Commits on Aug 12, 2009
  1. 7.19.6

    bagder committed Aug 12, 2009
  2. - Carsten Lange reported a bug and provided a patch for TFTP upload a…

    …nd the
      sending of the TSIZE option. I don't like fixing bugs just hours before
      a release, but since it was broken and the patch fixes this for him I decided
      to get it in anyway.
    bagder committed Aug 12, 2009
  3. pasted here (and renumbered) from the TODO-RELEASE since they are in …

    bugs we know about that will appear in the next release (too)
    bagder committed Aug 12, 2009
Commits on Aug 11, 2009
  1. - Peter Sylvester made the HTTPS test server use specific certificate…

    …s for
      each test, so that the test suite can now be used to actually test the
      verification of cert names etc. This made an error show up in the OpenSSL-
      specific code where it would attempt to match the CN field even if a
      subjectAltName exists that doesn't match. This is now fixed and verified
      in test 311.
    bagder committed Aug 11, 2009
  2. credit

    bagder committed Aug 11, 2009
  3. - Benbuck Nason posted the bug report #2835196

      (, fixing a few compiler
      warnings when mixing ints and bools.
    bagder committed Aug 11, 2009
  4. Include the Android make file in the source package even though the

    config.h issue hasn't been completely solved.  This will save some effort
    for someone desperate to use curl on Android.
    dfandrich committed Aug 11, 2009

    Fix OS400 makefile for tests to use the new in libtest
    Update the OS400 wrappers and RPG binding according to the current CVS source state
    Patrick Monnerat committed Aug 11, 2009
  6. Added links to more details on most issues. Moved all these issues to…

    … 7.19.7
    now since we won't manage to get them done for 7.19.6.
    bagder committed Aug 11, 2009
Commits on Aug 9, 2009
Commits on Aug 7, 2009
  1. fix cast for some systems which are broken due to absense of socklen_…

    …t, therefore now use curl_socklen_t.
    gknauf committed Aug 7, 2009
Commits on Aug 6, 2009
  1. cast to fix 64bit build warnings. From manpage:

    POSIX.1-2001. Note that RFC 2553 defines a prototype where the last parameter cnt is of type size_t.
    Many systems follow RFC 2553. Glibc 2.0 and 2.1 have size_t, but 2.2 has socklen_t.
    gknauf committed Aug 6, 2009
Commits on Aug 4, 2009
  1. RFC1867 was updated by RFC2388

    bagder committed Aug 4, 2009
Commits on Aug 3, 2009
  1. Fix bad sentence.

    Gisle Vanem committed Aug 3, 2009
  2. - Timo Teras changed the reason code used in the resolve callback don…

    …e when
      ares_cancel() is used, to be ARES_ECANCELLED instead of ARES_ETIMEOUT to
      better allow the callback to know what's happening.
    bagder committed Aug 3, 2009
  3. 256 - "More questions about ares behavior"

    yet another issue not yet sorted out
    bagder committed Aug 3, 2009
  4. indentation fixes only

    bagder committed Aug 3, 2009
  5. - Joshua Kwan fixed the init routine to fill in the defaults for stuf…

    …f that
      fails to get inited by other means. This fixes a case of when the c-ares
      init fails when internet access is fone.
    bagder committed Aug 3, 2009
  6. Reverted the zero-byte-in-name check to instead rely on the fact that…

    … strlen
    and the name length differ in those cases and thus leave the matching function
    unmodified from before, as the matching functions never have to bother with
    the zero bytes in legitimate cases. Peter Sylvester helped me realize that
    this fix is slightly better as it leaves more code unmodified and makes the
    detection a bit more obvious in the code.
    bagder committed Aug 3, 2009
Commits on Aug 2, 2009
  1. Extended my embedded-zero-in-cert-name fix based on a comment from Scott

    Cantor. My previous attempt was half-baked and didn't cover the normal CN
    bagder committed Aug 2, 2009
Commits on Aug 1, 2009
  1. - Curt Bogmine reported a problem with SNI enabled on a particular se…

    …rver. We
      should introduce an option to disable SNI, but as we're in feature freeze
      now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
      shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
      Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
      option for SNI, or are we simply not using it?
    bagder committed Aug 1, 2009
  2. - Scott Cantor posted the bug report #2829955

      ( mentioning the recent SSL cert
      verification flaw found and exploited by Moxie Marlinspike. The presentation
      he did at Black Hat is available here:
      Apparently at least one CA allowed a subjectAltName or CN that contain a
      zero byte, and thus clients that assumed they would never have zero bytes
      were exploited to OK a certificate that didn't actually match the site. Like
      if the name in the cert was "\", libcurl would
      happily verify that cert for
      libcurl now better use the length of the extracted name, not assuming it is
      zero terminated.
    bagder committed Aug 1, 2009
  3. - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (pr…

      only in some OpenSSL installs - like on Windows) isn't thread-safe and we
      agreed that moving it to the global_init() function is a decent way to deal
      with this situation.
    bagder committed Aug 1, 2009
  4. - Alexander Beedie provided the patch for a noproxy problem: If I hav…

    …e set
      CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
      could still end up using a proxy if a proxy environment variable was set.
    bagder committed Aug 1, 2009
  5. updated with recent issues

    bagder committed Aug 1, 2009