2012年3月27日

[installer 3161] curl-7.25.0

curl-7.25.0 出ています。

☆ curl-7.25.0
http://curl.haxx.se/
http://curl.haxx.se/download/curl-7.25.0.tar.gz

Version 7.25.0 (22 Mar 2012)

Daniel Stenberg (22 Mar 2012)
- RELEASE-NOTES: synced with b8b2cf612b2

Yang Tse (22 Mar 2012)
- tests #1400 #1401: add missing keywords

- http_proxy.h: fix builds with proxy or http disabled

- parsedate.c: fix a numeric overflow

Daniel Stenberg (22 Mar 2012)
- [Andrei Cipu brought this change]

cookies: strip the numerical ipv6 host properly

The commit e650dbde86d4 that stripped off [brackets] from ipv6-only host
headers for the sake of cookie parsing wrongly incremented the host
pointer which would cause a bad free() call later on.

Yang Tse (22 Mar 2012)
- test #598: add to Makefile.am

- test #598: OOM handling fixes

- fix several compiler warnings

Daniel Stenberg (22 Mar 2012)
- CONNECT: fix multi interface regression

The refactoring of HTTP CONNECT handling in commit 41b0237834232 that
made it protocol independent broke it for the multi interface. This fix
now introduce a better state handling and moved some logic to the
http_proxy.c source file.

Reported by: Yang Tse
Bug: http://curl.haxx.se/mail/lib-2012-03/0162.html

- SWS: refuse to serve CONNECT unless running as proxy

Yang Tse (21 Mar 2012)
- curl-functions.m4: update detection logic of getaddrinfo() thread-safeness

Take in account that POSIX standard Issue 7 drops h_errno support. Now, we also
consider getaddrinfo() to be thread-safe when (_POSIX_C_SOURCE >= 200809L) or
(_XOPEN_SOURCE >= 700) independently of whether h_errno exists or not.

- fix several compiler warnings

- tests 140X: fix --libcurl generated source file reading mode for MSYS builds

- tool_easysrc.c: fix --libcurl option output file text translation mode

Use fopen() with "w" mode instead of "wt" to fix cygwin builds.

- build: remove tool_cb_skt.[ch] references

Daniel Stenberg (18 Mar 2012)
- RELEASE-NOTES: synced with ad77420ac761b

3 more bugs, 1 more contributor

- lwip: basic checks and macros for compatiblity

Yang Tse (17 Mar 2012)
- tool_setopt.c: more OOM handling fixes

Daniel Stenberg (16 Mar 2012)
- cmake: list_spaces_append_once fails with spaces in filename

Windows standard libraries are located in C:/Program Files/Microsoft
SDKs/[...]. They are already included in the default MSVC
LIBPATH. Hence, find_library(WSOCK32_LIBRARY wsock32) and
find_library(WS2_32_LIBRARY ws2_32) are not needed. They return the full
path to the libraries including spaces. Of course,
list_spaces_append_once will mangle the result and the build fails.

Bug: http://curl.haxx.se/bug/view.cgi?id=3494968

Yang Tse (16 Mar 2012)
- http_proxy.c: fix OOM handling

- tool_setopt.c: fix OOM handling

- fix several compiler warnings

- fix some compiler warnings

Daniel Stenberg (13 Mar 2012)
- [Maxim Prohorov brought this change]

resolve with c-ares: don't resolve IPv6 when not working

If the Curl_ipv6works() function says no, there is no reason to try AAAA
names even if libcurl was built with IPv6 support enabled.

Bug: http://curl.haxx.se/mail/lib-2012-03/0045.html

unknown (10 Mar 2012)
- [Steve Holme brought this change]

smtp.c: Changed the curl error code for EHLO and HELO responses

Changed the returned curl error codes for EHLO and HELO responses from
CURLE_LOGIN_DENIED to CURLE_REMOTE_ACCESS_DENIED as a negative response
from these commands represents no service as opposed to a login error.

Daniel Stenberg (10 Mar 2012)
- RELEASE-NOTES: synced with e650dbde86

New: 12 bugs, 3 changes, 6 contributors and updated counters at the top

- [Andrei Cipu brought this change]

Curl_http: strip off [brackets] from ipv6-only host headers

Since the host name is passed in to the cookie engine it will not work
correctly if the brackets are left in the name.

Bug http://curl.haxx.se/mail/lib-2012-03/0036.html

- [Armel Asselin brought this change]

CURLSSH_OPT_AUTH: documented it has no effect

- [John Joseph Bachir brought this change]

mk-ca-bundle.pl: use LWP::UserAgent with proper https verify behavior.

An alternative would be:

1. specify HTTPS_CA_DIR and/or HTTPS_CA_FILE
2. ensure that Net::SSL is being used, and IO::Socket::SSL is NOT being
used

This question and answer explain:
http://stackoverflow.com/questions/74358/

- [John Joseph Bachir brought this change]

access the CA source file using HTTPS

- includes: remove inclusion of unused file http_proxy.h

- CONNECT: made generically not per-protocol

Curl_protocol_connect() now does the tunneling through the HTTP proxy if
requested instead of letting each protocol specific connection function
do it.

- ssh_connect: tunnel through HTTP proxy if requested

- LWIP: don't consider HAVE_ERRNO_H to be winsock

The check for Winsock definition was a bit too broad

Bug: http://curl.haxx.se/mail/lib-2012-03/0046.html

- [Dave Reisner brought this change]

curl-config: only provide libraries with --libs

In line with the manpage, curl-config --libs should only provide the necessary
library flags for the linker in order to compile software with libcurl. Also
with this change, we match what the pkg-config file provides.

- CONTRIB: Please don't send pull requests

- libcurl docs: version corrections

Correct some inconsistencies in which version some things were added.

Bug: http://curl.haxx.se/bug/view.cgi?id=3494091
Reported by: "curlybugs"

- CONNECT: fix ipv6 address in the Request-Line

Commit 466150bc64d fixed the Host: header with CONNECT, but I then
forgot the preceeding request-line. Now this too uses [brackets]
properly if a ipv6 numerical address was given.

Bug: http://curl.haxx.se/bug/view.cgi?id=3493129
Reported by: "Blacat"

- [Steve Holme brought this change]

SMTP: Added support for returning SMTP response codes

Set the conn->data->info.httpcode variable in smtp_statemach_act() to
allow Curl_getinfo() to return the SMTP response code via the
CURLINFO_RESPONSE_CODE action.

- curl.1: updated --libcurl

With Colin Hogben's recent work, --libcurl now also works with -F and
more. Remove the previous caveat.

- test: --libcurl fixes

The line endings broke when I saved the three recent patches (my fault,
not Colin's) to 'git am' them.

Adjusted the stripping of the test program for comparing to also exclude
the SSH key file name as that will differ and use a local path name.

- [Colin Hogben brought this change]

Add helper script convsrctest.pl to manipulate --libcurl tests.

The intention is to take the output of curl's --libcurl option,
as exercised in test 14xx, and generate a corresponding test15xx
in which the generated code is compiled and run. This will verify
that the generated code behaves equivalently to the original
invocation of the curl command.

The script is not yet integrated into the configure / makefile
machinery.

- [Colin Hogben brought this change]

Add tests for curl's --libcurl output.

These tests check the output of the --libcurl option of curl,
including the improved option handling added in a related patch.

- [Colin Hogben brought this change]

Generate lists and use symbols in --libcurl code output.

This patch improves the output of curl's --libcurl option by
generating code which builds curl_httppost and curl_slist lists, and
uses symbolic names for enum and flag values. Variants of the
my_setopt macro in tool_setopt.h are added in order to pass extra type
information to the code-generation step in tool_setopt.c.

If curl is configured with --disable-libcurl-option then the macros
call curl_easy_setopt directly.

- [Steve Holme brought this change]

smtp.c: Fixed an issue with writing postdata

Fixed a problem in smtp_done() when writing out the postdata as
Curl_write() would periodically return zero bytes written.

- CURLOPT_MAIL_AUTH: added in 7.25.0

Brought in commit 0cf0ab6f300

- pop3 test server: send terminating ".CRLF" only

With commit 035ef06bda7 applied, the test pop3 server needs to send
".\r\n" as the body terminating sequence and there needs to be a final
CRLF in the actual body in the test data file.

- [Steve Holme brought this change]

pop3.c: Fixed drop of final CRLF in EOB checking

Curl_pop3_write() would drop the final CRLF of a message as it was
considered part of the EOB as opposed to part of the message. Whilst
the EOB sequence needs to be searched for by the function only the
final 3 characters should be removed as per RFC-1939 section 3.

Reported by: Rich Gray
Bug: http://curl.haxx.se/mail/lib-2012-02/0051.html

- [Steve Holme brought this change]

smtp.c: Fixed an issue with the EOB checking

Curl_smtp_escape_eob() would leave off final CRLFs from emails ending
in multiple blank lines additionally leaving the smtpc->eob variable
with the character count in, which would cause problems for additional
emails when sent through multiple calls to curl_easy_perform() after a
CURLOPT_CONNECT_ONLY.

- CURLE_FTP_PRET_FAILED: listed twice

Make sure it is mentioned once and with the correct description

- --mail-auth documented

- [Steve Holme brought this change]

SMTP: Code policing and tidy up

- [Steve Holme brought this change]

curl: Added support for --mail-auth

Added an extra command-line argument to support the optional AUTH
parameter in SMTPs MAIL FROM command.

Kamil Dudka (16 Feb 2012)
- docs: mention that NTLM works with NSS, too

Daniel Stenberg (15 Feb 2012)
- [Steve Holme brought this change]

DOCS: Added information for CURLOPT_MAIL_AUTH.

Added information relating to the new CURLOPT_MAIL_AUTH parameter and
reworked CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT to be a clearer.

Fixed inconsistencies of "vocalisation of the abbreviation" versus
"vocalisation of the first word" for all abbreviations.

Corrected a typo in CURLOPT_NOPROXY.

- [Steve Holme brought this change]

smtp.c: Fixed use of angled brackets in AUTH parameter.

Fixed the use of angled brackets "<>" in the optional AUTH parameter as
per RFC-2554 section 5. The address should not include them but an
empty address should be replaced by them.

- [Steve Holme brought this change]

smtp_mail: Added support to MAIL FROM for the optional AUTH parameter

Added a new CURLOPT_MAIL_AUTH option that allows the calling program to
set the optional AUTH parameter in the MAIL FROM command.

When this option is specified and an authentication mechanism is used
to communicate with the mail server then the AUTH parameter will be
included in the MAIL FROM command. This is particularly useful when the
calling program is acting as a relay in a trusted environment and
performing server to server communication, as it allows the relaying
server to specify the address of the mailbox that was used to
authenticate and send the original email.

- [toddouska brought this change]

cyassl: update to CyaSSL 2.0.x API

Modify configure.ac to test for new CyaSSL Init function and remove
default install path to system. Change to CyaSSL OpenSSL header and
proper Init in code as well.

Note that this no longer detects or works with CyaSSL before v2

- LIBCURL_VERSION_NUM: 0x071900

I accidentally left the lowest bits 01 before

- [Steve Holme brought this change]

SMTP: Fixed error when using CURLOPT_CONNECT_ONLY

Fixed incorrect behavior in smtp_done() which would cause the end of
block data to be sent to the SMTP server if libcurl was operating in
connect only mode. This would cause the server to return an error as
data would not be expected which in turn caused libcurl to return
CURLE_RECV_ERROR.

- s/7.24.1/7.25.0

We will go straight to 7.25.0 due to the new additions

- curlver.h: bumped to 7.25.0

and updated the end year in the generic copyright string

- RELEASE-NOTES: synced with 2b26eb985

9 bug fixes, 4 changes and numerous contributors

Bumped release version and option counters

- [Colin Hogben brought this change]

configure: add option disable --libcurl output

- [Alessandro Ghedini brought this change]

curl tool: allow negative numbers as option values

Fix the str2num() function to not check if the input string starts with a
digit, since strtol() supports numbers prepended with '-' (and '+') too.
This makes the --max-redirs option work as documented.

- parse_proxy: simply memory handling

... by making sure that the string is always freed after the invoke as
parse_proxy will always copy the data and this way there's a single
free() instead of multiple ones.

- parse_proxy: bail out on zero-length proxy names!

The proxy parser function strips off trailing slashes off the proxy name
which could lead to a mistaken zero length proxy name which would be
treated as no proxy at all by subsequent functions!

This is now detected and an error is returned. Verified by the new test
1329.

Reported by: Chandrakant Bagul
Bug: http://curl.haxx.se/mail/lib-2012-02/0000.html

Kamil Dudka (9 Feb 2012)
- nss: add support for the CURLSSLOPT_ALLOW_BEAST option

... and fix some typos from the 62d15f1 commit.

Daniel Stenberg (9 Feb 2012)
- [Rob Ward brought this change]

configure: don't modify LD_LIBRARY_PATH for cross compiles

- --ssl-allow-beast added

This new option tells curl to not work around a security flaw in the
SSL3 and TLS1.0 protocols. It uses the new libcurl option
CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.

- CURLOPT_SSL_OPTIONS: added

Allow an appliction to set libcurl specific SSL options. The first and
only options supported right now is CURLSSLOPT_ALLOW_BEAST.

It will make libcurl to disable any work-arounds the underlying SSL
library may have to address a known security flaw in the SSL3 and TLS1.0
protocol versions.

This is a reaction to us unconditionally removing that behavior after
this security advisory:

http://curl.haxx.se/docs/adv_20120124B.html

... it did however cause a lot of programs to fail because of old
servers not liking this work-around. Now programs can opt to decrease
the security in order to interoperate with old servers better.

- [Dave Reisner brought this change]

curl: use new library-side TCP_KEEPALIVE options

Use the new library CURLOPT_TCP_KEEPALIVE rather than disabling this via
the sockopt callback. If --keepalive-time is used, apply the value to
CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL.

- [Dave Reisner brought this change]

add library support for tuning TCP_KEEPALIVE

This adds three new options to control the behavior of TCP keepalives:

- CURLOPT_TCP_KEEPALIVE: enable/disable probes
- CURLOPT_TCP_KEEPIDLE: idle time before sending first probe
- CURLOPT_TCP_KEEPINTVL: delay between successive probes

While not all operating systems support the TCP_KEEPIDLE and
TCP_KEEPINTVL knobs, the library will still allow these options to be
set by clients, silently ignoring the values.

- curl_easy_reset: reset the referer string

When CURLOPT_REFERER has been used, curl_easy_reset() did not properly
clear it.

Verified with the new test 598

Bug: http://curl.haxx.se/bug/view.cgi?id=3481551
Reported by: Michael Day

Yang Tse (7 Feb 2012)
- curl tool: allow glob-loops to abort again upon critical errors

This prevents clobbering of non recoverable error return codes while
retaining intended functionality of commit 65103efe

Daniel Stenberg (6 Feb 2012)
- curl tool: don't abort glob-loop due to failures

We want to continue to the next URL to try even on failures returned
from libcurl. This makes -f with ranges still get subsequent URLs even
if occasional ones return error. This was a regression as it used to
work and broke in the 7.23.0 release.

Added test case 1328 to verify the fix.

Bug: http://curl.haxx.se/bug/view.cgi?id=3481223
Reported by: Juan Barreto

- CONNECT: send correct Host: with IPv6 numerical address

When the target host was given as a IPv6 numerical address, it was not
properly put within square brackets for the Host: header in the CONNECT
request. The "normal" request did fine.

Reported by: "zooloo"
Bug: http://curl.haxx.se/bug/view.cgi?id=3482093

- [Martin Storsjo brought this change]

Explicitly link to the nettle/gcrypt libraries

When support for nettle was added in 64f328c787ab, I overlooked
the fact that AC_CHECK_LIB doesn't add the tested lib to LIBS
if the check succeeded, if a custom success code block was present.
(The previous version of the check had an empty block for
successful checks, adding the lib to LIBS implicitly.)

Therefore, explicitly add either nettle or gcrypt to LIBS, after
deciding which one to use. Even if they can be linked in
transitively, it is safer to actually link explicitly to them.

This fixes building with gnutls with linkers that don't allow
linking transitively, such as for windows.

- [Pierre Ynard brought this change]

more resilient connection times among IP addresses

When connecting to a domain with multiple IP addresses, allow different,
decreasing connection timeout values. This should guarantee some
connections attempts with sufficiently long timeouts, while still
providing fallback.

- [Pierre Ynard brought this change]

remove write-only variable

Pierre Joye (26 Jan 2012)
- Merge branch 'master' of github.com:bagder/curl

- - fix IPV6 and IDN options

Yang Tse (25 Jan 2012)
- TODO-RELEASE: added item #308

Daniel Stenberg (25 Jan 2012)
- THANKS: imported contributors from 7.24.0 RELEASE-NOTES

Yang Tse (25 Jan 2012)
- test harness: update stunnel.pem Diffie-Hellman parameters from 512 to 1024 bit

- version: start working on 7.24.1-DEV

Dan Fandrich (24 Jan 2012)
- curl_easy_setopt.3: Fixed SEEKDATA & CLOSESOCKETDATA descriptions


Curl and libcurl 7.25.0

Public curl releases: 127
Command line options: 151
curl_easy_setopt() options: 199
Public functions in libcurl: 58
Known libcurl bindings: 39
Contributors: 929

This release includes the following changes:

o configure: add option disable --libcurl output [1]
o --ssl-allow-beast and CURLOPT_SSL_OPTIONS added [2]
o Added CURLOPT_TCP_KEEPALIVE, CURLOPT_TCP_KEEPIDLE, CURLOPT_TCP_KEEPINTVL [4]
o curl: use new library-side TCP_KEEPALIVE options [5]
o Added a new CURLOPT_MAIL_AUTH option [13]
o Added support for --mail-auth [14]
o --libcurl now also works with -F and more! [15]

This release includes the following bugfixes:

o --max-redirs: allow negative numbers as option value [3]
o parse_proxy: bail out on zero-length proxy names [6]
o configure: don't modify LD_LIBRARY_PATH for cross compiles [7]
o curl_easy_reset: reset the referer string [8]
o curl tool: don't abort glob-loop due to failures [9]
o CONNECT: send correct Host: with IPv6 numerical address [10]
o Explicitly link to the nettle/gcrypt libraries [11]
o more resilient connection times among IP addresses [12]
o winbuild: fix IPV6 and IDN options
o SMTP: Fixed error when using CURLOPT_CONNECT_ONLY
o cyassl: update to CyaSSL 2.0.x API
o smtp: Fixed an issue with the EOB checking
o pop3: Fixed drop of final CRLF in EOB checking [16]
o smtp: Fixed an issue with writing postdata
o smtp: Added support for returning SMTP response codes
o CONNECT: fix ipv6 address in the Request-Line [17]
o curl-config: only provide libraries with --libs
o LWIP: don't consider HAVE_ERRNO_H to be winsock [19]
o ssh: tunnel through HTTP proxy if requested
o cookies: strip off [brackets] from numerical ipv6 host names [20]
o libcurl docs: version corrections [18]
o cmake: list_spaces_append_once failure [22]
o resolve with c-ares: don't resolve IPv6 when not working [21]
o smtp: changed error code for EHLO and HELO responses
o parsedate: fix a numeric overflow

This release includes the following known bugs:

o see docs/KNOWN_BUGS http://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

Colin Hogben, Alessandro Ghedini, Kamil Dudka, Rob Ward, Dave Reisner,
Martin Storsjo, Pierre Ynard, Pierre Joye, Yang Tse, Dan Fandrich,
Michael Day, Juan Barreto, Chandrakant Bagul, Steve Holme, Todd Ouska,
Rich Gray, John Joseph Bachir, Armel Asselin, Andrei Cipu,
Maxim Prohorov

Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

[1] = http://curl.haxx.se/mail/lib-2012-02/0009.html
[2] = http://curl.haxx.se/mail/lib-2012-02/0001.html
[3] = http://curl.haxx.se/mail/lib-2012-02/0098.html
[4] = http://curl.haxx.se/mail/lib-2012-01/0264.html
[5] = http://curl.haxx.se/mail/lib-2012-01/0263.html
[6] = http://curl.haxx.se/mail/lib-2012-02/0000.html
[7] = http://curl.haxx.se/mail/lib-2012-02/0052.html
[8] = http://curl.haxx.se/bug/view.cgi?id=3481551
[9] = http://curl.haxx.se/bug/view.cgi?id=3481223
[10] = http://curl.haxx.se/bug/view.cgi?id=3482093
[11] = http://curl.haxx.se/mail/lib-2012-01/0303.html
[12] = http://curl.haxx.se/mail/lib-2012-01/0190.html
[13] = http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTMAILAUTH
[14] = http://curl.haxx.se/docs/manpage.html#--mail-auth
[15] = http://curl.haxx.se/docs/manpage.html#--libcurl
[16] = http://curl.haxx.se/mail/lib-2012-02/0051.html
[17] = http://curl.haxx.se/bug/view.cgi?id=3493129
[18] = http://curl.haxx.se/bug/view.cgi?id=3494091
[19] = http://curl.haxx.se/mail/lib-2012-03/0046.html
[20] = http://curl.haxx.se/mail/lib-2012-03/0036.html
[21] = http://curl.haxx.se/mail/lib-2012-03/0045.html
[22] = http://curl.haxx.se/bug/view.cgi?id=3494968

----
こがよういちろう


投稿者 xml-rpc : 2012年3月27日 09:55
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/109134
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。