+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (init_prng): Disable the weak random seed by default.
+
+ * http.c (gethttp): Simplify SSL initialization; disable SSL when
+ anything goes wrong with the initialization.
+
+ * options.h (struct options): New option opt.random_file.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Wrap private key commands in IF_SSL.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_init): Ditto.
+
+ * options.h (struct options): Allow separate specification of key
+ type and certificate type.
+
+ * init.c (cmd_spec_cert_type): Provide a "der" synonym for "asn1"
+ certificate encoding.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c: Renamed "gen_sslfunc.c" to "openssl.c" and
+ "gen_sslfunc.h" to "openssl.h". This reflects the intent of
+ openssl.c encapsulating the OpenSSL-specific code.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Renamed "closure" (a synonym for context in some
+ cultures) to "place", which more accurately reflects the usage.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_init): Use default locations for loading the
+ certificate bundles.
+ (ssl_init_prng): Disable the cryptographically weak PRNG
+ initialization fallback.
+
+ * init.c: Renamed SSL command-line arguments and wgetrc commands.
+ (defaults): Check the server certificate by default.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cookies.c (cookie_handle_set_cookie): Delete the part of the
+ path after the trailing slash.
+
+ * http.c (gethttp): Call cookie_handle_set_cookie with path that
+ begins with '/'.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Call skip_short_body only if keep_alive is in
+ use.
+ (gethttp): Send the User-Agent header with the CONNECT request as
+ well.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Removed support for the undocumented flag
+ --use-proxy.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Don't treat -Y as a boolean switch; treat
+ it as a value switch instead, so "-Y off" continues to work.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (aprintf): Delete unreachable statement.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * host.c (cmp_prefer_ipv4): New function.
+ (cmp_prefer_ipv6): New function.
+ (lookup_host): Use the appropriate comparator according to
+ opt.prefer_family.
+
+ * init.c: New option prefer_family.
+
+ * host.c (is_valid_ipv6_address): Spell NS_* constants in lower
+ case to avoid clash with system headers.
+ (lookup_host): Reorder the addresses so that IPv4 ones come first.
+
+ * utils.c (stable_sort): New function.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * connect.c (retryable_socket_connect_error): Return 0 for
+ ENETUNREACH and EHOSTUNREACH.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cmpt.c: Reenable the memmove implementation for systems that
+ lack it.
+
+ * http.c (gethttp): Store the "authorized" state of the persistent
+ connection.
+ (request_remove_header): New function.
+ (gethttp): Don't send the "Basic" authentication if the connection
+ is already authorized.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (base64_encode): Treat input as unsigned chars.
+ Required for correct encoding of binary stuff.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http-ntlm.c: Format the function definitions in an
+ ansi2knr-friendly fashion.
+
+2005-04-22 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Handle multiple WWW-Authentication headers,
+ only one of which is recognized. Those are sent by IIS with NTLM
+ authorization.
+ (create_authorization_line): Propagate information whether
+ authorization is finished.
+ (gethttp): Only stop authorization when it's really finished, not
+ after fixed two steps.
+
2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
* gen_sslfunc.c (ssl_init): Fix warning message text; mark the