Show syntax if required args are missing
408 Daniel Stenberg (26 Jul 2015)
409 - TODO: improve how curl works in a windows console window
413 - 1.11 minimize dependencies with dynamicly loaded modules
417 Jay Satiro (25 Jul 2015)
418 - tool_operate: Fix CURLOPT_SSL_OPTIONS for builds without HTTPS
420 - Set CURLOPT_SSL_OPTIONS only if the tool enabled an SSL option.
422 Broken by me several days ago in 172b2be.
423 https://github.com/bagder/curl/commit/172b2be#diff-70b44ee478e58d4e1ddcf9c9a73d257b
425 Bug: http://curl.haxx.se/mail/lib-2015-07/0119.html
426 Reported-by: Dan Fandrich
428 Daniel Stenberg (25 Jul 2015)
429 - configure: check if OpenSSL linking wants -ldl
431 To make it easier to link with static versions of OpenSSL, the configure
432 script now checks if -ldl is needed for linking.
436 - [Michael Kaufmann brought this change]
438 HTTP: ignore "Content-Encoding: compress"
440 Currently, libcurl rejects responses with "Content-Encoding: compress"
441 when CURLOPT_ACCEPT_ENCODING is set to "". I think that libcurl should
442 treat the Content-Encoding "compress" the same as other
443 Content-Encodings that it does not support, e.g. "bzip2". That means
446 - [Marcel Raad brought this change]
448 openssl: work around MSVC warning
452 lib\vtls\openssl.c(1554): warning C4701: potentially uninitialized local
453 variable 'verstr' used It's a false positive, but as it's normally not,
454 I have enabled warning-as-error for that warning.
456 - [Michał Fita brought this change]
458 configure: add --disable-rt option
460 This option disables any attempts in configure to create dependency on
461 stuff requiring linking to librt.so and libpthread.so, in this case this
462 means clock_gettime(CLOCK_MONOTONIC, &mt).
464 We were in need to build curl which doesn't link libpthread.so to avoid
466 https://sourceware.org/bugzilla/show_bug.cgi?id=16628.
468 Kamil Dudka (23 Jul 2015)
469 - http2: verify success of strchr() in http2_send()
471 Detected by Coverity.
474 lib/http2.c:1301: returned_null: "strchr" returns null (checked 103 out of 109 times).
475 lib/http2.c:1301: var_assigned: Assigning: "hdbuf" = null return value from "strchr".
476 lib/http2.c:1302: dereference: Incrementing a pointer which might be null: "hdbuf".
478 1301| hdbuf = strchr(hdbuf, 0x0a);
481 1304| authority_idx = 0;
483 Jay Satiro (22 Jul 2015)
484 - Windows: Fix VerifyVersionInfo calls
486 - Fix the VerifyVersionInfo calls, which we use to test for the OS major
487 version, to also test for the minor version as well as the service pack
488 major and minor versions.
490 MSDN: "If you are testing the major version, you must also test the
491 minor version and the service pack major and minor versions."
493 https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx
495 Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098
496 Reported-by: Marcel Raad <MarcelRaad@users.noreply.github.com>
498 - [Marcel Raad brought this change]
500 schannel: Replace deprecated GetVersion with VerifyVersionInfo
502 Steve Holme (21 Jul 2015)
503 - makefile: Added support for VC14
505 Patrick Monnerat (21 Jul 2015)
506 - os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings.
508 - libcurl: VERSIONINFO update
509 Addition of new procedures curl_pushheader_bynum and curl_pushheader_byname
510 requires VERSIONINFO updating.
512 - http2: satisfy external references even if http2 is not compiled in.
514 Daniel Stenberg (20 Jul 2015)
515 - http2: add stream != NULL checks for reliability
517 They should not trigger, but in case of internal problems we at least
518 avoid crashes this way.
520 Jay Satiro (18 Jul 2015)
521 - symbols-in-versions: Add new CURLSSLOPT_NO_REVOKE symbol
523 - SSL: Add an option to disable certificate revocation checks
525 New tool option --ssl-no-revoke.
526 New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.
528 Currently this option applies only to WinSSL where we have automatic
529 certificate revocation checking by default. According to the
530 ssl-compared chart there are other backends that have automatic checking
531 (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
534 Bug: https://github.com/bagder/curl/issues/264
535 Reported-by: zenden2k <zenden2k@gmail.com>
537 - runtests: Allow for spaces in curl custom path
539 .. also fix some typos in test's FILEFORMAT spec.
541 - [David Woodhouse brought this change]
543 ntlm_wb: Fix theoretical memory leak
545 Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix
546 hard-coded limit on NTLM auth packet size") introduced a potential
547 memory leak on an error path, because we forget to free the buffer
548 before returning an error.
552 Although actually, it never happens in practice because we never *get*
553 here with state == NTLMSTATE_TYPE1. The state is always zero. That
554 might want cleaning up in a separate patch.
556 Reported-by: Terri Oda
558 - strerror: Add CRYPT_E_REVOKED to SSPI error strings
560 Kamil Dudka (14 Jul 2015)
561 - libtest: call PR_Cleanup() on exit if NSPR is used
563 This prevents valgrind from reporting possibly lost memory that NSPR
564 uses for file descriptor cache and other globally allocated internal
567 Reported-by: Štefan Kremeň
569 Jay Satiro (14 Jul 2015)
570 - [John Malmberg brought this change]
572 openssl: VMS support for SHA256
574 setup-vms.h: More symbols for SHA256, hacks for older VAX
576 openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.
578 openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
579 allow building on VAX and 64 bit VMS.
581 - examples: Fix typo in multi-single.c
583 Daniel Stenberg (7 Jul 2015)
584 - [Tatsuhiro Tsujikawa brought this change]
586 http2: Fix memory leak in push header array
588 Dan Fandrich (2 Jul 2015)
589 - test2041: fixed line endings in protocol part
591 - cyassl: fixed mismatched sha256sum function prototype
593 Daniel Stenberg (1 Jul 2015)
594 - [moparisthebest brought this change]
596 SSL: Pinned public key hash support
598 - examples: provide <DESC> sections
600 - [John Malmberg brought this change]
602 OpenVMS: VMS Software, Inc now the supplier.
604 setup-vms.h: Symbol case fixups submitted by Michael Steve
606 build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the
607 supplier of new versions of VMS. The install kit needs to accept
610 Jay Satiro (30 Jun 2015)
611 - multi: Move http2 push function declarations to header end
613 This change necessary for binary compatibility.
615 Prior to this change test 1135 failed due to the order of functions.
617 - symbols-in-versions: Add new http2 push symbols
619 Prior to this change test 1119 failed due to the missing symbols.
621 Daniel Stenberg (30 Jun 2015)
622 - RELEASE-NOTES: synced with e6749055d653
624 - configure: disable libidn by default
626 For security reasons, until there is a fix.
628 Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html
629 Reported-by: Gustavo Grieco, Feist Josselin
631 - SSL-PROBLEMS: mention WinSSL problems in WinXP
633 - CODE_OF_CONDUCT.md: added
635 Just to underscore how we treat each other in this project. Nothing new
636 really, but could be useful for newcomers and outsiders to see our
639 - tool_header_cb: fflush the header stream
641 Flush the header stream when -D is used so that they are sent off
644 Bug: https://github.com/bagder/curl/issues/324
645 Reported-by: Cédric Connes
647 - [Roger Leigh brought this change]
649 tests: Distribute CMakeLists.txt files in subdirectories
651 - CURLOPT_FAILONERROR.3: mention that it closes the connection
654 Bug: https://github.com/bagder/curl/issues/325
656 - curl_multi_setopt.3: alpha sort the options
658 - curl_multi_setopt.3: add the new push options
660 - [Tatsuhiro Tsujikawa brought this change]
662 http2: Use nghttp2 library error code for error return value
664 - [Tatsuhiro Tsujikawa brought this change]
666 http2: Harden header validation for curl_pushheader_byname
668 Since we do prefix match using given header by application code
669 against header name pair in format "NAME:VALUE", and VALUE part can
670 contain ":", we have to careful about existence of ":" in header
671 parameter. ":" should be allowed to match HTTP/2 pseudo-header field,
672 and other use of ":" in header must be treated as error, and
673 curl_pushheader_byname should return NULL. This commit implements
676 - [Tatsuhiro Tsujikawa brought this change]
678 CURLMOPT_PUSHFUNCTION.3: Remove unused variable
680 - CURLMOPT_PUSHFUNCTION.3: added example
682 - http2: curl_pushheader_byname now takes a const char *
684 - http2-serverpush.c: example code
686 - http2: free all header memory after the push callback
688 - http2: init the pushed transfer properly
690 - http2: fixed the header accessor functions for the push callback
692 - http2: setup the new pushed stream properly
694 - http2: initial implementation of the push callback
696 - http2: initial HTTP/2 server push types/docs
698 - test1531: verify POSTFIELDSIZE set after add_handle
700 Following the fix made in 903b6e05565bf.
702 - pretransfer: init state.infilesize here, not in add_handle
704 ... to properly support that options are set to the handle after it is
705 added to the multi handle.
707 Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html
708 Reported-by: Stefan Bühler
710 Jay Satiro (21 Jun 2015)
711 - [Lior Kaplan brought this change]
713 tool_help: fix --tlsv1 help text to use >= for TLSv1
715 - INSTALL: Advise use of non-native SSL for Windows <= XP
717 Advise that WinSSL in versions <= XP will not be able to connect to
718 servers that no longer support the legacy handshakes and algorithms used
719 by those versions, and to use an alternate backend like OpenSSL instead.
721 Bug: https://github.com/bagder/curl/issues/253
722 Reported-by: zenden2k <zenden2k@gmail.com>
724 Kamil Dudka (19 Jun 2015)
725 - curl_easy_setopt.3: restore contents removed by mistake
727 ... in commit curl-7_43_0-18-g570076e
729 Daniel Stenberg (19 Jun 2015)
730 - curl_easy_setopt.3: mention CURLOPT_PIPEWAIT
732 Jay Satiro (18 Jun 2015)
733 - cookie: Fix bug in export if any-domain cookie is present
735 In 3013bb6 I had changed cookie export to ignore any-domain cookies,
736 however the logic I used to do so was incorrect, and would lead to a
737 busy loop in the case of exporting a cookie list that contained
738 any-domain cookies. The result of that is worse though, because in that
739 case the other cookies would not be written resulting in an empty file
740 once the application is terminated to stop the busy loop.
742 Dan Fandrich (18 Jun 2015)
743 - FTP: fixed compiling with --disable-proxy, broken in b88f980a
745 Daniel Stenberg (18 Jun 2015)
746 - tool: always provide negotiate/kerberos options
748 libcurl can still be built with it, even if the tool is not. Maintain
751 - TODO: Support IDNA2008
753 - [Viktor Szakats brought this change]
755 Makefile.m32: add support for CURL_LDFLAG_EXTRAS
757 It is similar to existing CURL_CFLAG_EXTRAS, but for
760 - RTSP: removed another piece of dead code
764 - openssl: fix use of uninitialized buffer
766 Make sure that the error buffer is always initialized and simplify the
767 use of it to make the logic easier.
769 Bug: https://github.com/bagder/curl/issues/318
772 - examples: more descriptions
774 - examples: add descriptions with <DESC>
776 Using this fixed format for example descriptions, we can generate a
777 better list on the web site.
779 - libcurl-errors.3: fix typo
781 - curl_easy_setopt.3: option order doesn't matter
783 - openssl: fix build with BoringSSL
785 OPENSSL_load_builtin_modules does not exist in BoringSSL. Regression
788 - [Paul Howarth brought this change]
790 openssl: Fix build with openssl < ~ 0.9.8f
792 The symbol SSL3_MT_NEWSESSION_TICKET appears to have been introduced at
793 around openssl 0.9.8f, and the use of it in lib/vtls/openssl.c breaks
794 builds with older openssls (certainly with 0.9.8b, which is the latest
795 older version I have to try with).
797 - FTP: do the HTTP CONNECT for data connection blocking
801 The introduced non-blocking general behaviour for Curl_proxyCONNECT()
802 didn't work for the data connection establishment unless it was very
803 fast. The newly introduced function argument makes it operate in a more
804 blocking manner, more like it used to work in the past. This blocking
805 approach is only used when the FTP data connecting through HTTP proxy.
807 Blocking like this is bad. A better fix would make it work more
810 Bug: https://github.com/bagder/curl/issues/278
812 - bump: start the journey toward 7.44.0
814 Jay Satiro (17 Jun 2015)
815 - CURLOPT_ERRORBUFFER.3: Fix example, escape backslashes
817 - CURLOPT_ERRORBUFFER.3: Improve example
819 Version 7.43.0 (17 Jun 2015)
821 Daniel Stenberg (17 Jun 2015)
822 - RELEASE-NOTES: 7.43.0 release
824 - THANKS: updated with 7.43.0 names
826 - [Kamil Dudka brought this change]
828 http: do not leak basic auth credentials on re-used connections
832 This partially reverts commit curl-7_39_0-237-g87c4abb
834 Reported-by: Tomas Tomecek, Kamil Dudka
835 Bug: http://curl.haxx.se/docs/adv_20150617A.html
837 - [Kamil Dudka brought this change]
839 test2040: verify basic auth on re-used connections
841 - SMB: rangecheck values read off incoming packet
845 Detected by Coverity. CID 1299430.
847 Bug: http://curl.haxx.se/docs/adv_20150617B.html
849 Jay Satiro (17 Jun 2015)
850 - schannel: schannel_recv overhaul
852 This commit is several drafts squashed together. The changes from each
853 draft are noted below. If any changes are similar and possibly
854 contradictory the change in the latest draft takes precedence.
856 Bug: https://github.com/bagder/curl/issues/244
857 Reported-by: Chris Araman
862 - return 0 if len == 0. that will have to be documented.
863 - continue on and process the caches regardless of raw recv
864 - if decrypted data will be returned then set the error code to CURLE_OK
866 - if decrypted data will not be returned and the connection has closed
867 (eg nread == 0) then return 0 and CURLE_OK
868 - if decrypted data will not be returned and the connection *hasn't*
869 closed then set the error code to CURLE_AGAIN --only if an error code
870 isn't already set-- and return -1
871 - narrow the Win2k workaround to only Win2k
876 - Trying out a change in flow to handle corner cases.
881 - Back out the lazier decryption change made in draft2.
886 - Some formatting and branching changes
887 - Decrypt all encrypted cached data when len == 0
888 - Save connection closed state
889 - Change special Win2k check to use connection closed state
894 - Default to CURLE_AGAIN in cleanup if an error code wasn't set and the
895 connection isn't closed.
900 - Save the last error only if it is an unrecoverable error.
902 Prior to this I saved the last error state in all cases; unfortunately
903 the logic to cover that in all cases would lead to some muddle and I'm
904 concerned that could then lead to a bug in the future so I've replaced
905 it by only recording an unrecoverable error and that state will persist.
907 - Do not recurse on renegotiation.
909 Instead we'll continue on to process any trailing encrypted data
910 received during the renegotiation only.
912 - Move the err checks in cleanup after the check for decrypted data.
914 In either case decrypted data is always returned but I think it's easier
915 to understand when those err checks come after the decrypted data check.
920 - Regardless of len value go directly to cleanup if there is an
921 unrecoverable error or a close_notify was already received. Prior to
922 this change we only acknowledged those two states if len != 0.
924 - Fix a bug in connection closed behavior: Set the error state in the
925 cleanup, because we don't know for sure it's an error until that time.
927 - (Related to above) In the case the connection is closed go "greedy"
928 with the decryption to make sure all remaining encrypted data has been
929 decrypted even if it is not needed at that time by the caller. This is
930 necessary because we can only tell if the connection closed gracefully
931 (close_notify) once all encrypted data has been decrypted.
933 - Do not renegotiate when an unrecoverable error is pending.
938 - Don't show 'server closed the connection' info message twice.
940 - Show an info message if server closed abruptly (missing close_notify).
942 Daniel Stenberg (16 Jun 2015)
943 - [Paul Oliver brought this change]
949 - [Viktor Szakats brought this change]
953 - RELEASE-NOTES: synced with f29f2cbd00dbe5f
955 - [Viktor Szakats brought this change]
957 README: use secure protocol for Git repository
959 - [Viktor Szakats brought this change]
961 HTTP2.md: use SSL/TLS IETF URLs
963 - [Viktor Szakats brought this change]
965 LICENSE-MIXING: update URLs
967 * use SSL/TLS where available
968 * follow permanent redirects
970 - LICENSE-MIXING: refreshed
972 - curl_easy_duphandle: see also *reset
974 - rtsp_do: fix DEAD CODE
976 "At condition p_request, the value of p_request cannot be NULL."
978 Coverity CID 1306668.
980 - security:choose_mech fix DEAD CODE warning
982 ... by removing the "do {} while (0)" block.
986 - curl.1: netrc is in man section 5
988 - curl.1: small format fix
990 use \fI-style instead of .BR for references
992 - urldata: store POST size in state.infilesize too
994 ... to simplify checking when PUT _or_ POST have completed.
996 Reported-by: Frank Meier
997 Bug: http://curl.haxx.se/mail/lib-2015-06/0019.html
999 Dan Fandrich (14 Jun 2015)
1000 - test1530: added http to required features
1002 Jay Satiro (14 Jun 2015)
1003 - [Drake Arconis brought this change]
1005 build: Fix typo from OpenSSL 1.0.2 version detection fix
1007 - [Drake Arconis brought this change]
1009 build: Properly detect OpenSSL 1.0.2 when using configure
1011 - curl_multi_info_read.3: fix example formatting
1013 Daniel Stenberg (13 Jun 2015)
1014 - BINDINGS: there's a new R binding in town!
1016 - BINDINGS: added the Xojo binding
1018 Jay Satiro (11 Jun 2015)
1019 - [Joel Depooter brought this change]
1021 schannel: Add support for optional client certificates
1023 Some servers will request a client certificate, but not require one.
1024 This change allows libcurl to connect to such servers when using
1025 schannel as its ssl/tls backend. When a server requests a client
1026 certificate, libcurl will now continue the handshake without one,
1027 rather than terminating the handshake. The server can then decide
1028 if that is acceptable or not. Prior to this change, libcurl would
1029 terminate the handshake, reporting a SEC_I_INCOMPLETE_CREDENTIALS
1032 Daniel Stenberg (11 Jun 2015)
1033 - curl_easy_cleanup.3: provide more SEE ALSO
1035 - debug: remove http2 debug leftovers
1037 - VERSIONS: now using markdown
1039 - RELEASE-PROCEDURE: remove ascii logo at the top of file
1041 - INTERNALS: absorbed docs/LIBCURL-STRUCTS
1043 - INTERNALS: cat lib/README* >> INTERNALS
1045 and a conversion to markdown. Removed the lib/README.* files. The idea
1046 being to move toward having INTERNALS as the one and only "book" of
1047 internals documentation.
1049 Added a TOC to top of the document.
1051 Jay Satiro (8 Jun 2015)
1052 - openssl: LibreSSL and BoringSSL do not use TLS_client_method
1054 Although OpenSSL 1.1.0+ deprecated SSLv23_client_method in favor of
1055 TLS_client_method LibreSSL and BoringSSL didn't and still use
1056 SSLv23_client_method.
1058 Bug: https://github.com/bagder/curl/commit/49a6642#commitcomment-11578009
1059 Reported-by: asavah@users.noreply.github.com
1061 Daniel Stenberg (9 Jun 2015)
1062 - RELEASE-NOTES: synced with 20ac3458068
1064 - CURLOPT_OPENSOCKETFUNCTION: return error at once
1066 When CURL_SOCKET_BAD is returned in the callback, it should be treated
1067 as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently
1068 created when trying to connect to a server.
1070 Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
1072 - fopen.c: fix a few compiler warnings
1074 - [Ville Skyttä brought this change]
1076 docs: Spelling fixes
1078 - [Ville Skyttä brought this change]
1080 docs: man page indentation and syntax fixes
1082 Linus Nielsen (8 Jun 2015)
1083 - help: Add --proxy-service-name and --service-name to the --help output
1085 Jay Satiro (7 Jun 2015)
1086 - openssl: Fix verification of server-sent legacy intermediates
1088 - Try building a chain using issuers in the trusted store first to avoid
1089 problems with server-sent legacy intermediates.
1091 Prior to this change server-sent legacy intermediates with missing
1092 legacy issuers would cause verification to fail even if the client's CA
1093 bundle contained a valid replacement for the intermediate and an
1094 alternate chain could be constructed that would verify successfully.
1096 https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
1098 Daniel Stenberg (5 Jun 2015)
1099 - BINDINGS: update several URLs
1101 Stop linking to the curl.haxx.se anchor pages, they are usually only
1102 themselves pointers to the real page so better point there directly
1105 - BINDINGS: the curl-rust binding
1107 - curl.h: add CURL_HTTP_VERSION_2
1109 The protocol is named "HTTP/2" after all. It is an alias for the
1110 existing CURL_HTTP_VERSION_2_0 enum.
1112 - openssl: removed error string #ifdef
1114 ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore
1116 - openssl: removed USERDATA_IN_PWD_CALLBACK kludge
1118 Code for OpenSSL 0.9.4 serves no purpose anymore!
1120 - openssl: remove SSL_get_session()-using code
1122 It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or
1125 - openssl: remove dummy callback use from SSL_CTX_set_verify()
1127 The existing callback served no purpose.
1129 - LIBCURL-STRUCTS: clarify for multiplexing
1131 Jay Satiro (3 Jun 2015)
1132 - cookie: Stop exporting any-domain cookies
1134 Prior to this change any-domain cookies (cookies without a domain that
1135 are sent to any domain) were exported with domain name "unknown".
1137 Bug: https://github.com/bagder/curl/issues/292
1139 Daniel Stenberg (3 Jun 2015)
1140 - RELEASE-PROCEDURE: refreshed 'coming dates'
1142 Jay Satiro (2 Jun 2015)
1143 - curl_setup: Change fopen text macros to use 't' for MSDOS
1145 Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198
1146 Reported-by: Gisle Vanem
1148 Daniel Stenberg (2 Jun 2015)
1149 - curl_multi_timeout.3: added example
1151 - curl_multi_perform.3: added example
1153 - curl_multi_info_read.3: added example
1155 - checksrc: detect fopen() for text without the FOPEN_* macros
1157 Follow-up to e8423f9ce150 with discussionis in
1158 https://github.com/bagder/curl/pull/258
1160 This check scans for fopen() with a mode string without 'b' present, as
1161 it may indicate that an FOPEN_* define should rather be used.
1163 - curl_getdate.3: update RFC reference
1165 Jay Satiro (1 Jun 2015)
1166 - curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT
1168 - Change fopen calls to use FOPEN_READTEXT instead of "r" or "rt"
1169 - Change fopen calls to use FOPEN_WRITETEXT instead of "w" or "wt"
1171 This change is to explicitly specify when we need to read/write text.
1172 Unfortunately 't' is not part of POSIX fopen so we can't specify it
1173 directly. Instead we now have FOPEN_READTEXT, FOPEN_WRITETEXT.
1175 Prior to this change we had an issue on Windows if an application that
1176 uses libcurl overrides the default file mode to binary. The default file
1177 mode in Windows is normally text mode (translation mode) and that's what
1180 Bug: https://github.com/bagder/curl/pull/258#issuecomment-107093055
1181 Reported-by: Orgad Shaneh
1183 Daniel Stenberg (1 Jun 2015)
1184 - http2-upload.c: use PIPEWAIT for playing HTTP/2 better
1186 - http2-download: check for CURLPIPE_MULTIPLEX properly
1188 Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html
1189 Reported-by: Rafayel Mkrtchyan
1191 - [Isaac Boukris brought this change]
1193 HTTP-NTLM: fail auth on connection close instead of looping
1195 Bug: https://github.com/bagder/curl/issues/256
1197 - 5.6 Refuse "downgrade" redirects
1199 - README.pingpong: removed
1201 - ROADMAP: remove HTTP/2 multiplexing - its here now
1203 - HTTP2.md: formatted properly
1205 - HTTP2: moved docs into docs/ and make it markdown
1207 - README.http2: refreshed and added multiplexing info
1209 - dist: add the http2 examples
1211 - http2 examples: clean up some comments
1213 - examples: added two programs doing multiplexed HTTP/2
1215 - scripts: moved contributors.sh and contrithanks.sh into subdir
1217 - RELEASE-NOTES: synced with c005790ff1c0a
1219 - [Daniel Melani brought this change]
1221 openssl: typo in comment
1223 Jay Satiro (27 May 2015)
1224 - openssl: Use TLS_client_method for OpenSSL 1.1.0+
1226 SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The
1227 equivalent is TLS_client_method.
1229 https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557
1231 Daniel Stenberg (26 May 2015)
1232 - FAQ: How do I port libcurl to my OS?
1234 Jay Satiro (25 May 2015)
1235 - CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
1237 Document that if Set-Cookie is used without a domain then the cookie is
1238 sent for any domain and will not be modified.
1240 Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
1241 Reported-by: Alexander Dyagilev
1243 Daniel Stenberg (25 May 2015)
1244 - [Tatsuhiro Tsujikawa brought this change]
1246 http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer
1248 Previously, after seeing upgrade to HTTP/2, we feed data followed by
1249 upgrade response headers directly to nghttp2_session_mem_recv() in
1250 Curl_http2_switched(). But it turns out that passed buffer, mem, is
1251 part of stream->mem, and callbacks called by
1252 nghttp2_session_mem_recv() will write stream specific data into
1253 stream->mem, overwriting input data. This will corrupt input, and
1254 most likely frame length error is detected by nghttp2 library. The
1255 fix is first copy the passed data to HTTP/2 connection buffer,
1256 httpc->inbuf, and call nghttp2_session_mem_recv().
1258 Jay Satiro (24 May 2015)
1259 - CURLOPT_COOKIE.3: Explain that the cookies won't be modified
1261 The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
1262 outgoing request(s)." However there seems to be some user confusion
1263 about cookie modification. Document that the cookies set by this option
1264 are not modified by the cookie engine.
1266 Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
1267 Reported-by: Alexander Dyagilev
1269 - CURLOPT_COOKIELIST.3: Add example
1271 Dan Fandrich (24 May 2015)
1272 - testcurl.pl: use rel2abs to make the source directory absolute
1274 This function makes a platform-specific absolute path which uses
1275 backslashes on Windows. This form works when passing it on the
1276 command-line, as well as if the source is on another drive.
1278 - conncache: fixed memory leak on OOM (torture tests)
1280 Daniel Stenberg (24 May 2015)
1281 - perl: remove subdir, not touched in 9 years
1283 - log2changes.pl: moved to scripts/
1285 - [Alessandro Ghedini brought this change]
1287 scripts: add zsh.pl for generating zsh completion
1289 Dan Fandrich (23 May 2015)
1290 - test1510: another flaky test
1292 Daniel Stenberg (22 May 2015)
1293 - security: fix "Unchecked return value" from sscanf()
1295 By (void) prefixing it and adding a comment. Did some minor related
1298 Coverity CID 1299423.
1300 - security: simplify choose_mech
1302 Coverity CID 1299424 identified dead code because of checks that could
1303 never equal true (if the mechanism's name was NULL).
1305 Simplified the function by removing a level of pointers and removing the
1306 loop and array that weren't used.
1308 - RTSP: catch attempted unsupported requests better
1310 Replace use of assert with code that properly catches bad input at
1311 run-time even in non-debug builds.
1313 This flaw was sort of detected by Coverity CID 1299425 which claimed the
1314 "case RTSPREQ_NONE" was dead code.
1316 - share_init: fix OOM crash
1318 A failed calloc() would lead to NULL pointer use.
1320 Coverity CID 1299427.
1322 - parse_proxy: switch off tunneling if non-HTTP proxy
1324 non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL
1326 Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html
1327 Reported-by: Sean Boudreau
1329 - curl: fix potential NULL dereference
1331 Coverity CID 1299428: Dereference after null check (FORWARD_NULL)
1333 - http2: on_frame_recv: return early on stream 0
1335 Coverity CID 1299426 warned about possible NULL dereference otherwise,
1336 but that would only ever happen if we get invalid HTTP/2 data with
1337 frames for stream 0. Avoid this risk by returning early when stream 0 is
1340 - http: removed self assignment
1342 Follow-up fix from b0143a2a33f0
1344 Detected by coverity. CID 1299429
1346 - [Tatsuhiro Tsujikawa brought this change]
1348 http2: Make HTTP Upgrade work
1350 This commit just add implicitly opened stream 1 to streams hash.
1352 Jay Satiro (22 May 2015)
1353 - strerror: Change SEC_E_ILLEGAL_MESSAGE description
1355 Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS
1356 and language specific, and invariably translated to something not very
1357 helpful like: "The message received was unexpected or badly formatted."
1359 Bug: https://github.com/bagder/curl/issues/267
1360 Reported-by: Michael Osipov
1362 - telnet: Fix read-callback change for Windows builds
1364 Refer to b0143a2 for more information on the read-callback change.
1366 Daniel Stenberg (21 May 2015)
1367 - CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy!
1369 Dan Fandrich (21 May 2015)
1370 - testcurl.pl: allow source to be in an arbitrary directory
1372 This way, the build directory can be located on an entirely different
1373 filesystem from the source code (e.g. a tmpfs).
1375 Daniel Stenberg (20 May 2015)
1376 - read_callback: move to SessionHandle from connectdata
1378 With many easy handles using the same connection for multiplexing, it is
1379 important we store and keep the transfer-oriented stuff in the
1380 SessionHandle so that callbacks and callback data work fine even when
1381 many easy handles share the same physical connection.
1383 - http2: show stream IDs in decimal
1385 It makes them easier to match output from the nghttpd test server.
1387 - [Tatsuhiro Tsujikawa brought this change]
1389 http2: Faster http2 upload
1391 Previously, when we send all given buffer in data_source_callback, we
1392 return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream
1393 temporarily for writing. This itself is good. If this is the sole
1394 stream in the session, nghttp2_session_want_write() returns zero,
1395 which means that libcurl does not check writeability of the underlying
1396 socket. This leads to very slow upload, because it seems curl only
1397 upload 16k something per 1 second. To fix this, if we still have data
1398 to send, call nghttp2_session_resume_data after nghttp2_session_send.
1399 This makes nghttp2_session_want_write() returns nonzero (if connection
1400 window still opens), and as a result, socket writeability is checked,
1401 and upload speed becomes normal.
1403 - [Dmitry Eremin-Solenikov brought this change]
1405 gtls: don't fail on non-fatal alerts during handshake
1407 Stop curl from failing when non-fatal alert is received during
1408 handshake. This e.g. fixes lots of problems when working with https
1409 sites through proxies.
1411 - curl_easy_unescape.3: update RFC reference
1413 Reported-by: bsammon
1414 Bug: https://github.com/bagder/curl/issues/282
1416 Jay Satiro (20 May 2015)
1417 - CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
1419 .. also correct some variable naming in curl_easy_escape.3
1421 Bug: https://github.com/bagder/curl/issues/281
1422 Reported-by: bsammon@users.noreply.github.com
1424 Daniel Stenberg (19 May 2015)
1425 - [Brian Prodoehl brought this change]
1427 openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg
1429 BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl
1430 and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and
1435 Jay Satiro (19 May 2015)
1436 - curl.1: fix missing space in section --data
1438 Daniel Stenberg (19 May 2015)
1439 - transfer: remove erroneous and misleading comment
1441 Kamil Dudka (19 May 2015)
1442 - http: silence compile-time warnings without USE_NGHTTP2
1444 Error: CLANG_WARNING:
1445 lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read
1447 Error: COMPILER_WARNING:
1448 lib/http.c: scope_hint: In function ‘http_disconnect’
1449 lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable]
1451 Jay Satiro (19 May 2015)
1452 - transfer: Replace __func__ instances with function name
1454 .. also make __func__ replacement in multi.
1456 Prior to this change debug builds would fail to build if the compiler
1457 was building pre-c99 and didn't support __func__.
1459 Daniel Stenberg (19 May 2015)
1460 - [Viktor Szakats brought this change]
1462 build: bump version in default nghttp2 paths
1464 - INTERNALS: we require nghttp2 1.0.0+ now
1466 Jay Satiro (18 May 2015)
1467 - http: Add some include guards for the new HTTP/2 stuff
1469 Daniel Stenberg (18 May 2015)
1470 - http2: store upload state per stream
1472 Use a curl_off_t for upload left
1474 - http2: fix build when NOT h2-enabled
1476 - http2: switch to use Curl_hash_destroy()
1478 as after 4883f7019d3, the *_clean() function only flushes the hash.
1480 - curlver: restore LIBCURL_VERSION_NUM defined as a full number
1482 As it breaks configure, curl-config and test 1023 if not.
1484 - [Anthony Avina brought this change]
1486 hostip: fix unintended destruction of hash table
1488 .. and added unit1602 for hash.c
1490 - curlver: introducing new version number (checking) macros
1492 - runtests.pl: use 'h2c' now, no -14 anymore
1494 - [Tatsuhiro Tsujikawa brought this change]
1496 http2: Ignore if we have stream ID not in hash in on_stream_close
1498 We could get stream ID not in the hash in on_stream_close. For
1499 example, if we decided to reject stream (e.g., PUSH_PROMISE), then we
1500 don't create stream and store it in hash with its stream ID.
1502 - [Tatsuhiro Tsujikawa brought this change]
1504 Require nghttp2 v1.0.0
1506 This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0,
1507 and utilize recent version of nghttp2 to simplify the code,
1509 First we use nghttp2_option_set_no_recv_client_magic function to
1510 detect nghttp2 v1.0.0. That function only exists since v1.0.0.
1512 Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and
1513 validates received header field. If it found error, RST_STREAM with
1514 PROTOCOL_ERROR is issued. Since we require v1.0.0, we can utilize
1515 this feature to simplify libcurl code. This commit does this.
1517 Migration from 0.7 series are done based on nghttp2 migration
1518 document. For libcurl, we removed the code sending first 24 bytes
1519 client magic. It is now done by nghttp2 library.
1520 on_invalid_frame_recv callback signature changed, and is updated
1523 - http2: infof length in on_frame_send()
1525 - pipeline: switch some code over to functions
1527 ... to "compartmentalize" a bit and make it easier to change behavior
1528 when multiplexing is used instead of good old pipelining.
1530 - symbols-in-versions: add CURLOPT_PIPEWAIT
1532 - CURLOPT_PIPEWAIT: added
1534 By setting this option to 1 libcurl will wait for a connection to reveal
1535 if it is possible to pipeline/multiplex on before it continues.
1537 - Curl_http_readwrite_headers: minor code simplification
1539 - IsPipeliningPossible: fixed for http2
1541 - http2: bump the h2 buffer size to 32K for speed
1543 - http2: remove the stream from the hash in stream_close callback
1545 ... and suddenly things work much better!
1547 - http2: if there is paused data, do not clear the drain field
1549 - http2: rename s/data/pausedata
1551 - http2: "stream %x" in all outputs to make it easier to search for
1553 - http2: Curl_expire() all handles with incoming traffic
1555 ... so that they'll get handled next in the multi loop.
1557 - http2: don't signal settings change for same values
1559 - http2: set default concurrency, fix ConnectionExists for multiplex
1561 - bundles: store no/default/pipeline/multiplex
1563 to allow code to act differently on the situation.
1565 Also added some more info message for the connection re-use function to
1566 make it clearer when connections are not re-used.
1568 - http2: lazy init header_recvbuf
1570 It makes us use less memory when not doing HTTP/2 and subsequently also
1571 makes us not have to cleanup HTTP/2 related data when not using HTTP/2!
1573 - http2: separate multiplex/pipelining + cleanup memory leaks
1575 - CURLMOPT_PIPELINE: bit 1 is for multiplexing
1577 - [Tatsuhiro Tsujikawa brought this change]
1579 http2: Fix bug that data to be drained are overwritten by pending "paused" data
1581 - [Tatsuhiro Tsujikawa brought this change]
1583 http2: Don't call nghttp2_session_mem_recv while it is paused by a stream
1585 - [Tatsuhiro Tsujikawa brought this change]
1587 http2: Read data left in connection buffer after pause
1589 Previously when we do pause because of out of buffer, we just throw
1590 away unread data in connection buffer. This just broke protocol
1591 framing, and I saw occasional FRAME_SIZE_ERROR. This commit fix this
1592 issue by remembering how much data read, and in the next iteration, we
1593 process remaining data.
1595 - [Tatsuhiro Tsujikawa brought this change]
1597 http2: Fix streams get stuck
1599 This commit fixes the bug that streams get stuck if stream gets some
1600 DATA, and stream->closed becomes true at the same time. Previously,
1601 in this condition, after we processed DATA, we are going to try to
1602 read data from underlying transport, but there is no data, and gets
1603 EAGAIN. There was no code path to evaludate stream->closed.
1605 - http2: store incoming h2 SETTINGS
1607 - pipeline: move function to pipeline.c and make static
1609 ... as it was only used from there.
1611 - IsPipeliningPossible: http2 can always "pipeline" (multiplex)
1613 - http2: remove debug logging from on_frame_recv
1615 - http2: remove the closed check in http2_recv
1617 With the "drained" functionality we can get here slightly asynchronously
1618 so the stream have have been closed but there is pending data left to
1621 - http2: bump the h2 buffer to 8K
1623 - http2: Curl_read should not use the single buffer
1625 ... as it does for pipelining when we're multiplexing, as we need the
1626 different buffers to store incoming data correctly for all streams.
1628 - http2: more debug outputs
1630 - http2: leave WAITPERFORM when conn is multiplexed
1632 No need to wait for our "spot" like for pipelining
1634 - http2: force "drainage" of streams
1636 ... which is necessary since the socket won't be readable but there is
1637 data waiting in the buffer.
1639 - http2: move the mem+len pair to the stream struct
1641 - http2: more stream-oriented data, stream ID 0 is for connections
1643 - http2: move lots of state data to the 'stream' struct
1645 ... from the connection struct. The stream one being the 'struct HTTP'
1646 which is kept in the SessionHandle struct (easy handle).
1648 lookup streams for incoming frames in the stream hash, hashing is based
1649 on the stream id and we get the SessionHandle for the incoming stream
1652 - HTTP: partial start at fixing up hash-lookups on http2 frame receival
1654 - http: a stream hash for h2 multiplexing
1656 - http: a stream hash for h2 multiplexing
1658 - http2: debug log when receiving unexpected stream_id
1660 - http2: move stream_id to the HTTP struct (per-stream)
1662 - Curl_http2_setup: only do it once and enable multiplex on the server
1664 Once we know we are HTTP/2 enabled we know the server can multiplex.
1666 - http: switch on "pipelining" (multiplexing) for HTTP/2 servers
1668 ... and do not blacklist any.
1670 - README.pipelining: removed
1672 All the details mentioned here are better documented in man pages
1674 Dan Fandrich (14 May 2015)
1675 - build: removed bundles.c from make files
1677 This file was removed in commit fd137786
1679 Daniel Stenberg (14 May 2015)
1680 - Curl_conncache_add_conn: fix memory leak on OOM
1682 - CURLMOPT_MAX_HOST_CONNECTIONS: host = host name + port number
1684 - conncache: keep bundles on host+port bases, not only host names
1686 Previously we counted all connections to a specific host name and that
1687 would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example,
1688 while servers on different port numbers are normally considered
1689 different "origins" on the web and should thus be considered different
1692 - bundles: merged into conncache.c
1694 All the existing Curl_bundle* functions were only ever used from within
1695 the conncache.c file, so I moved them over and made them static (and
1696 removed the Curl_ prefix).
1698 - hostcache: made all host caches use structs, not pointers
1700 This avoids unnecessary dynamic allocs and as this also removed the last
1701 users of *hash_alloc() and *hash_destroy(), those two functions are now
1704 - multi: converted socket hash into non-allocated struct
1706 avoids extra dynamic allocation
1708 - connection cache: avoid Curl_hash_alloc()
1710 ... by using plain structs instead of pointers for the connection cache,
1711 we can avoid several dynamic allocations that weren't necessary.
1713 - proxy: add newline to info message
1715 Patrick Monnerat (8 May 2015)
1716 - FTP: fix dangling conn->ip_addr dereference on verbose EPSV.
1718 - FTP: Make EPSV use the control IP address rather than the original host.
1719 This ensures an alternate address is not used.
1720 Does not apply to proxy tunnel.
1722 Daniel Stenberg (8 May 2015)
1723 - [Alessandro Ghedini brought this change]
1725 tool_help: fix formatting for --next option
1727 - [Egon Eckert brought this change]
1729 opts: improved the TCP keepalive examples
1731 Jay Satiro (8 May 2015)
1732 - winbuild: Document the option used to statically link the CRT
1734 - Document option RTLIBCFG (runtime library configuration).
1736 Bug: https://github.com/bagder/curl/issues/254
1737 Reported-by: Bert Huijben
1739 - [Orgad Shaneh brought this change]
1741 netrc: Read in text mode when cygwin
1743 Use text mode when cygwin to eliminate trailing carriage returns.
1745 Bug: https://github.com/bagder/curl/pull/258
1747 Patrick Monnerat (5 May 2015)
1748 - OS400: Add SPNEGO service name options to ILE/RPG binding.
1750 Daniel Stenberg (4 May 2015)
1751 - curl_multi_info_read.3: fix typo
1753 Reported-by: Liviu Chircu
1755 - MANUAL: language fix
1757 Reported-by: Fred Stluka
1758 Bug: https://github.com/bagder/curl/issues/255
1760 - [Alessandro Ghedini brought this change]
1762 gtls: properly retrieve certificate status
1764 Also print the revocation reason if appropriate.
1766 - OpenSSL: conditional check for SSL3_RT_HEADER
1768 The symbol is fairly new.
1770 Reported-by: Kamil Dudka
1772 - openssl: skip trace outputs for ssl_ver == 0
1774 The OpenSSL trace callback is wonderfully undocumented but given a
1775 journey in the source code, it seems the cases were ssl_ver is zero
1776 doesn't follow the same pattern and thus turned out confusing and
1777 misleading. For now, we skip doing any CURLINFO_TEXT logging on those
1778 but keep sending them as CURLINFO_SSL_DATA_OUT/IN.
1780 Also, I added direction to the text info and I edited some functions
1783 Bug: https://github.com/bagder/curl/issues/219
1784 Reported-by: Jay Satiro, Ashish Shukla
1786 Marc Hoersken (2 May 2015)
1787 - schannel.c: Small changes
1789 - schannel.c: Improve code path and readability
1791 - schannel.c: Improve error and return code handling upon aa99a63f03
1793 - [Chris Araman brought this change]
1795 schannel: fix regression in schannel_recv
1797 https://github.com/bagder/curl/issues/244
1799 Commit 145c263 changed the behavior when Curl_read_plain returns
1800 CURLE_AGAIN. We now handle CURLE_AGAIN and SEC_I_CONTEXT_EXPIRED
1803 - Bug born in changes made several days ago 9a91e80.
1805 Commit: https://github.com/bagder/curl/commit/926cb9f
1806 Reported-by: Ray Satiro
1808 Daniel Stenberg (30 Apr 2015)
1809 - [Michael Osipov brought this change]
1811 configure: remove missing and make it autogenerate
1813 The missing file has not been autogenerated because a temporary fix was
1814 employed in acinclude.m4 which blocked update. Removed that fix and a recent
1815 version of missing is copied to build root.
1817 - [Michael Osipov brought this change]
1819 acinclude.m4: fix test for default CA cert bundle/path
1821 test(1) on HP-UX requires a single equals sign and fails with two.
1822 Let's use one and make every OS happy.
1824 - CONTRIBUTING.md: remove the sourceforge mention
1826 Reported-By: Michael Osipov
1828 Dan Fandrich (30 Apr 2015)
1829 - http_negotiate_sspi: added missing data variable
1831 Daniel Stenberg (30 Apr 2015)
1832 - [Michael Osipov brought this change]
1834 configure: remove --automake from libtoolize call
1836 That option is not mentioned in the man page of libtoolize 2.4.4.19-fda4.
1837 Moveover, a comment in line 2623 says "--automake is for 1.5 compatibility".
1839 This option is redundant now.
1841 - [Viktor Szakats brought this change]
1843 build: update depedency versions, urls, example makefiles
1845 - update default versions of dependencies (except for rare/old platforms)
1847 - sync examples makefiles with main ones
1848 - remove line ending space
1850 - [Michael Osipov brought this change]
1852 configure: remove autogenerated files by autoconf
1854 * install-sh is always regenerated
1855 * mkinstalldirs was already redudant years ago. Automake uses install for
1856 that. See: http://lists.gnu.org/archive/html/automake/2007-03/msg00015.html
1858 - [Anders Bakken brought this change]
1860 curl_multi_add_handle: next is already NULL
1862 Jay Satiro (30 Apr 2015)
1863 - schannel: Fix out of bounds array
1865 Bug born in changes made several days ago 9a91e80.
1867 Bug: http://curl.haxx.se/mail/lib-2015-04/0199.html
1868 Reported-by: Brian Chrisman
1870 - docs/libcurl: gitignore libcurl-symbols.3
1872 Bug: http://curl.haxx.se/mail/lib-2015-04/0191.html
1873 Reported-by: Michael Osipov
1875 - [Viktor Szakats brought this change]
1877 lib/makefile.m32: add arch -m32/-m64 to LDFLAGS
1879 This fixes using a multi-target mingw distro to build curl .dll for the
1881 (mirroring the same patch present in src/makefile.m32)
1883 Daniel Stenberg (29 Apr 2015)
1884 - RELEASE-NOTES: synced with cd39b944afc
1886 I've not mentioned the bug fixes that were shipped in 7.42.1 from the
1889 - THANKS: merged from the 7.42.1 release
1891 - CURLOPT_HEADEROPT: default to separate
1893 Make the HTTP headers separated by default for improved security and
1894 reduced risk for information leakage.
1896 Bug: http://curl.haxx.se/docs/adv_20150429.html
1897 Reported-by: Yehezkel Horowitz, Oren Souroujon
1899 Linus Nielsen (28 Apr 2015)
1900 - docs/libcurl: Corrected a typo in the CURLOPT_PROXY_SERVICE_NAME documentation
1902 Daniel Stenberg (28 Apr 2015)
1903 - hash: simplify Curl_str_key_compare()
1905 - dist: ship CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME
1907 - [Linus Nielsen brought this change]
1909 Negotiate: custom service names for SPNEGO.
1911 * Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
1912 * Add new curl options, --proxy-service-name and --service-name.
1914 - http2: unify http_conn variable names to 'c'
1916 - ConnectionExists: call it multi-use instead of pipelining
1918 So that it fits HTTP/2 as well
1920 Kamil Dudka (27 Apr 2015)
1921 - [Paul Howarth brought this change]
1923 nss: fix compilation failure with old versions of NSS
1925 Bug: http://curl.haxx.se/mail/lib-2015-04/0095.html
1927 Daniel Stenberg (27 Apr 2015)
1928 - sws: init http2 state properly
1930 It would otherwise cause problems when running tests after 1801 etc.
1932 - curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
1934 ... as it was previouly undocumented what the pointer was.
1936 - runtests: use a DISABLED.local file too
1938 ... and have git ignore that. Allows for a dev to add tests to ignore in
1939 local tests and yet don't obstruct a normal git work flow.
1941 Marc Hoersken (26 Apr 2015)
1942 - schannel.c: Fix typo introduced with 3447c973d0
1944 - schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
1946 Reported-by: Brian Chrisman
1948 Daniel Stenberg (26 Apr 2015)
1949 - schannel: re-indented file to follow curl style better
1951 white space changes only
1953 - Curl_ossl_init: load builtin modules
1955 To have engine modules work, we must tell openssl to load builtin
1958 Bug: https://github.com/bagder/curl/pull/206
1960 - configure: follow-up fix for krb5-config
1962 commit 5b66860652 was incomplete so here's a follow-up fix
1964 Reported-by: Dagobert Michelsen
1965 Bug: https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
1967 - openssl: fix serial number output
1969 The code extracting the cert serial number was broken and didn't display
1972 Bug: https://github.com/bagder/curl/issues/235
1973 Reported-by: dkjjr89
1975 - [Grant Pannell brought this change]
1977 sasl_sspi: Populate domain from the realm in the challenge
1979 Without this, SSPI based digest auth was broken.
1981 Bug: https://github.com/bagder/curl/pull/141.patch
1983 Jay Satiro (25 Apr 2015)
1984 - [Anthony Avina brought this change]
1986 tool: New option --data-raw to HTTP POST data, '@' allowed.
1988 Add new option --data-raw which is almost the same as --data but does
1989 not have a special interpretation of the @ character.
1991 Prior to this change there was no (easy) way to pass the @ character as
1992 the first character in POST data without it being interpreted as a
1995 Bug: https://github.com/bagder/curl/issues/198
1996 Reported-by: Jens Rantil
1998 Dan Fandrich (25 Apr 2015)
1999 - test2039: fixed line endings that caused a test failure
2001 Daniel Stenberg (24 Apr 2015)
2002 - [Viktor Szakats brought this change]
2004 netrc: add unit tests for 'default' support
2006 - [Viktor Szakats brought this change]
2008 netrc: support 'default' token
2010 The 'default' token has no argument and means to match _any_ domain.
2011 It must be placed last if there are 'machine <name>' tokens in the same file.
2013 See full description here:
2014 https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-File.html
2016 - ROADMAP.md: extended the HTTP/2 section, reformatted
2018 Elaborated on several of the remaining HTTP/2 parts and made document
2019 use a format that ends up nicer on the web page:
2020 http://curl.haxx.se/dev/roadmap.html
2022 Kamil Dudka (23 Apr 2015)
2023 - curl -z: do not write empty file on unmet condition
2025 This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
2026 It also introduces a regression test 1424 based on tests 78 and 1423.
2028 Reported-by: Viktor Szakats
2029 Bug: https://github.com/bagder/curl/issues/237
2031 Dan Fandrich (23 Apr 2015)
2032 - tool: fixed a comment typo
2034 - README: convert to UTF-8
2036 Jay Satiro (22 Apr 2015)
2037 - cyassl: Implement public key pinning
2039 Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2041 Dan Fandrich (22 Apr 2015)
2042 - [Alessandro Ghedini brought this change]
2046 Kamil Dudka (22 Apr 2015)
2047 - docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too
2049 - tests/unit/.gitignore: hide unit1601 and above, too
2051 Daniel Stenberg (22 Apr 2015)
2052 - connectionexists: follow-up to fd9d3a1ef1f
2054 PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
2057 Mistake-caught-by: Kamil Dudka
2059 - connectionexists: fix build without NTLM
2061 Do not access NTLM-specific struct fields when built without NTLM
2064 bug: http://curl.haxx.se/?i=231
2065 Reported-by: Patrick Rapin
2067 - bump: start working toward 7.43.0
2069 Kamil Dudka (22 Apr 2015)
2070 - nss: implement public key pinning for NSS backend
2072 Bug: https://bugzilla.redhat.com/1195771
2074 Daniel Stenberg (22 Apr 2015)
2075 - dist: include {src,lib}/checksrc.whitelist
2077 Version 7.42.0 (22 Apr 2015)
2079 Daniel Stenberg (22 Apr 2015)
2080 - RELEASE-NOTES: updated for 7.42.0
2082 - THANKS: added contributors from 7.42.0 release notes
2084 - THANKS-filter: a few more alterations to squash
2086 - contrithanks.sh: helper script for maintaining THANKS
2088 - http_done: close Negotiate connections when done
2090 When doing HTTP requests Negotiate authenticated, the entire connnection
2091 may become authenticated and not just the specific HTTP request which is
2092 otherwise how HTTP works, as Negotiate can basically use NTLM under the
2093 hood. curl was not adhering to this fact but would assume that such
2094 requests would also be authenticated per request.
2098 Bug: http://curl.haxx.se/docs/adv_20150422B.html
2099 Reported-by: Isaac Boukris
2101 - fix_hostname: zero length host name caused -1 index offset
2103 If a URL is given with a zero-length host name, like in "http://:80" or
2104 just ":80", `fix_hostname()` will index the host name pointer with a -1
2105 offset (as it blindly assumes a non-zero length) and both read and
2106 assign that address.
2110 Bug: http://curl.haxx.se/docs/adv_20150422D.html
2111 Reported-by: Hanno Böck
2113 - cookie: cookie parser out of boundary memory access
2115 The internal libcurl function called sanitize_cookie_path() that cleans
2116 up the path element as given to it from a remote site or when read from
2117 a file, did not properly validate the input. If given a path that
2118 consisted of a single double-quote, libcurl would index a newly
2119 allocated memory area with index -1 and assign a zero to it, thus
2120 destroying heap memory it wasn't supposed to.
2124 Bug: http://curl.haxx.se/docs/adv_20150422C.html
2125 Reported-by: Hanno Böck
2127 - ConnectionExists: for NTLM re-use, require credentials to match
2131 Bug: http://curl.haxx.se/docs/adv_20150422A.html
2132 Reported-by: Paras Sethia
2134 Jay Satiro (21 Apr 2015)
2135 - [byronhe brought this change]
2137 openssl: add OPENSSL_NO_SSL3_METHOD check
2139 Daniel Stenberg (20 Apr 2015)
2140 - CURLOPT_HEADERFUNCTION.3: match parameter name in synopsis and desc
2142 Bug: https://github.com/bagder/curl/issues/229
2143 Reported-by: bsammon
2145 Kamil Dudka (20 Apr 2015)
2146 - [Mostyn Bramley-Moore brought this change]
2148 configure --with-nss: remove unneeded libs from the fallback
2150 Daniel Stenberg (20 Apr 2015)
2151 - contributors.sh: fix help output, filter out (-prefix from names
2153 - RELEASE-NOTES: synced with cc0e7ebc3be0
2155 - [Michael Stapelberg brought this change]
2157 CURLMOPT_TIMERFUNCTION.3: Clarify, add an example
2159 - [Viktor Szakáts brought this change]
2161 vtls/openssl: use https in URLs and a comment typo fixed
2163 - curl_version_info.3: fixed the 'protocols' variable type
2165 Reported-by: John Marshall
2166 Bug: https://github.com/bagder/curl/issues/225
2168 Dan Fandrich (18 Apr 2015)
2169 - test1423: added missing "file" to server section
2171 Daniel Stenberg (17 Apr 2015)
2172 - TheArtOfHttpScripting: Multiple URLs + Multiple HTTP methods
2174 ... and some minor edits
2176 - Revert "HTTP: don't abort connections with pending Negotiate authentication"
2178 This reverts commit 5dc68dd6092a789bb5e0a67a1c1356ba87fdcbc6.
2180 Bug: https://github.com/bagder/curl/issues/223
2181 Reported-by: Michael Osipov
2183 Jay Satiro (17 Apr 2015)
2184 - cyassl: Fix include order
2186 Prior to this change CyaSSL's build options could redefine some generic
2189 http://curl.haxx.se/mail/lib-2015-04/0069.html
2191 Kamil Dudka (17 Apr 2015)
2192 - configure --with-nss: drop redundant if statement
2194 - configure --with-nss=PATH: query pkg-config if available
2196 Bug: https://github.com/bagder/curl/pull/171
2198 Daniel Stenberg (17 Apr 2015)
2199 - parsecfg: do not continue past a zero termination
2201 When a config file line ends without newline, the parsing function could
2202 continue reading beyond that point in memory.
2204 Reported-by: Hanno Böck
2206 Jay Satiro (16 Apr 2015)
2207 - gitignore: Ignore Windows build output directories
2209 Daniel Stenberg (15 Apr 2015)
2210 - RELEASE-NOTES: synced with 1ba6e4c88e0
2212 - TODO: 17.9 Choose the name of file in braces for complex URLs
2214 - TODO: a little caution that maybe not all ideas are still good
2216 - TODO: 17.8 offer color-coded HTTP header output
2218 - TODO: 17.7 warning when sending binary output to terminal
2220 - KNOWN_BUGS: #90 IMAP "SEARCH ALL" truncates output on large boxes
2222 Jay Satiro (14 Apr 2015)
2223 - cyassl: Add support for TLS extension SNI
2225 Daniel Stenberg (13 Apr 2015)
2226 - [Matthew Hall brought this change]
2228 gitignore: ignore test-driver file
2230 - [Matthew Hall brought this change]
2232 vtls_openssl: improve PKCS#12 load failure error message
2234 - [Matthew Hall brought this change]
2236 vtls_openssl: fix minor typo in PKCS#12 load routine
2238 - [Matthew Hall brought this change]
2240 vtls_openssl: improve client certificate load failure error messages
2242 - [Matthew Hall brought this change]
2244 vtls_openssl: remove ambiguous SSL_CLIENT_CERT_ERR constant
2246 - BUGS: refer to the github issue tracker now as primary
2248 - firefox-db2pem: fix wildcard to find Firefox default profile
2250 At some point, Firefox has changed and generates different directory
2251 names for the default profile that made this script fail to find them.
2253 Bug: https://github.com/bagder/curl/issues/207
2254 Reported-by: sneakyimp
2256 Jay Satiro (11 Apr 2015)
2257 - cyassl: Include the CyaSSL build config
2259 CyaSSL >= 2.6.0 may have an options.h that was generated during
2260 its build by configure.
2262 - build: Generate source prerequisites for Visual Studio in generate.bat
2264 Prior to this change Visual Studio builds could fail due to missing
2265 prerequisites src/tool_hugehelp.c and include/curl/curlbuild.h.
2267 http://curl.haxx.se/mail/lib-2015-04/0034.html
2269 Daniel Stenberg (9 Apr 2015)
2270 - [Viktor Szakats brought this change]
2272 lib/makefile.m32: add missing libs to build libcurl.dll
2274 Add 'gdi32' and 'crypt32' Windows implibs to avoid failure
2275 while building libcurl.dll using the mingw compiler.
2276 The same logic is used in 'src/makefile.m32' when
2279 Kamil Dudka (8 Apr 2015)
2280 - test142[23]: verify that an empty file is stored on success
2282 - src/tool_operate: create output file on successful download
2284 ... of an empty file
2286 Bug: https://github.com/bagder/curl/issues/183
2288 - src/tool_cb_wrt: separate fnc for output file creation
2290 Daniel Stenberg (7 Apr 2015)
2291 - [Da-Yoon Chung brought this change]
2293 lib/transfer.c: Remove factor of 8 from sleep time calculation
2295 The factor of 8 is a bytes-to-bits conversion factor, but pkt_size and
2296 rate_bps are both in bytes. When using the rate limiting option, curl
2297 waits 8 times too long, and then transfers very quickly until the
2298 average rate reaches the limit. The average rate follows the limit over
2299 time, but the actual traffic is bursty.
2301 Thanks-to: Benjamin Gilbert
2303 - [Jay Satiro brought this change]
2305 x509asn1: Silence x64 loss-of-data warning on RSA key length assignment
2307 The key length in bits will always fit in an unsigned long so the
2308 loss-of-data warning assigning the result of x64 pointer arithmetic to
2309 an unsigned long is unnecessary.
2311 - [Jay Satiro brought this change]
2313 cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
2315 Also fix it so that all ERR_error_string calls use an error buffer.
2316 CyaSSL's implementation of ERR_error_string only writes the error when
2317 an error buffer is passed.
2319 http://www.yassl.com/forums/topic599-openssl-compatibility-and-errerrorstring.html
2321 - [Jay Satiro brought this change]
2323 cyassl: Remove 'Connecting to' message from cyassl_connect_step2
2325 Prior to this change libcurl could show multiple 'CyaSSL: Connecting to'
2326 messages since cyassl_connect_step2 is called multiple times, typically.
2327 The message is superfluous even once since libcurl already informs the
2328 user elsewhere in code that it is connecting.
2330 - [Viktor Szakats brought this change]
2332 checksrc.bat: quotes to support an SRC_DIR with spaces
2334 - hostip: fix compiler warnings
2336 introduced in the previous mini-series of 3 commits
2338 - [Stefan Bühler brought this change]
2340 actually implement CURLOPT_RESOLVE removals
2342 - also log when a CURLOPT_RESOLVE entry couldn't get parsed
2344 - [Stefan Bühler brought this change]
2346 move Curl_share_lock and ref counting into Curl_fetch_addr
2348 - [Stefan Bühler brought this change]
2350 fix refreshing of obsolete dns cache entries
2352 - cache entries must be also refreshed when they are in use
2353 - have the cache count as inuse reference too, freeing timestamp == 0 special
2355 - use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
2356 - remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
2357 - fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
2358 reference anymore, and it would also release non CURLOPT_RESOLVE references
2359 - fix locking in Curl_hostcache_clean
2360 - fix unit1305.c: hash now keeps a reference, need to set inuse = 1
2362 - RELEASE-NOTES: synced with abf6bddc14a
2364 - [Jay Satiro brought this change]
2366 checksrc.bat: Check lib\vtls source
2368 - [Jay Satiro brought this change]
2370 cyassl: Set minimum protocol version before CTX callback
2372 This change is to allow the user's CTX callback to change the minimum
2373 protocol version in the CTX without us later overriding it, as we did
2374 prior to this change.
2376 - [Jay Satiro brought this change]
2378 build-openssl.bat: Fix mixed line endings
2380 Use LF not CRLF, throughout. msysgit will only convert a file to CRLF
2381 on checkout if it's not mixed.
2383 - [Jay Satiro brought this change]
2385 cyassl: Fix certificate load check
2387 SSL_CTX_load_verify_locations can return negative values on fail,
2388 therefore to check for failure we check if load is != 1 (success)
2389 instead of if load is == 0 (failure), the latter being incorrect given
2392 - [Tatsuhiro Tsujikawa brought this change]
2394 http2: Fix missing nghttp2_session_send call in Curl_http2_switched
2396 Previously in Curl_http2_switched, we called nghttp2_session_mem_recv to
2397 parse incoming data which were already received while curl was handling
2398 upgrade. But we didn't call nghttp2_session_send, and it led to make
2399 curl not send any response to the received frames. Most likely, we
2400 received SETTINGS from server at this point, so we missed opportunity to
2401 send SETTINGS + ACK. This commit adds missing nghttp2_session_send call
2402 in Curl_http2_switched to fix this issue.
2404 Bug: https://github.com/bagder/curl/issues/192
2405 Reported-by: Stefan Eissing
2407 - cookie: handle spaces after the name in Set-Cookie
2409 "name =value" is fine and the space should just be skipped.
2411 Updated test 31 to also test for this.
2413 Bug: https://github.com/bagder/curl/issues/195
2414 Reported-by: cromestant
2415 Help-by: Frank Gevaerts
2417 - [Jay Satiro brought this change]
2419 cyassl: Fix library initialization return value
2422 - Return 1 on success, 0 in failure.
2424 Prior to this change the fail path returned an incorrect value and the
2425 evaluation to determine whether CyaSSL_Init had succeeded was incorrect.
2426 Ironically that combined with the way curl_global_init tests SSL library
2427 initialization (!Curl_ssl_init()) meant that CyaSSL having been
2428 successfully initialized would be seen as that even though the code path
2429 and return value in Curl_cyassl_init were wrong.
2431 - [Thomas Ruecker brought this change]
2433 CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
2435 Icecast versions 1.3.0 through 1.3.12 would reply with "ICY 200"
2436 under certain conditions:
2438 client_wants_icy_headers (connection_t *con)
2445 val = get_user_agent (con);
2446 if (!val || !val[0] || strcmp (val, "(null)") == 0)
2449 if (con->food.client->use_icy)
2451 if (strncasecmp (val, "winamp", 6) == 0)
2453 if (strncasecmp (val, "Shoutcast", 9) == 0)
2459 So mainly if there is no 'user agent' or it is '(null)' or contains
2460 'winamp' or 'Shoutcast'.
2462 No mainstream distribution carries Icecast 1.3.x anymore, after all
2463 it was released in 2002 and superseded by Icecast 2.x.
2465 Dan Fandrich (31 Mar 2015)
2466 - axtls: add timeout within Curl_axtls_connect
2468 This allows test 405 to pass on axTLS.
2470 Daniel Stenberg (30 Mar 2015)
2471 - [Jay Satiro brought this change]
2473 checksrc: Windows-specific input fixes
2475 lib/config-win32ce.h
2476 - Fix whitespace for checksrc compliance.
2479 - Remove trailing carriage returns from input.
2481 projects/checksrc.bat
2482 - Ignore tool_hugehelp.c.
2484 - [Dagobert Michelsen brought this change]
2486 configure: Use KRB5CONFIG for krb5-config
2488 Allows the user to easier override its path.
2490 Bug: http://curl.haxx.se/bug/view.cgi?id=1486
2492 - multi: remove_handle: move pending connections
2494 If the handle removed from the multi handle happens to be the one
2495 "owning" the pipeline other transfers will be waiting indefinitely. Now
2496 we move such handles back to connect to have them race (again) for
2497 getting the connection and thus avoid hanging.
2499 Bug: http://curl.haxx.se/bug/view.cgi?id=1465
2500 Reported-by: Jiri Dvorak
2502 - KNOWN_BUGS: 89 is bug #1411
2504 Disabling pipelining on multi handle with in-progress pipelined requests
2505 leads to heap corruption and crash
2507 - [Jay Satiro brought this change]
2509 cyassl: CTX callback cosmetic changes and doc fix
2511 - More descriptive fail message for NO_FILESYSTEM builds.
2513 - Change more of CURLOPT_SSL_CTX_* doc to not be OpenSSL specific.
2515 - RELEASE-NOTES: synced with d2feb71752f
2517 Dan Fandrich (28 Mar 2015)
2518 - tool_operate: only set SSL options if SSL is enabled
2520 - runtests.pl: detect WolfSSL as yassl
2522 Daniel Stenberg (27 Mar 2015)
2523 - [Kyle L. Huff brought this change]
2525 cyassl: add SSL context callback support for CyaSSL
2527 Adds support for CURLOPT_SSL_CTX_FUNCTION when using CyaSSL, and better
2528 handles CyaSSL instances using NO_FILESYSTEM.
2530 - [Kyle L. Huff brought this change]
2532 cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
2534 CyaSSL_no_filesystem_verify is not (or no longer) defined by cURL or
2535 CyaSSL. This reference causes build errors when compiling with
2538 - [Jay Satiro brought this change]
2540 build: Fix libcurl.sln erroneous mixed configurations
2542 Prior to this change some Release configurations had an active
2543 configuration assignment to their Debug counterpart.
2545 - [Jay Satiro brought this change]
2547 vtls: Don't accept unknown CURLOPT_SSLVERSION values
2549 - [Jay Satiro brought this change]
2551 url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
2553 - [Paul Howarth brought this change]
2555 build: link curl to openssl libraries when openssl support is enabled
2557 This fixes a build failure where openssl and libmetalink are used
2558 together and the system linker does not do implicit linking (e.g.
2559 Fedora 13 and later releases). The MD5 functions required for
2560 metalink support must be pulled in from the openssl crypto library.
2562 This is similar to commit c6e7cbb94e669b85d3eb8e015ec51d0072112133,
2563 which fixes the same sort of problem for NSS builds.
2565 - multi: on a request completion, check all CONNECT_PEND transfers
2567 ... even if they don't have an associated connection anymore. It could
2568 leave the waiting transfers pending with no active one on the
2571 Bug: http://curl.haxx.se/bug/view.cgi?id=1465
2572 Reported-by: Jiri Dvorak
2574 - [Emil Lerner brought this change]
2576 globbing: fix url number calculation when using range with step
2578 In function glob_range, the number of urls was multiplied by (max - min
2579 + 1), regardless of step. The correct formula is (max - min) / step + 1
2581 - README.http2: refreshed and added TODO items
2583 - [Emil Lerner brought this change]
2585 globbing: fix step parsing for character globbing ranges
2587 The glob_range function used wrong offset (3 instead of 4) for parsing
2588 integer step inside character range specification, which led to 'bad
2589 range' error when using character ranges with explicitly specified step
2592 - polarssl: called mbedTLS in 1.3.10 and later
2594 - polarssl: remove dead code
2596 and simplify code by changing if-elses to a switch()
2598 CID 1291706: Logically dead code. Execution cannot reach this statement
2600 - polarssl: remove superfluous for(;;) loop
2602 "unreachable: Since the loop increment is unreachable, the loop body
2603 will never execute more than once."
2605 Coverity CID 1291707
2607 - Curl_ssl_md5sum: return CURLcode
2609 ... since the funciton can fail on OOM. Check this return code.
2611 Coverity CID 1291705.
2613 - [Jay Satiro brought this change]
2615 cyassl: default to highest possible TLS version
2617 (cyassl_connect_step1)
2618 - Use TLS 1.0-1.2 by default when available.
2620 CyaSSL/wolfSSL >= v3.3.0 supports setting a minimum protocol downgrade
2623 cyassl/cyassl@322f79f
2625 - [Jay Satiro brought this change]
2627 cyassl: Check for invalid length parameter in Curl_cyassl_random
2629 - [Jay Satiro brought this change]
2631 cyassl: If wolfSSL then identify as such in version string
2633 Dan Fandrich (24 Mar 2015)
2634 - symbols-in-versions: added CURLOPT_PATH_AS_IS
2636 - testcurl.pl: add the --notes option to supply more info about a build
2638 Support for notes has been in place for a while, but it required
2639 being added to the setup file manually.
2641 - curl_memory: make curl_memory.h the second-last header file loaded
2643 This header file must be included after all header files except
2644 memdebug.h, as it does similar memory function redefinitions and can be
2645 similarly affected by conflicting definitions in system or dependent
2648 Daniel Stenberg (24 Mar 2015)
2649 - openssl: do the OCSP work-around for libressl too
2651 I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to
2652 still require the work-around for stapling to work.
2654 - openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
2656 URL: http://curl.haxx.se/mail/lib-2015-03/0205.html
2657 Reported-by: Alessandro Ghedini
2659 - openssl: adapt to ASN1/X509 things gone opaque in 1.1
2661 Dan Fandrich (24 Mar 2015)
2662 - [Jay Satiro brought this change]
2664 curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description
2666 - [Viktor Szakáts brought this change]
2668 CURLOPT_HTTPHEADER.3: fix typo in recent commit
2670 - [Viktor Szakáts brought this change]
2672 CURLOPT_PATH_AS_IS.3: add type 'long' to prototype
2674 - vtls: fix compile with --disable-crypto-auth but with SSL
2676 This is a strange combination of options, but is allowed.
2678 Patrick Monnerat (24 Mar 2015)
2679 - os400: define new options in ILE/RPG binding.
2681 Daniel Stenberg (24 Mar 2015)
2682 - RELEASE-NOTES: synced with f6878609361
2684 - curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS
2686 - CURLOPT_PATH_AS_IS: added
2688 --path-as-is is the command line option
2690 Added docs in curl.1 and CURLOPT_PATH_AS_IS.3
2692 Added test in test 1241
2694 - [Yamada Yasuharu brought this change]
2696 curl_easy_recv/send: make them work with the multi interface
2698 By making sure Curl_getconnectinfo() uses the correct connection cache
2699 to find the last connection.
2701 - http2: move the init too for when its actually needed
2703 ... it would otherwise lead to memory leakage if we never actually do
2706 Dan Fandrich (23 Mar 2015)
2707 - dict: rename byte to avoid compiler shadowed declaration warning
2709 This conflicted with a WolfSSL typedef.
2711 - cyassl: include version.h to ensure the version macros are defined
2713 - test1513: eliminated race condition in test run
2715 It seems that some systems (e.g. fairly consistently in some recent
2716 Solaris autobuilds) would manage to get to the connect phase before the
2717 progress callback was called, resulting in a CURLE_COULDNT_CONNECT
2718 error. Reworked the test to point at a test server that never returns a
2719 full result so the progress callback always gets a chance to be called
2720 before the transfer can complete in some other way.
2722 Nick Zitzmann (21 Mar 2015)
2723 - darwinsssl: add support for TLS False Start
2725 TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2727 Daniel Stenberg (21 Mar 2015)
2728 - gtls: add check of return code
2730 Coverity CID 1291167 pointed out that 'rc' was received but never used when
2731 gnutls_credentials_set() was used. Added return code check now.
2733 - gtls: dereferencing NULL pointer
2735 Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
2736 NULL if gnutls_certificate_get_peers() had previously failed.
2738 - gtls: avoid uninitialized variable.
2740 Coverity CID 1291166 pointed out that we could read this variable
2743 Dan Fandrich (21 Mar 2015)
2744 - tests/certs: rebuild certificates with modified key usage bits
2746 The certificates were missing the digitalSignature and keyAgreement
2747 usage types, of which at least digitalSignature was checked by CyaSSL.
2748 This caused the test server in test 310 (among others) to fail the
2749 startup verification and therefore run (see
2750 http://curl.haxx.se/mail/lib-2014-07/0303.html).
2752 - tests/certs: added make target to rebuild certificates
2754 The certificate generation scripts were also updated to better match the
2755 format of the certificates currently checked in.
2757 Daniel Stenberg (21 Mar 2015)
2758 - x509asn1: add /* fallthrough */ in switch() case
2760 - x509asn1: minor edit to unconfuse Coverity
2762 CID 1202732 warns on the previous use, although I cannot fine any
2763 problems with it. I'm doing this change only to make the code use a more
2764 familiar approach to accomplish the same thing.
2766 - [Dagobert Michelsen brought this change]
2768 testcurl: Allow '=' in values given on command line
2770 - nss: error: unused variable 'connssl'
2772 Dan Fandrich (21 Mar 2015)
2773 - test938: added missing closing tags
2775 - cyassl: use new library version macro when available
2777 Kamil Dudka (20 Mar 2015)
2778 - [Alessandro Ghedini brought this change]
2780 curl: add --false-start option
2782 - [Alessandro Ghedini brought this change]
2784 nss: add support for TLS False Start
2786 - [Alessandro Ghedini brought this change]
2788 url: add CURLOPT_SSL_FALSESTART option
2790 This option can be used to enable/disable TLS False Start defined in the RFC
2791 draft-bmoeller-tls-falsestart.
2793 Patrick Monnerat (20 Mar 2015)
2794 - [Alessandro Ghedini brought this change]
2796 gtls: implement CURLOPT_CERTINFO
2798 Daniel Stenberg (20 Mar 2015)
2799 - [Alessandro Ghedini brought this change]
2801 openssl: try to avoid accessing OCSP structs when possible
2803 - CURLOPT_URL.3: spelling!
2805 Reported-by: Frank Gevaerts
2807 - CURLOPT_URL.3: Added "SECURITY CONCERNS"
2809 - CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
2811 Dan Fandrich (19 Mar 2015)
2812 - cyassl: detect the library as renamed wolfssl
2814 This change was made in CyaSSL/WolfSSL ver. 3.4.0
2816 Daniel Stenberg (19 Mar 2015)
2817 - HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
2819 We prematurely changed protocol handler to HTTP/2 which made things very
2822 Reported-by: Stefan Eissing
2823 Bug: https://github.com/bagder/curl/issues/169
2825 Dan Fandrich (19 Mar 2015)
2826 - axtls: version 1.5.2 now requires that config.h be manually included
2828 Daniel Stenberg (19 Mar 2015)
2829 - metalink: fix resource leak in OOM
2831 Coverity CID 1288826
2833 Dan Fandrich (18 Mar 2015)
2834 - docs/libcurl: clean up libcurl-symbols.3
2836 - docs/libcurl: check that all options with man pages are referenced
2838 If a man page exists in the opts/ directory, it must also be referenced
2839 either in curl_easy_setopt.3 or curl_multi_setopt.3
2841 - curl_easy_setopt.3: added a few missing options
2843 Kamil Dudka (18 Mar 2015)
2844 - nss: explicitly tell NSS to disable NPN/ALPN
2846 ... if disabled at libcurl level. Otherwise, we would allow to
2847 negotiate NPN despite curl was invoked with the --no-npn option.
2849 Daniel Stenberg (18 Mar 2015)
2850 - [Jay Satiro brought this change]
2852 mkhelp: Remove trailing carriage return from every line of input
2854 - Get rid of this flood of warnings in Windows mingw build:
2855 warning: missing terminating " character
2857 The warning is due to the carriage return. When msysgit checks out files
2858 from the repo by default it converts the line endings to CRLF. Prior to
2859 this change when mkhelp.pl processed the MANUAL and curl.1 in CRLF
2860 format the trailing carriage returns caused unnecessary CR in the
2863 - RELEASE-NOTES: synced with e539f01567
2865 - [Christian Weisgerber brought this change]
2867 docs/libcurl: make portability fix
2869 Using $< in a non-suffix rule context is a GNU make idiom. This bug was
2870 introduced in 7.41.0.
2872 Dan Fandrich (17 Mar 2015)
2873 - checksrc: Fix whitelist on out-of-tree builds
2875 Daniel Stenberg (17 Mar 2015)
2876 - [Stefan Bühler brought this change]
2878 Curl_sh_entry: remove unused 'timestamp'
2880 - HTTP: don't use Expect: headers when on HTTP/2
2882 Reported-by: Stefan Eissing
2883 Bug: https://github.com/bagder/curl/issues/169
2885 - checksrc: detect and remove space before trailing semicolons
2887 - checksrc: introduce a whitelisting concept
2889 - checksrc: use space after comma
2891 - checksrc: use space before paren in "return (expr);"
2893 - CONTRIBUTE: refer to git log instead of deprecated CHANGES file
2895 - CURLOPT_*.3: more examples and edits
2897 - CURLOPT_*.3: added lots of small example sections
2899 - CURLOPT_PRIVATE.3: provide an example
2901 - CURLOPT_*TIMEOUT.3: provide examples
2903 - CURLOPT_USERAGENT.3: added an example
2905 - CURLOPT_STDERR.3: added an example
2907 - curl_easy_perform.3: remove superfluous close brace from example
2909 - free: instead of Curl_safefree()
2911 Since we just started make use of free(NULL) in order to simplify code,
2912 this change takes it a step further and:
2914 - converts lots of Curl_safefree() calls to good old free()
2915 - makes Curl_safefree() not check the pointer before free()
2917 The (new) rule of thumb is: if you really want a function call that
2918 frees a pointer and then assigns it to NULL, then use Curl_safefree().
2919 But we will prefer just using free() from now on.
2921 - [Markus Elfring brought this change]
2923 Bug #149: Deletion of unnecessary checks before a few calls of cURL functions
2925 The following functions return immediately if a null pointer was passed.
2926 * Curl_cookie_cleanup
2929 It is therefore not needed that a function caller repeats a corresponding check.
2931 This issue was fixed by using the software Coccinelle 1.0.0-rc24.
2933 Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2935 - [Markus Elfring brought this change]
2937 Bug #149: Deletion of unnecessary checks before calls of the function "free"
2939 The function "free" is documented in the way that no action shall occur for
2940 a passed null pointer. It is therefore not needed that a function caller
2941 repeats a corresponding check.
2942 http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first
2944 This issue was fixed by using the software Coccinelle 1.0.0-rc24.
2946 Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2948 - [Jay Satiro brought this change]
2950 connect: Fix happy eyeballs logic for IPv4-only builds
2952 Bug: https://github.com/bagder/curl/pull/168
2955 - Don't try the "other" protocol family unless IPv6 is available. In an
2956 IPv4-only build the other family can only be IPv6 which is unavailable.
2958 This change essentially stops IPv4-only builds from attempting the
2959 "happy eyeballs" secondary parallel connection that is supposed to be
2960 used by the "other" address family.
2962 Prior to this change in IPv4-only builds that secondary parallel
2963 connection attempt could be erroneously used by the same family (IPv4)
2964 which caused a bug where every address after the first for a host could
2965 be tried twice, often in parallel. This change fixes that bug. An
2966 example of the bug is shown below.
2968 Assume MTEST resolves to 3 addresses 127.0.0.2, 127.0.0.3 and 127.0.0.4:
2970 * STATE: INIT => CONNECT handle 0x64f4b0; line 1046 (connection #-5000)
2971 * Rebuilt URL to: http://MTEST/
2972 * Added connection 0. The cache now contains 1 members
2973 * STATE: CONNECT => WAITRESOLVE handle 0x64f4b0; line 1083
2975 * Trying 127.0.0.2...
2976 * STATE: WAITRESOLVE => WAITCONNECT handle 0x64f4b0; line 1163
2978 * Trying 127.0.0.3...
2979 * connect to 127.0.0.2 port 80 failed: Connection refused
2980 * Trying 127.0.0.3...
2981 * connect to 127.0.0.3 port 80 failed: Connection refused
2982 * Trying 127.0.0.4...
2983 * connect to 127.0.0.3 port 80 failed: Connection refused
2984 * Trying 127.0.0.4...
2985 * connect to 127.0.0.4 port 80 failed: Connection refused
2986 * connect to 127.0.0.4 port 80 failed: Connection refused
2987 * Failed to connect to MTEST port 80: Connection refused
2988 * Closing connection 0
2989 * The cache now contains 0 members
2991 curl: (7) Failed to connect to MTEST port 80: Connection refused
2993 The bug was born in commit bagder/curl@2d435c7.
2995 - mksymbolsmanpage.pl: use std header and generate better nroff header
2997 - [Frank Meier brought this change]
2999 closesocket: call multi socket cb on close even with custom close
3001 In function Curl_closesocket() in connect.c the call to
3002 Curl_multi_closed() was wrongly omitted if a socket close function
3003 (CURLOPT_CLOSESOCKETFUNCTION) is registered.
3005 That would lead to not removing the socket from the internal hash table
3006 and not calling the multi socket callback appropriately.
3008 Bug: http://curl.haxx.se/bug/view.cgi?id=1493
3010 - [Tobias Stoeckmann brought this change]
3012 hostip: Fix signal race in Curl_resolv_timeout.
3014 A signal handler for SIGALRM is installed in Curl_resolv_timeout. It is
3015 configured to interrupt system calls and uses siglongjmp to return into
3016 the function if alarm() goes off.
3018 The signal handler is installed before curl_jmpenv is initialized.
3019 This means that an already installed alarm timer could trigger the
3020 newly installed signal handler, leading to undefined behavior when it
3021 accesses the uninitialized curl_jmpenv.
3023 Even if there is no previously installed alarm available, the code in
3024 Curl_resolv_timeout itself installs an alarm before the environment is
3025 fully set up. If the process is sent into suspend right after that, the
3026 signal handler could be called too early as in previous scenario.
3028 To fix this, the signal handler should only be installed and the alarm
3029 timer only be set after sigsetjmp has been called.
3031 - http2: detect prematures close without data transfered
3033 ... by using the regular Curl_http_done() method which checks for
3034 that. This makes test 1801 fail consistently with error 56 (which seems
3035 fine) to that test is also updated here.
3037 Reported-by: Ben Darnell
3038 Bug: https://github.com/bagder/curl/issues/166
3040 Dan Fandrich (13 Mar 2015)
3041 - test320: Expect the Host header to be the first header
3043 Required for the test to work after a5d994941c2b.
3045 Daniel Stenberg (12 Mar 2015)
3046 - RELEASE-NOTES: synced with 186e46d88dd
3048 - openssl: use colons properly in the ciphers list
3050 While the previous string worked, this is the documented format.
3052 Reported-by: Richard Moore
3054 - openssl: sort the ciphers on strength
3056 This makes curl pick better (stronger) ciphers by default. The strongest
3057 available ciphers are fine according to the HTTP/2 spec so an OpenSSL
3058 built curl is no longer rejected by string HTTP/2 servers.
3060 Bug: http://curl.haxx.se/bug/view.cgi?id=1487
3062 - [Fabian Keil brought this change]
3064 test203[0-3]: Expect the Host header to be the first header
3066 Required for the tests to work after a5d994941c2b.
3068 - openssl: show the cipher selection to use
3070 - http: always send Host: header as first header
3072 ...after the method line:
3074 "Since the Host field-value is critical information for handling a
3075 request, a user agent SHOULD generate Host as the first header field
3076 following the request-line." / RFC 7230 section 5.4
3078 Additionally, this will also make libcurl ignore multiple specified
3079 custom Host: headers and only use the first one. Test 1121 has been
3082 Bug: http://curl.haxx.se/bug/view.cgi?id=1491
3083 Reported-by: Rainer Canavan
3085 - [Alexander Pepper brought this change]
3087 mk-ca-bundle bugfix: Don't report SHA1 numbers with "-q".
3089 Also unified printing to STDERR by creating the helper method "report".
3091 - proxy: re-use proxy connections (regression)
3093 When checking for a connection to re-use, a proxy-using request must
3094 check for and use a proxy connection and not one based on the host
3097 Added test 1421 to verify
3099 Bug: http://curl.haxx.se/bug/view.cgi?id=1492
3101 - [Jay Satiro brought this change]
3103 memanalyze.pl: handle free(NULL)
3105 - [Jay Satiro brought this change]
3107 .travis.yml: Change CI make test to make test-full
3109 - Change the continuous integration script to use 'make test-full'
3110 instead of just 'make test' so that the diagnostic log output is
3111 printed to stdout when a test fails.
3113 - Change the continuous integration script to use
3114 './configure --enable-debug' instead of just './configure' so that the
3115 memory analyzer will work during testing.
3117 Prior to this change Travis used its default C test script:
3118 ./configure && make && make test
3120 - [Alessandro Ghedini brought this change]
3122 gtls: correctly align certificate status verification messages
3124 - [Alessandro Ghedini brought this change]
3126 gtls: don't print double newline after certificate dates
3128 - [Alessandro Ghedini brought this change]
3130 gtls: print negotiated TLS version and full cipher suite name
3132 Instead of priting cipher and MAC algorithms names separately, print the
3133 whole cipher suite string which also includes the key exchange algorithm,
3134 along with the negotiated TLS version.
3136 - gtls: fix compiler warnings
3138 - [Alessandro Ghedini brought this change]
3140 gtls: add support for CURLOPT_CAPATH
3142 - [stopiccot brought this change]
3144 MacOSX-Framework: use @rpath instead of @executable_path
3146 Bug: https://github.com/bagder/curl/pull/157
3148 - RELEASE-NOTES: synced with c19349951
3150 - multi: fix *getsock() with CONNECT
3152 The code used some happy eyeballs logic even _after_ CONNECT has been
3153 sent to a proxy, while the happy eyeball phase is already (should be)
3156 This is solved by splitting the multi state into two separate states
3157 introducing the new SENDPROTOCONNECT state.
3159 Bug: http://curl.haxx.se/mail/lib-2015-01/0170.html
3160 Reported-by: Peter Laser
3162 - conncontrol: only log changes to the connection bit
3164 - http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
3166 Since they already exist and will make comparing easier
3168 - http2: make the info-message about receiving HTTP2 headers debug-only
3170 - [Alessandro Ghedini brought this change]
3172 urldata: remove unused asked_for_h2 field
3174 - [Alessandro Ghedini brought this change]
3176 polarssl: make it possible to enable ALPN/NPN without HTTP2
3178 - [Alessandro Ghedini brought this change]
3180 nss: make it possible to enable ALPN/NPN without HTTP2
3182 - [Alessandro Ghedini brought this change]
3184 gtls: make it possible to enable ALPN/NPN without HTTP2
3186 - [Alessandro Ghedini brought this change]
3188 openssl: make it possible to enable ALPN/NPN without HTTP2
3190 - metalink: add some error checks
3192 malloc() and strdup() calls without checking return codes.
3194 Reported-by: Markus Elfring
3195 Bug: https://github.com/bagder/curl/issues/150
3197 - curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
3199 Reported-by: Jonathan Cardoso
3201 - urldata: fix gnutls build
3203 Steve Holme (5 Mar 2015)
3204 - openssl: Removed use of USE_SSLEAY from the Visual Studio project files
3206 In addition to commit 709cf76f6b, removed the USE_SSLEAY preprocessor
3207 variable from the Visual Studio project files as it isn't required
3210 Daniel Stenberg (5 Mar 2015)
3211 - multi: fix memory-leak on timeout (regression)
3213 Since 1342a96ecfe0d44, a timeout detected in the multi state machine didn't
3214 necesarily clear everything up, like formpost data.
3216 Bug: https://github.com/bagder/curl/issues/147
3217 Reported-by: Michel Promonet
3218 Patched-by: Michel Promonet
3220 - configure: follow-up fix from 709cf76f6
3222 OpenSSL handling was a little broken.
3224 - openssl: remove all uses of USE_SSLEAY
3226 SSLeay was the name of the library that was subsequently turned into
3227 OpenSSL many moons ago (1999). curl does not work with the old SSLeay
3228 library since years. This is now reflected by only using USE_OPENSSL in
3229 code that depends on OpenSSL.
3231 - [Sergei Nikulov brought this change]
3233 cmake: handle build definitions CURLDEBUG/DEBUGBUILD
3237 - FAQ: 4.21 Why is there a HTTP/1.1 in my HTTP/2 request?
3239 - symbols.pl: handle '-' in the deprecated field
3241 ... which otherwise made the script skip the _LAST define for some
3244 Reported-by: Jeroen Ooms
3245 Bug: http://curl.haxx.se/mail/lib-2015-03/0052.html
3247 - curl.1: fix "The the" typo
3249 Reported-by: Jon Seymour
3251 - vtls: use curl_printf.h all over
3253 No need to use _MPRINTF_REPLACE internally.
3255 - tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
3257 - tool_writeenv: remove _MPRINTF_REPLACE define, it wasn't used
3259 - [Sergei Nikulov brought this change]
3261 libtest: fixed linker errors on msvc
3263 Bug: https://github.com/bagder/curl/pull/144
3265 - mprintf.h: remove #ifdef CURLDEBUG
3267 ... and as a consequence, introduce curl_printf.h with that re-define
3268 magic instead and make all libcurl code use that instead.
3270 - tool_getpass: remove unused curl/mprintf.h include
3272 - CONTRIBUTING.md: file for advice on github
3274 - [Viktor Szakáts brought this change]
3276 BINDINGS: add link to Harbour bindings
3278 And UTF8-fix a few names
3280 - CURLOPT_HEADERFUNCTION.3: typo in error code name
3282 Reported-by: Jonathan Cardoso
3284 - BINDINGS: tclcurl moved
3286 Reporte-by: Steve Havelka
3288 - [Jay Satiro brought this change]
3290 opts: Fix pipelining examples
3292 - [Jay Satiro brought this change]
3294 curl_multi_setopt.3: Link to CURLMOPT_MAXCONNECTS
3296 - CONTRIBUTE: the new more github-friendly attitude!
3298 Steve Holme (28 Feb 2015)
3299 - RELEASE-NOTES: Synced with 921d195187
3301 Kamil Dudka (28 Feb 2015)
3302 - tool: wrap lines longer than 79 columns
3304 ... to avoid a build failure when configured with --enable-debug
3306 Steve Holme (27 Feb 2015)
3307 - [Tatsuhiro Tsujikawa brought this change]
3309 http2: Return error if stream was closed with other than NO_ERROR
3311 Previously, we just ignored error code passed to
3312 on_stream_close_callback and just return 0 (success) after stream
3313 closure even if stream was reset with error. This patch records error
3314 code in on_stream_close_callback, and return -1 and use CURLE_HTTP2
3315 error code on abnormal stream closure.
3317 - tool: Updated the warnf() function to use the GlobalConfig structure
3319 As the 'error' and 'mute' options are now part of the GlobalConfig,
3320 rather than per Operation, updated the warnf() function to use this
3321 structure rather than the OperationConfig.
3323 - build: Removed DataExecutionPrevention directive from VC9+ project files
3325 Removed the DataExecutionPrevention directive from the project files for
3326 Visual Studio 2008 and above. The XML value in the VC9 project files was
3327 set to "0" (Default) whilst the VC10+ project files contained an empty
3330 - build: Use default RandomizedBaseAddress directive in VC9+ project files
3332 Visual Studio 2008 introduced support for the address space layout
3333 randomization (ASLR) feature of Windows Vista. However, upgrading the
3334 VC8 project files to VC9 and above disabled this feature.
3336 Removed the RandomizedBaseAddress directive to enabled the default
3337 setting (/DYNAMICBASE). Note: This doesn't appear to have any negative
3338 impact when compiled and ran on Windows XP.
3340 - build: Added support to Generate.bat for files in the upcoming vauth folder
3342 Daniel Stenberg (25 Feb 2015)
3343 - http2: return recv error on unexpected EOF
3345 Pointed-out-by: Tatsuhiro Tsujikawa
3346 Bug: http://curl.haxx.se/bug/view.cgi?id=1487
3348 Kamil Dudka (25 Feb 2015)
3349 - dist: add symbol-scan.pl to the tarball
3351 ... in order to make test1135 succeed
3353 Daniel Stenberg (25 Feb 2015)
3354 - http2: move lots of verbose output to be debug-only
3356 Kamil Dudka (25 Feb 2015)
3357 - curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
3359 Otherwise it expands to:
3361 echo ""/etc/pki/tls/certs/ca-bundle.crt""
3363 Detected by ShellCheck:
3365 curl-config:74:16: warning: The double quotes around this do
3366 nothing. Remove or escape them. [SC2140]
3368 - nss: do not skip Curl_nss_seed() if data is NULL
3370 In that case, we only skip writing the error message for failed NSS
3371 initialization (while still returning the correct error code).
3373 - nss: improve error handling in Curl_nss_random()
3375 The vtls layer now checks the return value, so it is no longer necessary
3376 to abort if a random number cannot be provided by NSS. This also fixes
3377 the following Coverity report:
3379 Error: FORWARD_NULL (CWE-476):
3380 lib/vtls/nss.c:1918: var_compare_op: Comparing "data" to null implies that "data" might be null.
3381 lib/vtls/nss.c:1923: var_deref_model: Passing null pointer "data" to "Curl_failf", which dereferences it.
3382 lib/sendf.c:154:3: deref_parm: Directly dereferencing parameter "data".
3384 Daniel Stenberg (25 Feb 2015)
3385 - RELEASE-PROCEDURE: add some more future release dates
3387 ... and remove some old ones
3389 - sws: timeout idle CONNECT connections
3391 - bump: start working toward 7.42.0
3393 Version 7.41.0 (25 Feb 2015)
3395 Daniel Stenberg (25 Feb 2015)
3396 - THANKS: added contributors from the 7.41.0 RELEASE-NOTES
3398 - RELEASE-NOTES: sync with ffc2aeec6e (7.41.0 release time!)
3400 Marc Hoersken (25 Feb 2015)
3401 - Revert "telnet.c: fix handling of 0 being returned from custom read function"
3403 This reverts commit 03fa576833643c67579ae216c4e7350fa9b5f2fe.
3405 - telnet.c: fix invalid use of custom read function if not being set
3407 obj_count can be 1 if the custom read function is set or the stdin
3408 handle is a reference to a pipe. Since the pipe should be handled
3409 using the PeekNamedPipe-check below, the custom read function should
3410 only be used if it is actually enabled.
3412 - telnet.c: fix handling of 0 being returned from custom read function
3414 According to [1]: "Returning 0 will signal end-of-file to the library
3415 and cause it to stop the current transfer."
3416 This change makes the Windows telnet code handle this case accordingly.
3418 [1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html
3420 Daniel Stenberg (24 Feb 2015)
3421 - sws: stop logging about TPC_NODELAY nonsense
3423 - lib530: make it less timing sensible
3425 ... by making sure the first request is completed before doing the
3428 Kamil Dudka (23 Feb 2015)
3429 - connect: wait for IPv4 connection attempts
3431 ... even if the last IPv6 connection attempt has failed.
3433 Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
3435 - connect: avoid skipping an IPv4 address
3437 ... in case the protocol versions are mixed in a DNS response
3438 (IPv6 -> IPv4 -> IPv6).
3440 Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
3442 Daniel Stenberg (23 Feb 2015)
3443 - RELEASE-NOTES: synced with 5e4395eab839d
3445 - ROADMAP: curl_easy_setopt.3 has already been split up
3447 Remove cmake as marked for removal. It is in much better state now.
3449 - ROADMAP: extend the HTTP/2 stuff, remove SPDY
3451 - [Julian Ospald brought this change]
3453 configure: allow both --with-ca-bundle and --with-ca-path
3455 SSL_CTX_load_verify_locations by default (and if given non-Null
3456 parameters) searches the CAfile first and falls back to CApath. This
3457 allows for CAfile to be a basis (e.g. installed by the package manager)
3458 and CApath to be a user configured directory.
3460 This wasn't reflected by the previous configure constraint which this
3463 Bug: https://github.com/bagder/curl/pull/139
3465 - [Ben Boeckel brought this change]
3467 cmake: install the dll file to the correct directory
3469 - [Alessandro Ghedini brought this change]
3471 nss: fix NPN/ALPN protocol negotiation
3473 Correctly check for memcmp() return value (it returns 0 if the strings match).
3475 This is not really important, since curl is going to use http/1.1 anyway, but
3476 it's still a bug I guess.
3478 - [Alessandro Ghedini brought this change]
3480 polarssl: fix ALPN protocol negotiation
3482 Correctly check for strncmp() return value (it returns 0 if the strings
3485 - [Sergei Nikulov brought this change]
3487 CMake: Fix generation of tool_hugehelp.c on windows
3489 Use "cmake -E echo" instead of "echo".
3491 Reviewed-by: Brad King <brad.king@kitware.com>
3493 - [Sergei Nikulov brought this change]
3495 CMake: fix winsock2 detection on windows
3497 Set CMAKE_REQUIRED_DEFINITIONS to include definitions needed to get
3498 the winsock2 API from windows.h. Simplify the order of checks to
3499 avoid extra conditions.
3501 Use check_include_file instead of check_include_file_concat to look
3502 for OpenSSL headers. They do not need to participate in a sequence
3503 of dependent system headers. Also they may cause winsock.h to be
3504 included before ws2tcpip.h, causing the latter to not be detected
3507 Reviewed-by: Brad King <brad.king@kitware.com>
3509 - [Alessandro Ghedini brought this change]
3511 gtls: fix build with HTTP2
3513 Steve Holme (16 Feb 2015)
3514 - Makefile.vc6: Corrected typos in rename of darwinssl.obj
3516 Nick Zitzmann (15 Feb 2015)
3517 - By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"
3519 Steve Holme (14 Feb 2015)
3520 - RELEASE-NOTES: Synced with 6f89f86c3d
3522 - tests/README: Updated to reflect email test ranges
3524 - [Alessandro Ghedini brought this change]
3526 curl.1: --cert-status is also supported by OpenSSL now
3528 - build: Removed Visual Studio SuppressStartupBanner directive for VC8+
3530 Visual Studio 2005 and above defaults to disabling the startup banner
3531 for the Compiler, Linker and MIDL tools (with /NOLOGO). As such there
3532 is no need to explicitly set the SuppressStartupBanner directive, as
3533 this is a leftover from the VC7 and VC7.1 projects being upgraded to
3536 Kamil Dudka (12 Feb 2015)
3537 - openssl: fix a compile-time warning
3539 lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive
3541 Steve Holme (11 Feb 2015)
3542 - openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detection
3544 For consistency with other conditionally compiled code in openssl.c,
3545 use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use
3546 HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are
3549 Patrick Monnerat (11 Feb 2015)
3550 - ftp: accept all 2xx responses to the PORT command
3552 Steve Holme (9 Feb 2015)
3553 - openssl: Disable OCSP in old versions of OpenSSL
3555 Versions of OpenSSL prior to v0.9.8h do not support the necessary
3556 functions for OCSP stapling.
3558 Daniel Stenberg (9 Feb 2015)
3559 - [Tatsuhiro Tsujikawa brought this change]
3561 http2: Fix bug that associated stream canceled on PUSH_PROMISE
3563 Previously we don't ignore PUSH_PROMISE header fields in on_header
3564 callback. It makes header values mixed with following HEADERS,
3565 resulting protocol error.
3567 - [Jay Satiro brought this change]
3569 polarssl: Fix exclusive SSL protocol version options
3571 Prior to this change the options for exclusive SSL protocol versions did
3572 not actually set the protocol exclusive.
3574 http://curl.haxx.se/mail/lib-2015-01/0002.html
3575 Reported-by: Dan Fandrich
3577 - [Jay Satiro brought this change]
3579 gskit: Fix exclusive SSLv3 option
3581 - curl.1: clarify that -X is used for all requests
3583 Reported-by: Jon Seymour
3585 - curl.1: add warning when using -H and redirects
3587 Steve Holme (7 Feb 2015)
3588 - schannel: Removed curl_ prefix from source files
3590 Removed the curl_ prefix from the schannel source files as discussed
3591 with Marc and Daniel at FOSDEM.
3593 Daniel Stenberg (6 Feb 2015)
3594 - md5: use axTLS's own MD5 functions when available
3596 - MD(4|5): make the MD4_* and MD5_* functions static
3598 - axtls: fix conversion from size_t to int warning
3600 Steve Holme (5 Feb 2015)
3601 - ftp: Use 'CURLcode result' for curl result codes
3603 Daniel Stenberg (5 Feb 2015)
3604 - openssl: SSL_SESSION->ssl_version no longer exist
3606 The struct went private in 1.0.2 so we cannot read the version number
3607 from there anymore. Use SSL_version() instead!
3609 Reported-by: Gisle Vanem
3610 Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html
3612 Dan Fandrich (4 Feb 2015)
3613 - unit1600: Fix compilation when NTLM is disabled
3615 Daniel Stenberg (4 Feb 2015)
3616 - MD5: fix compiler warnings and code style nits
3618 - MD5: replace implementation
3620 The previous one was "encumbered" by RSA Inc - to avoid the licensing
3621 restrictions it has being replaced. This is the initial import,
3622 inserting the md5.c and md5.h files from
3623 http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
3625 Code-by: Alexander Peslyak
3627 - MD4: fix compiler warnings and code style nits
3629 - MD4: replace implementation
3631 The previous one was "encumbered" by RSA Inc - to avoid the licensing
3632 restrictions it has being replaced. This is the initial import,
3633 inserting the md4.c and md4.h files from
3634 http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4
3636 Code-by: Alexander Peslyak
3638 Steve Holme (4 Feb 2015)
3639 - telnet: Prefer 'CURLcode result' for curl result codes
3641 - hostasyn: Prefer 'CURLcode result' for curl result codes
3643 - schannel: Prefer 'CURLcode result' for curl result codes
3645 Daniel Stenberg (3 Feb 2015)
3646 - unit1601: MD5 unit tests
3648 - unit1600: unit test for Curl_ntlm_core_mk_nt_hash
3650 - unit1600: NTLM unit test
3652 - tests/README: add a new range, clean up some language
3654 - [Jay Satiro brought this change]
3656 opts: CURLOPT_CAINFO availability depends on SSL engine
3658 - getpass: protect include with proper #ifdef
3662 - getpass_r: read from stdin, not stdout!
3664 The file number used was wrong. This bug was introduced over 10 years
3665 ago, proving this function isn't used much...
3667 Bug: http://curl.haxx.se/bug/view.cgi?id=1476
3670 - test1135: verify the CURL_EXTERN order in header files
3672 - Makefile.am: fix 'make distcheck'
3674 ... by removing generated files from the *_DIST variable [*] and instead
3675 generate them with a .dist suffix, since that is then handled and put
3676 into the release archive by our generic dist-hook.
3678 [*] = 'make distcheck' fails with non-existing files listed there
3680 Steve Holme (2 Feb 2015)
3681 - curl_sasl.c: More code policing
3683 Better use of 80 character line limit, comment corrections and line
3684 spacing preferences.
3686 Daniel Stenberg (2 Feb 2015)
3687 - libcurl-symbols: first basic shot for autogenerated docs
3689 - FAQ: minor edit of 3.22
3691 Steve Holme (2 Feb 2015)
3692 - build: Added removal of Visual Studio project files
3694 Added the removal of the locally generated project files so one
3695 may revert to a clean repository.
3697 - build: Renamed top level Visual Studio solution files
3699 In preparation for adding the test suite and examples projects renamed
3700 the top level "all" solution files to better describe what they are.
3702 This will also enable us to use "curl" rather than "curlsrc" for the
3703 command line tool solution and project files, which will simplify some
3704 of the configuration.
3706 - build: Enabled DEBUGBUILD in Visual Studio debug builds
3708 Defined the DEBUGBUILD pre-processor variable to allow extra logging,
3709 which is particularly useful in debug builds, as we use this and Visual
3710 Studio typically uses _DEBUG.
3712 We could define DEBUBBUILD, in curl_setup.h, when _MSC_VER and _DEBUG is
3713 defined but that would also affect the makefile based builds which we
3714 probably don't want to do.
3716 - build: Removed unused Visual Studio bscmake settings
3718 Daniel Stenberg (2 Feb 2015)
3719 - CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0
3721 And modify the text to refer to HTTP 2 as it isn't called "2.0".
3723 Reported-By: Michael Wallner
3725 Marc Hoersken (31 Jan 2015)
3726 - TODO: moved WinSSL/SChannel todo items into docs
3728 Daniel Stenberg (29 Jan 2015)
3729 - [Michael Kaufmann brought this change]
3731 CURLOPT_SEEKFUNCTION.3: also when server closes a connection
3733 Steve Holme (29 Jan 2015)
3734 - curl_sasl.c: Fixed compilation warning when cryptography is disabled
3736 curl_sasl.c:1506: warning: unused variable 'chlg'
3738 - curl_sasl.c: Fixed compilation warning when verbose debug output disabled
3740 curl_sasl.c:1317: warning: unused parameter 'conn'
3742 - ntlm_core: Use own odd parity function when crypto engine doesn't have one
3744 - ntlm_core: Prefer sizeof(key) rather than hard coded sizes
3746 - ntlm_core: Added consistent comments to DES functions
3748 - des: Added Curl_des_set_odd_parity()
3750 Added Curl_des_set_odd_parity() for use when cryptography engines
3751 don't include this functionality.
3753 - tests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests
3755 - tests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests
3757 - tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests
3759 - sasl: Minor code policing and grammar corrections
3761 Daniel Stenberg (28 Jan 2015)
3762 - [Gisle Vanem brought this change]
3764 ldap: build with BoringSSL
3766 - security: avoid compiler warning
3768 Possible access to uninitialised memory '&nread' at line 140 of
3769 lib/security.c in function 'ftp_send_command'.
3771 Reported-by: Rich Burridge
3773 - runtests: identify BoringSSL and libressl
3775 Patrick Monnerat (27 Jan 2015)
3776 - docs: cite SASL external authentication.
3778 - sasl: remove XOAUTH2 from default enabled authentication mechanism.
3780 - test: add test cases for sasl external authentication (imap/pop3/smtp).
3782 - imap: remove automatic password setting: it breaks external sasl authentication
3784 - sasl: implement EXTERNAL authentication mechanism.
3785 Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
3786 by not setting the password.
3788 Steve Holme (27 Jan 2015)
3789 - openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE
3791 Modified the Curl_ossl_cert_status_request() function to return FALSE
3792 when built with BoringSSL or when OpenSSL is missing the necessary TLS
3795 - openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'
3797 Fixed the build of openssl.c when OpenSSL is built without the necessary
3798 TLS extensions for OCSP stapling.
3800 Reported-by: John E. Malmberg
3802 - [Brad Spencer brought this change]
3804 curl_setup: Disable SMB/CIFS support when HTTP only
3806 - RELEASE-NOTES: Synced with 37824498a3
3808 Daniel Stenberg (22 Jan 2015)
3809 - configure: remove detection of the old yassl emulation API
3811 ... as that is ancient history and not used.
3813 - OCSP stapling: disabled when build with BoringSSL
3815 - [Alessandro Ghedini brought this change]
3817 openssl: add support for the Certificate Status Request TLS extension
3819 Also known as "status_request" or OCSP stapling, defined in RFC6066
3822 Thanks-to: Joe Mason
3823 - for the work-around for the OpenSSL bug.
3825 - BoringSSL: fix build for non-configure builds
3827 HAVE_BORINGSSL gets defined now by configure and should be defined by
3828 other build systems in case a BoringSSL build is desired.
3830 - configure: fix BoringSSL detection and detect libresssl
3832 Steve Holme (22 Jan 2015)
3833 - curl_sasl: Reinstate the sasl_ prefix for locally scoped functions
3835 Commit 7a8b2885e2 made some functions static and removed the public
3836 Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
3837 is the naming convention we use in this source file.
3839 - curl_sasl: Minor code policing following recent commits
3841 Daniel Stenberg (22 Jan 2015)
3842 - [John Malmberg brought this change]
3844 openvms: Handle openssl/0.8.9zb version parsing
3846 packages/vms/gnv_link_curl.com was assuming only a single letter suffix
3847 in the openssl version. That assumption has been fixed for 7.40.
3849 - BoringSSL: detected by configure, switches off NTLM
3851 - BoringSSL: no PKCS12 support nor ERR_remove_state
3853 - [Leith Bade brought this change]
3855 BoringSSL: fix build
3857 Steve Holme (20 Jan 2015)
3858 - curl_sasl.c: chlglen is not used when cryptography is disabled
3860 - curl_sasl.c: Fixed compilation warning when cyptography is disabled
3862 curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
3865 - curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined
3867 curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier
3869 This error could also happen for non-SSPI builds when cryptography is
3870 disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
3872 Patrick Monnerat (20 Jan 2015)
3873 - SASL: make some procedures local-scoped
3875 - SASL: common state engine for imap/pop3/smtp
3877 - SASL: common URL option and auth capabilities decoders for all protocols
3879 - IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.
3881 Daniel Stenberg (20 Jan 2015)
3882 - ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
3884 Reported-by: Chris Young
3886 - [Chris Young brought this change]
3888 timeval: typecast for better type (on Amiga)
3890 There is an issue with conflicting "struct timeval" definitions with
3891 certain AmigaOS releases and C libraries, depending on what gets
3892 included when. It's a minor difference - the OS one is unsigned,
3893 whereas the common structure has signed elements. If the OS one ends up
3894 getting defined, this causes a timing calculation error in curl.
3896 It's easy enough to resolve this at the curl end, by casting the
3897 potentially errorneous calculation to a signed long.
3899 - openssl: do public key pinning check independently
3901 ... of the other cert verification checks so that you can set verifyhost
3902 and verifypeer to FALSE and still check the public key.
3904 Bug: http://curl.haxx.se/bug/view.cgi?id=1471
3905 Reported-by: Kyle J. McKay
3907 Patrick Monnerat (19 Jan 2015)
3908 - OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.
3910 Steve Holme (18 Jan 2015)
3911 - ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
3913 For consistency with other USE_WIN32_ defines as well as the
3914 USE_OPENLDAP define.
3916 - http_negotiate: Use dynamic buffer for SPN generation
3918 Use a dynamicly allocated buffer for the temporary SPN variable similar
3919 to how the SASL GSS-API code does, rather than using a fixed buffer of
3922 - sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public
3924 - sasl_gssapi: Fixed memory leak with local SPN variable
3926 Daniel Stenberg (17 Jan 2015)
3927 - http_negotiate.c: unused variable 'ret'
3929 Steve Holme (17 Jan 2015)
3930 - gskit.h: Code policing of function pointer arguments
3932 - vtls: Removed unimplemented overrides of curlssl_close_all()
3934 Carrying on from commit 037cd0d991, removed the following unimplemented
3935 instances of curlssl_close_all():
3937 Curl_axtls_close_all()
3938 Curl_darwinssl_close_all()
3939 Curl_cyassl_close_all()
3940 Curl_gskit_close_all()
3941 Curl_gtls_close_all()
3942 Curl_nss_close_all()
3943 Curl_polarssl_close_all()
3945 - vtls: Separate the SSL backend definition from the API setup
3947 Slight code cleanup as the SSL backend #define is mixed up with the API
3950 - vtls: Fixed compilation errors when SSL not used
3952 Fixed the following warning and error from commit 3af90a6e19 when SSL
3955 url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined;
3956 assuming extern returning int
3958 error LNK2019: unresolved external symbol Curl_ssl_cert_status_request
3959 referenced in function Curl_setopt
3961 - http_negotiate: Added empty decoded challenge message info text
3963 - http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int
3965 - http_negotiate_sspi: Prefer use of 'attrs' for context attributes
3967 Use the same variable name as other areas of SSPI code.
3969 - http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()
3971 Use the SECURITY_STATUS typedef rather than a unsigned long for the
3972 QuerySecurityPackageInfo() return and rename the variable as per other
3975 - http_negotiate_sspi: Use 'CURLcode result' for CURL result code
3977 - curl_endian: Fixed build when 64-bit integers are not supported (Part 2)
3979 Missed Curl_read64_be() in commit bb12d44471 :(
3981 Daniel Stenberg (16 Jan 2015)
3982 - CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0
3984 - curlver.h: next release is 7.41.0 due to the changes
3986 - RELEASE-NOTES: mention the new OCSP stapling options, bump version
3988 - opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile
3990 - help: add --cert-status to --help output
3992 - copyright years: after OCSP stapling changes
3994 - [Alessandro Ghedini brought this change]
3996 curl: add --cert-status option
3998 This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
4000 - [Alessandro Ghedini brought this change]
4002 nss: add support for the Certificate Status Request TLS extension
4004 Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
4006 This requires NSS 3.15 or higher.
4008 - [Alessandro Ghedini brought this change]
4010 gtls: add support for the Certificate Status Request TLS extension
4012 Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
4014 This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
4015 at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
4016 response verfication to fail even on valid responses.
4018 - [Alessandro Ghedini brought this change]
4020 url: add CURLOPT_SSL_VERIFYSTATUS option
4022 This option can be used to enable/disable certificate status verification using
4023 the "Certificate Status Request" TLS extension defined in RFC6066 section 8.
4025 This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
4026 certificate status verification fails, and the Curl_ssl_cert_status_request()
4027 function, used to check whether the SSL backend supports the status_request
4030 - TheArtOfHttpScripting: skip the date at the top, we have git
4032 - TheArtOfHttpScripting: phrase it TLS lib agnostic
4034 Steve Holme (16 Jan 2015)
4035 - TODO: Added some SMB ideas
4037 - RELEASE-NOTES: Synced with 5f09947d28
4039 - build-openssl.bat: Added check for Perl installation
4041 - checksrc.bat: Better detection of Perl installation
4043 - curl_endian: Fixed build when 64-bit integers are not supported
4045 Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
4046 Reported-by: John E. Malmberg
4048 Daniel Stenberg (15 Jan 2015)
4049 - [Yun SangHo brought this change]
4051 curl.h: remove extra space
4053 - Curl_pretransfer: reset expected transfer sizes
4055 Reported-by: Mohammad AlSaleh
4056 Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html
4058 Marc Hoersken (12 Jan 2015)
4059 - curl_schannel.c: mark session as removed from cache if not freed
4061 If the session is still used by active SSL/TLS connections, it
4062 cannot be closed yet. Thus we mark the session as not being cached
4063 any longer so that the reference counting mechanism in
4064 Curl_schannel_shutdown is used to close and free the session.
4066 Reported-by: Jean-Francois Durand
4068 Steve Holme (9 Jan 2015)
4069 - RELEASE-NOTES: Synced with d21b66835f
4071 Guenter Knauf (9 Jan 2015)
4072 - Merge pull request #134 from vszakats/mingw-m64
4074 add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
4076 - Merge pull request #136 from vszakats/mingw-allow-custom-cflags
4078 mingw build: allow to pass custom CFLAGS
4080 Daniel Stenberg (9 Jan 2015)
4081 - NSS: fix compiler error when built http2-enabled
4083 Steve Holme (9 Jan 2015)
4084 - gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
4086 Better code reuse and consistency in calls to gss_import_name().
4088 Viktor Szakats (9 Jan 2015)
4089 - mingw build: allow to pass custom CFLAGS
4091 Daniel Stenberg (8 Jan 2015)
4092 - FTP: if EPSV fails on IPV6 connections, bail out
4094 ... instead of trying PASV, since PASV can't work with IPv6.
4096 Reported-by: Vojtěch Král
4098 - FTP: fix IPv6 host using link-local address
4100 ... and make sure we can connect the data connection to a host name that
4101 is longer than 48 bytes.
4103 Also simplifies the code somewhat by re-using the original host name
4104 more, as it is likely still in the DNS cache.
4106 Original-Patch-by: Vojtěch Král
4107 Bug: http://curl.haxx.se/bug/view.cgi?id=1468
4109 Steve Holme (8 Jan 2015)
4110 - [Sam Schanken brought this change]
4112 winbuild: Added option to build with c-ares
4114 Added support for a WITH_CARES option to be used when invoking nmake
4115 via Makefile.vc. This option enables linking against both the DLL and
4116 static versions of the c-ares libraries, as well as the debug and
4117 release varients, depending on the value of DEBUG. The USE_ARES
4118 preprocessor symbol is also defined.
4120 Guenter Knauf (8 Jan 2015)
4121 - NetWare build: added TLS-SRP enabled build.
4123 Steve Holme (8 Jan 2015)
4124 - sasl_gssapi: Fixed build on NetBSD with built-in GSS-API
4126 Bug: http://curl.haxx.se/bug/view.cgi?id=1469
4127 Reported-by: Thomas Klausner
4129 Viktor Szakats (8 Jan 2015)
4130 - add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS
4132 Daniel Stenberg (8 Jan 2015)
4133 - bump: start working towards 7.40.1
4135 - THANKS: 14 new contributors from the 7.40.0 release notes
4137 Version 7.40.0 (7 Jan 2015)
4139 Daniel Stenberg (7 Jan 2015)
4140 - RELEASE-NOTES: version 7.40.0
4142 - darwinssl: fix session ID keys to only reuse identical sessions
4144 ...to avoid a session ID getting cached without certificate checking and
4145 then after a subsequent _enabling_ of the check libcurl could still
4146 re-use the session done without cert checks.
4148 Bug: http://curl.haxx.se/docs/adv_20150108A.html
4149 Reported-by: Marc Hesse
4151 - tests: make sure CRLFs can't be used in URLs passed to proxy
4153 Bug: http://curl.haxx.se/docs/adv_20150108B.html
4155 - url-parsing: reject CRLFs within URLs
4157 Bug: http://curl.haxx.se/docs/adv_20150108B.html
4158 Reported-by: Andrey Labunets
4160 Steve Holme (7 Jan 2015)
4161 - ldap: Convert attribute output to UTF-8 when Unicode
4163 - ldap: Convert DN output to UTF-8 when Unicode
4165 Daniel Stenberg (7 Jan 2015)
4166 - hostip: remove 'stale' argument from Curl_fetch_addr proto
4168 Also, remove the log output of the resolved name is NOT in the cache in
4169 the spirit of only telling when something is actually happening.
4171 Steve Holme (7 Jan 2015)
4172 - ldap/imap: Fixed spelling mistake in comments and variable names
4174 Reported-by: Michael Osipov
4176 Daniel Stenberg (7 Jan 2015)
4177 - RELEASE-NOTES: updated with ./contributors.sh output
4179 Dan Fandrich (5 Jan 2015)
4180 - curl_multibyte.h: Eliminated some trailing whitespace
4182 Steve Holme (4 Jan 2015)
4183 - RELEASE-NOTES: Synced with ea93252ef1
4185 - ldap: Fixed Unicode usage for all Win32 builds
4187 Otherwise, the fixes in the previous commits would only be applicable
4188 to IDN and SSPI based builds and not others such as OpenSSL with LDAP
4191 - ldap: Fixed memory leak from commit efb64fdf80
4193 - ldap: Fix memory leak from commit 3a805c5cc1
4195 - ldap: Fixed attribute variable warnings when Unicode is enabled
4197 Use 'TCHAR *' for local attribute variable rather than 'char *'.
4199 - ldap: Fixed DN variable warnings when Unicode is enabled
4201 Use 'TCHAR *' for local DN variable rather than 'char *'.
4203 - ldap: Remove the unescape_elements() function
4205 Due to the recent modifications this function is no longer used.
4207 - ldap.c: Fixed compilation warning
4209 ldap.c:98: warning: extra tokens at end of #endif directive
4211 - ldap: Fixed support for Unicode filter in Win32 search call
4213 - ldap.c: Fixed compilation warning
4215 ldap.c:802: warning: comparison between signed and unsigned integer
4218 - ldap: Fixed support for Unicode attributes in Win32 search call
4220 - ldap: Fixed memory leak from commit efb64fdf80
4222 The unescapped DN was not freed after a successful character conversion.
4224 - ldap.c: Fixed compilation error
4226 ldap.c:738: error: macro "LDAP_TRACE" passed 2 arguments, but takes
4229 - ldap.c: Fixed compilation warning
4231 ldap.c:89: warning: extra tokens at end of #endif directive
4233 - ldap: Fixed support for Unicode DN in Win32 search call
4235 - ldap: Fixed Unicode user and password in Win32 bind calls
4237 - ldap: Fixed Unicode host name in Win32 initialisation calls
4239 - ldap: Use host.dispname for infof() connection failure messages
4241 As host.name may be encoded use dispname for infof() failure messages.
4243 - ldap: Prefer 'CURLcode result' for curl result codes
4245 - ldap: Pass write length in all Curl_client_write() calls
4247 As we get the length for the DN and attribute variables, and we know
4248 the length for the line terminator, pass the length values rather than
4249 zero as this will save Curl_client_write() from having to perform an
4250 additional strlen() call.
4252 - ldap: Fixed attribute memory leaks on failed client write
4254 Fixed memory leaks from commit 086ad79970 as was noted in the commit
4257 - ldap: Fixed DN memory leaks on failed client write
4259 Fixed memory leaks from commit 086ad79970 as was noted in the commit
4262 - curl_ntlm_core.c: Fixed compilation warning from commit 1cb17b2a5d
4264 curl_ntlm_core.c:146: warning: passing 'DES_cblock' (aka 'unsigned char
4265 [8]') to parameter of type 'char *' converts
4266 between pointers to integer types with different
4269 - ntlm: Use extend_key_56_to_64() for all cryptography engines
4271 Rather than duplicate the code in setup_des_key() for OpenSSL and in
4272 extend_key_56_to_64() for non-OpenSSL based crypto engines, as it is
4273 the same, use extend_key_56_to_64() for all engines.
4275 - RELEASE-NOTES: Synced with 34f0bd110f
4277 - curl_ntlm_core.c: Fixed compilation warning
4279 curl_ntlm_core.c:458: warning: 'ascii_uppercase_to_unicode_le' defined
4282 - endian: Fixed bit-shift in 64-bit integer read functions
4284 From commit 43792592ca and 4bb5a351b2.
4286 Reported-by: Michael Osipov
4288 - smb: Use endian functions for reading NBT and message size values
4290 - endian: Added big endian read functions
4292 - endian: Added 64-bit integer read function
4294 - COPYING: Bumped copyright year to 2015
4296 - version: Bump copyright year to 2015
4298 - smb.c: Fixed compilation warnings
4300 smb.c:780: warning: passing 'char *' to parameter of type 'unsigned
4301 char *' converts between pointers to integer types with
4303 smb.c:781: warning: passing 'char *' to parameter of type 'unsigned
4304 char *' converts between pointers to integer types with
4306 smb.c:804: warning: passing 'char *' to parameter of type 'unsigned
4307 char *' converts between pointers to integer types with
4310 - smb: Use endian functions for reading length and offset values
4312 - endian: Added 16-bit integer write function
4314 - endian: Fixed Linux compilation issues
4316 Having files named endian.[c|h] seemed to cause issues under Linux so
4317 renamed them both to have the curl_ prefix in the filenames.
4319 - [Julien Nabet brought this change]
4321 lib1900.c: Fixed cppcheck error
4323 lib1900.c:182: (style) Array index 'handlenum' is used before limits
4326 Bug: https://github.com/bagder/curl/pull/133
4328 - endian: Added standard function descriptions
4330 - endian: Renamed functions for curl API naming convention
4332 - endian: Moved write functions to new module
4334 - endian: Moved read functions to new module
4336 - endian: Introduced endian module
4338 To allow the little endian functions, currently used in two of the NTLM
4339 source files, to be used by other modules such as the SMB module.
4341 - sepheaders.c: Applied curl oding standards
4343 - [Julien Nabet brought this change]
4345 sepheaders.c: Fixed resource leak on failure
4347 - vtls: Use '(void) arg' for unused parameters
4349 Prefer void for unused parameters, rather than assigning an argument to
4350 itself as a) unintelligent compilers won't optimize it out, b) it can't
4351 be used for const parameters, c) it will cause compilation warnings for
4352 clang with -Wself-assign and d) is inconsistent with other areas of the
4355 - smb.c: Fixed compilation warning
4357 smb.c:586: warning: conversion to 'short unsigned int' from 'int' may
4360 - [Bill Nagel brought this change]
4362 smb: Use the connection's upload buffer
4364 Use the connection's upload buffer instead of allocating our own send
4367 - RELEASE-NOTES: Synced with 1933f9d33c
4369 - schannel: Moved the ISC return flag definitions to the SSPI module
4371 Moved our Initialize Security Context return attribute definitions to
4372 the SSPI module, as a) these can be used by other SSPI based providers
4373 and b) the ISC required attributes are defined there.
4375 - [Bill Nagel brought this change]
4377 smb: Close the connection after a failed client write
4379 - darwinssl: Fixed compilation warning
4381 vtls.c:683:43: warning: unused parameter 'data'
4383 - sockfilt.c: Fixed compilation warnings
4385 sockfilt.c:288: warning: conversion to 'DWORD' from 'size_t' may alter
4387 sockfilt.c:291: warning: conversion to 'DWORD' from 'size_t' may alter
4389 sockfilt.c:323: warning: conversion to 'DWORD' from 'size_t' may alter
4391 sockfilt.c:326: warning: conversion to 'DWORD' from 'size_t' may alter
4394 - test1509: Fixed compilation warning
4396 lib1509.c:93:18: warning: conversion to 'long int' from 'size_t' may
4399 - test556: Fixed compilation warning
4401 lib556.c:90: warning: conversion to 'unsigned int' from 'size_t' may
4404 - sasl_gssapi: Fixed use of dummy username with real username
4406 - vtls: Fixed compilation warning and an ignored return code
4408 curl_schannel.h:123: warning: right-hand operand of comma expression
4411 Some instances of the curlssl_close_all() function were declared with a
4412 void return type whilst others as int. The schannel version returned
4413 CURLE_NOT_BUILT_IN and others simply returned zero, but in all cases the
4414 return code was ignored by the calling function Curl_ssl_close_all().
4416 For the time being and to keep the internal API consistent, changed all
4417 declarations to use a void return type.
4419 To reduce code we might want to consider removing the unimplemented
4420 versions and use a void #define like schannel does.
4422 Daniel Stenberg (28 Dec 2014)
4423 - TODO: 2.3 Better support for same name resolves
4425 Steve Holme (28 Dec 2014)
4426 - test1520: Fixed initial teething problems
4428 * Missing initialisation of upload status caused a seg fault
4429 * Missing data termination caused corrupt data to be uploaded
4430 * Data verification should be performed in <upload> element
4431 * Added missing recipient list cleanup
4433 - test1520: Fixed compilation errors
4435 - tests: Added test for bug #1456
4437 - checksrc.bat: Fixed a problem opening files with spaces in the filename
4439 - openldap: Prefer use of 'CURLcode result'
4441 - openldap: Use 'LDAPMessage *msg' for messages
4443 This frees up the 'result' variable for CURLcode based result codes.
4445 - nss: Don't ignore Curl_extract_certinfo() OOM failure
4447 - nss: Don't ignore Curl_ssl_init_certinfo() OOM failure
4449 - nss: Use 'CURLcode result' for curl result codes
4451 ...and don't use CURLE_OK in failure/success comparisons.
4453 - getinfo: Code style policing
4455 - getinfo: Use 'CURLcode result' for curl result codes
4457 - darwinssl: Use 'CURLcode result' for curl result codes
4459 - polarssl: Use 'CURLcode result' for curl result codes
4461 - docs: Updated following the addition of SASL GSSAPI via GSS-API libraries
4463 As this feature has been implemented for 7.40.0.
4465 - asiohiper.cpp: No need to initialise members of ConnInfo
4467 ...as calloc() automatically clears the area of memory with zeros.
4469 - asiohiper.cpp: Updated for curl coding standards
4471 ...with the exception of the start of block statement curly brackets.
4473 - code/docs: Use correct case for IPv4 and IPv6
4475 For consistency, as we seem to have a bit of a mixed bag, changed all
4476 instances of ipv4 and ipv6 in comments and documentations to use the
4479 - runtests: Fixed detection of Unix Sockets feature
4481 ...following change in curl --version output.
4483 - code/docs: Use Unix rather than UNIX to avoid use of the trademark
4485 Use Unix when generically writing about Unix based systems as UNIX is
4486 the trademark and should only be used in a particular product's name.
4488 - ip2ip.c: Fixed compilation warning when IPv6 Scope ID not supported
4490 if2ip.c:119: warning: unused parameter 'remote_scope_id'
4492 ...and some minor code style policing in the same function.
4494 - vtls: Don't set cert info count until memory allocation is successful
4496 Otherwise Curl_ssl_init_certinfo() can fail and set the num_of_certs
4497 member variable to the requested count, which could then be used
4498 incorrectly as libcurl closes down.
4500 - vtls: Use CURLcode for Curl_ssl_init_certinfo() return type
4502 The return type for this function was 0 on success and 1 on error. This
4503 was then examined by the calling functions and, in most cases, used to
4504 return CURLE_OUT_OF_MEMORY.
4506 Instead use CURLcode for the return type and return the out of memory
4507 error directly, propagating it up the call stack.
4509 - configure: Use camel case for UNIX sockets feature output
4511 To match the curl --version output.
4513 Marc Hoersken (26 Dec 2014)
4514 - sockfilt.c: Reduce the number of individual memory allocations
4516 Merge multiple internal arrays into one, even if some variables
4517 will not not be used. They are all created with the number of
4518 file descriptors as their size.
4520 Also fix possible thread handle leak in CloseHandle-loop.
4522 - sockfilt.c: Replace 100ms sleep with thread throttle
4524 Improves performance of test cases 574 and 575 by 50%.
4526 A value of zero causes the thread to relinquish the remainder
4527 of its time slice to any other thread of equal priority that is
4528 ready to run. If there are no other threads of equal priority
4529 ready to run, the function returns immediately, and the thread
4530 continues execution.
4532 http://msdn.microsoft.com/library/windows/desktop/ms686307.aspx
4534 Steve Holme (25 Dec 2014)
4535 - tool_help: Use camel case for UNIX sockets feature output
4537 In line with the other features listed in the --version output,
4538 capitalise the UNIX socket feature.
4540 - vtls: Use bool for Curl_ssl_getsessionid() return type
4542 The return type of this function is a boolean value, and even uses a
4543 bool internally, so use bool in the function declaration as well as
4544 the variables that store the return value, to avoid any confusion.
4546 - schannel: Minor code style policing for casts
4548 - schannel: Prefer 'CURLcode result' for curl result codes
4550 - cyassl: Prefer 'CURLcode result' for curl result codes
4552 - tool_xattr: Use 'CURLcode result' for curl result codes
4554 - curl_ntlm_core.c: Fixed compilation warnings
4556 curl_ntlm_core.c:301: warning: pointer targets in passing argument 2 of
4557 'CryptImportKey' differ in signedness
4558 curl_ntlm_core.c:310: warning: passing argument 6 of 'CryptEncrypt' from
4559 incompatible pointer type
4560 curl_ntlm_core.c:540: warning: passing argument 4 of 'CryptGetHashParam'
4561 from incompatible pointer type
4563 - RELEASE-NOTES: Synced with 8830df8b66
4565 - gtls: Use preferred 'CURLcode result'
4567 - openldap: Use standard naming for setup connection function
4569 Renamed ldap_setup() to ldap_setup_connection() to follow more widely
4570 used function naming.
4572 - rtmp: Use standard naming for setup connection function
4574 Renamed rtmp_setup() to rtmp_setup_connection() to follow more widely
4575 used function naming.
4577 - smb: Use standard naming for setup connection function
4579 Renamed smb_setup() to smb_setup_connection() to follow more widely
4580 used function naming.
4582 - config-win32.h: Fixed line length > 79 columns
4584 - openssl: Prefer we don't use NULL in comparisons
4586 - build: Removed WIN32 definition from the Visual Studio projects
4588 As this pre-processor definition is defined in curl_setup.h there is no
4589 need to include it in the Visual Studio project files.
4591 - build: Removed WIN64 definition from the libcurl Visual Studio projects
4593 Removed the WIN64 pre-processor definition from the libcurl project
4596 * WIN64 is not used in our source code
4597 * The curl projects files don't define it
4598 * It isn't required by or used in the platform SDK
4599 * For backwards compatability curl_setup.h defines WIN32
4600 * The compiler automatically defines _WIN64 for x64 builds
4602 Historically Visual Studio projects have defined WIN32, in addition to
4603 the compiler defined _WIN32 definition, and I had incorrectly changed
4604 that to WIN64 for the x64 libcurl builds but not in the curl projects.
4606 As such, it is questionable whether this should be defined or not. For
4607 more information see the following cache of a discussion that took
4608 place on the microsoft.public.vc.mfc newsgroup:
4610 http://www.tech-archive.net/Archive/VC/microsoft.public.vc.mfc/2008-06/msg00074.html
4612 - openssl.c Fix for compilation errors with older versions of OpenSSL
4614 openssl.c:1408: error: 'TLS1_1_VERSION' undeclared
4615 openssl.c:1411: error: 'TLS1_2_VERSION' undeclared
4617 Daniel Stenberg (22 Dec 2014)
4618 - [John Malmberg brought this change]
4620 Fix comment edit in vms/backup_gnv_curl_src.com
4622 packages/vms/backup_gnv_curl_src.com: Originally copied from Bash port.
4624 - curl: show size of inhibited data when using -v
4626 To offer some more info and yet it doesn't use more lines.
4628 - openssl: fix SSL/TLS versions in verbose output
4630 - openssl: make it compile against openssl 1.1.0-DEV master branch
4632 Marc Hoersken (22 Dec 2014)
4633 - sshserver.pl: clarify and streamline variable names
4635 Daniel Stenberg (21 Dec 2014)
4636 - openssl: warn for SRP set if SSLv3 is used, not for TLS version
4638 ... as it requires TLS and it was was left to warn on the default from
4639 when default was SSL...
4641 - smb: use memcpy() instead of strncpy()
4643 ... as it never copies the trailing zero anyway and always just the four
4644 bytes so let's not mislead anyone into thinking it is actually treated
4647 Coverity CID: 1260214
4649 - [John E. Malmberg brought this change]
4651 VMS: Updates for 0740-0D1220
4653 lib/setup-vms.h : VAX HP OpenSSL port is ancient, needs help.
4654 More defines to set symbols to uppercase.
4656 src/tool_main.c : Fix parameter to vms_special_exit() call.
4659 backup_gnv_curl_src.com : Fix the error message to have the correct package.
4661 build_curl-config_script.com : Rewrite to be more accurate.
4663 build_libcurl_pc.com : Use tool_version.h now.
4665 build_vms.com : Fix to handle lib/vtls directory.
4667 curl_gnv_build_steps.txt : Updated build procedure documentation.
4669 generate_config_vms_h_curl.com :
4670 * VAX does not support 64 bit ints, so no NTLM support for now.
4671 * VAX HP SSL port is ancient, needs some help.
4672 * Disable NGHTTP2 for now, not ported to VMS.
4673 * Disable UNIX_SOCKETS, not available on VMS yet.
4674 * HP GSSAPI port does not have gss_nt_service_name.
4676 gnv_link_curl.com : Update for new curl structure.
4678 pcsi_product_gnv_curl.com : Set up to optionally do a complete build.
4680 Marc Hoersken (21 Dec 2014)
4681 - sockfilt.c: use non-Ex functions that are available before WinXP
4683 It was initially reported by Guenter that GetFileSizeEx
4684 requires (_WIN32_WINNT >= 0x0500) to be true.
4686 - tests: use Cygwin-style paths in SSH, SSHD and SFTP config files
4688 Second patch to enable Windows support using Cygwin-based OpenSSH.
4690 Tested with CopSSH 5.0.0 free edition using an msys shell on Windows 7.
4692 - tests: support spaces in paths to SSH, SSHD and SFTP binaries
4694 First patch to enable Windows support using Cygwin-based OpenSSH.
4696 Steve Holme (20 Dec 2014)
4697 - non-ascii: Reduce variable usage
4699 Removed 'next' variable in Curl_convert_form(). Rather than setting it
4700 from 'form->next' and using that to set 'form' after the conversion
4701 just use 'form = form->next' instead.
4703 - non-ascii: Prefer while loop rather than a do loop
4705 This also removes the need to check that the 'form' argument is valid.
4707 - non-ascii: Reduce variable scope
4709 As 'result' isn't used out side the conversion callback code and
4710 previously caused variable shadowing in the libiconv based code.
4712 - non-ascii: We prefer 'CURLcode result'
4714 This also fixes a variable shadowing issue when HAVE_ICONV is defined
4715 as rc was declared for the result code of libiconv based functions.
4717 Marc Hoersken (19 Dec 2014)
4718 - secureserver.pl: clean up formatting of config and fix verbose output
4720 Verbose output was not matching the actual configuration file,
4721 because FIPS and Windows conditions were ignored.
4723 - secureserver.pl: update Windows detection and fix path conversion
4725 - secureserver.pl: make OpenSSL CApath and cert absolute path values
4727 Recent stunnel versions (5.08) seem to have trouble with relative
4728 paths on Windows. This turns the relative paths into absolute ones.
4730 Patrick Monnerat (18 Dec 2014)
4731 - if2ip: dummy scope parameter for Curl_if2ip() call in SIOCGIFADDR-enabled code.
4733 - [Kyle J. McKay brought this change]
4735 parseurlandfillconn(): fix improper non-numeric scope_id stripping.
4736 Fixes SF bug 1149: http://sourceforge.net/p/curl/bugs/1449/
4738 - IPV6: address scope != scope id
4739 There was a confusion between these: this commit tries to disambiguate them.
4740 - Scope can be computed from the address itself.
4741 - Scope id is scope dependent: it is currently defined as 1-based local
4742 interface index for link-local scoped addresses, and as a site index(?) for
4743 (obsolete) site-local addresses. Linux only supports it for link-local
4745 The URL parser properly parses a scope id as an interface index, but stores it
4746 in a field named "scope": confusion. The field has been renamed into "scope_id".
4747 Curl_if2ip() used the scope id as it was a scope. This caused failures
4748 to bind to an interface.
4749 Scope is now computed from the addresses and Curl_if2ip() matches them.
4750 If redundantly specified in the URL, scope id is check for mismatch with
4751 the interface index.
4753 This commit should fix SF bug #1451.
4755 - connect: singleipconnect(): properly try other address families after failure
4757 Daniel Stenberg (16 Dec 2014)
4758 - SFTP: work-around servers that return zero size on STAT
4760 Bug: http://curl.haxx.se/mail/lib-2014-12/0103.html
4761 Pathed-by: Marc Renault
4763 - glob_next_url: make the loop count upwards
4765 As the former contruct apparently caused a compiler warning, mentioned
4768 - tool_operate: we prefer 'CURLcode result'
4770 - tool_urlglob: unify return codes to use CURLcode
4772 There was a mix of GlobCode, CURLcode and ints and they were mostly
4773 passing around CURLcode errors. This change makes the functions use only
4774 CURLcode and removes the GlobCode type completely.
4776 - tool_urlglob.c: partly reverse dc19789444
4778 The loop in glob_next_url() needs to be done backwards to maintain the
4779 logic. dc19789444 caused test 1235 to fail.
4781 - KNOWN_BUGS: the SFTP code doesn't support CURLINFO_FILETIME
4783 - [Jay Satiro brought this change]
4785 opts: Warn CURLOPT_TIMEOUT overrides when set after CURLOPT_TIMEOUT_MS
4787 Change CURLOPT_TIMEOUT doc to warn that if CURLOPT_TIMEOUT and
4788 CURLOPT_TIMEOUT_MS are both set whichever one is set last is the one
4791 Prior to this change that behavior was only noted in the
4792 CURLOPT_TIMEOUT_MS doc.
4794 Nick Zitzmann (15 Dec 2014)
4795 - darwinssl: fix incorrect usage of aprintf()
4797 Commit b13923f changed an snprintf() to use aprintf(), but the API usage
4798 wasn't correct, and was causing a crash to occur. This fixes it.
4800 Steve Holme (14 Dec 2014)
4801 - copyright: Updated the copyright year following recent updates
4803 Daniel Stenberg (14 Dec 2014)
4804 - tool_urlglob.c: reverse two loops
4806 By counting from 0 and up instead of backwards like before, we remove
4807 the need for the "funny" check of the unsigned variable when decreased
4808 passed zero. Easier to read and less risk for compiler warnings.
4810 Marc Hoersken (14 Dec 2014)
4811 - tool_urlglob.c: Added braces to clarify the conditions
4813 - tool_urlglob.c: Silence warning C6293: Ill-defined for-loop
4815 The >= 0 is actually not required, since i underflows and
4816 the for-loop is stopped using the < condition, but this
4817 makes the VS2012 compiler and code analysis happy.
4819 - tool_binmode.c: Explicitly ignore the return code of setmode
4821 Fixes code analysis warning C6031:
4822 return value ignored: <function> could return unexpected value
4824 - lib: Fixed multiple code analysis warnings if SAL are available
4826 warning C28252: Inconsistent annotation for function:
4827 parameter has another annotation on this instance
4829 Steve Holme (14 Dec 2014)
4830 - smb.c: Fixed code analysis warning
4832 smb.c:320: warning C6297: Arithmetic overflow: 32-bit value is shifted,
4833 then cast to 64-bit value. Result may not be an expected
4836 Marc Hoersken (14 Dec 2014)
4837 - tool_util.c: Use GetTickCount64 if it is available
4839 Steve Holme (14 Dec 2014)
4840 - smb: Use HAVE_PROCESS_H for process.h inclusion
4842 Rather than testing against _WIN32 use the preferred HAVE_PROCESS_H
4843 pre-processor define when including process.h.
4845 Daniel Stenberg (14 Dec 2014)
4846 - darwinssl: aprintf() to allocate the session key
4848 ... to avoid using a fixed memory size that risks being too large or too
4851 Marc Hoersken (14 Dec 2014)
4852 - curl_schannel: Improvements to memory re-allocation strategy
4854 - do not grow memory by doubling its size
4855 - do not leak previously allocated memory if reallocation fails
4856 - replace while-loop with a single check to make sure
4857 that the requested amount of data fits into the buffer
4859 Bug: http://curl.haxx.se/bug/view.cgi?id=1450
4860 Reported-by: Warren Menzer
4862 Steve Holme (14 Dec 2014)
4863 - asyn-ares: We prefer use of 'CURLcode result'
4865 Marc Hoersken (14 Dec 2014)
4866 - curl_schannel.c: Data may be available before connection shutdown
4868 Steve Holme (14 Dec 2014)
4869 - http2: Use 'CURLcode result' for curl result codes
4871 - asyn-thread: We prefer 'CURLcode result'
4873 - smb: Fixed unnecessary initialisation of struct member variables
4875 There is no need to set the 'state' and 'result' member variables to
4876 SMB_REQUESTING (0) and CURLE_OK (0) after the allocation via calloc()
4877 as calloc() initialises the contents to zero.
4879 - ntlm: Fixed return code for bad type-2 Target Info
4881 Use CURLE_BAD_CONTENT_ENCODING for bad type-2 Target Info security
4882 buffers just like we do for bad decodes.
4884 - ntlm: Remove unnecessary casts in readshort_le()
4886 I don't think both of my fix ups from yesterday were needed to fix the
4887 compilation warning, so remove the one that I think is unnecessary and
4888 let the next Android autobuild prove/disprove it.
4890 - curl_ntlm_msgs.c: Another attempt to fix compilation warning
4892 curl_ntlm_msgs.c:170: warning: conversion to 'short unsigned int' from
4893 'int' may alter its value
4895 Guenter Knauf (13 Dec 2014)
4896 - synctime.c: added own user-agent string.
4898 Steve Holme (13 Dec 2014)
4899 - smb.c: Fixed line longer than 79 columns
4901 - curl_ntlm_msgs.c: Fixed compilation warning from commit 783b5c3b11
4903 curl_ntlm_msgs.c:169: warning: conversion to 'short unsigned int' from
4904 'int' may alter its value
4906 Guenter Knauf (13 Dec 2014)
4907 - mk-ca-bundle.pl: restored forced run again.
4909 - synctime.c: removed another timeserver URL.
4911 worldtimeserver.com seems also no longer available.
4913 - synctime.c: fixed timeserver URLs.
4915 For getting the date header its not necessary to access special
4916 pages or even CGI scripts - all pages including the main index
4917 reply with the date header, therefore shortened URLs to domain.
4918 Removed worldtime.com; added pool.ntp.org.
4920 Steve Holme (13 Dec 2014)
4921 - ftp.c: Fixed compilation warning when no verbose string support
4923 ftp.c:819: warning: unused parameter 'lineno'
4925 - smb: Added state change functions to assist with debugging
4927 For debugging purposes, and as per other protocols within curl, added
4928 state change functions rather than changing the states directly.
4930 - ntlm: Use short integer when decoding 16-bit values
4932 - RELEASE-NOTES: Synced with 6291a16b20
4934 - smtp.c: Fixed compilation warnings
4936 smtp.c:2357 warning: adding 'size_t' (aka 'unsigned long') to a string
4937 does not append to the string
4938 smtp.c:2375 warning: adding 'size_t' (aka 'unsigned long') to a string
4939 does not append to the string
4940 smtp.c:2386 warning: adding 'size_t' (aka 'unsigned long') to a string
4941 does not append to the string
4943 Used array index notation instead.
4945 - smb: Disable SMB when 64-bit integers are not supported
4947 This fixes compilation issues with compilers that don't support 64-bit
4948 integers through long long or __int64.
4950 - ntlm: Disable NTLM v2 when 64-bit integers are not supported
4952 This fixes compilation issues with compilers that don't support 64-bit
4953 integers through long long or __int64 which was introduced in commit
4956 - ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined
4958 Previously USE_NTLM2SESSION would only be defined automatically when
4959 USE_NTRESPONSES wasn't already defined. Separated the two definitions
4960 so that the user can manually set USE_NTRESPONSES themselves but
4961 USE_NTLM2SESSION is defined automatically if they don't define it.
4963 - smtp.c: Fixed line longer than 79 columns
4965 - config-win32.h: Don't enable Windows Crypt API if using OpenSSL
4967 As the OpenSSL and NSS Crypto engines are prefered by the core NTLM
4968 routines, to the Windows Crypt API, don't define USE_WIN32_CRYPT
4969 automatically when either OpenSSL or NSS are in use - doing so would
4970 disable NTLM2Session responses in NTLM type-3 messages.
4972 - smtp: Fixed inappropriate free of the scratch buffer
4974 If the scratch buffer was allocated in a previous call to
4975 Curl_smtp_escape_eob(), a new buffer not allocated in the subsequent
4976 call and no action taken by that call, then an attempt would be made to
4977 try and free the buffer which, by now, would be part of the data->state
4980 This bug was introduced in commit 4bd860a001.
4982 - smtp: Fixed dot stuffing when EOL characters were at end of input buffers
4984 Fixed a problem with the CRLF. detection when multiple buffers were
4985 used to upload an email to libcurl and the line ending character(s)
4986 appeared at the end of each buffer. This meant any lines which started
4987 with . would not be escaped into .. and could be interpreted as the end
4988 of transmission string instead.
4990 This only affected libcurl based applications that used a read function
4991 and wasn't reproducible with the curl command-line tool.
4993 Bug: http://curl.haxx.se/bug/view.cgi?id=1456
4994 Assisted-by: Patrick Monnerat
4996 Daniel Stenberg (11 Dec 2014)
4997 - telnet: fix "cast increases required alignment of target type"
4999 - ntlm_wb_response: fix "statement not reached"
5001 ... and I could use a break instead of a goto to end the loop.
5003 Bug: http://curl.haxx.se/mail/lib-2014-12/0089.html
5004 Reported-by: Tor Arntsen
5006 Steve Holme (10 Dec 2014)
5007 - RELEASE-NOTES: Synced with 1cc5194337
5009 Added some bug fixes that I had missed in previous synchronisations.
5011 Daniel Stenberg (10 Dec 2014)
5012 - Curl_unix2addr: avoid using the variable name 'sun'
5014 I suspect this causes compile failures on Solaris:
5016 Bug: http://curl.haxx.se/mail/lib-2014-12/0081.html
5018 Steve Holme (10 Dec 2014)
5019 - url.c: Fixed compilation warning when USE_NTLM is not defined
5021 url.c:3078: warning: variable 'credentialsMatch' set but not used
5023 - parsedate.c: Fixed compilation warning
5025 parsedate.c:548: warning: 'parsed' may be used uninitialized in this
5028 As curl_getdate() returns -1 when parsedate() fails we can initialise
5031 Daniel Stenberg (10 Dec 2014)
5032 - TODO: Cache negative name resolves
5036 - ldap: check Curl_client_write() return codes
5038 There might be one or two memory leaks left in the error paths.
5040 - ldap: rename variables to comply to curl standards
5042 Dan Fandrich (10 Dec 2014)
5043 - sws.c: Fixed 'rc' may be used uninitialized warning
5045 - cookies: Improved OOM handling in cookies
5047 This fixes the test 506 torture test. The internal cookie API really
5048 ought to be improved to separate cookie parsing errors (which may be
5049 ignored) with OOM errors (which should be fatal).
5051 Guenter Knauf (9 Dec 2014)
5052 - synctime.c: fixed user-agent setting.
5054 Some websites meanwhile refuse to reply to requests from ancient
5055 browsers like IE6, therefore I've comment out this setting, but
5056 also fixed the string to now fake IE8 if someone enables it.
5058 Daniel Stenberg (9 Dec 2014)
5059 - smb: fix unused return code warning
5061 Patrick Monnerat (9 Dec 2014)
5062 - Curl_client_write() & al.: chop long data, convert data only once.
5064 Guenter Knauf (9 Dec 2014)
5065 - VC build: added sspi define for winssl-zlib builds.
5067 Daniel Stenberg (9 Dec 2014)
5068 - schannel_recv: return the correct code
5070 Bug: http://curl.haxx.se/bug/view.cgi?id=1462
5071 Reported-by: Tae Hyoung Ahn
5073 - http2: avoid logging neg "failure" if h2 was not requested
5075 - openldap: do not ignore Curl_client_write() return codes
5077 - compile: warn on unused return code from Curl_client_write()
5079 Patrick Monnerat (8 Dec 2014)
5080 - SMB: Fix a data size mismatch that broke SMB on big-endian platforms
5082 Steve Holme (7 Dec 2014)
5083 - smb: Fixed Windows autoconf builds following commit eb88d778e7
5085 As Windows based autoconf builds don't yet define USE_WIN32_CRYPTO
5086 either explicitly through --enable-win32-cypto or automatically on
5087 _WIN32 based platforms, subsequent builds broke with the following
5090 "Can't compile NTLM support without a crypto library."
5092 - RELEASE-NOTES: Synced with 526603ff05
5094 - [Bill Nagel brought this change]
5096 smb: Build with SSPI enabled
5098 Build SMB/CIFS protocol support when SSPI is enabled.
5100 - [Bill Nagel brought this change]
5102 ntlm: Use Windows Crypt API
5104 Allow the use of the Windows Crypt API for NTLMv1 functions.
5106 Dan Fandrich (7 Dec 2014)
5107 - cookie.c: Refactored cleanup code to simplify
5109 Also, fixed the outdated comments on the cookie API.
5111 - get_url_file_name: Fixed crash on OOM on debug build
5113 This caused a null-pointer dereference which caused a few dozen
5114 torture tests to fail.
5116 Steve Holme (6 Dec 2014)
5117 - sws.c: Fixed compilation warning
5119 sws.c:2191 warning: 'rc' may be used uninitialized in this function
5121 - ftp.c: Fixed compilation warnings when proxy support disabled
5123 ftp.c:1827 warning: unused parameter 'newhost'
5124 ftp.c:1827 warning: unused parameter 'newport'
5126 - smb: Fixed a problem with large file transfers
5128 Fixed an issue with the message size calculation where the raw bytes
5129 from the buffer were interpreted as signed values rather than unsigned
5132 Reported-by: Gisle Vanem
5133 Assisted-by: Bill Nagel
5135 - smb: Moved the URL decoding into a separate function
5137 - smb: Fixed URL encoded URLs not working
5139 - Makefile.inc: Added our standard header and updated file formatting
5141 - Makefile.inc: Updated file formatting
5143 Aligned continuation character and used space as the separator
5144 character as per other makefile files.
5146 - curl_md4.h: Updated copyright year following recent edit
5148 ...and minor layout adjustment.
5150 Patrick Monnerat (5 Dec 2014)
5151 - SMB: Fix big endian problems. Make it OS/400 aware.
5153 - OS400: enable NTLM authentication
5155 Steve Holme (5 Dec 2014)
5156 - multi.c: Fixed compilation warning
5158 multi.c:2695: warning: declaration of `exp' shadows a global declaration
5160 Guenter Knauf (5 Dec 2014)
5161 - build: updated dependencies in makefiles.
5163 Steve Holme (5 Dec 2014)
5164 - sasl: Corrected formatting of function descriptions