15
15
1.1 Zero-copy interface
16
16
1.2 More data sharing
20
1.6 configure-based info in public headers
18
1.4 signal-based resolver timeouts
22
20
2. libcurl - multi interface
23
21
2.1 More non-blocking
25
2.3 Remove easy interface internally
26
2.4 Avoid having to remove/readd handles
22
2.2 Remove easy interface internally
23
2.3 Avoid having to remove/readd handles
24
2.4 Fix HTTP Pipelining for PUT
29
27
3.1 More and better
52
49
7.1 Disable specific versions
53
7.2 Provide mytex locking API
55
7.4 Evaluate SSL patches
56
7.5 Cache OpenSSL contexts
57
7.6 Export session ids
58
7.7 Provide callback for cert verification
59
7.8 Support other SSL libraries
60
7.9 Support SRP on the TLS layer
61
7.10 improve configure --with-ssl
50
7.2 Provide mutex locking API
51
7.3 Evaluate SSL patches
52
7.4 Cache OpenSSL contexts
53
7.5 Export session ids
54
7.6 Provide callback for cert verification
55
7.7 Support other SSL libraries
56
7.8 Support SRP on the TLS layer
57
7.9 improve configure --with-ssl
64
60
8.1 Make NTLM work without OpenSSL functions
131
127
SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
132
128
To support ipv6 interface addresses for network interfaces properly.
136
Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
137
GET_FTP_DATA_IP. Return a string with the used IP.
141
Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
142
present when we first added c-ares support but they have been added since!
143
When this is done and works, we can actually start considering making c-ares
144
powered libcurl the default build (which of course would require that we'd
145
bundle the c-ares source code in the libcurl source code releases).
147
1.6 configure-based info in public headers
149
Make the public headers include the proper system includes based on what was
150
present at the time when configure was run. Currently, the sys/select.h
151
header is for example included by curl/multi.h only on specific platforms we
152
know MUST have it. This is error-prone. We therefore want the header files to
153
adapt to configure results. Those results must be stored in a new header and
154
they must use a curl name space, i.e not be HAVE_* prefix (as that would risk
155
collide with other apps that use libcurl and that runs configure).
157
Work on this has been started but hasn't been finished, and the initial patch
158
and some details are found here:
159
http://curl.haxx.se/mail/lib-2006-12/0084.html
161
The remaining problems to solve involve the platforms that can't run
130
1.4 signal-based resolver timeouts
132
libcurl built without an asynchronous resolver library uses alarm() to time
133
out DNS lookups. When a timeout occurs, this causes libcurl to jump from the
134
signal handler back into the library with a sigsetjmp, which effectively
135
causes libcurl to continue running within the signal handler. This is
136
non-portable and could cause problems on some platforms. A discussion on the
137
problem is available at http://curl.haxx.se/mail/lib-2008-09/0197.html
139
Also, alarm() provides timeout resolution only to the nearest second. alarm
140
ought to be replaced by setitimer on systems that support it.
164
142
2. libcurl - multi interface
166
144
2.1 More non-blocking
168
Make sure we don't ever loop because of non-blocking sockets return
146
Make sure we don't ever loop because of non-blocking sockets returning
169
147
EWOULDBLOCK or similar. The GnuTLS connection etc.
173
Make transfers treated more carefully. We need a way to tell libcurl we have
174
data to write, as the current system expects us to upload data each time the
175
socket is writable and there is no way to say that we want to upload data
176
soon just not right now, without that aborting the upload. The opposite
177
situation should be possible as well, that we tell libcurl we're ready to
178
accept read data. Today libcurl feeds the data as soon as it is available for
179
reading, no matter what.
181
2.3 Remove easy interface internally
149
2.2 Remove easy interface internally
183
151
Make curl_easy_perform() a wrapper-function that simply creates a multi
184
152
handle, adds the easy handle to it, runs curl_multi_perform() until the
259
5.1 Other HTTP versions with CONNECT
261
When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
262
never been reported as causing trouble to anyone, but should be considered to
263
use the HTTP version the user has chosen.
265
5.2 Better persistency for HTTP 1.0
234
5.1 Better persistency for HTTP 1.0
267
236
"Better" support for persistent connections over HTTP 1.0
268
237
http://curl.haxx.se/bug/feature.cgi?id=1089001
270
5.3 support FF3 sqlite cookie files
239
5.2 support FF3 sqlite cookie files
272
241
Firefox 3 is changing from its former format to a a sqlite database instead.
273
242
We should consider how (lib)curl can/should support this.
304
273
Provide an option that allows for disabling specific SSL versions, such as
305
274
SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
307
7.2 Provide mytex locking API
276
7.2 Provide mutex locking API
309
278
Provide a libcurl API for setting mutex callbacks in the underlying SSL
310
279
library, so that the same application code can use mutex-locking
311
280
independently of OpenSSL or GnutTLS being used.
315
Anton Fedorov's "dumpcert" patch:
316
http://curl.haxx.se/mail/lib-2004-03/0088.html
318
7.4 Evaluate SSL patches
282
7.3 Evaluate SSL patches
320
284
Evaluate/apply Gertjan van Wingerde's SSL patches:
321
285
http://curl.haxx.se/mail/lib-2004-03/0087.html
323
7.5 Cache OpenSSL contexts
287
7.4 Cache OpenSSL contexts
325
289
"Look at SSL cafile - quick traces look to me like these are done on every
326
290
request as well, when they should only be necessary once per ssl context (or
338
302
the state from such a buffer at a later date - this is used by mod_ssl for
339
303
apache to implement and SSL session ID cache".
341
7.7 Provide callback for cert verification
305
7.6 Provide callback for cert verification
343
307
OpenSSL supports a callback for customised verification of the peer
344
308
certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
345
309
it be? There's so much that could be done if it were!
347
7.8 Support other SSL libraries
311
7.7 Support other SSL libraries
349
313
Make curl's SSL layer capable of using other free SSL libraries. Such as
350
314
MatrixSSL (http://www.matrixssl.org/).
352
7.9 Support SRP on the TLS layer
316
7.8 Support SRP on the TLS layer
354
318
Peter Sylvester's patch for SRP on the TLS layer. Awaits OpenSSL support for
355
319
this, no need to support this in libcurl before there's an OpenSSL release
358
7.10 improve configure --with-ssl
322
7.9 improve configure --with-ssl
360
324
make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
365
329
8.1 Make NTLM work without OpenSSL functions
367
Get NTLM working using the functions provided by libgcrypt, since GnuTLS
368
already depends on that to function. Not strictly SSL/TLS related, but
369
hey... Another option is to get available DES and MD4 source code from the
370
cryptopp library. They are fine license-wise, but are C++.
331
Get NTLM working using the functions provided by NSS. Not strictly
332
SSL/TLS related, but hey... Another option is to get available DES and
333
MD4 source code from the cryptopp library. They are fine license-wise,
372
336
8.2 SSL engine stuff