fixed the AIX packages

text from OpenSSL.

CHANGES

@@ -6,7 +6,57 @@
 
                                   Changelog
 
-Version 7.15.2 (27 February 2005)
+Daniel (16 March 2006)
+- Tor Arntsen provided a RPM spec file for AIX Toolbox, that now is included
+  in the release archive.
+
+Daniel (14 March 2006)
+- David McCreedy fixed:
+
+  a bad SSL error message when OpenSSL certificates are verified fine.
+
+  a missing return code assignment in the FTP code
+
+Daniel (7 March 2006)
+- Markus Koetter filed debian bug report #355715 which identified a problem
+  with the multi interface and multi-part formposts. The fix from February
+  22nd could make the Curl_done() function get called twice on the same
+  connection and it was not designed for that and thus tried to call free() on
+  an already freed memory area!
+
+- Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
+  is used properly.
+
+Daniel (6 March 2006)
+- Lots of users on Windows have reported getting the "SSL: couldn't set
+  callback" error message so I've now made the setting of that callback not be
+  as critical as before. The function is only used for additional loggging/
+  trace anyway so a failure just means slightly less data. It should still be
+  able to proceed and connect fine to the server.
+
+Daniel (4 March 2006)
+- Thomas Klausner provided a patch written by Todd Vierling in bug report
+  #1442471 that fixes a build problem on Interix.
+
+Daniel (2 March 2006)
+- FTP upload without a file name part in the URL now causes
+  curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
+  upload but named the file "(nil)" (without the quotes). Test case 524
+  verifies.
+
+- Added a check for getprotobyname in configure so that it'll be used, thanks
+  to Gisle Vanem's change the other day.
+
+Daniel (28 February 2006)
+- Dan Fandrich prevented curl from getting stuck in an endless loop in case we
+  are out of file handles very early in curl's code where it makes sure that
+  0, 1 and 2 aren't gonna be used by the lib for transfers.
+
+Daniel (27 February 2006)
+- Marty Kuhrt pointed out that there were two VMS-specific files missing in
+  the release archive.
+
+Version 7.15.2 (27 February 2006)
 
 Daniel (22 February 2006)
 - Lots of work and analysis by "xbx___" in bug #1431750

RELEASE-NOTES

@@ -1,73 +1,40 @@
-Curl and libcurl 7.15.2
+Curl and libcurl 7.15.3
 
- Public curl release number:               92
- Releases counted from the very beginning: 119
+ Public curl release number:               93
+ Releases counted from the very beginning: 120
  Available command line options:           112
  Available curl_easy_setopt() options:     129
  Number of public functions in libcurl:    46
  Amount of public web site mirrors:        31
  Number of known libcurl bindings:         32
- Number of contributors:                   474
+ Number of contributors:                   487
 
 This release includes the following changes:
 
- o Support for SOCKS4 proxies (added --socks4)
- o CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET added
- o CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE (--local-port) added
- o Dropped support for the LPRT ftp command
- o Gopher is now officially abandoned as a protocol (lib)curl tries to support
- o curl_global_init() and curl_global_cleanup() are now using a refcount so
-   that it is now legal to call them multiple times. See updated info for
-   details
+ o added docs for --ftp-method and CURLOPT_FTP_FILEMETHOD
 
 This release includes the following bugfixes:
 
- o two bugs concerning using curl_multi_remove_handle() before the transfer
-   was complete
- o multi-pass authentication and compressed content
- o minor format string mistake in the GSS/Negotiate code
- o cached DNS entries could remain in the cache too long
- o improved GnuTLS check in configure
- o re-used FTP connections when the second request didn't do a transfer
- o plain --limit-rate [num] means bytes
- o re-creating a dead connection is no longer counted internally as a followed
-   redirect and thus prevents a weird error that would occur if a FTP
-   connection died on an attempted re-use
- o Try PASV after failing to connect to the port the EPSV response contained
- o -P [IP] with non-local address with ipv6-enabled curl
- o -P [hostname] with ipv6-disabled curl
- o libcurl.m4 was updated
- o configure no longer warns if the current path contains a space
- o test suite kill race condition
- o FTP_SKIP_PASV_IP and FTP_USE_EPSV when doing FTP over HTTP proxy
- o Doing a second request with FTP on the same bath path, would make libcurl
-   confuse what current working directory it had
- o FTP over HTTP proxy now sends the second CONNECT properly
- o numerous compiler warnings and build quirks for various compilers have
-   been addressed
- o supports name and passwords up to 255 bytes long, embedded in URLs
- o the HTTP_ONLY define disables the TFTP support
+ o TFTP Packet Buffer Overflow Vulnerability:
+   http://curl.haxx.se/docs/adv_20060320.html
+ o properly detecting problems with sending the FTP command USER
+ o wrong error message shown when certificate verification failed
+ o multi-part formpost with multi interface crash
+ o the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL is acknowledged
+ o "SSL: couldn't set callback" is now treated as a less serious problem
+ o Interix build fix
+ o fixed curl "hang" when out of file handles at start
+ o prevent FTP uploads to URLs with trailing slash
 
 Other curl-related news since the previous public release:
 
- o http://curlm.haxx.se/ is new service that automatically redirects you to a
-   curl web mirror that is close to you!
-
- o http://curl.hkmirror.org/ is a new curl web mirror in Hong Kong
- o http://curl.storemypix.com/ is a new curl web mirror in Germany
- o http://curl.s-lines.net/ is a new curl web mirror in Japan
- o http://curl.oss-mirror.org/ is a new curl web mirror in Ireland
- o http://curl.linux-mirror.org/ is a new curl web mirror in Germany
- o pycurl 7.15.1 was released: http://pycurl.sf.net/
- o TclCurl 0.15.1 was released:
-   http://personal1.iddeo.es/andresgarci/tclcurl/english/
+ o pycurl-7.15.2 has been released: http://pycurl.sf.net
+ o http://curl.download.nextag.com/ is a new US curl web mirror!
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Dov Murik, Jean Jacques Drouin, Andres Garcia, Yang Tse, Gisle Vanem, Dan
- Fandrich, Alexander Lazic, Michael Jahn, Andrew Benham, Bryan Henderson,
- David Shaw, Jon Turner, Duane Cathey, Michal Marek, Philippe Vaucher, Kent
- Boortz, Karl Moerder, Shmulik Regev, Ulf H<>rnhammar, Peter Su
- 
+ Gisle Vanem, Dan Fandrich, Thomas Klausner, Todd Vierling, Peter Heuchert,
+ Markus Koetter, David McCreedy, Tor Arntsen
+
         Thanks! (and sorry if I forgot to mention someone)

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -1560,6 +1560,7 @@ AC_CHECK_FUNCS( strtoll \
                 ftruncate \
                 pipe \
                 poll \
+                getprotobyname \
                 getrlimit \
                 setrlimit,
 dnl if found
@@ -1953,6 +1954,8 @@ AC_CONFIG_FILES([Makefile \
            packages/EPM/curl.list \
            packages/EPM/Makefile \
            packages/vms/Makefile \
+           packages/AIX/Makefile \
+           packages/AIX/RPM/Makefile \
            curl-config \
            libcurl.pc
 ])

docs/KNOWN_BUGS

@@ -3,10 +3,6 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
-33. Doing FTP upload and specifying a URL that ends with a slash will cause
-  a filed named "(nil)" get created. The proper fix should most likely be to
-  reject the upload early since there's no target file name specified.
-
 32. (At least on Windows) If libcurl is built with c-ares and there's no DNS
   server configured in the system, the ares_init() call fails and thus
   curl_easy_init() fails as well. This causes weird effects for people who use
@@ -42,12 +38,6 @@ may have been fixed since this was written!
   --proxy-anyauth. There's work in progress on this problem, and a recent
   patch was posted here: http://curl.haxx.se/mail/lib-2005-08/0074.html
 
-24. Harshal Pradhan's Use-after-free with libcurl+ares. This probably occurs
-  because there is a pending ares callback that gets called after the
-  connection struct has been freed in libcurl:
-        http://curl.haxx.se/mail/lib-2005-08/0022.html
-  Fixing this properly most likely requires a new c-ares function.
-
 23. We don't support SOCKS for IPv6. We don't support FTPS over a SOCKS proxy.
   We don't have any test cases for SOCKS proxy. We probably have even more
   bugs and lack of features when a SOCKS proxy is used. And there seem to be a

docs/THANKS

@@ -14,6 +14,7 @@ Alex Suykov
 Alex aka WindEagle
 Alexander Kourakos
 Alexander Krasnostavsky
+Alexander Lazic
 Alexander Zhuravlev
 Alexis Carvalho
 Amol Pattekar
@@ -22,6 +23,7 @@ Andreas Damm
 Andreas Olsson
 Andreas Rieke
 Andres Garcia
+Andrew Benham
 Andrew Bushnell
 Andrew Francis
 Andrew Fuller
@@ -47,7 +49,7 @@ Brent Beardsley
 Brian Akins
 Brian R Duffy
 Bruce Mitchener
-Bryan Henderson 
+Bryan Henderson
 Bryan Kemp
 Caolan McNamara
 Casey O'Donnell
@@ -115,6 +117,8 @@ Doug Kaufman
 Doug Porter
 Douglas E. Wegscheid
 Douglas R. Horner
+Dov Murik
+Duane Cathey
 Dustin Boswell
 Dylan Ellicott
 Dylan Salisbury
@@ -200,6 +204,7 @@ Jamie Wilkinson
 Jan Kunder
 Jason S. Priebe
 Jaz Fresh
+Jean Jacques Drouin
 Jean-Claude Chauve
 Jean-Louis Lemaire
 Jean-Marc Ranger
@@ -241,11 +246,13 @@ J
 Kai Sommerfeld
 Kai-Uwe Rommel
 Kang-Jin Lee
+Karl Moerder
 Karol Pietrzak
 Keith MacDonald
 Keith McGuigan
 Ken Hirsch
 Ken Rastatter
+Kent Boortz
 Kevin Fisk
 Kevin Lussier
 Kevin Roth
@@ -304,9 +311,11 @@ Mekonikum
 Mettgut Jamalla
 Michael Benedict
 Michael Curtis
+Michael Jahn
 Michael Mealling
 Michael Wallner
 Michal Bonino
+Michal Marek
 Mihai Ionescu
 Mike Bytnar
 Mike Dobbs
@@ -348,6 +357,7 @@ Pete Su
 Peter Bray
 Peter Forret
 Peter Pentchev
+Peter Su
 Peter Sylvester
 Peter Todd
 Peter Verhas
@@ -357,6 +367,7 @@ Phil Karn
 Philip Gladstone
 Philippe Hameau
 Philippe Raoult
+Philippe Vaucher
 Pierre
 Puneet Pawaia
 Quagmire
@@ -409,6 +420,7 @@ Sergio Ballestrero
 Seshubabu Pasam
 Shard
 Shawn Poulson
+Shmulik Regev
 Siddhartha Prakash Jain
 Simon Dick
 Simon Josefsson
@@ -458,6 +470,7 @@ Traian Nicolescu
 Troels Walsted Hansen
 Troy Engel
 Tupone Alfredo
+Ulf H<>rnhammar
 Ulrich Zadow
 Vilmos Nebehaj
 Vincent Bronner

docs/curl.1

@@ -80,6 +80,24 @@ getting many files from the same server will not do multiple connects /
 handshakes. This improves speed. Of course this is only done on files
 specified on a single command line and cannot be used between separate curl
 invokes.
+.SH "PROGRESS METER"
+curl normally displays a progress meter during operations, indicating amount
+of transfered data, transfer speeds and estimated time left etc.
+
+However, since curl displays data to the terminal by default, if you invoke
+curl to do an operation and it is about to write data to the terminal, it
+\fIdisables\fP the progress meter as otherwise it would mess up the output
+mixing progress meter and response data.
+
+If you want a progress meter for HTTP POST or PUT requests, you need to
+redirect the response output to a file, using shell redirect (>), -o [file] or
+similar.
+
+It is not the same case for FTP upload as that operation is not spitting out
+any response data to the terminal.
+
+If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your
+friend.
 .SH OPTIONS
 .IP "-a/--append"
 (FTP) When used in an FTP upload, this will tell curl to append to the target
@@ -337,9 +355,9 @@ If this option is used several times, the last one will be used.
 .IP "-f/--fail"
 (HTTP) Fail silently (no output at all) on server errors. This is mostly done
 like this to better enable scripts etc to better deal with failed attempts. In
-normal cases when a HTTP server fails to deliver a document, it returns a HTML
-document stating so (which often also describes why and more). This flag will
-prevent curl from outputting that and fail silently instead.
+normal cases when a HTTP server fails to deliver a document, it returns an
+HTML document stating so (which often also describes why and more). This flag
+will prevent curl from outputting that and return error 22.
 
 If this option is used twice, the second will again disable silent failure.
 .IP "--ftp-account [data]"
@@ -354,6 +372,22 @@ the server, the standard behavior of curl is to fail. Using this option, curl
 will instead attempt to create missing directories.
 
 If this option is used twice, the second will again disable directory creation.
+.IP "--ftp-method [method]"
+(FTP) Control what method curl should use to reach a file on a FTP(S)
+server. The method argument should be one of the following alternatives:
+.RS
+.IP multicwd
+curl does a single CWD operation for each path part in the given URL. For deep
+hierarchies this means very many commands. This is how RFC1738 says it should
+be done. This is the default but the slowest behavior.
+.IP nocwd
+curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full
+path to the server for all these commands. This is the fastest behavior.
+.IP singlecwd
+curl does one CWD with the full target directory and then operates on the file
+\&"normally" (like in the multicwd case). This is somewhat more standards
+compliant than 'nocwd' but without the full penalty of 'multicwd'.
+.RE
 .IP "--ftp-pasv"
 (FTP) Use PASV when transferring. PASV is the internal default behavior, but
 using this option can be used to override a previous --ftp-port option. (Added

docs/libcurl/curl_easy_getinfo.3

@@ -152,7 +152,7 @@ handle. This is typically used in combination with \fICURLOPT_CONNECT_ONLY\fP.
 .NF
 An overview of the six time values available from curl_easy_getinfo()
 
-curk_easy_perform()
+curl_easy_perform()
     |
     |--NT
     |--|--CT

docs/libcurl/curl_easy_setopt.3

@@ -858,6 +858,23 @@ Exactly like \fICURLOPT_POSTQUOTE\fP, but for the source host.
 Pass a pointer to a zero-terminated string (or NULL to disable). When an FTP
 server asks for "account data" after user name and password has been provided,
 this data is sent off using the ACCT command. (Added in 7.13.0)
+.IP CURLOPT_FTP_FILEMETHOD
+Pass a long that should have one of the following values. This option controls
+what method libcurl should use to reach a file on a FTP(S) server. The
+argument should be one of the following alternatives:
+.RS
+.IP CURLFTPMETHOD_MULTICWD
+libcurl does a single CWD operation for each path part in the given URL. For
+deep hierarchies this means very many commands. This is how RFC1738 says it
+should be done. This is the default but the slowest behavior.
+.IP CURLFTPMETHOD_NOCWD
+libcurl does no CWD at all. libcurl will do SIZE, RETR, STOR etc and give a
+full path to the server for all these commands. This is the fastest behavior.
+.IP CURLFTPMETHOD_SINGLECWD
+libcurl does one CWD with the full target directory and then operates on the
+file \&"normally" (like in the multicwd case). This is somewhat more standards
+compliant than 'nocwd' but without the full penalty of 'multicwd'.
+.RE
 .SH PROTOCOL OPTIONS
 .IP CURLOPT_TRANSFERTEXT
 A non-zero parameter tells the library to use ASCII mode for ftp transfers,
@@ -1142,6 +1159,9 @@ certificates to verify the peer with.  This makes sense only when used in
 combination with the \fICURLOPT_SSL_VERIFYPEER\fP option.  If
 \fICURLOPT_SSL_VERIFYPEER\fP is zero, \fICURLOPT_CAINFO\fP need not
 even indicate an accessible file.
+
+Note that option is by default set to the system path where libcurl's cacert
+bundle is assumed to be stored, as established at build time.
 .IP CURLOPT_CAPATH
 Pass a char * to a zero terminated string naming a directory holding
 multiple CA certificates to verify the peer with. The certificate

docs/libcurl/curl_getenv.3

@@ -18,10 +18,9 @@ will instead be made "available" by source code access only, and then as
 curlx_getenv().
 .SH RETURN VALUE
 If successful, curl_getenv() returns a pointer to the value of the specified
-environment. The memory it refers to is malloc()ed why the application must
-free() this when the data has completed to serve its purpose. When
-.I curl_getenv(3)
-fails to find the specified name, it returns a null pointer.
+environment. The memory it refers to is malloc()ed so the application must
+free() this when the data is no longer needed. When \fIcurl_getenv(3)\fP fails
+to find the specified name, it returns a null pointer.
 .SH NOTE
 Under unix operating systems, there isn't any point in returning an allocated
 memory, although other systems won't work properly if this isn't done. The

docs/libcurl/libcurl-tutorial.3

@@ -133,10 +133,11 @@ Repeated calls to \fIcurl_global_init(3)\fP and \fIcurl_global_cleanup(3)\fP
 should be avoided. They should only be called once each.
 
 .SH "Features libcurl Provides"
-It is considered best-practice to determine libcurl features run-time rather
-than build-time (if possible of course). By calling curl_version_info() and
-checking tout he details of the returned struct, your program can figure out
-exactly what the currently running libcurl supports.
+It is considered best-practice to determine libcurl features at run-time
+rather than at build-time (if possible of course). By calling
+\fIcurl_version_info(3)\fP and checking out the details of the returned
+struct, your program can figure out exactly what the currently running libcurl
+supports.
 
 .SH "Handle the Easy libcurl"
 libcurl first introduced the so called easy interface. All operations in the

include/curl/curl.h

@@ -381,6 +381,15 @@ typedef enum {
   CURLFTPAUTH_LAST /* not an option, never use */
 } curl_ftpauth;
 
+/* parameter for the CURLOPT_FTP_FILEMETHOD option */
+typedef enum {
+  CURLFTPMETHOD_DEFAULT,   /* let libcurl pick */
+  CURLFTPMETHOD_MULTICWD,  /* single CWD operation for each path part */
+  CURLFTPMETHOD_NOCWD,     /* no CWD at all */
+  CURLFTPMETHOD_SINGLECWD, /* one CWD to full dir, then work on file */
+  CURLFTPMETHOD_LAST       /* not an option, never use */
+} curl_ftpmethod;
+
 /* long may be 32 or 64 bits, but we should never depend on anything else
    but 32 */
 #define CURLOPTTYPE_LONG          0
@@ -912,7 +921,8 @@ typedef enum {
      control connection. */
   CINIT(FTP_SKIP_PASV_IP, LONG, 137),
 
-  /* Select "file method" to use when doing FTP */
+  /* Select "file method" to use when doing FTP, see the curl_ftpmethod
+     above. */
   CINIT(FTP_FILEMETHOD, LONG, 138),
 
   /* Local port number to bind the socket to */

include/curl/curlver.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -28,13 +28,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.15.2-CVS"
+#define LIBCURL_VERSION "7.15.3-CVS"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 15
-#define LIBCURL_VERSION_PATCH 2
+#define LIBCURL_VERSION_PATCH 3
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -51,6 +51,6 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x070f02
+#define LIBCURL_VERSION_NUM 0x070f03
 
 #endif /* __CURL_CURLVER_H */

lib/ftp.c

@@ -2398,7 +2398,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
         state(conn, FTP_AUTH);
       }
       else {
-        ftp_state_user(conn);
+        result = ftp_state_user(conn);
         if(result)
           return result;
       }
@@ -2456,7 +2456,8 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
       2)Private (requested by 'PROT P')
       */
       if(!conn->ssl[SECONDARYSOCKET].use) {
-        NBFTPSENDF(conn, "PROT %c", 'P');
+        NBFTPSENDF(conn, "PROT %c",
+                   data->set.ftp_ssl == CURLFTPSSL_CONTROL ? 'C' : 'P');
         state(conn, FTP_PROT);
       }
       else {
@@ -2470,7 +2471,8 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
     case FTP_PROT:
       if(ftpcode/100 == 2)
         /* We have enabled SSL for the data connection! */
-        conn->ssl[SECONDARYSOCKET].use = TRUE;
+        conn->ssl[SECONDARYSOCKET].use =
+          data->set.ftp_ssl != CURLFTPSSL_CONTROL;
       /* FTP servers typically responds with 500 if they decide to reject
          our 'P' request */
       else if(data->set.ftp_ssl> CURLFTPSSL_CONTROL)
@@ -3816,6 +3818,13 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
     ftp->file=NULL; /* instead of point to a zero byte, we make it a NULL
                        pointer */
 
+  if(data->set.upload && !ftp->file &&
+     (!ftp->no_transfer || conn->bits.no_body)) {
+    /* We need a file name when uploading. Return error! */
+    failf(data, "Uploading to a URL without a file name!");
+    return CURLE_URL_MALFORMAT;
+  }
+
   ftp->cwddone = FALSE; /* default to not done */
 
   if(ftp->prevpath) {

lib/if2ip.h

@@ -27,6 +27,8 @@
 extern char *Curl_if2ip(const char *interf, char *buf, int buf_size);
 
 #ifdef __INTERIX
+#include <sys/socket.h>
+
 /* Nedelcho Stanev's work-around for SFU 3.0 */
 struct ifreq {
 #define IFNAMSIZ 16

lib/ssluse.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -1167,15 +1167,15 @@ Curl_ossl_connect(struct connectdata *conn,
 
 #ifdef SSL_CTRL_SET_MSG_CALLBACK
   if (data->set.fdebug) {
+    /* the SSL trace callback is only used for verbose logging so we only
+       inform about failures of setting it */
     if (!SSL_CTX_callback_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK,
                                (void (*)(void))ssl_tls_trace)) {
-      failf(data, "SSL: couldn't set callback!");
-      return CURLE_SSL_CONNECT_ERROR;
+      infof(data, "SSL: couldn't set callback!");
     }
-
-    if (!SSL_CTX_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, conn)) {
-      failf(data, "SSL: couldn't set callback argument!");
-      return CURLE_SSL_CONNECT_ERROR;
+    else if (!SSL_CTX_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0,
+                           conn)) {
+      infof(data, "SSL: couldn't set callback argument!");
     }
   }
 #endif
@@ -1521,7 +1521,7 @@ Curl_ossl_connect(struct connectdata *conn,
       else
         infof(data, "SSL certificate verify result: %s (%ld),"
               " continuing anyway.\n",
-              X509_verify_cert_error_string(err), lerr);
+              X509_verify_cert_error_string(lerr), lerr);
     }
     else
       infof(data, "SSL certificate verify ok.\n");

lib/tftp.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -271,8 +271,9 @@ static void tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
       /* If we are downloading, send an RRQ */
       state->spacket.event = htons(TFTP_EVENT_RRQ);
     }
-    sprintf((char *)state->spacket.u.request.data, "%s%c%s%c",
-            filename, '\0',  mode, '\0');
+    snprintf((char *)state->spacket.u.request.data,
+             sizeof(state->spacket.u.request.data),
+             "%s%c%s%c", filename, '\0',  mode, '\0');
     sbytes = 4 + (int)strlen(filename) + (int)strlen(mode);
     sbytes = sendto(state->sockfd, (void *)&state->spacket,
                     sbytes, 0,
@@ -533,7 +534,7 @@ CURLcode Curl_tftp_connect(struct connectdata *conn, bool *done)
    * The TFTP code is not portable because it sends C structs directly over
    * the wire.  Since C gives compiler writers a wide latitude in padding and
    * aligning structs, this fails on many architectures (e.g. ARM).
-   * 
+   *
    * The only portable way to fix this is to copy each struct item into a
    * flat buffer and send the flat buffer instead of the struct.  The
    * alternative, trying to get the compiler to eliminate padding bytes

lib/url.c

@@ -3982,6 +3982,11 @@ CURLcode Curl_done(struct connectdata **connp,
   struct connectdata *conn = *connp;
   struct SessionHandle *data=conn->data;
 
+  if(conn->bits.done)
+    return CURLE_OK; /* Curl_done() has already been called */
+
+  conn->bits.done = TRUE; /* called just now! */
+
   /* cleanups done even if the connection is re-used */
   if(conn->bits.rangestringalloc) {
     free(conn->range);
@@ -4047,6 +4052,7 @@ CURLcode Curl_do(struct connectdata **connp, bool *done)
   struct connectdata *conn = *connp;
   struct SessionHandle *data=conn->data;
 
+  conn->bits.done = FALSE; /* Curl_done() is not called yet */
   conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to use */
 
   if(conn->curl_do) {

lib/urldata.h

@@ -432,6 +432,10 @@ struct ConnectBits {
   bool trailerHdrPresent; /* Set when Trailer: header found in HTTP response.
                              Required to determine whether to look for trailers
                              in case of Transfer-Encoding: chunking */
+  bool done;          /* set to FALSE when Curl_do() is called and set to TRUE
+                         when Curl_done() is called, to prevent Curl_done() to
+                         get invoked twice when the multi interface is
+                         used. */
 };
 
 struct hostname {

packages/AIX/Makefile.am

@@ -0,0 +1,3 @@
+SUBDIRS = RPM
+
+EXTRA_DIST = Makefile.am

packages/AIX/RPM/Makefile.am

@@ -0,0 +1,2 @@
+EXTRA_DIST = README curl.spec.in
+

packages/AIX/RPM/README

@@ -0,0 +1,34 @@
+$Id$
+                             _   _ ____  _
+                         ___| | | |  _ \| |
+                        / __| | | | |_) | |
+                       ( (__| |_| |  _ <| |___
+                        \___|\___/|_| \_\_____|
+                            for AIX Toolbox
+
+Author: Tor Arntsen
+
+The spec file in this directory is based on the Linux ssl and non-ssl
+curl spec files, plus additions to make it AIX Toolbox compatible.
+
+The AIX Toolbox setup (installs into /opt/freeware, with symlinks in
+/usr/bin,/usr/lib,/usr/include) are based on IBM's aixtoolbox spec 
+file written by David Clissold <cliss@austin.ibm.com>, see
+
+ftp://ftp.software.ibm.com/aixtoolbox/SPECS/curl-7.9.3-2.spec
+
+This spec file is designed to be a drop-in replacement for the
+old spec file found at the above link. Thus, like the old spec file 
+this version is also a unified ssl/non-ssl  version. To get non-ssl 
+RPMs just pass --define 'nossl 1' to the command line when building 
+the RPM, e.g. 
+
+rpm -bb --define 'nossl 1' curl.spec
+
+Default is to build with ssl support.
+
+Lastly, the spec file expects the Curl source distribution file to be 
+in .tar.bz2 format.
+
+The nifty cURL header of this README is a ripoff of the vms/readme file.
+

packages/AIX/RPM/curl.spec.in

@@ -0,0 +1,132 @@
+# Use --define 'nossl 1' on the command line to disable SSL detection
+%{!?nossl:%define SSL 1}
+%{?nossl:%define SSL 0}
+
+%define name curl
+%define version @VERSION@
+%define release 1%{!?nossl:ssl}
+
+%define curlroot %{_builddir}/%{name}-%{version}
+
+Summary: get a file from a FTP or HTTP server.
+Name: %{name}
+Version: %{version}
+Release: %{release}
+License: MIT/X derivate
+Vendor: Daniel Stenberg <Daniel.Stenberg@haxx.se>
+Group: Applications/Internet
+Source: %{name}-%{version}.tar.bz2
+URL: http://curl.haxx.se/
+Provides: curl
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Prefix: %{_prefix}
+
+%description
+curl is a client to get documents/files from servers, using any of the
+supported protocols.  The command is designed to work without user
+interaction or any kind of interactivity.
+
+curl offers many useful tricks like proxy support, user authentication,
+ftp upload, HTTP post, file transfer resume and more.
+
+%if %{SSL} == 1
+Note: this version is compiled with SSL support.
+%else
+Note: this version is compiled without SSL support.
+%endif
+
+%package	devel
+Summary:	Development files for the curl libary
+Group:		Development/Libraries
+%if %{SSL} == 1 
+Requires: openssl >= 0.9.5 
+%endif 
+Requires:	curl = %{version}
+Provides:	curl-devel
+
+%description devel
+libcurl is the core engine of curl; this packages contains all the 
+libs, headers, and manual pages to develop applications using libcurl.
+
+%define DEFCC xlc
+
+%prep
+rm -rf %{curlroot}
+%setup -q
+
+%build
+
+# Use the default compiler for this platform - gcc otherwise
+if [[ -z "$CC" ]]
+then
+    if test "X`type %{DEFCC} 2>/dev/null`" != 'X'; then
+       export CC=%{DEFCC}
+    else 
+       export CC=gcc
+    fi
+fi
+
+cd %{curlroot} && (if [ -f configure.in ]; then mv -f configure.in configure.in.
+rpm; fi)
+
+./configure --prefix=%{prefix} \
+%if %{SSL} == 1
+        --with-ssl
+%else
+        --without-ssl
+%endif
+
+make
+
+%install
+[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}
+make DESTDIR=%{buildroot} install-strip
+
+( cd $RPM_BUILD_ROOT   # same as %{buildroot}
+
+ for dir in bin include
+ do
+    mkdir -p usr/$dir
+    cd usr/$dir
+    ln -sf ../..%{prefix}/$dir/* .
+    cd -
+ done
+
+ mkdir -p usr/lib
+ cd usr/lib
+ ln -sf ../..%{prefix}/lib/* .
+ cd -
+)
+
+%clean
+[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root)
+%attr(0755,root,root) %{_bindir}/curl
+%attr(0644,root,root) %{_mandir}/man1/curl.1*
+%{_libdir}/libcurl.a
+%if %{SSL} == 1
+%{_datadir}/curl/curl-ca-bundle.crt
+%endif
+%doc CHANGES COPYING README RELEASE-NOTES 
+%doc docs/BUGS docs/CONTRIBUTE docs/FAQ docs/FEATURES docs/HISTORY
+%doc docs/INSTALL docs/KNOWN_BUGS 
+%doc docs/MANUAL docs/RESOURCES docs/THANKS docs/VERSIONS docs/TODO
+%doc docs/TheArtOfHttpScripting
+%if %{SSL} == 1
+%doc docs/SSLCERTS
+%endif
+/usr/bin/curl
+/usr/lib/libcurl.a
+
+%files devel
+%defattr(-,root,root)
+%attr(0755,root,root) %{_bindir}/curl-config
+%attr(0644,root,root) %{_mandir}/man1/curl-config.1*
+%attr(0644,root,root) %{_mandir}/man3/*
+%attr(0644,root,root) %{_includedir}/curl/*
+%{_libdir}/libcurl.la
+%doc docs/BINDINGS docs/INTERNALS docs/LICENSE-MIXING
+/usr/bin/curl-config
+/usr/include/curl

packages/Makefile.am

@@ -1,3 +1,3 @@
-SUBDIRS = Win32 Linux Solaris EPM DOS vms
+SUBDIRS = Win32 Linux Solaris EPM DOS AIX vms
 
 EXTRA_DIST = README NetWare/get_ver.awk

packages/vms/Makefile.am

@@ -1,3 +1,3 @@
 EXTRA_DIST = batch_compile.com build_vms.com config-vms.h defines.com	\
  hpssl_alpha.opt hpssl_ia64.opt hpssl_vax.opt readme curlmsg.msg	\
- curlmsg_vms.h axp/README ia64/README vax/README
+ curlmsg_vms.h axp/README ia64/README vax/README curlmsg.h curlmsg.sdl

src/main.c

@@ -1251,13 +1251,13 @@ static ParameterError add2list(struct curl_slist **list,
 static int ftpfilemethod(struct Configurable *config, char *str)
 {
   if(strequal("singlecwd", str))
-    return 3;
+    return CURLFTPMETHOD_SINGLECWD;
   if(strequal("nocwd", str))
-    return 2;
+    return CURLFTPMETHOD_NOCWD;
   if(strequal("multicwd", str))
-    return 1;
+    return CURLFTPMETHOD_MULTICWD;
   warnf(config, "unrecognized ftp file method '%s', using default\n", str);
-  return 1;
+  return CURLFTPMETHOD_MULTICWD;
 }
 
 static ParameterError getparameter(char *flag, /* f or -long-flag */
@@ -4279,8 +4279,11 @@ quit_curl:
   return res;
 }
 
-static void checkfds(void);
-
+/* Ensure that file descriptors 0, 1 and 2 (stdin, stdout, stderr) are
+   open before starting to run.  Otherwise, the first three network
+   sockets opened by curl could be used for input sources, downloaded data
+   or error logs as they will effectively be stdin, stdout and/or stderr.
+*/
 static void checkfds(void)
 {
 #ifdef HAVE_PIPE
@@ -4291,8 +4294,9 @@ static void checkfds(void)
          fd[1] == STDIN_FILENO ||
          fd[1] == STDOUT_FILENO ||
          fd[1] == STDERR_FILENO )
-    pipe(fd);
-
+    if (pipe(fd) < 0)
+      return;	/* Out of handles. This isn't really a big problem now, but
+                   will be when we try to create a socket later. */
   close(fd[0]);
   close(fd[1]);
 #endif

tests/data/Makefile.am

@@ -34,5 +34,5 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46	   \
  test250 test251 test252 test253 test254 test255 test521 test522 test523   \
  test256 test257 test258 test259 test260 test261 test262 test263 test264   \
  test265 test266 test267 test268 test269 test270 test271 test272 test273   \
- test274 test275
+ test274 test275 test524
 

tests/data/test524

@@ -0,0 +1,44 @@
+<info>
+<keywords>
+FTP
+UPLOAD
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+<tool>
+lib524
+</tool>
+ <name>
+FTP upload with target URL ending with slash
+ </name>
+# first URL then proxy
+ <command>
+ftp://%HOSTIP:%FTPPORT/path/to/
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS curl_by_daniel@haxx.se
+PWD
+</protocol>
+
+# 3 is CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>

tests/libtest/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -40,7 +40,7 @@ SUPPORTFILES = first.c test.h
 # These are all libcurl test programs
 noinst_PROGRAMS = lib500 lib501 lib502 lib503 lib504 lib505 lib506 lib507 \
   lib508 lib509 lib510 lib511 lib512 lib513 lib514 lib515 lib516 lib517 \
-  lib518 lib519 lib520 lib521 lib523
+  lib518 lib519 lib520 lib521 lib523 lib524
 
 lib500_SOURCES = lib500.c $(SUPPORTFILES)
 lib500_LDADD = $(LIBDIR)/libcurl.la
@@ -133,3 +133,7 @@ lib521_DEPENDENCIES = $(LIBDIR)/libcurl.la
 lib523_SOURCES = lib523.c $(SUPPORTFILES)
 lib523_LDADD = $(LIBDIR)/libcurl.la
 lib523_DEPENDENCIES = $(LIBDIR)/libcurl.la
+
+lib524_SOURCES = lib524.c $(SUPPORTFILES)
+lib524_LDADD = $(LIBDIR)/libcurl.la
+lib524_DEPENDENCIES = $(LIBDIR)/libcurl.la

tests/libtest/lib524.c

@@ -0,0 +1,15 @@
+#include "test.h"
+
+int test(char *URL)
+{
+  CURLcode res;
+  CURL *curl = curl_easy_init();
+  curl_easy_setopt(curl, CURLOPT_URL, URL);
+  curl_easy_setopt(curl, CURLOPT_UPLOAD, 1);
+  curl_easy_setopt(curl, CURLOPT_VERBOSE, TRUE);
+
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+  return (int)res;
+}
+

tests/runtests.pl

@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -85,6 +85,7 @@ my $perl="perl -I$srcdir";
 
 # this gets set if curl is compiled with debugging:
 my $curl_debug=0;
+my $libtool;
 
 # name of the file that the memory debugging creates:
 my $memdump="$LOGDIR/memdump";
@@ -1066,6 +1067,7 @@ sub checksystem {
 
     $has_textaware = ($^O eq 'MSWin32') || ($^O eq 'msys');
 
+    logmsg sprintf("* Libtool lib:    %s\n", $libtool?"ON":"OFF");
     logmsg "***************************************** \n";
 }
 
@@ -1413,10 +1415,10 @@ sub singletest {
     # run the command line we built
     if ($torture) {
         return torture($CMDLINE,
-                       "gdb --directory libtest $DBGCURL -x log/gdbcmd");
+                       "$gdb --directory libtest $DBGCURL -x log/gdbcmd");
     }
     elsif($gdbthis) {
-        system("gdb --directory libtest $DBGCURL -x log/gdbcmd");
+        system("$gdb --directory libtest $DBGCURL -x log/gdbcmd");
         $cmdres=0; # makes it always continue after a debugged run
     }
     else {
@@ -1445,7 +1447,7 @@ sub singletest {
             open(GDBCMD, ">log/gdbcmd2");
             print GDBCMD "bt\n";
             close(GDBCMD);
-            system("gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
+            system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
      #       unlink("log/gdbcmd2");
         }
     }
@@ -2046,6 +2048,17 @@ if($valgrind) {
     }
 }
 
+# open the executable curl and read the first 4 bytes of it
+open(CHECK, "<$CURL");
+my $c;
+sysread CHECK, $c, 4;
+close(CHECK);
+if($c eq "#! /") {
+    # A shell script. This is typically when built with libtool,
+    $libtool = 1;
+    $gdb = "libtool --mode=execute gdb";
+}
+
 $HTTPPORT =  $base + 0; # HTTP server port
 $HTTPSPORT = $base + 1; # HTTPS server port
 $FTPPORT =   $base + 2; # FTP server port