17
17
* Introduce an interface to libcurl that allows applications to easier get to
18
know what cookies that are received. Pushing interface that calls a
19
callback on each received cookie? Querying interface that asks about
20
existing cookies? We probably need both. Enable applications to modify
21
existing cookies as well. http://curl.haxx.se/dev/COOKIES
18
know what cookies that are received. CURLINFO_COOKIELIST to get a
19
curl_slist with cookies (netscape/mozilla cookie file formatted), and
20
CURLOPT_COOKIELIST to set a list of cookies (using the same format).
21
http://curl.haxx.se/mail/lib-2004-12/0195.html
23
23
* Introduce another callback interface for upload/download that makes one
24
24
less copy of data and thus a faster operation.
33
33
return informational stuff as errors, consider a new info returned by
34
34
curl_easy_getinfo() #845941
36
* Option to set the SO_KEEPALIVE socket option to make libcurl notice and
37
disconnect very long time idle connections.
36
* Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
37
SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
39
39
LIBCURL - multi interface
41
* Add a curl_multi_fdset() alternative that returns only two arrays with file
42
desrciptors for reading and writing to allow the app to use whatever
43
function it prefers. Plus, this allows apps to avoid the FD_SETSIZE problem
41
46
* Add curl_multi_timeout() to make libcurl's ares-functionality better.
43
48
* Make sure we don't ever loop because of non-blocking sockets return
60
* Optimize the way libcurl uses CWD on each new request over a persistent
61
connection (on FTP) even if it doesn't have to.
65
* Support GSS/Kerberos 5 for ftp file transfer. This will allow user
66
authentication and file encryption. Possible libraries and example clients
67
are available from MIT or Heimdal. Requsted by Markus Moeller.
63
69
* REST fix for servers not behaving well on >2GB requests. This should fail
64
70
if the server doesn't set the pointer to the requested index. The tricky
65
part is to figure out if the server did the right thing or not.
71
(impossible?) part is to figure out if the server did the right thing or
67
74
* Support the most common FTP proxies, Philip Newton provided a list
68
75
allegedly from ncftp:
77
84
* Since USERPWD always override the user and password specified in URLs, we
78
85
might need another way to specify user+password for anonymous ftp logins.
87
* The FTP code should get a way of returning errors that is known to still
88
have the control connection alive and sound. Currently, a returned error
89
from within ftp-functions does not tell if the control connection is still
90
OK to use or not. This causes libcurl to fail to re-use connections
82
* Digest and GSS-Negotiate support for HTTP proxies. They only work on
83
direct-connections to the server.
85
95
* Pipelining. Sending multiple requests before the previous one(s) are done.
86
96
This could possibly be implemented using the multi interface to queue
87
97
requests and the response data.
104
114
* Evaluate/apply Gertjan van Wingerde's SSL patches:
105
115
http://curl.haxx.se/mail/lib-2004-03/0087.html
107
* Peter Sylvester's "Most Significant Common Name" change. Feedback welcome.
108
At least the UTF8 conversion and comparison should be done. Patch?
110
* If you really want to improve the SSL situation, you should probably have a
111
look at SSL cafile loading as well - quick traces look to me like these are
112
done on every request as well, when they should only be necessary once per
113
ssl context (or once per handle). Even better would be to support the SSL
114
CAdir option - instead of loading all of the root CA certs for every
115
request, this option allows you to only read the CA chain that is actually
116
required (into the cache)...
117
* "Look at SSL cafile - quick traces look to me like these are done on every
118
request as well, when they should only be necessary once per ssl context
119
(or once per handle)". The major improvement we can rather easily do is to
120
make sure we don't create and kill a new SSL "context" for every request,
121
but instead make one for every connection and re-use that SSL context in
122
the same style connections are re-used. It will make us use slightly more
123
memory but it will libcurl do less creations and deletions of SSL contexts.
118
125
* Add an interface to libcurl that enables "session IDs" to get
119
126
exported/imported. Cris Bailiff said: "OpenSSL has functions which can
120
127
serialise the current SSL state to a buffer of your choice, and
121
128
recover/reset the state from such a buffer at a later date - this is used
122
by mod_ssl for apache to implement and SSL session ID cache". This whole
123
idea might become moot if we enable the 'data sharing' as mentioned in the
129
by mod_ssl for apache to implement and SSL session ID cache".
126
131
* OpenSSL supports a callback for customised verification of the peer
127
132
certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
131
136
* Make curl's SSL layer option capable of using other free SSL libraries.
132
137
Such as the Mozilla Security Services
133
(http://www.mozilla.org/projects/security/pki/nss/) and GNUTLS
134
(http://gnutls.hellug.gr/)
138
(http://www.mozilla.org/projects/security/pki/nss/) and GnuTLS
139
(http://www.gnu.org/software/gnutls/) This subject has been brought up
140
again recently since GPL-licensed applications that link with libcurl MAY
141
NOT distribute binaries that use OpenSSL without adding an exception clause
142
to the GPL license. See the LICENSE-MIXING document and this:
143
http://www.gnome.org/~markmc/openssl-and-the-gpl.html
153
* "curl --sync http://example.com/feed[1-100].rss" or
154
"curl --sync http://example.net/{index,calendar,history}.html"
156
Downloads a range or set of URLs using the remote name, but only if the
157
remote file is newer than the local file. A Last-Modified HTTP date header
158
should also be used to set the mod date on the downloaded file.
159
(idea from "Brianiac")
161
* Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
162
Requested by Dane Jensen and others. This is easily scripted though.
144
164
* Add an option that prevents cURL from overwiting existing local files. When
145
165
used, and there already is an existing file with the target file name
146
166
(either -O or -o), a number should be appended (and increased if already
174
194
* --data-encode that URL encodes the data before posting
175
195
http://curl.haxx.se/mail/archive-2003-11/0091.html (Kevin Roth suggested)
197
* Provide a way to make options bound to a specific URL among several on the
198
command line. Possibly by letting ':' separate options between URLs,
201
curl --data foo --url url.com : \
203
--url url3.com --data foo3
205
(More details: http://curl.haxx.se/mail/archive-2004-07/0133.html)
207
The example would do a POST-GET-POST combination on a single command line.
179
211
* Consider extending 'roffit' to produce decent ASCII output, and use that
184
216
* Make the test servers able to serve multiple running test suites. Like if
185
217
two users run 'make test' at once.
187
* Make runtests.pl capable of changing port numbers for the servers. This was
188
the intention from the start, but in practise it is now hard.
190
219
* If perl wasn't found by the configure script, don't attempt to run the
191
220
tests but explain something nice why it doesn't.
201
230
* curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
202
231
CURLMcode. These should be changed to be the same.
204
* curl_formparse() should be removed
206
233
* remove obsolete defines from curl/curl.h
235
* make several functions use size_t instead of int in their APIs
208
237
* remove the following functions from the public API:
210
239
curl_mprintf (and variations)
214
243
They will instead become curlx_ - alternatives. That makes the curl app
215
244
still capable of building with them from source.
246
* Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
247
internally. Let the app judge success or not for itself.
added
removed
docs/TODO
