7.10.1 commit

you set CURLOPT_PROXY to "".

CHANGES

@@ -7,6 +7,51 @@
                                   Changelog
 
 
+Daniel (10 Oct 2002)
+- Jeff Lawson fixed a few problems with connection re-use that remained when
+  you set CURLOPT_PROXY to "".
+
+Daniel (9 Oct 2002)
+- Craig Davison found a terrible flaw and Cris Bailiff helped out in the
+  search. Getting HTTP data from servers when the headers are split up in
+  multiple reads, could cause junk data to get inserted among the saved
+  headers. This only concerns HTTP(S) headers.
+
+Daniel (8 Oct 2002)
+- Vincent Penquerc'h gave us the good suggestion that when the ERRRORBUFFER
+  is set internally, the error text is sent to the debug function as well.
+
+- I fixed the telnet code to timeout properly as the option tells it to. On
+  non-windows platforms.
+
+Daniel (7 Oct 2002)
+- John Crow pointed out that libcurl-the-guide wasn't included in the release
+  tarball!
+
+- Kevin Roth pointed out that make install didn't do right if build outside
+  the source tree (ca-bundle wise).
+
+- FOLLOW_LOCATION bugfix for the multi interface
+
+Daniel (4 Oct 2002)
+- Kevin Roth got problems with his cygwin build with -no-undefined was not
+  present in lib/Makefile.am so I put it back in there again. The poor one who
+  needs to remove it again must write a configure script to detect that need.
+
+- Ralph Mitchell pointed out that curl was a bit naive and didn't deal with ./
+  or ../ stuff in the string passed back in a Location: header when following
+  locations.
+
+- Albert Chin helped me to work out a better configure.in check for zlib, and
+  both --without-zlib and -with-zlib seem to work rather well right now.
+
+- Zvi Har'El improvied the OpenSSL ENGINE check in the configure script to
+  become more accurate.
+
+Daniel (1 Oct 2002)
+- Detlef Schmier pointed out the lack of a --without-libz option to configure,
+  so I added one.
+
 Version 7.10 (1 Oct 2002)
 
 Daniel (30 Sep 2002)
@@ -31,7 +76,8 @@ Daniel (26 Sep 2002)
 - Extended curl_version_info() more and wrote a man page for it.
 
 Daniel (25 Sep 2002)
-- libcurl could leak memory when downloading multiple files using http ranges.
+- libcurl could leak memory when downloading multiple files using http ranges,
+  reported and fixed by Jean-Luc Guevel.
 
 - Walter J. Mack provided code and docs for the new curl_free() function that
   shall be used to free memory that is allocated by libcurl and returned back

configure.in

@@ -405,10 +405,9 @@ dnl **********************************************************************
 dnl Default to compiler & linker defaults for SSL files & libraries.
 OPT_SSL=off
 AC_ARG_WITH(ssl,dnl
-[  --with-ssl[=DIR]        where to look for SSL [compiler/linker default paths]
-                          DIR points to the SSL installation [/usr/local/ssl]],
-  OPT_SSL=$withval
-)
+AC_HELP_STRING([--with-ssl=PATH], [where to look for SSL, PATH points to the SSL installation (default: /usr/local/ssl)])
+AC_HELP_STRING([--without-ssl], [disable SSL]),
+  OPT_SSL=$withval)
 
 if test X"$OPT_SSL" = Xno
 then
@@ -482,9 +481,9 @@ else
         OPENSSL_ENABLED=1)
     fi
 
-    dnl Check for the OpenSSL engine header, it is kind of "separated"
-    dnl from the main SSL check
-    AC_CHECK_HEADERS(openssl/engine.h)
+    dnl If the ENGINE library seems to be around, check for the OpenSSL engine
+    dnl header, it is kind of "separated" from the main SSL check
+    AC_CHECK_FUNC(ENGINE_init, AC_CHECK_HEADERS(openssl/engine.h))
 
     AC_SUBST(OPENSSL_ENABLED)
 
@@ -508,37 +507,44 @@ dnl **********************************************************************
 dnl Check for the presence of ZLIB libraries and headers
 dnl **********************************************************************
 
-dnl Default to compiler & linker defaults for files & libraries.
-dnl OPT_ZLIB=no
-dnl AC_ARG_WITH(zlib,dnl
-dnl [  --with-zlib[=DIR]  where to look for ZLIB [compiler/linker default paths]
-dnl                      DIR points to the ZLIB installation prefix [/usr/local]],
-dnl  OPT_ZLIB=$withval,
-dnl )
-
 dnl Check for & handle argument to --with-zlib.
-dnl
-dnl NOTE:  We *always* look for ZLIB headers & libraries, all this option
-dnl        does is change where we look (by adjusting LIBS and CPPFLAGS.)
-dnl
 
-AC_MSG_CHECKING(where to look for ZLIB)
-if test X"$OPT_ZLIB" = Xno
-then
-	AC_MSG_RESULT([defaults (or given in environment)])
-else
-	test X"$OPT_ZLIB" = Xyes && OPT_ZLIB=/usr/local
-	LIBS="$LIBS -L$OPT_ZLIB/lib"
+_cppflags=$CPPFLAGS
+_ldflags=$LDFLAGS
+OPT_ZLIB="/usr/local"
+AC_ARG_WITH(zlib,
+  AC_HELP_STRING([--with-zlib=PATH], [search for zlib in PATH])
+  AC_HELP_STRING([--without-zlib], [disable use of zlib]),
+                 [OPT_ZLIB="$withval"])
+
+case "$OPT_ZLIB" in
+  no)
+    AC_MSG_WARN([zlib disabled]) ;;
+  *)
+    dnl check for the lib first without setting any new path, since many
+    dnl people have it in the default path
+
+    AC_CHECK_LIB(z, inflateEnd, ,
+                   [if test -d "$OPT_ZLIB"; then
                       CPPFLAGS="$CPPFLAGS -I$OPT_ZLIB/include"
-	AC_MSG_RESULT([$OPT_ZLIB])
-fi
+                      LDFLAGS="$LDFLAGS -L$OPT_ZLIB/lib"
+                   fi])
 
-dnl AC_CHECK_FUNC(gzread, , AC_CHECK_LIB(z, gzread))
-AC_CHECK_LIB(z, gzread, [AM_CONDITIONAL(CONTENT_ENCODING, true) 
-		         AC_DEFINE(HAVE_LIBZ)
-			 LIBS="$LIBS -lz"
+    AC_CHECK_HEADER(zlib.h,[
+      AC_CHECK_LIB(z, gzread,
+                   [AM_CONDITIONAL(CONTENT_ENCODING, true)
                    HAVE_LIBZ="1"
-                         AC_SUBST(HAVE_LIBZ)])
+                   AC_SUBST(HAVE_LIBZ)
+                   LIBS="$LIBS -lz"
+                   AC_DEFINE(HAVE_ZLIB_H, 1, [if you have the zlib.h header file])
+                   AC_DEFINE(HAVE_LIBZ, 1, [If zlib is available])],
+                   [ CPPFLAGS=$_cppflags
+                   LDFLAGS=$_ldflags])],
+      [ CPPFLAGS=$_cppflags
+      LDFLAGS=$_ldflags]
+    )
+    ;;
+esac
 
 dnl Default is to try the thread-safe versions of a few functions
 OPT_THREAD=on
@@ -608,9 +614,6 @@ AC_CHECK_HEADERS( \
         setjmp.h
 )
 
-dnl Check for libz header
-AC_CHECK_HEADERS(zlib.h)
-
 dnl Checks for typedefs, structures, and compiler characteristics.
 AC_C_CONST
 AC_TYPE_SIZE_T
@@ -770,4 +773,3 @@ AC_CONFIG_FILES([Makefile \
            curl-config
 ])
 AC_OUTPUT
-

docs/CONTRIBUTE

@@ -6,15 +6,16 @@
 
 To Think About When Contributing Source Code
 
- This document is intended to offer some guidelines that can be useful to keep
- in mind when you decide to write a contribution to the project. This concerns
+ This document is intended to offer some simple guidelines that can be useful
+ to keep in mind when you decide to contribute to the project. This concerns
  new features as well as corrections to existing flaws or bugs.
 
 Join the Community
 
  Skip over to http://curl.haxx.se/mail/ and join the appropriate mailing
  list(s).  Read up on details before you post questions. Read this file before
- you start sending patches!
+ you start sending patches! We prefer patches and discussions being held on
+ the mailing list(s), not sent to individuals.
 
 The License Issue
 
@@ -29,9 +30,9 @@ The License Issue
 
 What To Read
 
- Source code, the man pages, the INTERALS document, the TODO, the most recent
+ Source code, the man pages, the INTERNALS document, the TODO, the most recent
  CHANGES. Just lurking on the libcurl mailing list is gonna give you a lot of
- insights on what's going on right now.
+ insights on what's going on right now. Asking there is a good idea too.
 
 Naming
 
@@ -39,19 +40,24 @@ Naming
  names. It doesn't necessarily have to mean that you should use the same as in
  other places of the code, just that the names should be logical,
  understandable and be named according to what they're used for. File-local
- functions should be made static.
+ functions should be made static. We like lower case names.
+
+ See the INTERNALS document on how we name non-exported library-global symbols.
 
 Indenting
 
  Please try using the same indenting levels and bracing method as all the
  other code already does. It makes the source code a lot easier to follow if
  all of it is written using the same style. We don't ask you to like it, we
- just ask you to follow the tradition! ;-)
+ just ask you to follow the tradition! ;-) This mainly means: 2-level indents,
+ using spaces only (no tabs) and having the opening brace ({) on the same line
+ as the if() or while().
 
 Commenting
 
- Comment your source code extensively. Commented code is quality code and
- enables future modifications much more. Uncommented code much more risk being
+ Comment your source code extensively using C comments (/* comment */), do not
+ use C++ comments (// this style). Commented code is quality code and enables
+ future modifications much more. Uncommented code much more risk being
  completely replaced when someone wants to extend things, since other persons'
  source code can get quite hard to read.
 
@@ -69,6 +75,13 @@ Non-clobbering All Over
  functionality, try writing it in a new source file. If you fix bugs, try to
  fix one bug at a time and send them as separate patches.
 
+Platform Dependent Code
+
+ Use #ifdef HAVE_FEATURE to do conditional code. We avoid checking for
+ particular operting systems or hardware in the #ifdef lines. The HAVE_FEATURE
+ shall be generated by the configure script for unix-like systems and they are
+ hard-coded in the config-[system].h files for the others.
+
 Separate Patches Doing Different Things
 
  It is annoying when you get a huge patch from someone that is said to fix 511
@@ -94,6 +107,10 @@ Document
  small description of your fix or your new features with every contribution so
  that it can be swiftly added to the package documentation.
 
+ The documentation is always made in man pages (nroff formatted) or plain
+ ASCII files. All HTML files on the web site and in the release archives are
+ generated from the nroff/ASCII versions.
+
 Write Access to CVS Repository
 
  If you are a frequent contributor, or have another good reason, you can of

docs/FAQ

@@ -1,4 +1,4 @@
-Updated: September 3, 2002 (http://curl.haxx.se/docs/faq.html)
+Updated: October 8, 2002 (http://curl.haxx.se/docs/faq.html)
                                   _   _ ____  _     
                               ___| | | |  _ \| |    
                              / __| | | | |_) | |    
@@ -66,6 +66,7 @@ FAQ
   5.4 Does libcurl do Winsock initing on win32 systems?
   5.5 Does CURLOPT_FILE and CURLOPT_INFILE work on win32 ?
   5.6 What about Keep-Alive or persistent connections?
+  5.7 Link errors when building libcurl on Windows!
 
  6. License Issues
   6.1 I have a GPL program, can I use the libcurl library?
@@ -686,6 +687,19 @@ FAQ
 
   Previous versions had no persistent connection support.
 
+  5.7 Link errors when building libcurl on Windows!
+
+  You need to make sure that your project, and all the libraries (both static
+  and dynamic) that it links against, are compiled/linked against the same run
+  time library.
+
+  This is determined by the /MD, /ML, /MT (and their corresponding /M?d)
+  options to the command line compiler. /MD (linking against MSVCRT dll) seems
+  to be the most commonly used option.
+
+  (Provided by Andrew Francis)
+
+
 6. License Issues
 
   Curl and libcurl are released under a MIT/X derivate license. The license is

docs/Makefile.am

@@ -17,7 +17,7 @@ SUBDIRS = examples libcurl
 EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS		\
 	     README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS	\
 	     VERSIONS KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) \
-	     HISTORY
+	     HISTORY INSTALL libcurl-the-guide
 
 MAN2HTML= gnroff -man $< | man2html >$@
 

docs/curl-config.1

@@ -2,7 +2,7 @@
 .\" nroff -man curl-config.1
 .\" Written by Daniel Stenberg
 .\"
-.TH curl-config 1 "21 January 2002" "Curl 7.9.3" "curl-config manual"
+.TH curl-config 1 "8 Oct 2002" "Curl 7.10" "curl-config manual"
 .SH NAME
 curl-config \- Get information about a libcurl installation
 .SH SYNOPSIS
@@ -11,6 +11,8 @@ curl-config \- Get information about a libcurl installation
 .B curl-config
 displays information about a previous curl and libcurl installation.
 .SH OPTIONS
+.IP "--ca"
+Displays the built-in path to the CA cert bundle this libcurl uses.
 .IP "--cc"
 Displays the compiler used to build libcurl.
 .IP "--cflags"

docs/curl.1

@@ -350,7 +350,7 @@ appended. Appending 'k' or 'K' will count the number as kilobytes, 'm' or M'
 makes it megabytes while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and
 1G.
 
-This option was introduced in curl 7.9.9.
+This option was introduced in curl 7.10.
 
 If this option is used several times, the last one will be used.
 .IP "-l/--list-only"

include/curl/curl.h

@@ -793,8 +793,8 @@ CURLcode curl_global_init(long flags);
 void curl_global_cleanup(void);
 
 /* This is the version number */
-#define LIBCURL_VERSION "7.10"
-#define LIBCURL_VERSION_NUM 0x070a00
+#define LIBCURL_VERSION "7.10.1"
+#define LIBCURL_VERSION_NUM 0x070a01
 
 /* linked-list structure for the CURLOPT_QUOTE option (and other) */
 struct curl_slist {

lib/Makefile.am

@@ -16,7 +16,12 @@ lib_LTLIBRARIES = libcurl.la
 # we use srcdir/lib for the lib-private header files
 INCLUDES = -I$(top_srcdir)/include -I$(top_builddir)/lib -I$(top_srcdir)/lib
 
-libcurl_la_LDFLAGS = -version-info 2:2:0
+# The -no-undefined flag is CRUCIAL for this to build fine on Cygwin. If we
+# find a case in which we need to remove this flag, we should most likely
+# write a configure check that detects when this flag is needed and when its
+# not.
+libcurl_la_LDFLAGS = -no-undefined -version-info 2:2:0
+
 # This flag accepts an argument of the form current[:revision[:age]]. So,
 # passing -version-info 3:12:1 sets current to 3, revision to 12, and age to
 # 1.
@@ -68,7 +73,7 @@ $(srcdir)/getdate.c: getdate.y
 install-data-hook:
 	@if test -n "@CURL_CA_BUNDLE@"; then \
 	  $(mkinstalldirs) `dirname $(DESTDIR)@CURL_CA_BUNDLE@`; \
-	  @INSTALL_DATA@ ca-bundle.crt $(DESTDIR)@CURL_CA_BUNDLE@; \
+	  @INSTALL_DATA@ $(srcdir)/ca-bundle.crt $(DESTDIR)@CURL_CA_BUNDLE@; \
         fi
 
 # this hook is mainly for non-unix systems to build even if configure

lib/http.c

@@ -420,7 +420,7 @@ CURLcode Curl_http_connect(struct connectdata *conn)
    * has occured, can we start talking SSL
    */
 
-  if(data->change.proxy && (data->set.proxytype == CURLPROXY_HTTP) &&
+  if(conn->bits.httpproxy &&
      ((conn->protocol & PROT_HTTPS) || data->set.tunnel_thru_httpproxy)) {
 
     /* either HTTPS over proxy, OR explicitly asked for a tunnel */
@@ -551,7 +551,7 @@ CURLcode Curl_http(struct connectdata *conn)
                              host, ppath,
                              (conn->protocol&PROT_HTTPS?TRUE:FALSE));
   }
-  if (data->change.proxy &&
+  if (data->change.proxy && *data->change.proxy &&
       !data->set.tunnel_thru_httpproxy &&
       !(conn->protocol&PROT_HTTPS))  {
     /* The path sent to the proxy is in fact the entire URL */

lib/multi.c

@@ -403,15 +403,41 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
     case CURLM_STATE_PERFORM:
       /* read/write data if it is ready to do so */
       easy->result = Curl_readwrite(easy->easy_conn, &done);
-      /* hm, when we follow redirects, we may need to go back to the CONNECT
-         state */
+
+      if(easy->result)  {
+        /* The transfer phase returned error, we mark the connection to get
+         * closed to prevent being re-used. This is becasue we can't
+         * possibly know if the connection is in a good shape or not now. */
+        easy->easy_conn->bits.close = TRUE;
+
+        if(-1 !=easy->easy_conn->secondarysocket) {
+          /* if we failed anywhere, we must clean up the secondary socket if
+             it was used */
+          sclose(easy->easy_conn->secondarysocket);
+          easy->easy_conn->secondarysocket=-1;
+        }
+        Curl_posttransfer(easy->easy_handle);
+        Curl_done(easy->easy_conn);
+      }
+
       /* after the transfer is done, go DONE */
-      if(TRUE == done) {
+      else if(TRUE == done) {
+
         /* call this even if the readwrite function returned error */
-        easy->result = Curl_posttransfer(easy->easy_handle);
+        Curl_posttransfer(easy->easy_handle);
+
+        /* When we follow redirects, must to go back to the CONNECT state */
+        if(easy->easy_conn->newurl) {
+          easy->result = Curl_follow(easy->easy_handle,
+                                     strdup(easy->easy_conn->newurl));
+          if(CURLE_OK == easy->result)
+            easy->state = CURLM_STATE_CONNECT;
+        }
+        else {
           easy->state = CURLM_STATE_DONE;
           result = CURLM_CALL_MULTI_PERFORM; 
         }
+      }
       break;
     case CURLM_STATE_DONE:
       /* post-transfer command */

lib/sendf.c

@@ -153,6 +153,9 @@ void Curl_failf(struct SessionHandle *data, const char *fmt, ...)
   if(data->set.errorbuffer && !data->state.errorbuf) {
     vsnprintf(data->set.errorbuffer, CURL_ERROR_SIZE, fmt, ap);
     data->state.errorbuf = TRUE; /* wrote error string */
+
+    Curl_debug(data, CURLINFO_TEXT, data->set.errorbuffer,
+               strlen(data->set.errorbuffer));
   }
   va_end(ap);
 }

lib/telnet.c

@@ -1050,6 +1050,7 @@ CURLcode Curl_telnet(struct connectdata *conn)
   char *buf = data->state.buffer;
   ssize_t nread;
   struct TELNET *tn;
+  struct timeval now;           /* current time */
 
   code = init_telnet(conn);
   if(code)
@@ -1149,9 +1150,13 @@ CURLcode Curl_telnet(struct connectdata *conn)
   keepfd = readfd;
 
   while (keepon) {
-    readfd = keepfd;		/* set this every lap in the loop */
+    struct timeval interval;
 
-    switch (select (sockfd + 1, &readfd, NULL, NULL, NULL)) {
+    readfd = keepfd;		/* set this every lap in the loop */
+    interval.tv_sec = 1;
+    interval.tv_usec = 0;
+
+    switch (select (sockfd + 1, &readfd, NULL, NULL, &interval)) {
     case -1:			/* error, stop reading */
       keepon = FALSE;
       continue;
@@ -1199,10 +1204,20 @@ CURLcode Curl_telnet(struct connectdata *conn)
         }
       }
     }
+    if(data->set.timeout) {
+      now = Curl_tvnow();
+      if(Curl_tvdiff(now, conn->created)/1000 >= data->set.timeout) {
+        failf(data, "Time-out");
+        code = CURLE_OPERATION_TIMEOUTED;
+        keepon = FALSE;
+      }
+    }
   }
 #endif
   /* mark this as "no further transfer wanted" */
-  return Curl_Transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
+  Curl_Transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
+
+  return code;
 }
 
 /*

lib/transfer.c

@@ -302,6 +302,9 @@ CURLcode Curl_readwrite(struct connectdata *conn,
             break;		/* read more and try again */
           }
 
+          /* decrease the size of the remaining buffer */
+          nread -= (k->end_ptr - k->str)+1; 
+
           k->str = k->end_ptr + 1; /* move past new line */
 
           /*
@@ -696,13 +699,6 @@ CURLcode Curl_readwrite(struct connectdata *conn,
            there might be a non-header part left in the end of the read
            buffer. */
 
-        if (!k->header) {
-          /* starting here, this is not part of the header! */
-
-          /* we subtract the remaining header size from the buffer */
-          nread -= (k->str - k->buf);
-        }
-
       }			/* end if header mode */
 
       /* This is not an 'else if' since it may be a rest from the header
@@ -1228,88 +1224,19 @@ CURLcode Curl_posttransfer(struct SessionHandle *data)
   return CURLE_OK;
 }
 
-CURLcode Curl_perform(struct SessionHandle *data)
+CURLcode Curl_follow(struct SessionHandle *data,
+                     char *newurl) /* this 'newurl' is the Location: string,
+                                      and it must be malloc()ed before passed
+                                      here */
 {
-  CURLcode res;
-  CURLcode res2;
-  struct connectdata *conn=NULL;
-  char *newurl = NULL; /* possibly a new URL to follow to! */
-
-  data->state.used_interface = Curl_if_easy;
-
-  res = Curl_pretransfer(data);
-  if(res)
-    return res;
-
-  /*
-   * It is important that there is NO 'return' from this function at any other
-   * place than falling down to the end of the function! This is because we
-   * have cleanup stuff that must be done before we get back, and that is only
-   * performed after this do-while loop.
-   */
-
-  do {
-    Curl_pgrsTime(data, TIMER_STARTSINGLE);
-    res = Curl_connect(data, &conn);
-    if(res == CURLE_OK) {
-      res = Curl_do(&conn);
-
-      if(res == CURLE_OK) {
-        CURLcode res2; /* just a local extra result container */
-
-        if(conn->protocol&PROT_FTPS)
-          /* FTPS, disable ssl while transfering data */
-          conn->ssl.use = FALSE;
-        res = Transfer(conn); /* now fetch that URL please */
-        if(conn->protocol&PROT_FTPS)
-          /* FTPS, enable ssl again after havving transferred data */
-          conn->ssl.use = TRUE;
-
-        if(res == CURLE_OK)
-          /*
-           * We must duplicate the new URL here as the connection data
-           * may be free()ed in the Curl_done() function.
-           */
-          newurl = conn->newurl?strdup(conn->newurl):NULL;
-        else {
-          /* The transfer phase returned error, we mark the connection to get
-           * closed to prevent being re-used. This is becasue we can't
-           * possibly know if the connection is in a good shape or not now. */
-          conn->bits.close = TRUE;
-
-          if(-1 !=conn->secondarysocket) {
-            /* if we failed anywhere, we must clean up the secondary socket if
-               it was used */
-            sclose(conn->secondarysocket);
-            conn->secondarysocket=-1;
-          }
-        }
-
-        /* Always run Curl_done(), even if some of the previous calls
-           failed, but return the previous (original) error code */
-        res2 = Curl_done(conn);
-
-        if(CURLE_OK == res)
-          res = res2;
-      }
-
-      /*
-       * Important: 'conn' cannot be used here, since it may have been closed
-       * in 'Curl_done' or other functions.
-       */
-
-      if((res == CURLE_OK) && newurl) {
-        /* Location: redirect
- 
-           This is assumed to happen for HTTP(S) only!
-        */
+  /* Location: redirect */
   char prot[16]; /* URL protocol string storage */
   char letter;   /* used for a silly sscanf */
   
-	if (data->set.maxredirs && (data->set.followlocation >= data->set.maxredirs)) {
+  if (data->set.maxredirs &&
+      (data->set.followlocation >= data->set.maxredirs)) {
     failf(data,"Maximum (%d) redirects followed", data->set.maxredirs);
-          res=CURLE_TOO_MANY_REDIRECTS;
-	  break;
+    return CURLE_TOO_MANY_REDIRECTS;
   }
 
   /* mark the next request as a followed location: */
@@ -1343,14 +1270,14 @@ CURLcode Curl_perform(struct SessionHandle *data)
     char *pathsep;
     char *newest;
 
+    char *useurl = newurl;
+
     /* we must make our own copy of the URL to play with, as it may
        point to read-only data */
     char *url_clone=strdup(data->change.url);
 
-          if(!url_clone) {
-            res = CURLE_OUT_OF_MEMORY;
-            break; /* skip out of this loop NOW */
-          }
+    if(!url_clone)
+      return CURLE_OUT_OF_MEMORY; /* skip out of this NOW */
 
     /* protsep points to the start of the host name */
     protsep=strstr(url_clone, "//");
@@ -1360,6 +1287,8 @@ CURLcode Curl_perform(struct SessionHandle *data)
       protsep+=2; /* pass the slashes */
 
     if('/' != newurl[0]) {
+      int level=0;
+
       /* First we need to find out if there's a ?-letter in the URL,
          and cut it and the right-side of that off */
       pathsep = strrchr(protsep, '?');
@@ -1371,6 +1300,40 @@ CURLcode Curl_perform(struct SessionHandle *data)
       pathsep = strrchr(protsep, '/');
       if(pathsep)
         *pathsep=0;
+
+      /* Check if there's any slash after the host name, and if so,
+         remember that position instead */
+      pathsep = strchr(protsep, '/');
+      if(pathsep)
+        protsep = pathsep+1;
+      else
+        protsep = NULL;
+
+      /* now deal with one "./" or any amount of "../" in the newurl
+         and act accordingly */
+
+      if((useurl[0] == '.') && (useurl[1] == '/'))
+        useurl+=2; /* just skip the "./" */
+            
+      while((useurl[0] == '.') &&
+            (useurl[1] == '.') &&
+            (useurl[2] == '/')) {
+        level++; 
+        useurl+=3; /* pass the "../" */
+      }
+
+      if(protsep) {
+        while(level--) {
+          /* cut off one more level from the right of the original URL */
+          pathsep = strrchr(protsep, '/');
+          if(pathsep)
+            *pathsep=0;
+          else {
+            *protsep=0;
+            break;
+          }
+        }
+      }
     }
     else {
       /* We got a new absolute path for this server, cut off from the
@@ -1382,15 +1345,15 @@ CURLcode Curl_perform(struct SessionHandle *data)
 
     newest=(char *)malloc( strlen(url_clone) +
                            1 + /* possible slash */
-                                 strlen(newurl) + 1/* zero byte */);
+                           strlen(useurl) + 1/* zero byte */);
     
-          if(!newest) {
-            res = CURLE_OUT_OF_MEMORY;
-            break; /* go go go out from this loop */
-          }
-          sprintf(newest, "%s%s%s", url_clone, ('/' == newurl[0])?"":"/",
-                  newurl);
-          free(newurl);
+    if(!newest)
+      return CURLE_OUT_OF_MEMORY; /* go out from this */
+
+    sprintf(newest, "%s%s%s", url_clone,
+            (('/' == useurl[0]) || !*protsep)?"":"/",
+            useurl);
+    free(newurl); /* newurl is the allocated pointer */
     free(url_clone);
     newurl = newest;
   }
@@ -1489,9 +1452,88 @@ CURLcode Curl_perform(struct SessionHandle *data)
   }
   Curl_pgrsTime(data, TIMER_REDIRECT);
   Curl_pgrsResetTimes(data);
+
+  return CURLE_OK;
+}
+
+CURLcode Curl_perform(struct SessionHandle *data)
+{
+  CURLcode res;
+  CURLcode res2;
+  struct connectdata *conn=NULL;
+  char *newurl = NULL; /* possibly a new URL to follow to! */
+
+  data->state.used_interface = Curl_if_easy;
+
+  res = Curl_pretransfer(data);
+  if(res)
+    return res;
+
+  /*
+   * It is important that there is NO 'return' from this function at any other
+   * place than falling down to the end of the function! This is because we
+   * have cleanup stuff that must be done before we get back, and that is only
+   * performed after this do-while loop.
+   */
+
+  do {
+    Curl_pgrsTime(data, TIMER_STARTSINGLE);
+    res = Curl_connect(data, &conn);
+    if(res == CURLE_OK) {
+      res = Curl_do(&conn);
+
+      if(res == CURLE_OK) {
+        CURLcode res2; /* just a local extra result container */
+
+        if(conn->protocol&PROT_FTPS)
+          /* FTPS, disable ssl while transfering data */
+          conn->ssl.use = FALSE;
+        res = Transfer(conn); /* now fetch that URL please */
+        if(conn->protocol&PROT_FTPS)
+          /* FTPS, enable ssl again after havving transferred data */
+          conn->ssl.use = TRUE;
+
+        if(res == CURLE_OK)
+          /*
+           * We must duplicate the new URL here as the connection data
+           * may be free()ed in the Curl_done() function.
+           */
+          newurl = conn->newurl?strdup(conn->newurl):NULL;
+        else {
+          /* The transfer phase returned error, we mark the connection to get
+           * closed to prevent being re-used. This is becasue we can't
+           * possibly know if the connection is in a good shape or not now. */
+          conn->bits.close = TRUE;
+
+          if(-1 !=conn->secondarysocket) {
+            /* if we failed anywhere, we must clean up the secondary socket if
+               it was used */
+            sclose(conn->secondarysocket);
+            conn->secondarysocket=-1;
+          }
+        }
+
+        /* Always run Curl_done(), even if some of the previous calls
+           failed, but return the previous (original) error code */
+        res2 = Curl_done(conn);
+
+        if(CURLE_OK == res)
+          res = res2;
+      }
+
+      /*
+       * Important: 'conn' cannot be used here, since it may have been closed
+       * in 'Curl_done' or other functions.
+       */
+
+      if((res == CURLE_OK) && newurl) {
+        res = Curl_follow(data, newurl);
+        if(CURLE_OK == res) {
+          newurl = NULL;
           continue;
         }
       }
+    }
     break; /* it only reaches here when this shouldn't loop */
 
   } while(1); /* loop if Location: */

lib/transfer.h

@@ -23,10 +23,9 @@
  * $Id$
  ***************************************************************************/
 CURLcode Curl_perform(struct SessionHandle *data);
-
 CURLcode Curl_pretransfer(struct SessionHandle *data);
 CURLcode Curl_posttransfer(struct SessionHandle *data);
-
+CURLcode Curl_follow(struct SessionHandle *data, char *newurl);
 CURLcode Curl_readwrite(struct connectdata *conn, bool *done);
 void Curl_single_fdset(struct connectdata *conn, 
                        fd_set *read_fd_set,

lib/url.c

@@ -1729,7 +1729,9 @@ static CURLcode CreateConnection(struct SessionHandle *data,
   conn->firstsocket = -1;     /* no file descriptor */
   conn->secondarysocket = -1; /* no file descriptor */
   conn->connectindex = -1;    /* no index */
-  conn->bits.httpproxy = data->change.proxy?TRUE:FALSE; /* proxy-or-not */
+  conn->bits.httpproxy = (data->change.proxy && *data->change.proxy &&
+                          (data->set.proxytype == CURLPROXY_HTTP))?
+    TRUE:FALSE; /* http proxy or not */
   conn->bits.use_range = data->set.set_range?TRUE:FALSE; /* range status */
   conn->range = data->set.set_range;              /* clone the range setting */
   conn->resume_from = data->set.set_resume_from;   /* inherite resume_from */

packages/Win32/cygwin/Makefile.am

@@ -19,17 +19,45 @@ cygwintmp = $(CURDIR)/tmp_binbuild
 
 cygwinbin:
 	rm -rf $(cygwintmp)
-	$(MAKE) -C $(top_builddir) install-strip prefix=$(cygwintmp)/usr
-	$(STRIP) $(cygwintmp)/usr/bin/cygcurl-?.dll
-	$(mkinstalldirs) $(cygwintmp)/usr/doc/Cygwin \
-	                 $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION)
+	rm -rf $(cygwintmp)-dev
+	$(MAKE) -C $(top_builddir) DESTDIR=$(cygwintmp) install-strip
+	# $(STRIP) $(cygwintmp)/usr/bin/cygcurl-?.dll
+	$(mkinstalldirs) \
+	  $(cygwintmp)/usr/doc/Cygwin \
+	  $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION) \
+	  $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/libcurl \
+	  $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/examples \
+	  $(cygwintmp)-dev/usr/man
+	#
+	# copy some files into the binary install dir
 	cp $(srcdir)/README \
 	  $(cygwintmp)/usr/doc/Cygwin/$(PACKAGE)-$(VERSION)-$(CYGBUILD).README
-	cd $(top_srcdir) ; cp CHANGES LEGAL MPL-1.1.txt MITX.txt README \
-	  docs/FAQ docs/FEATURES docs/TODO \
-	  $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION)
-	cd $(cygwintmp) ; \
-	  tar cjf $(PACKAGE)-$(VERSION)-$(CYGBUILD).tar.bz2 usr
-	mv $(cygwintmp)/$(PACKAGE)-$(VERSION)-$(CYGBUILD).tar.bz2 . \
-	  && rm -rf $(cygwintmp)
+	cd $(top_srcdir) ; cp CHANGES COPYING README UPGRADE docs/* \
+	  $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION) ; pwd
+	cd $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION) ; rm *.1 Makefile*
+	#
+	# copy some files into the -dev install dir, remove some from binary
+	cp $(top_srcdir)/docs/libcurl/*.html \
+	  $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/libcurl
+	cp $(top_srcdir)/docs/examples/* \
+	  $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/examples
+	rm $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/examples/Makefile*
+	cp $(top_srcdir)/docs/examples/Makefile.example \
+	  $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)/examples
+	mv $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION)/BINDINGS \
+	   $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)
+	mv $(cygwintmp)/usr/doc/$(PACKAGE)-$(VERSION)/INTERNALS \
+	   $(cygwintmp)-dev/usr/doc/$(PACKAGE)-$(VERSION)
+	mv $(cygwintmp)/usr/include $(cygwintmp)-dev/usr
+	mv $(cygwintmp)/usr/lib $(cygwintmp)-dev/usr
+	mv $(cygwintmp)/usr/man/man3 $(cygwintmp)-dev/usr/man
+	#
+	# create both tar files, and delete tmp folders
+	cd $(cygwintmp) ; tar cjf \
+	  $(PACKAGE)-$(VERSION)-$(CYGBUILD).tar.bz2 usr
+	mv $(cygwintmp)/*.tar.bz2 . && rm -rf $(cygwintmp)
+	#
+	cd $(cygwintmp)-dev ; tar cjf \
+	  $(PACKAGE)-devel-$(VERSION)-$(CYGBUILD).tar.bz2 usr
+	mv $(cygwintmp)-dev/*.tar.bz2 . && rm -rf $(cygwintmp)-dev
 

packages/Win32/cygwin/README

@@ -5,13 +5,14 @@ Curl is a tool for transferring files with URL syntax, supporting
   cookies, user+password authentication, file transfer resume,
   http proxy tunneling and a busload of other useful tricks.
 
-See /usr/doc/curl-<version>/FEATURES for more info.
+See /usr/doc/curl-$(VERSION)/FEATURES for more info.
 
 
 Dependencies:
   - Cygwin
   - OpenSSL 0.9.6b-2+ (*)
-  (*) cURL can be built without SSL support:  ./configure --without-ssl
+
+  (*) cURL can be built without SSL support, see below for details
 
 
 Canonical Homepage and Downloads:
@@ -24,14 +25,14 @@ Cygwin specific source files (a .README template and a Makefile
   CVS at: <srctop>/packages/Win32/cygwin/
 
 
-Build Instructions (as distributed via cygwin's setup.exe):
-  (NOTE: as of curl 7.9.1, compiles/tests 100% cleanly OOTB under cygwin)
-
-  Download the source, unpack it to a location of your choosing, and then:
+Build Instructions (to recompile from the cygwin source tarball):
+  ---STANDARD (with SSL) RELEASE---
+  Download the source (either the official release or the cygwin version),
+  unpack it (done for you if using setup.exe), then:
 
   $ ./configure --prefix=/usr 
   $ make
-  $ make test    # optional, requires perl
+  $ make test    # optional
   $ make install # (*)
 
   (*) LibTool 1.4.2 had a bug related to cygwin's use of ".exe" extensions,
@@ -39,33 +40,49 @@ Build Instructions (as distributed via cygwin's setup.exe):
         http://mail.gnu.org/pipermail/libtool/2001-September/005549.html
       The copy of ltmain.sh that is distributed with cURL includes this patch.
 
+  As of curl 7.9.1, the official source compiles (under Cygwin) and tests 
+    100% cleanly OOTB (Out Of The Box)
+
+  ---NO SSL RELEASE---
+  Same as standard, except for the configure step, which changes to:
+
+  $ ./configure --prefix=/usr --without-ssl
+
+  NOTE: the standard release is what is available via Cygwin's setup.exe;
+    the no-ssl release is only available from the curl website
+
 
 Packaging Instructions:
   ---BINARY---
-  Compile cleanly (./configure + make). Then:
+  Compile cleanly as described above, then:
 
   $ make cygwinbin CYGBUILD=n
 
-  where n is the cygwin release number (e.g. the "1" in curl-7.9-1).
-  If you leave off "CYGBUILD=n", n defaults to 1.
+  where n is the cygwin release number (e.g. the "1" in curl-7.9-1),
+  and "CYGBUILD=n" is optional (n defaults to 1 if not specified)
   
-  Assuming everything worked properly, you'll find your binary tarball
-  in the packages/Win32/cygwin/ sub-directory.
+  Assuming everything worked, you'll find your binary tarballs in
+   $(buildtop)/packages/Win32/cygwin/
 
   ---SOURCE---
-  1. unpack the pristine source into an otherwise empty directory
+  1. download & unpack the pristine source
   2. rename the source dir to add the "-$(REL)" suffix, e.g.:
      $ mv curl-7.9 curl-7.9-1
+  3. unpack the pristine source once more, so you'll end up
+     with 2 directories: "curl-7.9" and "curl-7.9-1" in this example
   3. add a CYGWIN-PATCHES directory, and add this readme to it
-     $ cd curl-7.9-$(REL); mkdir CYGWIN-PATCHES
-     $ cp packages/Win32/cygwin/README CYGWIN-PATCHES/curl-7.9-$(REL).README
+     $ cd curl-7.9-1; mkdir CYGWIN-PATCHES
+     $ cp packages/Win32/cygwin/README CYGWIN-PATCHES/curl-7.9-1.README
   4. if applicable, document any changes in the README file
-  5. create a patch which, when applied (patch -p1 < curl-7.9-$(REL).patch) 
-     will remove any patches you've applied:
+  5. create a patch which, when applied 
+     (using `patch -p1 < curl-7.9-$(REL).patch`) 
+     will remove any changes you've made to the pristine source:
      $ cd ..
-     $ diff -Nrup (patched-src-dir) (pristine-src-dir) > curl-7.9-$(REL).patch
+     $ diff -Nrup curl-7.9-1 curl-7.9 > curl-7.9-1.patch
      and then move it into the CYGWIN-PATCHES directory
-  6. repack
+     $ mv curl-7.9-1.patch curl-7.9-1/CYGWIN-PATCHES
+  6. pack the new source dir into a tar.bz2 file:
+     $ tar cfj curl-7.9-1-src.tar.bz2 curl-7.9-1
 
   ---SETUP.HINT---
   sdesc: "a client that groks URLs"
@@ -80,6 +97,7 @@ Packaging Instructions:
 
 
 Cygwin port maintained by:
-  Kevin Roth <kproth at bigfoot dot com>
+  Kevin Roth <kproth @ users . sourceforge . net>
   Questions about cURL should be directed to curl@contactor.se.
-  Questions about its cygwin package should be directed to cygwin@cygwin.com.
+  Questions about this cygwin package go to cygwin@cygwin.com.
+

src/version.h

@@ -1,3 +1,3 @@
 #define CURL_NAME "curl"
-#define CURL_VERSION "7.10"
+#define CURL_VERSION "7.10.1"
 #define CURL_ID CURL_NAME " " CURL_VERSION " (" OS ") "

tests/data/Makefile.am

@@ -16,4 +16,5 @@ test105  test114  test123  test19   test24   test302  test43   test31 \
 test106  test115  test124  test190  test25   test303  test44   test38 \
 test107  test116  test125  test2    test26   test33   test45   test126 \
 test304  test39   test32   test128  test48 test306 \
-test130  test131  test132  test133  test134 test135 test403 test305
+test130  test131  test132  test133  test134 test135 test403 test305 \
+test49 test50 test51 test52

tests/data/test49

@@ -0,0 +1,64 @@
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 302 OK
+Location: ../moo.html/490002
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+</data>
+<data2>
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+body
+</data2>
+<datacheck>
+HTTP/1.1 302 OK
+Location: ../moo.html/490002
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+body
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+ <name>
+HTTP follow redirect with ../
+ </name>
+ <command>
+http://%HOSTIP:%HOSTPORT/we/are/all/twits/49 -L
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/are/all/twits/49 HTTP/1.1
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+GET /we/are/all/moo.html/490002 HTTP/1.1
+User-Agent: curl/7.10 (i686-pc-linux-gnu) libcurl/7.10 OpenSSL/0.9.6c ipv6 zlib/1.1.3
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+</protocol>
+</verify>

tests/data/test50

@@ -0,0 +1,64 @@
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 302 OK
+Location: ../../moo.html/500002
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+</data>
+<data2>
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+body
+</data2>
+<datacheck>
+HTTP/1.1 302 OK
+Location: ../../moo.html/500002
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+body
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+ <name>
+HTTP follow redirect with ../../
+ </name>
+ <command>
+http://%HOSTIP:%HOSTPORT/we/are/all/twits/50 -L
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/are/all/twits/50 HTTP/1.1
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+GET /we/are/moo.html/500002 HTTP/1.1
+User-Agent: curl/7.10 (i686-pc-linux-gnu) libcurl/7.10 OpenSSL/0.9.6c ipv6 zlib/1.1.3
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+</protocol>
+</verify>

tests/data/test51

@@ -0,0 +1,64 @@
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 302 OK
+Location: ../../../../../../../510002
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+</data>
+<data2>
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+body
+</data2>
+<datacheck>
+HTTP/1.1 302 OK
+Location: ../../../../../../../510002
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:50:00 GMT
+Connection: close
+
+body
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+ <name>
+HTTP follow redirect with exessive ../
+ </name>
+ <command>
+http://%HOSTIP:%HOSTPORT/we/are/all/twits/51 -L
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/are/all/twits/51 HTTP/1.1
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+GET /510002 HTTP/1.1
+User-Agent: curl/7.10 (i686-pc-linux-gnu) libcurl/7.10 OpenSSL/0.9.6c ipv6 zlib/1.1.3
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+</protocol>
+</verify>

tests/data/test52

@@ -0,0 +1,64 @@
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 302 OK
+Location: ./520002
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+</data>
+<data2>
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+body
+</data2>
+<datacheck>
+HTTP/1.1 302 OK
+Location: ./520002
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+HTTP/1.1 200 OK
+Location: this should be ignored
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Connection: close
+
+body
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+ <name>
+HTTP follow redirect with ./-prefix
+ </name>
+ <command>
+http://%HOSTIP:%HOSTPORT/we/are/all/twits/52 -L
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /we/are/all/twits/52 HTTP/1.1
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+GET /we/are/all/twits/520002 HTTP/1.1
+User-Agent: curl/7.10 (i686-pc-linux-gnu) libcurl/7.10 OpenSSL/0.9.6c ipv6 zlib/1.1.3
+Host: 127.0.0.1:8999
+Pragma: no-cache
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
+
+</protocol>
+</verify>