X-Git-Url: http://sjero.net/git/?a=blobdiff_plain;f=NEWS;h=a23ce4f8aa8a2828acdac5ac87e1bd86fe65c053;hb=462e643a7e31676eceda23e634241f7b4d2cd7bb;hp=ca793717e325fcd498fdae677b86e60b2c156822;hpb=e815fe81a05f6cec2a684b10567f116e4d721689;p=wget diff --git a/NEWS b/NEWS index ca793717..a23ce4f8 100644 --- a/NEWS +++ b/NEWS @@ -1,33 +1,94 @@ GNU Wget NEWS -- history of user-visible changes. -Copyright (C) 2005 Free Software Foundation, Inc. +Copyright (C) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, +2006, 2007 Free Software Foundation, Inc. See the end for copying conditions. Please send GNU Wget bug reports to . -* Changes in Wget 1.10. +* Changes in Wget (MAINLINE). + +** Gnulib is now used to provide code for certain portability aspects in +GNU Wget. -** Wget now supports the --ftp-user and --ftp-password command switches to set -username and password for FTP, and the --user and --password command switches -to set username and password for both FTP and HTTP. The --http-passwd and ---proxy-passwd command switches have been renamed to --http-password and ---proxy-password respectively, and the related http_passwd and proxy_passwd -.wgetrc commands to http_password and proxy_password respectively. The -login and passwd .wgetrc commands have been deprecated. +** Wget uses Automake now as part of its build infrastructure. + +* Changes in Wget 1.11. + +** The source code has been migrated to Mercurial. The repositories are +available at http://hg.addictivecode.org/. Prior to this, the source +code was hosted on Subversion (migrated from the original CVS); you can +still get access to older tags and branches for Wget in the Subversion +repository at http://addictivecode.org/svn/wget/. + +** PATCH file removed; see http://wget.addictivecode.org/PatchGuidelines +for current information about producing patches for GNU Wget. + +** TODO file removed: we use a bugtracker now; see +http://wget.addictivecode.org/BugTracker. Also, +http://wget.addictivecode.org/FeatureSpecifications. + +** Timestamping now uses the value from the most recent HTTP response, +rather than the first one it got. + +** configure.in now requires autoconf >= 2.61, rather than 2.59. + +** Authentication information is no longer sent as part of the Referer +header in recursive fetches. + +** No authentication credentials are sent until a challenge is issued, +for improved security. Authentication handling is still not +RFC-compliant, as once a Basic challenge has been received, it will +assume it can send credentials to any URL at that same host, and not +just the ones at or below the original authenticated location. +Credentials for Digest authentication are still never saved or issued +automatically, and continue to require a challenge for each resource. + +** Added --max-redirect option, allowing the user to specify what should +be the maximum number of HTTP redirects to follow. + +** Wget now saves HTTP downloads using file names specified by the +`Content-Disposition' header. This is a standard way of specifying the +file name used by many web dynamically generated pages. For the time +being, Content-Disposition is not used by default, to avoid the extra +round-trips incurred (must specify "-e contentdisposition=yes"); this +may change in a future version. NOTE: This functionality is currently +considered "experimental", and may not be fully functional. + +** The GnuTLS library is now also experimentally supported for https +downloads. This is still work-in-progress. OpenSSL is still used by +default; use --with-ssl=gnutls to build with GnuTLS. OpenSSL is still +required for NTLM authorization to work, but this should eventually +change. NOTE: Certificate verification is _not_ currently supported: +this means that you can currently only use GnuTLS to encrypt +connections, but _not_ to verify that a host is who it claims to be. Use +of OpenSSL is suggested until this missing feature is implemented. + +** The new option `--ignore-case' makes Wget ignore case when +matching files, directories, and wildcards. This affects the -X, -I, +-A, and -R options, as well as globbing in FTP URLs. + +** ETA projection is now displayed in "dot" progress output as well as +in the default progress bar. (The dot progress is used by default when +logging Wget's output to file using the `-o' option.) + +** The "lockable boolean" argument type is no longer supported. It +was only used by the passive_ftp .wgetrc setting. If you're running +broken scripts or Perl modules that unconditionally specify +`--passive-ftp' and your firewall disallows it, you can override them +by replacing wget with a script that execs wget "$@" --no-passive-ftp. + +* Changes in Wget 1.10. -** Downloading files greater than 2GB, also known as "large files", -now works on systems that support them. This includes most modern -Unix variants, as well as Windows. +** Downloading files larger than 2GB, sometimes referred to as "large +files", now works on systems that support them. This includes the +majority of modern Unixes, as well as MS Windows. ** IPv6 is now supported by Wget. Unlike the experimental code in -1.9, this version has no problems with dual-family systems. The new -flags `--inet4' and `--inet6' (or `-4' and `-6' for short) force the -use of IPv4 and IPv6 respectively. Unfortunately the IPv6 support -still does not work on Windows. - -** Talking to SSL servers over proxies now actually works. Previous -versions of Wget erroneously sent GET requests for SSL URLs. Wget -1.10 utilizes the CONNECT method designed for this purpose. +1.9, this version supports dual-family systems. The new flags +`--inet4' and `--inet6' (or `-4' and `-6' for short) force the use of +IPv4 and IPv6 respectively. Note that IPv6 support has not yet been +tested on Windows. ** Microsoft's proprietary "NTLM" method of HTTP authentication is now supported. This authentication method is undocumented and only used @@ -42,6 +103,37 @@ the file. That way the downloaded file never shrinks, and download retries from servers without support for partial downloads work even when downloading to stdout. +** SSL/TLS changes: + +*** SSL/TLS downloads now attempt to verify the server's certificate +against the recognized certificate authorities. This requires CA +certificates to have been installed in a location visible to the +OpenSSL library. If this is not the case, you can get the bundle +yourself from a source you trust (for example, the bundle extracted +from Mozilla available at http://curl.haxx.se/docs/caextract.html), +and point Wget to the PEM file using the `--ca-certificate' +command-line option or the corresponding `.wgetrc' command. + +*** Secure downloads now verify that the host name in the URL matches +the "common name" in the certificate presented by the server. + +*** Although the above checks provide more secure downloads, they +unavoidably break interoperability with some sites that worked with +previous versions, particularly those using self-signed, expired, or +otherwise invalid certificates. If you encounter "certificate +verification" errors or complaints that "common name doesn't match +requested host name" and are convinced of the site's authenticity, you +can use `--no-check-certificate' to bypass both checks. + +*** Talking to SSL/TLS servers over proxies now actually works. +Previous versions of Wget erroneously sent GET requests for https +URLs. Wget 1.10 utilizes the CONNECT method designed for this +purpose. + +*** The SSL/TLS-related options have been redesigned and, for the +first time, documented in the manual. The old, undocumented, options +are no longer supported. + ** Passive FTP is now the default FTP transfer mode. Use `--no-passive-ftp' or specify `passive_ftp = off' in your init file to revert to the old behavior. @@ -68,12 +160,12 @@ be used to revert to the old behavior. ** The new option `--protocol-directories' instructs Wget to also use the protocol name as a directory component of local file names. -** Many options that previously unconditionally set or unset various -flags are now boolean options that can be invoked as either `--OPTION' -or `--no-OPTION'. Options that required an argument "on" or "off" -have also been changed this way, but they still accept the old syntax -for backward compatibility. For example, instead of `--glob=off' you -can write `--no-glob'. +** Options that previously unconditionally set or unset various flags +are now boolean options that can be invoked as either `--OPTION' or +`--no-OPTION'. Options that required an argument "on" or "off" have +also been changed this way, but they still accept the old syntax for +backward compatibility. For example, instead of `--glob=off' you can +write `--no-glob'. Allowing `--no-OPTION' for every `--OPTION' and the other way around is useful because it allows the user to override non-default behavior @@ -81,11 +173,20 @@ specified via `.wgetrc'. ** The new option `--keep-session-cookies' causes `--save-cookies' to save session cookies (normally only kept in memory) along with the -permanent ones. Many sites track important information, such as -whether the user has authenticated, using session cookies. Using this -option option allows multiple Wget runs to be treated as a single +permanent ones. This is useful because many sites track important +information, such as whether the user has authenticated, in session +cookies. With this option multiple Wget runs are treated as a single browser session. +** Wget now supports the --ftp-user and --ftp-password command +switches to set username and password for FTP, and the --user and +--password command switches to set username and password for both FTP +and HTTP. The --http-passwd and --proxy-passwd command switches have +been renamed to --http-password and --proxy-password respectively, and +the related http_passwd and proxy_passwd .wgetrc commands to +http_password and proxy_password respectively. The login and passwd +.wgetrc commands have been deprecated. + * `wget -b' now works correctly under Windows. * Wget 1.9.1 is a bugfix release with no user-visible changes. @@ -116,7 +217,7 @@ log on to the proxy as "username@host". even in the face of refused connections, which are otherwise considered a fatal error. -** The new option `--dns-cache=off' may be used to prevent Wget from +** The new option `--no-dns-cache' may be used to prevent Wget from caching DNS lookups. ** Wget no longer escapes characters in local file names based on @@ -521,7 +622,7 @@ geturl -vo log http://fly.cc.fer.hr/ ---------------------------------------------------------------------- Copyright information: -Copyright (C) 2005 Free Software Foundation, Inc. +Copyright (C) 1997-2005 Free Software Foundation, Inc. Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that