132 lines
5.5 KiB
Plaintext
132 lines
5.5 KiB
Plaintext
_ _ ____ _
|
|
___| | | | _ \| |
|
|
/ __| | | | |_) | |
|
|
| (__| |_| | _ <| |___
|
|
\___|\___/|_| \_\_____|
|
|
|
|
TODO
|
|
|
|
Things to do in project cURL. Please tell me what you think, contribute and
|
|
send me patches that improve things! Also check the http://curl.haxx.se/dev
|
|
web section for various development notes.
|
|
|
|
LIBCURL
|
|
|
|
* Consider an interface to libcurl that allows applications to easier get to
|
|
know what cookies that are sent back in the response headers.
|
|
|
|
* Make content encoding/decoding internally be made using a filter system.
|
|
|
|
* The new 'multi' interface is being designed. Work out the details, start
|
|
implementing and write test applications!
|
|
[http://curl.haxx.se/dev/multi.h]
|
|
|
|
* Add a name resolve cache to libcurl to make repeated fetches to the same
|
|
host name (when persitancy isn't available) faster.
|
|
|
|
* Introduce another callback interface for upload/download that makes one
|
|
less copy of data and thus a faster operation.
|
|
[http://curl.haxx.se/dev/no_copy_callbacks.txt]
|
|
|
|
* Add configure options that disables certain protocols in libcurl to
|
|
decrease footprint. '--disable-[protocol]' where protocol is http, ftp,
|
|
telnet, ldap, dict or file.
|
|
|
|
* Add asynchronous name resolving. http://curl.haxx.se/dev/async-resolver.txt
|
|
|
|
DOCUMENTATION
|
|
|
|
* Document all CURLcode error codes, why they happen and what most likely
|
|
will make them not happen again.
|
|
|
|
FTP
|
|
|
|
* FTP ASCII upload does not follow RFC959 section 3.1.1.1: "The sender
|
|
converts the data from an internal character representation to the standard
|
|
8-bit NVT-ASCII representation (see the Telnet specification). The
|
|
receiver will convert the data from the standard form to his own internal
|
|
form."
|
|
|
|
* An option to only download remote FTP files if they're newer than the local
|
|
one is a good idea, and it would fit right into the same syntax as the
|
|
already working http dito works. It of course requires that 'MDTM' works,
|
|
and it isn't a standard FTP command.
|
|
|
|
* Suggested on the mailing list: CURLOPT_FTP_MKDIR...!
|
|
|
|
* Always use the FTP SIZE command before downloading, as that makes it more
|
|
likely that we know the size when downloading. Some sites support SIZE but
|
|
don't show the size in the RETR response!
|
|
|
|
* Make FTP PASV work with IPv6 support. RFC 2428 "FTP Extensions for IPv6 and
|
|
NATs" is interesting.
|
|
|
|
HTTP
|
|
|
|
* HTTP PUT for files passed on stdin *OR* when the --crlf option is
|
|
used. Requires libcurl to send the file with chunked content
|
|
encoding. [http://curl.haxx.se/dev/HTTP-PUT-stdin.txt] When the filter
|
|
system mentioned above gets real, it'll be a piece of cake to add.
|
|
|
|
* "Content-Encoding: compress/gzip/zlib" HTTP 1.1 clearly defines how to get
|
|
and decode compressed documents. There is the zlib that is pretty good at
|
|
decompressing stuff. This work was started in October 1999 but halted again
|
|
since it proved more work than we thought. It is still a good idea to
|
|
implement though. This requires the filter system mentioned above.
|
|
|
|
* Authentication: NTLM. Support for that MS crap called NTLM
|
|
authentication. MS proxies and servers sometime require that. Since that
|
|
protocol is a proprietary one, it involves reverse engineering and network
|
|
sniffing. This should however be a library-based functionality. There are a
|
|
few different efforts "out there" to make open source HTTP clients support
|
|
this and it should be possible to take advantage of other people's hard
|
|
work. http://modntlm.sourceforge.net/ is one. There's a web page at
|
|
http://www.innovation.ch/java/ntlm.html that contains detailed reverse-
|
|
engineered info.
|
|
|
|
* RFC2617 compliance, "Digest Access Authentication"
|
|
A valid test page seem to exist at:
|
|
http://hopf.math.nwu.edu/testpage/digest/
|
|
And some friendly person's server source code is available at
|
|
http://hopf.math.nwu.edu/digestauth/index.html
|
|
Then there's the Apache mod_digest source code too of course. It seems as
|
|
if Netscape doesn't support this, and not many servers do. Although this is
|
|
a lot better authentication method than the more common "Basic". Basic
|
|
sends the password in cleartext over the network, this "Digest" method uses
|
|
a challange-response protocol which increases security quite a lot.
|
|
|
|
TELNET
|
|
|
|
* Make TELNET work on windows98!
|
|
|
|
SSL
|
|
|
|
* Add an interface to libcurl that enables "session IDs" to get
|
|
exported/imported. Cris Bailiff said: "OpenSSL has functions which can
|
|
serialise the current SSL state to a buffer of your choice, and
|
|
recover/reset the state from such a buffer at a later date - this is used
|
|
by mod_ssl for apache to implement and SSL session ID cache"
|
|
|
|
* Make curl's SSL layer option capable of using other free SSL libraries.
|
|
Such as the Mozilla Security Services
|
|
(http://www.mozilla.org/projects/security/pki/nss/) and GNUTLS
|
|
(http://gnutls.hellug.gr/)
|
|
|
|
CLIENT
|
|
|
|
* "curl ftp://site.com/*.txt"
|
|
|
|
* Several URLs can be specified to get downloaded. We should be able to use
|
|
the same syntax to specify several files to get uploaded (using the same
|
|
persistant connection), using -T.
|
|
|
|
TEST SUITE
|
|
|
|
* Extend the test suite to include more protocols. The telnet could just do
|
|
ftp or http operations (for which we have test servers).
|
|
|
|
* Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
|
|
fork()s and it should become even more portable.
|
|
|
|
* Introduce a test suite that tests libcurl better and more explicitly.
|