+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (init_prng): Disable the weak random seed by default.
+
+ * http.c (gethttp): Simplify SSL initialization; disable SSL when
+ anything goes wrong with the initialization.
+
+ * options.h (struct options): New option opt.random_file.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Wrap private key commands in IF_SSL.
+
+2005-04-27 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_init): Ditto.
+
+ * options.h (struct options): Allow separate specification of key
+ type and certificate type.
+
+ * init.c (cmd_spec_cert_type): Provide a "der" synonym for "asn1"
+ certificate encoding.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c: Renamed "gen_sslfunc.c" to "openssl.c" and
+ "gen_sslfunc.h" to "openssl.h". This reflects the intent of
+ openssl.c encapsulating the OpenSSL-specific code.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * init.c: Renamed "closure" (a synonym for context in some
+ cultures) to "place", which more accurately reflects the usage.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_init): Use default locations for loading the
+ certificate bundles.
+ (ssl_init_prng): Disable the cryptographically weak PRNG
+ initialization fallback.
+
+ * init.c: Renamed SSL command-line arguments and wgetrc commands.
+ (defaults): Check the server certificate by default.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cookies.c (cookie_handle_set_cookie): Delete the part of the
+ path after the trailing slash.
+
+ * http.c (gethttp): Call cookie_handle_set_cookie with path that
+ begins with '/'.
+
+2005-04-26 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Call skip_short_body only if keep_alive is in
+ use.
+ (gethttp): Send the User-Agent header with the CONNECT request as
+ well.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Removed support for the undocumented flag
+ --use-proxy.
+
+2005-04-25 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (option_data): Don't treat -Y as a boolean switch; treat
+ it as a value switch instead, so "-Y off" continues to work.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (aprintf): Delete unreachable statement.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * host.c (cmp_prefer_ipv4): New function.
+ (cmp_prefer_ipv6): New function.
+ (lookup_host): Use the appropriate comparator according to
+ opt.prefer_family.
+
+ * init.c: New option prefer_family.
+
+ * host.c (is_valid_ipv6_address): Spell NS_* constants in lower
+ case to avoid clash with system headers.
+ (lookup_host): Reorder the addresses so that IPv4 ones come first.
+
+ * utils.c (stable_sort): New function.
+
+2005-04-24 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * connect.c (retryable_socket_connect_error): Return 0 for
+ ENETUNREACH and EHOSTUNREACH.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * cmpt.c: Reenable the memmove implementation for systems that
+ lack it.
+
+ * http.c (gethttp): Store the "authorized" state of the persistent
+ connection.
+ (request_remove_header): New function.
+ (gethttp): Don't send the "Basic" authentication if the connection
+ is already authorized.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (base64_encode): Treat input as unsigned chars.
+ Required for correct encoding of binary stuff.
+
+2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http-ntlm.c: Format the function definitions in an
+ ansi2knr-friendly fashion.
+
+2005-04-22 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (gethttp): Handle multiple WWW-Authentication headers,
+ only one of which is recognized. Those are sent by IIS with NTLM
+ authorization.
+ (create_authorization_line): Propagate information whether
+ authorization is finished.
+ (gethttp): Only stop authorization when it's really finished, not
+ after fixed two steps.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * gen_sslfunc.c (ssl_init): Fix warning message text; mark the
+ message as translatable.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * main.c (print_help): Print the EGD option outside the cluster of
+ SSL options.
+
+2005-04-21 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http-ntlm.c (ntlm_output): Fix setting the domain.
+ Suggested by Sami Krank.
+
+2005-04-20 Mauro Tortonesi <mauro@ferrara.linux.it>
+
+ * connect.c: Set IPV6_V6ONLY socket option when -6 switch is used.
+
+2005-04-20 FUJISHIMA Satsuki <sf@FreeBSD.org>
+
+ * http.c (request_set_header): Fix the check whether a new header
+ needs to be allocated.
+
+2005-04-18 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * utils.c (base64_encode): Use the parameter order that makes more
+ sense. Return the length of the base64 written. Updated all
+ callers.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * http.c (request_set_header): Free NAME when VALUE is NULL and
+ freeing the header name is requested.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * snprintf.c (fmtstr): Declare VALUE as const char *.
+ Based on patch by Russ Allbery.
+
+2005-04-17 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * snprintf.c (fmtfp): More correct handling of significant digit
+ count with %g -- 0.002 has one significant digit, not three.
+
2005-04-16 Hrvoje Niksic <hniksic@xemacs.org>
* retr.c (fd_read_body): Respect read timeout with non-interactive