Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
the maximum size of the connection cache maximum size of the multi handle.

When working with a problem Stefan Becker had, I found an off-by-one buffer
overwrite in Curl_select(). While fixing it, I also improved its performance
somewhat by changing calloc to malloc

When working with a problem Stefan Becker had, I found an off-by-one buffer
overwrite in Curl_select(). While fixing it, I also improved its performance
somewhat by changing calloc to malloc and breaking out of a loop earlier
(when possible).

show more ...

Rob Crittenden fixed bug #1705802
(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS

Rob Crittenden fixed bug #1705802
(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.

show more ...

Andre Guibert de Bruet fixed a memory leak when PKCS #12 parsing failed

Andre Guibert de Bruet fixed a memory leak in the function that verifies the
peer's name in the SSL certificate when built for OpenSSL. The leak happens
for libcurls with CURL_DOES_CONVERSION

Andre Guibert de Bruet fixed a memory leak in the function that verifies the
peer's name in the SSL certificate when built for OpenSSL. The leak happens
for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
name from UTF8.

show more ...

Feng Tu reported that curl -w did wrong on TFTP transfers in
bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
transfer-related info "variables" were indeed overwritt

Feng Tu reported that curl -w did wrong on TFTP transfers in
bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
transfer-related info "variables" were indeed overwritten with zeroes wrongly
and have now been adjusted. The upload size still isn't accurate.

show more ...

Feng Tu pointed out a division by zero error in the TFTP connect timeout
code for timeouts less than fice seconds, and also provided a fix for it.

Added support for quote commands before a transfer using SFTP and test
case 614.
Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.

Kristian Gunstone fixed a problem where overwriting an uploaded file with
sftp didn't truncate it first, which would corrupt the file if the new
file was shorter than the old.

James Bursa fixed a bug in the multi handle code that made the connection
cache grow a bit too much, beyond the normal 4 * easy_handles.

Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
not very nice if the client wants to be a

Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
not very nice if the client wants to be able to use _either_ a HTTP 1.1
server or one within the aliases list... so starting now, libcurl will
simply consider 200-alias matches the to be HTTP 1.0 compliant.

show more ...

Tobias Rundstrom reported a problem they experienced with xmms2 and recent
libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
responses without Content-Length or chunke

Tobias Rundstrom reported a problem they experienced with xmms2 and recent
libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
responses without Content-Length or chunked encoding as without bodies. We
now added the conditional that the above mentioned response is only without
body if the response is HTTP 1.1.

show more ...

- Jeff Pohlmeyer improved the hiperfifo.c example to use the
CURLMOPT_TIMERFUNCTION callback option.

- Set the timeout for easy handles to expire really soon after addition or
when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
to make applications using only curl_

- Set the timeout for easy handles to expire really soon after addition or
when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
to make applications using only curl_multi_socket() to properly function
when adding easy handles "on the fly". Bug report and test app provided by
Michael Wallner.

show more ...

Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
since it then inits libgcrypt and libgcrypt is being evil and EXITS the
application if it fails to get a fine random

Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
since it then inits libgcrypt and libgcrypt is being evil and EXITS the
application if it fails to get a fine random seed. That's really not a nice
thing to do by a library.

show more ...

Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
been removed from a multi handle, and then fixed another flaw that prevented
curl_easy_duphandle() to work even after the

Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
been removed from a multi handle, and then fixed another flaw that prevented
curl_easy_duphandle() to work even after the first fix - the handle was
still marked as using the multi interface.

show more ...

Peter O'Gorman found a problem with SCP downloads when the downloaded file
was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
out" all data from libssh2. The effect bei

Peter O'Gorman found a problem with SCP downloads when the downloaded file
was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
out" all data from libssh2. The effect being that libcurl would hang on the
socket waiting for data when libssh2 had in fact already read it all...

show more ...

Sonia Subramanian brought our attention to a problem that happens if you set
the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
in the connection cache is closed to m

Sonia Subramanian brought our attention to a problem that happens if you set
the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
in the connection cache is closed to make room for the new one when you call
curl_easy_perform(). It would then wrongly free range-related data in the
connection close funtion.

show more ...

Steve Little's fixes to allow compilation on VMS 64-bit mode

Robert Iakobashvili made the 'master_buffer' get allocated first once it is
can/will be used as it then makes the common cases save 16KB of data for each
easy handle that isn't used for pipel

Robert Iakobashvili made the 'master_buffer' get allocated first once it is
can/will be used as it then makes the common cases save 16KB of data for each
easy handle that isn't used for pipelining.

show more ...

configure fix and new mirror

Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675)
identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to
free NULL credentials on closedown

Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675)
identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to
free NULL credentials on closedown after a failure and a bad #ifdef for NSS
when closing down SSL.

show more ...

- Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
with a zero timeout or a timeout value in

- Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
with a zero timeout or a timeout value indicating a blocking call should
be performed.

These unnecessary calls to gettimeofday() got introduced in 7.16.2 when
fixing 'timeout would restart when signal caught while awaiting socket
events' on 20 March 2007.

- Move some loop breaking logic from the while clause into the loop,
avoiding compiler warning 'assignment within conditional expression'

show more ...

- James Housley made SFTP uploads use libssh2's non-blocking API (if available)

- Prevent the internal progress meter from updating more frequently than once
per second.