2010-02-14 20:40:18 +01:00
|
|
|
_ _ ____ _
|
|
|
|
___| | | | _ \| |
|
|
|
|
/ __| | | | |_) | |
|
|
|
|
| (__| |_| | _ <| |___
|
2000-05-22 19:35:35 +02:00
|
|
|
\___|\___/|_| \_\_____|
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Things that could be nice to do in the future
|
2000-05-22 19:35:35 +02:00
|
|
|
|
2002-08-15 01:35:19 +02:00
|
|
|
Things to do in project cURL. Please tell us what you think, contribute and
|
2007-12-09 00:00:00 +01:00
|
|
|
send us patches that improve things!
|
2000-05-22 19:35:35 +02:00
|
|
|
|
2003-08-11 18:17:51 +02:00
|
|
|
All bugs documented in the KNOWN_BUGS document are subject for fixing!
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
1. libcurl
|
|
|
|
1.2 More data sharing
|
|
|
|
1.3 struct lifreq
|
2008-11-11 14:33:01 +01:00
|
|
|
1.4 signal-based resolver timeouts
|
2011-01-03 09:40:40 +01:00
|
|
|
1.5 get rid of PATH_MAX
|
2011-08-25 16:04:55 +02:00
|
|
|
1.6 progress callback without doubles
|
2011-12-21 09:53:05 +01:00
|
|
|
1.7 Happy Eyeball dual stack connect
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
2. libcurl - multi interface
|
|
|
|
2.1 More non-blocking
|
2008-11-11 14:33:01 +01:00
|
|
|
2.2 Remove easy interface internally
|
2008-11-17 10:35:10 +01:00
|
|
|
2.4 Fix HTTP Pipelining for PUT
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
3. Documentation
|
|
|
|
3.1 More and better
|
|
|
|
|
|
|
|
4. FTP
|
2010-04-29 23:27:28 +02:00
|
|
|
4.1 HOST
|
2007-12-09 00:00:00 +01:00
|
|
|
4.2 Alter passive/active on failure and retry
|
|
|
|
4.3 Earlier bad letter detection
|
|
|
|
4.4 REST for large files
|
|
|
|
4.5 FTP proxy support
|
2009-09-05 19:49:07 +02:00
|
|
|
4.6 ASCII support
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
5. HTTP
|
2008-11-11 14:33:01 +01:00
|
|
|
5.1 Better persistency for HTTP 1.0
|
|
|
|
5.2 support FF3 sqlite cookie files
|
2010-01-21 10:32:51 +01:00
|
|
|
5.3 Rearrange request header order
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
6. TELNET
|
|
|
|
6.1 ditch stdin
|
|
|
|
6.2 ditch telnet-specific select
|
2008-05-23 22:52:46 +02:00
|
|
|
6.3 feature negotiation debug data
|
|
|
|
6.4 send data in chunks
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
7. SSL
|
|
|
|
7.1 Disable specific versions
|
2008-09-10 09:11:45 +02:00
|
|
|
7.2 Provide mutex locking API
|
2008-11-11 14:33:01 +01:00
|
|
|
7.3 Evaluate SSL patches
|
|
|
|
7.4 Cache OpenSSL contexts
|
|
|
|
7.5 Export session ids
|
|
|
|
7.6 Provide callback for cert verification
|
|
|
|
7.7 Support other SSL libraries
|
|
|
|
7.9 improve configure --with-ssl
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
8. GnuTLS
|
2009-10-17 21:31:57 +02:00
|
|
|
8.1 SSL engine stuff
|
2010-04-29 23:27:28 +02:00
|
|
|
8.3 check connection
|
2010-09-20 23:19:51 +02:00
|
|
|
8.4 non-gcrypt
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
9. SMTP
|
2012-05-24 19:55:00 +02:00
|
|
|
9.1 Other authentication mechanisms
|
2012-03-27 22:58:59 +02:00
|
|
|
9.2 Specify the preferred authentication mechanism
|
|
|
|
9.3 Initial response
|
|
|
|
9.4 Pipelining
|
|
|
|
|
2012-03-28 23:23:17 +02:00
|
|
|
10. POP3
|
2012-03-27 22:58:59 +02:00
|
|
|
10.1 APOP Authentication
|
2012-06-03 02:00:45 +02:00
|
|
|
10.2 SASL based authentication mechanisms
|
2012-03-27 22:58:59 +02:00
|
|
|
10.3 auth= in URLs
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
11. IMAP
|
|
|
|
11.1 SASL based authentication mechanisms
|
|
|
|
|
|
|
|
12. LDAP
|
|
|
|
12.1 SASL based authentication mechanisms
|
|
|
|
|
|
|
|
13. Other protocols
|
|
|
|
|
|
|
|
14. New protocols
|
|
|
|
14.1 RSYNC
|
|
|
|
|
|
|
|
15. Client
|
|
|
|
15.1 sync
|
|
|
|
15.2 glob posts
|
|
|
|
15.3 prevent file overwriting
|
|
|
|
15.4 simultaneous parallel transfers
|
|
|
|
15.5 provide formpost headers
|
|
|
|
15.6 url-specific options
|
|
|
|
15.7 metalink support
|
|
|
|
15.8 warning when setting an option
|
|
|
|
15.9 IPv6 addresses with globbing
|
|
|
|
|
|
|
|
16. Build
|
|
|
|
16.1 roffit
|
|
|
|
|
|
|
|
17. Test suite
|
|
|
|
17.1 SSL tunnel
|
|
|
|
17.2 nicer lacking perl message
|
|
|
|
17.3 more protocols supported
|
|
|
|
17.4 more platforms supported
|
|
|
|
|
|
|
|
18. Next SONAME bump
|
|
|
|
18.1 http-style HEAD output for ftp
|
|
|
|
18.2 combine error codes
|
2012-06-03 02:17:21 +02:00
|
|
|
18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
|
2012-06-03 02:00:45 +02:00
|
|
|
|
|
|
|
19. Next major release
|
|
|
|
19.1 cleanup return codes
|
|
|
|
19.2 remove obsolete defines
|
|
|
|
19.3 size_t
|
|
|
|
19.4 remove several functions
|
|
|
|
19.5 remove CURLOPT_FAILONERROR
|
|
|
|
19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
|
|
|
|
19.7 remove progress meter from libcurl
|
|
|
|
19.8 remove 'curl_httppost' from public
|
|
|
|
19.9 have form functions use CURL handle argument
|
|
|
|
19.10 Add CURLOPT_MAIL_CLIENT option
|
2006-01-28 14:14:38 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
==============================================================================
|
2007-08-07 15:01:36 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
1. libcurl
|
2002-08-27 00:32:46 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
1.2 More data sharing
|
2007-08-14 12:11:34 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_share_* functions already exist and work, and they can be extended to
|
|
|
|
share more. For example, enable sharing of the ares channel and the
|
|
|
|
connection cache.
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
1.3 struct lifreq
|
2007-09-13 11:02:15 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
|
|
|
|
SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
|
|
|
|
To support ipv6 interface addresses for network interfaces properly.
|
2007-09-13 11:02:15 +02:00
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
1.4 signal-based resolver timeouts
|
2008-10-15 01:52:36 +02:00
|
|
|
|
|
|
|
libcurl built without an asynchronous resolver library uses alarm() to time
|
|
|
|
out DNS lookups. When a timeout occurs, this causes libcurl to jump from the
|
2010-02-14 20:40:18 +01:00
|
|
|
signal handler back into the library with a sigsetjmp, which effectively
|
2008-10-15 01:52:36 +02:00
|
|
|
causes libcurl to continue running within the signal handler. This is
|
|
|
|
non-portable and could cause problems on some platforms. A discussion on the
|
|
|
|
problem is available at http://curl.haxx.se/mail/lib-2008-09/0197.html
|
|
|
|
|
|
|
|
Also, alarm() provides timeout resolution only to the nearest second. alarm
|
|
|
|
ought to be replaced by setitimer on systems that support it.
|
|
|
|
|
2011-01-03 09:40:40 +01:00
|
|
|
1.5 get rid of PATH_MAX
|
|
|
|
|
|
|
|
Having code use and rely on PATH_MAX is not nice:
|
|
|
|
http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
|
|
|
|
|
|
|
|
Currently the SSH based code uses it a bit, but to remove PATH_MAX from there
|
|
|
|
we need libssh2 to properly tell us when we pass in a too small buffer and
|
|
|
|
its current API (as of libssh2 1.2.7) doesn't.
|
|
|
|
|
2011-08-25 16:04:55 +02:00
|
|
|
1.6 progress callback without doubles
|
|
|
|
|
|
|
|
The progress callback was introduced way back in the days and the choice to
|
|
|
|
use doubles in the arguments was possibly good at the time. Today the doubles
|
|
|
|
only confuse users and make the amounts less precise. We should introduce
|
|
|
|
another progress callback option that take precedence over the old one and
|
|
|
|
have both co-exist for a forseeable time until we can remove the double-using
|
|
|
|
one.
|
|
|
|
|
2011-12-21 09:53:05 +01:00
|
|
|
1.7 Happy Eyeball dual stack connect
|
|
|
|
|
|
|
|
In order to make alternative technologies not suffer when transitioning, like
|
|
|
|
when introducing IPv6 as an alternative to IPv4 and there are more than one
|
|
|
|
option existing simultaneously there are reasons to reconsider internal
|
|
|
|
choices.
|
|
|
|
|
|
|
|
To make libcurl do blazing fast IPv6 in a dual-stack configuration, this needs
|
|
|
|
to be addressed:
|
|
|
|
|
2012-05-12 15:08:35 +02:00
|
|
|
http://tools.ietf.org/html/rfc6555
|
2011-12-21 09:53:05 +01:00
|
|
|
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
2. libcurl - multi interface
|
2004-12-22 10:19:29 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
2.1 More non-blocking
|
2007-09-13 11:02:15 +02:00
|
|
|
|
2008-09-10 09:11:45 +02:00
|
|
|
Make sure we don't ever loop because of non-blocking sockets returning
|
2010-02-21 15:42:59 +01:00
|
|
|
EWOULDBLOCK or similar. Blocking cases include:
|
|
|
|
|
|
|
|
- Name resolves on non-windows unless c-ares is used
|
|
|
|
- NSS SSL connections
|
|
|
|
- HTTP proxy CONNECT operations
|
|
|
|
- SOCKS proxy handshakes
|
|
|
|
- file:// transfers
|
|
|
|
- TELNET transfers
|
|
|
|
- The "DONE" operation (post transfer protocol-specific actions) for the
|
|
|
|
protocols SFTP, SMTP, FTP. Fixing Curl_done() for this is a worthy task.
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
2.2 Remove easy interface internally
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Make curl_easy_perform() a wrapper-function that simply creates a multi
|
|
|
|
handle, adds the easy handle to it, runs curl_multi_perform() until the
|
|
|
|
transfer is done, then detach the easy handle, destroy the multi handle and
|
|
|
|
return the easy handle's return code. This will thus make everything
|
|
|
|
internally use and assume the multi interface. The select()-loop should use
|
|
|
|
curl_multi_socket().
|
2007-09-13 11:02:15 +02:00
|
|
|
|
2008-11-17 10:35:10 +01:00
|
|
|
2.4 Fix HTTP Pipelining for PUT
|
|
|
|
|
|
|
|
HTTP Pipelining can be a way to greatly enhance performance for multiple
|
|
|
|
serial requests and currently libcurl only supports that for HEAD and GET
|
|
|
|
requests but it should also be possible for PUT.
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
3. Documentation
|
2005-07-31 01:48:07 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
3.1 More and better
|
2005-08-29 08:59:44 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Exactly
|
2005-08-29 08:59:44 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
4. FTP
|
2005-08-29 08:59:44 +02:00
|
|
|
|
2010-04-29 23:27:28 +02:00
|
|
|
4.1 HOST
|
2005-08-29 08:59:44 +02:00
|
|
|
|
2010-04-29 23:27:28 +02:00
|
|
|
HOST is a suggested command in the works for a client to tell which host name
|
|
|
|
to use, to offer FTP servers named-based virtual hosting:
|
|
|
|
|
|
|
|
http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11
|
2005-08-29 08:59:44 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
4.2 Alter passive/active on failure and retry
|
2006-05-30 10:45:59 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
When trying to connect passively to a server which only supports active
|
|
|
|
connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
|
|
|
|
connection. There could be a way to fallback to an active connection (and
|
|
|
|
vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
|
2006-05-30 10:45:59 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
4.3 Earlier bad letter detection
|
|
|
|
|
|
|
|
Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
|
|
|
|
process to avoid doing a resolve and connect in vain.
|
|
|
|
|
|
|
|
4.4 REST for large files
|
|
|
|
|
|
|
|
REST fix for servers not behaving well on >2GB requests. This should fail if
|
|
|
|
the server doesn't set the pointer to the requested index. The tricky
|
|
|
|
(impossible?) part is to figure out if the server did the right thing or not.
|
|
|
|
|
|
|
|
4.5 FTP proxy support
|
|
|
|
|
|
|
|
Support the most common FTP proxies, Philip Newton provided a list allegedly
|
|
|
|
from ncftp. This is not a subject without debate, and is probably not really
|
|
|
|
suitable for libcurl. http://curl.haxx.se/mail/archive-2003-04/0126.html
|
|
|
|
|
2009-09-05 19:49:07 +02:00
|
|
|
4.6 ASCII support
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
FTP ASCII transfers do not follow RFC959. They don't convert the data
|
|
|
|
accordingly.
|
|
|
|
|
|
|
|
5. HTTP
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
5.1 Better persistency for HTTP 1.0
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
"Better" support for persistent connections over HTTP 1.0
|
|
|
|
http://curl.haxx.se/bug/feature.cgi?id=1089001
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
5.2 support FF3 sqlite cookie files
|
2008-01-14 18:49:06 +01:00
|
|
|
|
|
|
|
Firefox 3 is changing from its former format to a a sqlite database instead.
|
|
|
|
We should consider how (lib)curl can/should support this.
|
|
|
|
http://curl.haxx.se/bug/feature.cgi?id=1871388
|
|
|
|
|
2010-01-21 10:32:51 +01:00
|
|
|
5.3 Rearrange request header order
|
2009-08-19 09:09:13 +02:00
|
|
|
|
|
|
|
Server implementors often make an effort to detect browser and to reject
|
|
|
|
clients it can detect to not match. One of the last details we cannot yet
|
|
|
|
control in libcurl's HTTP requests, which also can be exploited to detect
|
|
|
|
that libcurl is in fact used even when it tries to impersonate a browser, is
|
|
|
|
the order of the request headers. I propose that we introduce a new option in
|
|
|
|
which you give headers a value, and then when the HTTP request is built it
|
|
|
|
sorts the headers based on that number. We could then have internally created
|
|
|
|
headers use a default value so only headers that need to be moved have to be
|
|
|
|
specified.
|
|
|
|
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
6. TELNET
|
|
|
|
|
|
|
|
6.1 ditch stdin
|
|
|
|
|
|
|
|
Reading input (to send to the remote server) on stdin is a crappy solution for
|
|
|
|
library purposes. We need to invent a good way for the application to be able
|
|
|
|
to provide the data to send.
|
|
|
|
|
|
|
|
6.2 ditch telnet-specific select
|
|
|
|
|
|
|
|
Move the telnet support's network select() loop go away and merge the code
|
|
|
|
into the main transfer loop. Until this is done, the multi interface won't
|
|
|
|
work for telnet.
|
|
|
|
|
2008-05-23 22:52:46 +02:00
|
|
|
6.3 feature negotiation debug data
|
|
|
|
|
|
|
|
Add telnet feature negotiation data to the debug callback as header data.
|
|
|
|
|
|
|
|
6.4 send data in chunks
|
|
|
|
|
|
|
|
Currently, telnet sends data one byte at a time. This is fine for interactive
|
|
|
|
use, but inefficient for any other. Sent data should be sent in larger
|
|
|
|
chunks.
|
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
7. SSL
|
|
|
|
|
|
|
|
7.1 Disable specific versions
|
|
|
|
|
|
|
|
Provide an option that allows for disabling specific SSL versions, such as
|
|
|
|
SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
|
|
|
|
|
2008-09-10 09:11:45 +02:00
|
|
|
7.2 Provide mutex locking API
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Provide a libcurl API for setting mutex callbacks in the underlying SSL
|
|
|
|
library, so that the same application code can use mutex-locking
|
|
|
|
independently of OpenSSL or GnutTLS being used.
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.3 Evaluate SSL patches
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Evaluate/apply Gertjan van Wingerde's SSL patches:
|
|
|
|
http://curl.haxx.se/mail/lib-2004-03/0087.html
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.4 Cache OpenSSL contexts
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
"Look at SSL cafile - quick traces look to me like these are done on every
|
|
|
|
request as well, when they should only be necessary once per ssl context (or
|
|
|
|
once per handle)". The major improvement we can rather easily do is to make
|
|
|
|
sure we don't create and kill a new SSL "context" for every request, but
|
|
|
|
instead make one for every connection and re-use that SSL context in the same
|
|
|
|
style connections are re-used. It will make us use slightly more memory but
|
|
|
|
it will libcurl do less creations and deletions of SSL contexts.
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.5 Export session ids
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Add an interface to libcurl that enables "session IDs" to get
|
|
|
|
exported/imported. Cris Bailiff said: "OpenSSL has functions which can
|
|
|
|
serialise the current SSL state to a buffer of your choice, and recover/reset
|
|
|
|
the state from such a buffer at a later date - this is used by mod_ssl for
|
|
|
|
apache to implement and SSL session ID cache".
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.6 Provide callback for cert verification
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
OpenSSL supports a callback for customised verification of the peer
|
|
|
|
certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
|
|
|
|
it be? There's so much that could be done if it were!
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.7 Support other SSL libraries
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Make curl's SSL layer capable of using other free SSL libraries. Such as
|
|
|
|
MatrixSSL (http://www.matrixssl.org/).
|
|
|
|
|
2008-11-11 14:33:01 +01:00
|
|
|
7.9 improve configure --with-ssl
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
|
|
|
|
then NSS...
|
|
|
|
|
2009-10-17 21:31:57 +02:00
|
|
|
8. GnuTLS
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2009-10-17 21:31:57 +02:00
|
|
|
8.1 SSL engine stuff
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Is this even possible?
|
|
|
|
|
2010-04-29 23:27:28 +02:00
|
|
|
8.3 check connection
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Add a way to check if the connection seems to be alive, to correspond to the
|
|
|
|
SSL_peak() way we use with OpenSSL.
|
|
|
|
|
2010-09-20 23:19:51 +02:00
|
|
|
8.4 non-gcrypt
|
|
|
|
|
|
|
|
libcurl assumes that there are gcrypt functions available when
|
|
|
|
GnuTLS is.
|
|
|
|
|
|
|
|
GnuTLS can be built to use libnettle instead as crypto library,
|
|
|
|
which breaks the previously mentioned assumption
|
|
|
|
|
|
|
|
The correct fix would be to detect which crypto layer that is in use and
|
|
|
|
adapt our code to use that instead of blindly assuming gcrypt.
|
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
9. SMTP
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-05-24 19:55:00 +02:00
|
|
|
9.1 Other authentication mechanisms
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-05-24 19:55:00 +02:00
|
|
|
Add support for gssapi.
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
9.2 Specify the preferred authentication mechanism
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
Add the ability to specify the preferred authentication mechanism or a list
|
2012-05-24 19:55:00 +02:00
|
|
|
of mechanisms that should be used. Not only that, but the order that is
|
2012-03-27 22:58:59 +02:00
|
|
|
returned by the server during the EHLO response should be honored by curl.
|
2012-06-03 02:00:45 +02:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
9.3 Initial response
|
2007-12-09 00:00:00 +01:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
Add the ability for the user to specify whether the initial response is
|
|
|
|
included in the AUTH command. Some email servers, such as Microsoft
|
|
|
|
Exchange, can work with either whilst others need to have the initial
|
|
|
|
response sent separately:
|
2012-06-03 02:00:45 +02:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
http://curl.haxx.se/mail/lib-2012-03/0114.html
|
2012-06-03 02:00:45 +02:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
9.4 Pipelining
|
|
|
|
|
|
|
|
Add support for pipelining emails.
|
2012-05-24 19:55:00 +02:00
|
|
|
|
2012-03-28 23:23:17 +02:00
|
|
|
10. POP3
|
2012-03-27 22:58:59 +02:00
|
|
|
|
|
|
|
10.1 APOP Authentication
|
|
|
|
|
|
|
|
Add support for the APOP command rather than using plain text authentication
|
|
|
|
(USER and PASS) as this is very week security wise. Note: The APOP command
|
|
|
|
is specified as "APOP <username> <md5 password>", however, it isn't
|
|
|
|
supported by all mail servers.
|
2012-06-03 02:00:45 +02:00
|
|
|
|
|
|
|
10.2 SASL authentication mechanisms
|
2012-03-27 22:58:59 +02:00
|
|
|
|
|
|
|
SASL offers support for additional authentication mechanisms via the AUTH
|
|
|
|
command. Detection of an email server's support for SASL authentication
|
|
|
|
can be detected via the CAPA command whilst a list of supported mechanisms
|
|
|
|
can be retrieved with an empty AUTH command.
|
2012-06-03 02:00:45 +02:00
|
|
|
|
2012-03-27 22:58:59 +02:00
|
|
|
10.3 auth= in URLs
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
Being able to specify the preferred authentication mechanism in the URL as
|
|
|
|
per RFC2384.
|
|
|
|
|
|
|
|
11. IMAP
|
|
|
|
|
|
|
|
11.1 SASL based authentication mechanisms
|
|
|
|
|
|
|
|
Like POP3 curl currently sends usernames and passwords as clear text.
|
|
|
|
Support should also be added to support SASL based authentication mechanisms
|
|
|
|
as these are more secure.
|
|
|
|
|
|
|
|
12. LDAP
|
|
|
|
|
|
|
|
12.1 SASL based authentication mechansims
|
2012-03-27 22:58:59 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
|
|
|
|
to an LDAP server. However, this function sends username and password details
|
|
|
|
using the simple authentication mechanism (as clear text). However, it should
|
|
|
|
be possible to use ldap_bind_s() instead specifing the security context
|
|
|
|
information ourselves.
|
2012-03-27 22:58:59 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
13. Other protocols
|
|
|
|
|
|
|
|
14. New protocols
|
|
|
|
|
|
|
|
14.1 RSYNC
|
2012-03-27 22:58:59 +02:00
|
|
|
|
|
|
|
There's no RFC for the protocol or an URI/URL format. An implementation
|
|
|
|
should most probably use an existing rsync library, such as librsync.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15. Client
|
2012-03-27 22:58:59 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.1 sync
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
"curl --sync http://example.com/feed[1-100].rss" or
|
|
|
|
"curl --sync http://example.net/{index,calendar,history}.html"
|
|
|
|
|
|
|
|
Downloads a range or set of URLs using the remote name, but only if the
|
|
|
|
remote file is newer than the local file. A Last-Modified HTTP date header
|
|
|
|
should also be used to set the mod date on the downloaded file.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.2 glob posts
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
|
|
|
|
This is easily scripted though.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.3 prevent file overwriting
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Add an option that prevents cURL from overwriting existing local files. When
|
|
|
|
used, and there already is an existing file with the target file name
|
|
|
|
(either -O or -o), a number should be appended (and increased if already
|
|
|
|
existing). So that index.html becomes first index.html.1 and then
|
|
|
|
index.html.2 etc.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.4 simultaneous parallel transfers
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
The client could be told to use maximum N simultaneous parallel transfers and
|
|
|
|
then just make sure that happens. It should of course not make more than one
|
|
|
|
connection to the same remote host. This would require the client to use the
|
|
|
|
multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.5 provide formpost headers
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Extending the capabilities of the multipart formposting. How about leaving
|
|
|
|
the ';type=foo' syntax as it is and adding an extra tag (headers) which
|
|
|
|
works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where
|
|
|
|
fil1.hdr contains extra headers like
|
|
|
|
|
|
|
|
Content-Type: text/plain; charset=KOI8-R"
|
|
|
|
Content-Transfer-Encoding: base64
|
|
|
|
X-User-Comment: Please don't use browser specific HTML code
|
|
|
|
|
|
|
|
which should overwrite the program reasonable defaults (plain/text,
|
|
|
|
8bit...)
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.6 url-specific options
|
2007-12-09 00:00:00 +01:00
|
|
|
|
|
|
|
Provide a way to make options bound to a specific URL among several on the
|
|
|
|
command line. Possibly by letting ':' separate options between URLs,
|
|
|
|
similar to this:
|
2004-12-22 10:19:29 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl --data foo --url url.com : \
|
|
|
|
--url url2.com : \
|
|
|
|
--url url3.com --data foo3
|
2004-12-22 10:19:29 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
(More details: http://curl.haxx.se/mail/archive-2004-07/0133.html)
|
2004-12-22 10:19:29 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
The example would do a POST-GET-POST combination on a single command line.
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.7 metalink support
|
2008-05-23 22:52:46 +02:00
|
|
|
|
|
|
|
Add metalink support to curl (http://www.metalinker.org/). This is most useful
|
|
|
|
with simultaneous parallel transfers (11.6) but not necessary.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.8 warning when setting an option
|
2008-05-23 22:52:46 +02:00
|
|
|
|
|
|
|
Display a warning when libcurl returns an error when setting an option.
|
|
|
|
This can be useful to tell when support for a particular feature hasn't been
|
|
|
|
compiled into the library.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
15.9 IPv6 addresses with globbing
|
2011-09-11 15:51:38 +02:00
|
|
|
|
|
|
|
Currently the command line client needs to get url globbing disabled (with
|
|
|
|
-g) for it to support IPv6 numerical addresses. This is a rather silly flaw
|
|
|
|
that should be corrected. It probably involves a smarter detection of the
|
|
|
|
'[' and ']' letters.
|
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
16. Build
|
2007-09-13 11:02:15 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
16.1 roffit
|
2004-09-09 08:58:01 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Consider extending 'roffit' to produce decent ASCII output, and use that
|
|
|
|
instead of (g)nroff when building src/hugehelp.c
|
2004-09-09 08:58:01 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
17. Test suite
|
2004-08-13 14:06:30 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
17.1 SSL tunnel
|
2002-08-27 00:32:46 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Make our own version of stunnel for simple port forwarding to enable HTTPS
|
|
|
|
and FTP-SSL tests without the stunnel dependency, and it could allow us to
|
|
|
|
provide test tools built with either OpenSSL or GnuTLS
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
17.2 nicer lacking perl message
|
2001-12-06 15:40:16 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
If perl wasn't found by the configure script, don't attempt to run the tests
|
|
|
|
but explain something nice why it doesn't.
|
2002-02-18 11:51:28 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
17.3 more protocols supported
|
2002-02-18 11:51:28 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Extend the test suite to include more protocols. The telnet could just do ftp
|
|
|
|
or http operations (for which we have test servers).
|
2002-02-18 11:51:28 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
17.4 more platforms supported
|
2004-01-09 09:59:55 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
|
|
|
|
fork()s and it should become even more portable.
|
2003-12-08 14:48:23 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
18. Next SONAME bump
|
2004-05-25 16:39:53 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
18.1 http-style HEAD output for ftp
|
2004-05-25 16:39:53 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
#undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
|
|
|
|
from being output in NOBODY requests over ftp
|
2004-05-25 16:39:53 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
18.2 combine error codes
|
2004-05-25 16:39:53 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Combine some of the error codes to remove duplicates. The original
|
|
|
|
numbering should not be changed, and the old identifiers would be
|
|
|
|
macroed to the new ones in an CURL_NO_OLDIES section to help with
|
|
|
|
backward compatibility.
|
2004-03-02 11:08:04 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Candidates for removal and their replacements:
|
2004-12-21 11:54:21 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
|
2012-06-03 02:17:21 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
|
2001-11-02 13:51:18 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
|
2008-01-04 23:16:16 +01:00
|
|
|
|
|
|
|
The current prototype only provides 'purpose' that tells what the
|
|
|
|
connection/socket is for, but not any protocol or similar. It makes it hard
|
|
|
|
for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
|
|
|
|
similar.
|
|
|
|
|
2012-06-03 02:13:36 +02:00
|
|
|
19. Next major release
|
2006-12-19 15:28:01 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.1 cleanup return codes
|
2003-03-15 16:08:55 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
|
|
|
|
CURLMcode. These should be changed to be the same.
|
2000-05-22 19:35:35 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.2 remove obsolete defines
|
2000-05-22 19:35:35 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
remove obsolete defines from curl/curl.h
|
2007-08-18 00:21:41 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.3 size_t
|
2007-08-18 00:21:41 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
make several functions use size_t instead of int in their APIs
|
2007-08-30 22:34:57 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.4 remove several functions
|
2007-08-30 22:34:57 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
remove the following functions from the public API:
|
2007-08-30 22:34:57 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_getenv
|
2003-03-10 21:46:54 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_mprintf (and variations)
|
2003-03-10 21:46:54 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_strequal
|
2004-03-02 11:08:04 +01:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
curl_strnequal
|
2004-07-01 10:22:52 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
They will instead become curlx_ - alternatives. That makes the curl app
|
2009-05-11 22:35:26 +02:00
|
|
|
still capable of using them, by building with them from source.
|
|
|
|
|
|
|
|
These functions have no purpose anymore:
|
|
|
|
|
|
|
|
curl_multi_socket
|
|
|
|
|
|
|
|
curl_multi_socket_all
|
2004-03-02 11:08:04 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.5 remove CURLOPT_FAILONERROR
|
2004-10-25 13:28:40 +02:00
|
|
|
|
2007-12-09 00:00:00 +01:00
|
|
|
Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
|
|
|
|
internally. Let the app judge success or not for itself.
|
2008-01-15 23:15:55 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
|
2008-01-15 23:15:55 +01:00
|
|
|
|
|
|
|
Remove support for a global DNS cache. Anything global is silly, and we
|
|
|
|
already offer the share interface for the same functionality but done
|
|
|
|
"right".
|
2010-01-23 21:02:50 +01:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.7 remove progress meter from libcurl
|
2010-01-23 21:02:50 +01:00
|
|
|
|
|
|
|
The internally provided progress meter output doesn't belong in the library.
|
|
|
|
Basically no application wants it (apart from curl) but instead applications
|
|
|
|
can and should do their own progress meters using the progress callback.
|
|
|
|
|
|
|
|
The progress callback should then be bumped as well to get proper 64bit
|
|
|
|
variable types passed to it instead of doubles so that big files work
|
|
|
|
correctly.
|
2011-08-10 08:55:13 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.8 remove 'curl_httppost' from public
|
2011-08-10 08:55:13 +02:00
|
|
|
|
|
|
|
curl_formadd() was made to fill in a public struct, but the fact that the
|
|
|
|
struct is public is never really used by application for their own advantage
|
|
|
|
but instead often restricts how the form functions can or can't be modified.
|
|
|
|
|
|
|
|
Changing them to return a private handle will benefit the implementation and
|
|
|
|
allow us much greater freedoms while still maintining a solid API and ABI.
|
2011-10-16 01:06:48 +02:00
|
|
|
|
2012-06-03 02:00:45 +02:00
|
|
|
19.9 have form functions use CURL handle argument
|
2011-10-16 01:06:48 +02:00
|
|
|
|
|
|
|
curl_formadd() and curl_formget() both currently have no CURL handle
|
|
|
|
argument, but both can use a callback that is set in the easy handle, and
|
|
|
|
thus curl_formget() with callback cannot function without first having
|
|
|
|
curl_easy_perform() (or similar) called - which is hard to grasp and a design
|
|
|
|
mistake.
|
2012-06-03 02:00:45 +02:00
|
|
|
|
|
|
|
19.10 Add CURLOPT_MAIL_CLIENT option
|
|
|
|
|
|
|
|
Rather than use the URL to specify the mail client string to present in the
|
|
|
|
HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
|
|
|
|
specifing this data as the URL is non-standard and to be honest a bit of a
|
|
|
|
hack ;-)
|
|
|
|
|
|
|
|
Please see the following thread for more information:
|
|
|
|
http://curl.haxx.se/mail/lib-2012-05/0178.html
|
|
|
|
|