| _ _ ____ _ |
| ___| | | | _ \| | |
| / __| | | | |_) | | |
| | (__| |_| | _ <| |___ |
| \___|\___/|_| \_\_____| |
| |
| TODO |
| |
| Things to do in project cURL. Please tell me what you think, contribute and |
| send me patches that improve things! |
| |
| To do for the 7.7 release: |
| |
| * Fix the random seeding. Add --egd-socket and --random-file options to the |
| curl client and libcurl curl_easy_setopt() interface. |
| |
| * Support persistant connections (fully detailed elsewhere) |
| |
| * Add a special connection-timeout that only goes for the connection phase. |
| |
| To do for the 7.8 release: |
| |
| * Make SSL session ids get used if multiple HTTPS documents from the same |
| host is requested. |
| |
| To do in a future release: |
| |
| * Add configure options that disables certain protocols in libcurl to |
| decrease footprint. '--disable-[protocol]' where protocol is http, ftp, |
| telnet, ldap, dict or file. |
| |
| * Extend the test suite to include telnet and https. The telnet could just do |
| ftp or http operations (for which we have test servers) and the https would |
| probably work against/with some of the openssl tools. |
| |
| * Add a command line option that allows the output file to get the same time |
| stamp as the remote file. libcurl already is capable of fetching the remote |
| file's date. |
| |
| * Make the SSL layer option capable of using the Mozilla Security Services as |
| an alternative to OpenSSL: |
| http://www.mozilla.org/projects/security/pki/nss/ |
| |
| * Add asynchronous name resolving, as this enables full timeout support for |
| fork() systems. |
| |
| * Non-blocking connect(), also to make timeouts work on windows. |
| |
| * Move non-URL related functions that are used by both the lib and the curl |
| application to a separate "portability lib". |
| |
| * Add support for other languages than C. C++ (rumours have been heard about |
| something being worked on in this area) and perl (we have seen the first |
| versions of this!) comes to mind. Python anyone? |
| |
| * "Content-Encoding: compress/gzip/zlib" HTTP 1.1 clearly defines how to get |
| and decode compressed documents. There is the zlib that is pretty good at |
| decompressing stuff. This work was started in October 1999 but halted again |
| since it proved more work than we thought. It is still a good idea to |
| implement though. |
| |
| * Authentication: NTLM. Support for that MS crap called NTLM |
| authentication. MS proxies and servers sometime require that. Since that |
| protocol is a proprietary one, it involves reverse engineering and network |
| sniffing. This should however be a library-based functionality. There are a |
| few different efforts "out there" to make open source HTTP clients support |
| this and it should be possible to take advantage of other people's hard |
| work. http://modntlm.sourceforge.net/ is one. There's a web page at |
| http://www.innovation.ch/java/ntlm.html that contains detailed reverse- |
| engineered info. |
| |
| * RFC2617 compliance, "Digest Access Authentication" |
| A valid test page seem to exist at: |
| http://hopf.math.nwu.edu/testpage/digest/ |
| And some friendly person's server source code is available at |
| http://hopf.math.nwu.edu/digestauth/index.html |
| Then there's the Apache mod_digest source code too of course. It seems as |
| if Netscape doesn't support this, and not many servers do. Although this is |
| a lot better authentication method than the more common "Basic". Basic |
| sends the password in cleartext over the network, this "Digest" method uses |
| a challange-response protocol which increases security quite a lot. |
| |
| * Other proxies |
| Ftp-kind proxy, Socks5, whatever kind of proxies are there? |
| |
| * IPv6 Awareness and support. (This is partly done.) RFC 2428 "FTP |
| Extensions for IPv6 and NATs" is interesting. PORT should be replaced with |
| EPRT for IPv6 (done), and EPSV instead of PASV. HTTP proxies are left to |
| add support for. |
| |
| * SSL for more protocols, like SSL-FTP... |
| (http://search.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-05.txt) |