+2005-05-12 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (rewrite_shorthand_url): Don't rewrite "https://host" to
+ "ftp://https//host" when SSL is not used.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_check_server_identity): Renamed to
+ ssl_check_certificate because it does more than just checking the
+ server's identity.
+ (ssl_check_certificate): Tell the user about
+ --no-check-certificate.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_init): Always use SSL_VERIFY_NONE, so that the
+ handshake finishes even if the certificate is invalid. That way
+ ssl_check_server_identity can provide better diagnostics on why
+ the verification failed.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (pattern_match): New function.
+ (ssl_check_server_identity): Treat peer certificate common name as
+ wildcard.
+
+2005-05-10 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_check_server_identity): Print certificate subject
+ and issuer.
+
+2005-05-10 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * res.c (res_register_specs): Correctly pass pointers to
+ hash_table_get_pair.
+
+2005-05-10 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Call ssl_check_server_identity.
+
+ * openssl.c (ssl_check_server_identity): New function, verifies
+ that the host name in the certificate matches the actual host
+ name.
+ (verify_cert_callback): Removed, since it didn't do anything
+ except returning the preverify_ok argument.
+
+ * connect.c (fd_transport_context): Allow retrieval of the context
+ pointer registered with fd_register_transport.
+
+2005-05-09 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (verify_cert_callback): Renamed from verify_callback.
+ Always return the received "ok" value. Print the X509 name in
+ debug mode.
+ (ssl_init): Enable partial writes in SSL context.
+
+2005-05-08 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (http_loop): Check for wildcards in the URL path
+ component, not in the whole URL.
+
+ * ftp.c (ftp_loop): Check for wildcards in URL path before
+ unescaping, so the users can escape globbing metacharacters with %
+ escapes.
+
+2005-05-08 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c (run_command): Correctly interpret the return value of
+ parse_line.
+ (commands): Re-alphabetize.
+
+2005-05-08 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * netrc.c (parse_netrc): Explicitly check for assignment != NULL
+ to silence warning from Borland C.
+
+ * url.c (sync_path): Don't unnecessarily increment p.
+ (url_parse): Don't unnecessarily set url_encode to NULL just
+ prior to return from the function.
+
+2005-05-08 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * log.c (escnonprint_internal): Place variable declarations
+ before other statements.
+
+2005-05-08 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * html-url.c: Include recur.h.
+
+ * http.c (request_new): Define as accepting no args.
+
+2005-05-07 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (strpbrk_or_eos): Made inline. Use strchr(s, '\0') for
+ finding the NUL char position.
+
+2005-05-07 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (decide_copy_method): Renamed to char_needs_escaping.
+ Since it now returns only two possible values, change it to return
+ boolean (int).
+
+2005-05-07 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ftp-basic.c (ftp_request): Prevent newlines in VALUE causing
+ inadvertent sending of multiple FTP commands.
+
+2005-05-07 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (decide_copy_method): Never cause reencode_escapes to
+ decode % escapes; it is too intrusive and breaks some servers.
+
+2005-05-07 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): When tunnelling SSL traffic over proxy with
+ CONNECT, we're really talking to the remote server directly.
+ Because of this, the request-line argument must be the URL path
+ rather than the whole URL, as it would be when using regular
+ proxies.
+ Reported by Charles Lane.
+
+2005-05-06 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c (cmd_spec_useragent): Allow empty User-Agent.
+
+ * http.c (gethttp): Don't print "unknown authentication scheme"
+ for failed Basic authentication.
+ (SET_USER_AGENT): Don't set user-agent if opt.useragent is empty.
+ (gethttp): Use alloca for allocation of www_authenticate.
+
+2005-05-06 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (print_help): Fix wording of --secure-protocol help text.
+
+2005-05-06 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cmpt.c (strstr): Updated from glibc 2.3.5.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (http_atotm): Zero out the whole struct tm being passed
+ to strptime.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (main): Propagate option name to setoptval.
+
+ * init.c (setoptval): Accept another argument, OPTNAME. Propagate
+ that argument as the option name independently of the actual
+ command, determined by command_by_name(com).
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c (parse_line): Make the return value indicate whether
+ there was a syntax error or a setter failed.
+ (run_wgetrc): Return an indication on whether an error has been
+ encountered.
+ (initialize): Abort if there have been errors running either
+ .wgetrc file.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * log.c (copy_and_escape): Slightly reduce code repetition between
+ the two loops.
+
+2005-05-05 Charles C.Fu <ccwf@bacchus.com>
+
+ * utils.c (proclist): Strip leading slash when calling fnmatch
+ too, otherwise wildcard comparisons always fail.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (touch): Set access time to current time.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (url_unescape): Don't unescape %00, it effectively
+ truncates the string.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * log.c (copy_and_escape): Replace the FOR_URI argument with a
+ slightly more general mechanism for specifying different kinds of
+ escape.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ftp-basic.c (ftp_response): Fix printing FTP server response.
+
+2005-05-05 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * retr.c (limit_bandwidth_reset): Reset sleep_adjust.
+ (limit_bandwidth): Don't allow huge "adjustment" values that
+ result from being suspended for a while.
+
+2005-05-04 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * wget.h: If gettext was found but libtintl.h wasn't, declare
+ gettext's return type to avoid type mismatches.
+
+2005-05-03 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (url_parse): Rename label `error' to avoid conflict with
+ identifier.
+
+ * retr.c (fd_read_body): Rename label `out' to avoid conflict with
+ identifier.
+ (fd_read_hunk): Use explicit double constant.
+ (retrieve_from_file): Don't use string concatenation.
+ (sleep_between_retrievals): Make sure xsleep is called with a
+ `double' argument.
+ (no_proxy_match): Define as static, like it is declared.
+
+ * progress.c (bar_create): Use 0.0 instead of 0 because K&R
+ compilers can't automatically promote it.
+
+ * http-ntlm.c (ntlm_output): Replace \xHH sequences with \OOO for
+ the sake of old compilers.
+
+ * ftp.c (ftp_loop_internal): Don't use string concatenation.
+
+ * http.c (request_send): Use explicit double constants when
+ calling fd_read and fd_write.
+ (post_file): Ditto.
+ (gethttp): Ditto.
+ (skip_short_body): Ditto.
+
+ * ftp-basic.c: When calling fd_write, specify the last argument as
+ a `double' constant for the sake of K&R compilers which don't see
+ the prototype and therefore can't promote it to double
+ automatically.
+
+ * cookies.c (cookie_jar_load): Rename abort label to abort_cookie
+ to avoid name conflict in K&R compilers.
+
+2005-04-29 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ptimer.c (posix_init): Since we allow _POSIX_MONOTONIC_CLOCK==0,
+ it is not enough to check for _POSIX_MONOTONIC_CLOCK-0, we must
+ also check for defined(_POSIX_MONOTONIC_CLOCK).
+
+2005-04-28 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ftp.c, hash.c, connect.c, host.c, http.c: Remove unreached code,
+ such as "break" following return or abort.
+
+2005-04-28 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c (commands): Wrap the use of opt.random_file in #ifdef
+ HAVE_SSL.
+
+2005-04-28 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Correctly set the user agent.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c (cmd_spec_useragent): Free the old value of
+ opt.useragent before setting the new one.
+
+2005-04-27 Mauro Tortonesi <mauro@ferrara.linux.it>
+
+ * main.c: Map --ftp-password, --http-password and --proxy-password to
+ the new ftppassword, httppassword and proxypassword commands
+ respectively. Document the --user and --password options in the help
+ string.
+
+2005-04-27 Mauro Tortonesi <mauro@ferrara.linux.it>
+
+ * ftp.c: Add support for --user and --password.
+
+ * http.c: Add support for --user and --password.
+
+ * init.c: Deprecated ftppasswd, httppasswd, login, passwd and
+ proxypasswd commands. Added ftppassword, ftpuser, httppassword,
+ password, proxypassword and user commands.
+
+ * main.c: Renamed --ftp-passwd to --ftp-password. Added --ftp-user,
+ --http-password, --password, --proxy-password and --user. Deprecated
+ --http-passwd and --proxy-passwd. Added documentation for new options
+ and removed documentation for deprecated options in the help string.
+
+ * options.h (struct options): Added user and passwd members to handle
+ --user and --password respectively. Renamed ftp_acc and ftp_pass
+ members to ftp_user and ftp_passwd for consistency.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (print_help): Advertise "DER", not "ASN1".
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (init_prng): Disable the weak random seed by default.
+
+ * http.c (gethttp): Simplify SSL initialization; disable SSL when
+ anything goes wrong with the initialization.
+
+ * options.h (struct options): New option opt.random_file.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Wrap private key commands in IF_SSL.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_init): Ditto.
+
+ * options.h (struct options): Allow separate specification of key
+ type and certificate type.
+
+ * init.c (cmd_spec_cert_type): Provide a "der" synonym for "asn1"
+ certificate encoding.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c: Renamed "gen_sslfunc.c" to "openssl.c" and
+ "gen_sslfunc.h" to "openssl.h". This reflects the intent of
+ openssl.c encapsulating the OpenSSL-specific code.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Renamed "closure" (a synonym for context in some
+ cultures) to "place", which more accurately reflects the usage.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_init): Use default locations for loading the
+ certificate bundles.
+ (ssl_init_prng): Disable the cryptographically weak PRNG
+ initialization fallback.
+
+ * init.c: Renamed SSL command-line arguments and wgetrc commands.
+ (defaults): Check the server certificate by default.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cookies.c (cookie_handle_set_cookie): Delete the part of the
+ path after the trailing slash.
+
+ * http.c (gethttp): Call cookie_handle_set_cookie with path that
+ begins with '/'.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Call skip_short_body only if keep_alive is in
+ use.
+ (gethttp): Send the User-Agent header with the CONNECT request as
+ well.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Removed support for the undocumented flag
+ --use-proxy.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Don't treat -Y as a boolean switch; treat
+ it as a value switch instead, so "-Y off" continues to work.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (aprintf): Delete unreachable statement.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * host.c (cmp_prefer_ipv4): New function.
+ (cmp_prefer_ipv6): New function.
+ (lookup_host): Use the appropriate comparator according to
+ opt.prefer_family.
+
+ * init.c: New option prefer_family.
+
+ * host.c (is_valid_ipv6_address): Spell NS_* constants in lower
+ case to avoid clash with system headers.
+ (lookup_host): Reorder the addresses so that IPv4 ones come first.
+
+ * utils.c (stable_sort): New function.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * connect.c (retryable_socket_connect_error): Return 0 for
+ ENETUNREACH and EHOSTUNREACH.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cmpt.c: Reenable the memmove implementation for systems that
+ lack it.
+
+ * http.c (gethttp): Store the "authorized" state of the persistent
+ connection.
+ (request_remove_header): New function.
+ (gethttp): Don't send the "Basic" authentication if the connection
+ is already authorized.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (base64_encode): Treat input as unsigned chars.
+ Required for correct encoding of binary stuff.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http-ntlm.c: Format the function definitions in an
+ ansi2knr-friendly fashion.
+
+2005-04-22 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Handle multiple WWW-Authentication headers,
+ only one of which is recognized. Those are sent by IIS with NTLM
+ authorization.
+ (create_authorization_line): Propagate information whether
+ authorization is finished.
+ (gethttp): Only stop authorization when it's really finished, not
+ after fixed two steps.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_init): Fix warning message text; mark the
+ message as translatable.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (print_help): Print the EGD option outside the cluster of
+ SSL options.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http-ntlm.c (ntlm_output): Fix setting the domain.
+ Suggested by Sami Krank.
+
+2005-04-20 Mauro Tortonesi <mauro@ferrara.linux.it>
+
+ * connect.c: Set IPV6_V6ONLY socket option when -6 switch is used.
+
+2005-04-20 FUJISHIMA Satsuki <sf@FreeBSD.org>
+
+ * http.c (request_set_header): Fix the check whether a new header
+ needs to be allocated.
+
+2005-04-18 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (base64_encode): Use the parameter order that makes more
+ sense. Return the length of the base64 written. Updated all
+ callers.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (request_set_header): Free NAME when VALUE is NULL and
+ freeing the header name is requested.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * snprintf.c (fmtstr): Declare VALUE as const char *.
+ Based on patch by Russ Allbery.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * snprintf.c (fmtfp): More correct handling of significant digit
+ count with %g -- 0.002 has one significant digit, not three.
+
+2005-04-16 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * retr.c (fd_read_body): Respect read timeout with non-interactive
+ or no progress gauge -- treat ETIMEDOUT specially only when
+ progress_interactive.
+ Reported by FUJISHIMA Satsuki.
+
+2005-04-16 FUJISHIMA Satsuki <sf@FreeBSD.org>
+
+ * http.c (gethttp): Don't use HTTP/1.0 persistent connections over
+ proxy.
+
+2005-04-16 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * snprintf.c: Use the PARAMS macro to handle prototypes. Write
+ function definitions in the ansi2knr-friendly way.
+ (fmtstr): If string precision is specified, don't read VALUE past
+ it.
+ (dopr): Actually print %g and %e formats.
+ (fmtfp): Fix a bug that caused 0.01 to be printed as 0.1.
+ (fmtfp): Use LLONG in floating point conversions to be able to
+ convert more digits.
+ (fmtfp): Interpret precision as number of significant digits with
+ %g.
+ (fmtfp): Omit trailing decimal zeros with %g.
+
+ * snprintf.c: Don't include <ctype.h> because none of it is used.
+ Include strings.h/string.h, as per Autoconf.
+
+2005-04-15 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ptimer.c: Use _POSIX_TIMERS - 0 > 0, which handles the case when
+ _POSIX_TIMERS is defined but empty, as well as the case when it is
+ undefined. Do the same with the check for _POSIX_MONOTONIC_CLOCK.
+ Suggested by Larry Jones.
+
+2005-04-15 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * ptimer.c: Check that _POSIX_TIMERS is defined as well as > 0.
+ Problem reported by Steven M. Schweda.
+
+2005-04-14 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (skip_short_body): Print the skipped body data in debug
+ mode.
+ (skip_short_body): Don't skip more than 4k of body data.
+ (skip_short_body): Return whether the skipping was successful.
+ (gethttp): If skip_short_body failed, invalidate the connection.
+
+2005-04-12 Gisle Vanem <giva@bgnett.no>
+
+ * ftp.c (getftp): Ditto.
+
+ * http.c (gethttp): Open the output file in binary mode.
+
+2005-04-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * hash.c: Conditionalize including config.h on HAVE_CONFIG_H
+ instead of on STANDALONE.
+
+2005-04-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_print_errors): Made static.
+ (ssl_print_errors): Eliminate potentially dangerous fixed-size
+ error buffer. Passing NULL to ERR_error_string causes it to use
+ its own static buffer, which is fine for our purposes.
+
+ * gen_sslfunc.c: Include gen_sslfunc.h. Make the declarations of
+ ssl_init and ssl_conect match the actual definitions.
+ (ssl_connect): Simply return a boolean, the SSL context is no
+ longer useful as a return value.
+
+ * retr.c: Don't include SSL headers; we don't need them.
+
2005-04-11 Hrvoje Niksic <hniksic@xemacs.org>
* config-post.h: Don't define _VA_LIST under Solaris; it breaks
projects / wget / blobdiff