Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libsoup-3_0-0 | Distribution: SUSE Linux Framework One |
Version: 3.4.4 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: slfo.1.1.3 | Build date: Wed Aug 21 18:03:01 2024 |
Group: Development/Libraries/GNOME | Build host: h04-ch1b |
Size: 795034 | Source RPM: libsoup-3.4.4-slfo.1.1.3.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://wiki.gnome.org/Projects/libsoup | |
Summary: HTTP client/server library for GNOME |
Libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications. Features: * Both asynchronous (GMainLoop and callback-based) and synchronous APIs * Automatically caches connections * SSL Support using GnuTLS * Proxy support, including authentication and SSL tunneling * Client support for Digest, NTLM, and Basic authentication * Server support for Digest and Basic authentication * XML-RPC support
LGPL-2.1-or-later
* Thu Oct 26 2023 bjorn.lie@gmail.com - Update to version 3.4.4: + Improve HTTP/2 performance when a lot of buffering happens + Support building libnghttp2 as a subproject * Fri Sep 15 2023 bjorn.lie@gmail.com - Update to version 3.4.3: + Fix incorrect UTF-8 encoding for params in headers + Numerous HTTP/2 fixes and improvements + Fix possible crashes in connection management + Fix small leak in SoupServer + Fix the possibility of empty HTTP/2 frames being sent * Sat Apr 29 2023 bjorn.lie@gmail.com - Update to version 3.4.2: + Revert changes to request cancellation. * Fri Apr 21 2023 bjorn.lie@gmail.com - Update to version 3.4.1: + Fix HTTP/2 on platforms with unsigned char. + Change request cancellation to be handled earlier. + Add names to GSources and source tags to GTasks to aid debugging. - Run meson_test macro for all arches. * Fri Mar 17 2023 bjorn.lie@gmail.com - Update to version 3.4.0: + Fix possible crash in SoupContentSniffer. + Fix socket leak. + Add missing annotation to soup_header_g_string_append_param_quoted(). * Mon Feb 13 2023 bjorn.lie@gmail.com - Update to version 3.3.1: + Fix regression in `SoupCookieJar` not handling valid Secure cookies. + Fix crash when skipping HTTP/1 response stream with chunked enconding. + Change Session to unqueue finished items earlier without an extra MainContext iteration. * Sun Jan 22 2023 bjorn.lie@gmail.com - Update to version 3.3.0: + Add `SoupMessage::got-body-data` signal to monitor progress of reads + Add `soup_session_send_and_splice()` and `soup_session_send_and_splice_async()` convenience APIs + Add `soup_message_set_force_http1()` and `soup_message_get_force_http1()` APIs + Change `soup_cookie_copy()` to not retain default ports + Ensure `SoupServerMessage` socket is available in websocket handler + Fix `soup_message_new()` not erroring when URI has an empty host + Fix thread-saftey issues in `SoupConnectionAuth` + Fix various connection leaks + Fix the possibility of sending invalid empty `Sec-WebSocket-Protocol` header + Fix IO errors not being handled on `CONNECT` messages + Numerous improvements to cookies: - Add support for cookie prefixes (`__Secure-` and `__Host-`) - Reject cookies with control characters in name or value - Reject `SameSite=None` cookies without `Secure` - Change `soup_cookie_parse()` to be more strict about what is considered whitespace - Change default SameSite value to `Lax` - Fix `soup_cookie_equal()` with `NULL` path * Thu Nov 03 2022 bjorn.lie@gmail.com - Update to version 3.2.2: + Various HTTP/2 Fixes: - Fix `content-sniffed` not being emitted for resources without content. - Fix leak of SoupServerConnection when stolen. - Enable tests on 32-bit again, fixed upstream. * Wed Oct 12 2022 bjorn.lie@gmail.com - Update to version 3.2.1: + When built against nghttp2 1.50.0+ be relaxed about header whitespace. + Fix possible crash when cancelling an HTTP/2 message. + Fix regresion where soup_server_message_get_socket() could return NULL. + Fix minor memory leak. - Disable tests on 32-bit while waiting for https://gitlab.gnome.org/GNOME/libsoup/-/issues/309 * Thu Sep 15 2022 bjorn.lie@gmail.com - Update to version 3.2.0: + No changes, stable bump only. * Mon Sep 05 2022 bjorn.lie@gmail.com - Update to version 3.1.4: + Numerous improvements to HTTP/2 reliablity. + Fix `http` proxy authentication with default proxy resolver. + Fix undefined ``ssize_t`` with MSVC. * Sun Sep 04 2022 dimstar@opensuse.org - Update to version 3.1.3: + Fix compile error when `SOUP_VERSION_MAX_ALLOWED` is defined. - Changes from version 3.1.2: + Replace HTTP/2 tests using Quart with internal HTTP/2 server tests. + Improve version macros including adding ability to define `SOUP_DISABLE_DEPRECATION_WARNINGS`. - Drop -D http2_tests=disabled meson paramter: no longer supported. - Drop 299.patch: merged upstream. * Sat Sep 03 2022 bjorn.lie@gmail.com - Update to version 3.1.1: + Reintroduce some thread-safety to SoupSession (see https://libsoup.org/libsoup-3.0/client-thread-safety.html) + Add SoupServerMessage:tls-peer-certificate and SoupServerMessage:tls-peer-certificate-errors + Port docs to gi-docgen + Update documentation. - Replace pkgconfig(gtk-doc) with pkgconfig(gi-docgen) BuildRequires (and update options passed to meson) following upstreams port. - Add 299.patch: multithread-test: show error information in case of request failure. multithread-test: skip proxy tests if apache is not available. - Use ldconfig_scriptlets for post(un) handling. * Fri Sep 02 2022 bjorn.lie@gmail.com - Update to version 3.0.8: + Fix `http` proxy authentication with default proxy resolver. + Numerous improvments to HTTP/2 reliability. * Wed Jul 06 2022 dimstar@opensuse.org - Update to version 3.0.7: + Fix leak in SoupAuthNTLM. + Fix constructing SoupAuthNTLM objects. + Disable mutual negotiation in SoupAuthNegotiate. + http2: - Do not advertise the `h2` protocool for proxy connections. - Remove left-over headers when HTTP/1 redirects to HTTP/2. - Handle HTTP_1_1_REQUIRED error. - Read request bodies synchronously for sync requests. - Properly handle server sending shut down GOAWAY. + tests: - Remove dependency on Apache's PHP module. - Depend upon Apache's http2 module. * Fri Apr 01 2022 bjorn.lie@gmail.com - Update to version 3.0.6: + Misc HTTP/2 fixes. + Add PUT/POST support to examples/get. + Add `--user-agent` option to examples/get. + Misc meson improvements. + Fix build with Visual Studio. * Fri Mar 18 2022 bjorn.lie@gmail.com - Update to version 3.0.5: + Misc HTTP/2 fixes. + Fix missing files for installed-tests. + Fix SoupServer not properly handling invalid percent encoded paths. + Fix other areas not properly handling invalid percent encoded paths. + Fix SoupLogger:max-body-size of 0 meaning log nothing. * Fri Jan 07 2022 dimstar@opensuse.org - Update to version 3.0.4: + Fix HTTP/2 not properly handling socket timeouts. + Improvements to test reliablity. + Fix cross-compiling to Windows. + Fix tests with development glib-networking. + Expose soup_uri_copy() to Vala. * Wed Nov 24 2021 bjorn.lie@gmail.com - Update to version 3.0.3: + Fix various HTTP/2 issues. + Error when libsoup2 has been loaded before libsoup3. + Fix memory leak when using TLS. * Fri Nov 05 2021 dimstar@opensuse.org - Require libsoup-3_0-0 instead of libsoup by in the devel package: defacto the same package, as the library provides the base name, but more explicit and clearer. * Sun Oct 24 2021 bjorn.lie@gmail.com - Update to version 3.0.2: + Add support for multiple auth challenges in one response. + Fix SoupCache test failures on 32bit + Don't treat `-Wincompatible-pointer-types` as error. The `glib-mkenums` tool sometimes triggered this. + Improve `gssapi` dependency handling. + Fix undefined `ssize_t` on Windows. + Updated translations. - No longer ignore test failure on 32-bit arches, fixed upstream. * Thu Sep 30 2021 guillaume.gardet@opensuse.org - Ignore test failure on 32-bit arm, as it is done for 32-bit x86 https://gitlab.gnome.org/GNOME/libsoup/-/issues/236 * Sun Sep 26 2021 bjorn.lie@gmail.com - Update to version 3.0.1: + Move python overrides to upstream pygobject. + Fix minor build warnings. - Drop python3-Soup sub-package following upstream changes. * Mon Sep 20 2021 dimstar@opensuse.org - Update to version 3.0.0: + Remove unused dependency on libxml. + Use G_DECLARE_FINAL_TYPE when applicable and bump GLib dependency to 2.69.1. + Add PyGObject overrides for SoupMessageHeaders to behave like a dict. + Fix soup_message_add_status_code_handler() in Vala. + Ensure that all header values are valid UTF-8, other encodings are not supported. + Support Content-Disposition headers missing a disposition-type. - Drop pkgconfig(libxml-2.0) BuildRequires: follow upstream. - Split out new python3-Soup package. * Thu Sep 16 2021 sbrabec@suse.com - Remove obsolete translation-update-upstream support (jsc#SLE-21105). * Wed Aug 25 2021 dimstar@opensuse.org - Update to version 2.99.9: + Make soup_message_set_method() public API. + Make SoupMessage:http-version read only. + Prevent the same message being queued multiple times. + Allow completing SoupMessage::tls-interaction with NULL certificate. + Replace soup_server_set_ssl_cert_file() with soup_server_set_tls_certificate(). + Add SoupServer support for client certificates. + Fallback to building meson wrap of sqlite if not found. + Add soup_message_get_tls_protocol_version() and soup_message_get_tls_ciphersuite_name() API. - Changes from version 2.99.8: + Enable HTTP/2 by default. The SOUP_FORCE_HTTP1 env var can disable for debugging. + Restrict advertising brotli decoding support to HTTPS. + Add new API to handle client certificate authentication per-message as well as API to PKCS #11 PINs. + Add new build features `http2_tests` and `pkcs11_tests` to more granularly control optional test dependencies. - Changes from version 2.99.7: + Change SoupSession to only support one SoupSessionFeature of a given type. + Remove soup_session_get_features() API. + Numerous HTTP/2 fixes and improvements. - Changes from version 2.99.6: + Added HTTP/2 support. Enable by setting `SOUP_ENABLE_HTTP2` env var. - Changes from version 2.99.5: + Add soup_message_get_remote_address() API. + Fix preconnect stealing a connection. + Fix potential header issues when included in a C++ project. + Disabling tests also disables Autobahn tests by default. - Changes from version 2.99.4: + Rename SoupMessage:tls-certificate and SoupMessage:tls-certificate-errors to tls-peer-certificate and tls-peer-certificate-errors respectively. + Add SoupMessageMetrics API for tracking message events, + Add soup_message_get_connection_id() API. + Add WebSocket fuzzing tests with Autobahn. - Add pkgconfig(gnutls) and pkgconfig(libnghttp2) BuildRequires: new dependencies. - Rename libsoup-2_4-1 subpackage to libsoup-3_0-0: follow upstream library name change. - Pass -Dautobahn=disabled -Dhttp2_tests=disabled to meson: disable some tests, as we do not have all deps available. - Drop libsoup-skip-tls_interaction-test.patch: no longer needed. * Mon Aug 23 2021 dimstar@opensuse.org - Update to version 2.74.0: + IMPORTANT: Enable ssl-use-system-ca-file by default on deprecated Sync and Async sessions. + Fix including headers in C++ projects. + Fix attempting to resolve relative paths with data URIs. + Support Content-Disposition headers without a disposition-type. + Fix building VAPI bindings with latest Vala. + Fix sending a Content-Length header in a response with status code of 1xx or 204. + Updated translations. - Drop libsoup-fix-SSL-test.patch: fixed upstream. * Fri Feb 26 2021 pmonreal@suse.com - Run the regression tests using GnuTLS NORMAL priority * Mon Feb 08 2021 pmonreal@suse.com - Disable tls_interaction-test until resolved upstream * See https://gitlab.gnome.org/GNOME/libsoup/issues/120 - Add libsoup-skip-tls_interaction-test.patch * Mon Feb 08 2021 pmonreal@suse.com - Fix tests: fix SSL test with glib-networking >= 2.65.90 * See https://gitlab.gnome.org/GNOME/libsoup/issues/201 - Add libsoup-fix-SSL-test.patch - Remove patches: * libsoup-disable-ssl-tests.patch * libsoup-disable-hsts-tests.patch * Thu Nov 12 2020 dimstar@opensuse.org - Disable sysprof integration: this causes a nasty build cycle. + Pass -Dsysprof=disabled to meson. + Remove pkgconfig(sysprof-4) and pkgconfig(sysprof-capture-4), as well as pkgconfig(sysprof-4) in the devel project. * Mon Sep 14 2020 dimstar@opensuse.org - Update to version 2.72.0: + Fix critical after cancelling a message that failed auth. + Updated translations. * Sat Sep 05 2020 dimstar@opensuse.org - Update to version 2.71.1: + Add support for 308 Premanent Redirect. + Add basic sysprof profiling for HTTP messages. + Various build fixes. + Updated translations. - Add pkgconfig(sysprof-4) and pkgconfig(sysprof-capture-4) BuildRequires: new dependencies. * Fri Sep 04 2020 dimstar@opensuse.org - Update to version 2.71.0: + Redesign directory list returned for `file://` requests. + Add `SOUP_COOKIE_JAR_ACCEPT_GRANDFATHERED_THIRD_PARTY` policy. + Add soup_message_is_feature_disabled() API. + Fix potential leak when setting SoupSession:tls-interaction. + Fix building with Visual Studio. + Updated translations. - Drop libsoup-test-utils-fix.patch: fixed upstream. * Mon May 11 2020 dimstar@opensuse.org - Autodetect the location of krb5-config: krb5 adds itself to $PATH. * Thu Apr 16 2020 bjorn.lie@gmail.com - Add libsoup-disable-ssl-tests.patch: Disable ssl tests, as they randomly fail for all arches (glgo#GNOME/libsoup#188). - Rebase/refresh patches. * Tue Mar 24 2020 bjorn.lie@gmail.com - Add libsoup-test-utils-fix.patch: test-utils: Clarify meaning of an environment variable. * Sat Mar 07 2020 bjorn.lie@gmail.com - Update to version 2.70.0: + Deprecate SoupSession:proxy-uri. + Updated translations. * Wed Feb 26 2020 dimstar@opensuse.org - Update to version 2.69.90: + Add new API to expose support for same-site cookies. + Fix TRACE method not being considered safe and idempotent internally. + WebSockets: ensure a new connection is created for WebSocket requests. + WebSockets: do not start the input source when IO is closing. + Deprecate soup_date_to_timeval(). + build: Update glib requirement to 2.58. + Updated translations. * Wed Feb 26 2020 bjorn.lie@gmail.com - Update to version 2.68.4: + WebSockets: - Ensure a new connection is created for WebSocket requests. - Do not start the input source when IO is closing. + build: Update glib requirement to 2.58. * Sat Jan 25 2020 dimstar@opensuse.org - No longer recommend -lang: supplements are in use * Thu Jan 09 2020 olaf@aepfle.de - Usage of g_canonicalize_filename requires glib 2.58 * Fri Dec 20 2019 olaf@aepfle.de - meson >=0.50 is required for building * Wed Dec 04 2019 bjorn.lie@gmail.com - Update to version 2.68.3: + Fixes to testing infrastructure. + Enable GNOME support in mingw. + Allow introspection in cross builds. + Updated translations. * Tue Oct 15 2019 dimstar@opensuse.org - Disable NTLM for the time being (causes build cycle): + Drop samba-winbind BuildRequires. + Pass -Dntlm=disabled to meson. * Wed Oct 09 2019 bjorn.lie@gmail.com - Update to version 2.68.2: + Documentation fixes. + Windows compatibility test fixes. + WebSockets: client_max_window_bits in server must have a value. + build: improve diagnostics when detecting Apache. + NTLM: Make v2 authentication more robust. + Updated translations. * Thu Sep 12 2019 mgorse@suse.com - Update to version 2.68.1: + Several memory leaks fixed in tests, examples, and parsing code. + SoupServer: Fixes to Windows path handling. + Changes in version 2.68.0: + Updated translations. + Changes in version 2.67.93: + SoupMessage: Handle Transfer-Encoding: identity for compatibility reasons. + WebSockets: Only poll IO stream when needed. + WebSockets: Properly set cookies received during handshake. + WebSockets: Plug a couple of memory leaks and fix a few read-after-free memory errors. + WebSockets: document how web socket extensions should treat buffers in case of error. + SoupSession: Don't reset user GCancellable internally. + Tests: Make tests installable. + Remove deprecate GTimeVal internal usage. + CI: increase coverage by enabling all features during testing. + Updated translations. * Wed Sep 11 2019 mgorse@suse.com - Update to version 2.67.92: + Silence GTimeVal deprecation warnings. + API documentation and annotation fixes. + Plug a couple of NTLM authentication memory leaks. + Meson: Use feature options. + Meson: Do not fallback to system krb5-config for cross-compilation. + NTLM: Fix build with NTLM enabled. + Updated translations. - Changes from version 2.67.91: + HSTS: New API to retrieve information about existing HSTS policies. + Updated translations. - Changes from version 2.67.90: + WebSockets: add support for WebSocket extensions via new SoupWebsocketExtensionManager and SoupWebsocketExtension API. + WebSockets: add support for the permessage-deflate extension, enabled by default in SoupServer and in the client side only if SoupWebsocketExtensionManager is added to a session. + WebSockets: Allow sending close frames with no body. + WebSockets: ignore messages after close has been sent and received. + Meson: tls-check improved. + Meson: improve Apache checks. - Changes from version 2.67.3: + WebSockets: allow sending empty binary data. + WebSockets: fail and load the connection on invalid payload length. + WebSockets: allow NULL characters in text messages data. + WebSockets: Close connection on wrongly masked/unmasked frame as per RFC. + WebSockets: other code fixes. + NTLM: Fix NTLMv2 authentication. + SoupMessage: fix several deprecation warnings related to private data. - Changes from version 2.67.2: + gobject-introspection: Fix annotation for soup_auth_new(). + brotli: Do not advertise the decoder as it's failing with some websites. + Meson: Fix xml2 and sqlite fallbacks. + HSTS: Add SoupHSTSEnforcer:hsts-enforced signal. + HSTS: Fixes to the types used to store policies in the SQLite storage. + HSTS: Accept Strict-Transport-Security regardless of casing. + WebSockets: Ensure messages finishes when handshake fails. + WebSockets: Fix critical warnings and test failures. - Changes from version 2.67.1: + Add a brotli decoder. This adds a new dependency on libbrotli. + Add strict secure cookies support. + Add HSTS enforcer SoupSession feature (with both memory and sqlite backends). + meson gtk-doc documentation fixes. - Add libbrotlidec to BuildRequires. - Adjust meson: need "enabled" rather than "true" in a few places. - Add samba-winbind to BuildRequires: meson checks for ntlm_auth. - Meson: doc option is now gtk_doc. - Add libsoup-disable-hsts-tests.patch: these require *.localhost to resolve. * Wed Sep 11 2019 bjorn.lie@gmail.com - Update to version 2.66.3: + docs: various gtk-doc fixes. + SoupServer: Fixes to Windows path handling. - Update options passed to meson following upstream changes. * Thu May 16 2019 bjorn.lie@gmail.com - Update to version 2.66.2: + Make gettext optional (might not be available in Windows). + MSVC: set encoding to UTF-8 to avoid errors. + MinGW tests build fix. + Check for TLS support only when external glib dependency is available. * Wed Apr 10 2019 bjorn.lie@gmail.com - Update to version 2.66.1: + Fix dylib versioning in MacOS. + Visual Studio build fixes. + MinGW build fixes. + Meson build system improvements. + Fix random CI failures due to parallel apache tests. + Code cleanups. * Tue Mar 12 2019 bjorn.lie@gmail.com - Update to version 2.66.0: + Fix lookup for libxml2 on Visual Studio builds. - Add meson_test macro in check section, run tests during build. * Tue Mar 05 2019 bjorn.lie@gmail.com - Update to version 2.65.92: + SoupConnection: Fix check for remote disconnectin idle state. + Code cleanups and warnings fixed. + Remove stale .pc.in files. + Updated translations. * Wed Feb 20 2019 bjorn.lie@gmail.com - Update to version 2.65.91: + Remove RFCs from sources. * Wed Feb 13 2019 bjorn.lie@gmail.com - Update to version 2.65.90: + Avoid using threads in SoupRequestFile asynchronous API. * Wed Feb 06 2019 bjorn.lie@gmail.com - Fix translation-update-upstream call, needed after update of translation-update-upstream in distro. * Mon Jan 21 2019 bjorn.lie@gmail.com - Update to version 2.65.2: + Remove autotools build system and change to meson by default. + Many fixes to Meson. + Improvements to the continuous integration infrastructure + Make sure SoupSession features are not disposed until all pending messages are processed. + Updated translations. * Thu Jan 03 2019 bjorn.lie@gmail.com - Update to version 2.65.1: + Added MTLMv2 responses support. + Many fixes to the meson build system. + Remove Visual Studio project files. + Enable VAPI by default. + New strict header field parameter parsing API. + Code cleanups. + Updated translations. - Drop meson and apidocs beconds and conditionals, fixed upstream. * Wed Oct 24 2018 bjorn.lie@gmail.com - Update to version 2.64.2: + TLD tests updated. + Updated translations. * Wed Sep 26 2018 bjorn.lie@gmail.com - Update to version 2.64.1: + Many fixes to the meson build system (which, by the way, is NOT official yet). + Updated translations. - Changes from version 2.64.0: + Many fixes to the meson build system. + Updated translations. * Sun Sep 02 2018 luc14n0@linuxmail.org - Conditionalize meson use: it's currently providing wrong capability leading to every package autodepending on libsoup-2.4.so.1() capability to get "Unresolvable" (glgo#GNOME/libsoup#9). * Wed Aug 29 2018 luc14n0@linuxmail.org - Update to version 2.63.92: + Updated translations. - Add: + meson BuildRequires and replace configure/make/make_install/\ make_check with meson/meson_build/meson_install/meson_test macros to follow upstream's build system port to Meson. + libsoup-add-missing-po-meson_build.patch (glgo#GNOME/libsoup#6). - Drop no longer needed intltool BuildRequires: upstream migrated to Gettext. - Conditionalize build of API docs: they are currently failing (glgo#GNOME/libsoup#8). - Enable tests run to increase QA of package. * Thu Aug 16 2018 bjorn.lie@gmail.com - Update to version 2.63.91: + Simplify soup_hosts_matches_host(). + Add new tests for trailing dots in domain names. + Updated translations. * Fri Aug 10 2018 bjorn.lie@gmail.com - Update to version 2.63.90: + Set default cookie path for NULL origins. + Fixes to GObject-introspection. + Use atomic-refcounting in classes that are not using GObject-refcounting. + Many Coverity-found code fixes. + Bail out on cookie-jar calls with empty hostnames. + Fixes to the simple-httpd example. * Fri Aug 10 2018 bjorn.lie@gmail.com - Update to version 2.62.3: + Check for trailing dots in domains. + Set default cookie path for NULL origins. + Use atomic-refcounting in classes that are not using GObject-refcounting. + Many Coverity-found code fixes. + Bail out on cookie-jar calls with empty hostnames. - Drop libsoup-boo1100097-empty-string.patch: Fixed upstream. * Fri Jul 20 2018 mgorse@suse.com - Add libsoup-boo1100097-empty-string.patch: fix crash when handling empty hostnames (boo#1100097 CVE-2018-12910). * Sun Jun 03 2018 luc14n0@linuxmail.org - Update to version 2.63.2: + Fix critical warning in SoupSocket. + Updated translations. * Sun May 13 2018 luc14n0@linuxmail.org - Update to version 2.63.1: + Fix digest authentication with encoded URIs (bgo#794208). + Avoid unaligned memory accesses in WebSocket implementation (bgo#794421). + Fix crash under soup_socket_new() (bgo#762138). + Use libpsl for the SoupTLD API instead of shipping a copy of the public-suffix list (bgo#769650). + Introspection documentation fixes (bgo#795135). + Minor cleanups and fixes. + Updated translations. - Add: + pkgconfig(libpsl) BuildRequires: new dependency. + pkgconfig(glib-2.0) BuildRequires to avoid implicit dependencies. - Drop: + glib-networking BuildRequires: this is actually a runtime requirement only. + python3-base BuildRequires: aside from being an implicit dependency, this is only required when using apache-httpd configure option for using a python script to get the Apache modules directories. + libsoup-SoupCookie-fix-instrospection-annotation.patch: fixed upstream. * Tue May 08 2018 bjorn.lie@gmail.com - Update to version 2.62.2: + Fixes to instrospection annotation (bgo#795135). + Fixes to the test suite with PHP version >= 7.2 (bgo#795111). + Critical warning fixes to SoupSocket. + Updated translations. - Drop upstream fixed patches: + libsoup-SoupCookie-fix-instrospection-annotation.patch (bgo#795135). + libsoup-xmlrpc-server-dont-count-null.patch (bgo#795111). + libsoup-soup-socket-fix-critical-warning.patch. * Wed Apr 25 2018 bjorn.lie@gmail.com - Add upstream bug fix patches: + libsoup-SoupCookie-fix-instrospection-annotation.patch (bgo#795135). + libsoup-xmlrpc-server-dont-count-null.patch (bgo#795111). + libsoup-soup-socket-fix-critical-warning.patch. * Mon Apr 09 2018 bjorn.lie@gmail.com - Update to version 2.62.1: + Fix digest authentication with encoded URIs (bgo#794208). + Avoid unaligned memory accesses in WebSocket implementation (bgo#794421). + Use base domain to decide if cookies are third-party (bgo#792130). + Fix crash under soup_socket_new() (bgo#762138). * Tue Mar 20 2018 dimstar@opensuse.org - Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). * Mon Mar 12 2018 dimstar@opensuse.org - Update to version 2.62.0: + Updated translations. * Mon Mar 05 2018 dimstar@opensuse.org - Update to version 2.61.91: + Add limit to header length to avoid DOS attacks (bgo#792173). + Update the public-suffix list. + Revert "cookie-jar: use base domain to decide if cookie is third party" (bgo#792130). * Wed Feb 28 2018 dimstar@opensuse.org - Modernize spec-file by calling spec-cleaner * Tue Feb 06 2018 luc14n0@linuxmail.org - Update to version 2.61.90: + Various improvements to the WebSocket implementation (bgo#792113). + cookie-jar: use base domain to decide if cookie is third party (bgo#792130). + Add new API to create a new connection from a SoupSession (bgo#792212). + soup-headers: accept any 3 digit number as message status code (bgo#792124). - Remove unneeded %clean section: RPM does this kind of work itself already. - Adopt the use of %make_build macro rather than raw make command, following the best practices. * Mon Jan 22 2018 dimstar@opensuse.org - Update to version 2.61.2: + Session: don't request Keep-Alive for upgraded connections (bgo#788723). * Mon Jan 22 2018 dimstar@opensuse.org - Update to version 2.61.1: + tld-parser: use Python 3 (bgo#785735). + Fix heap-buffer-overflow in soup_ntlm_parse_challenge() (bgo#788037). + Fix possibly uninitialized value in ssl-test. + SoupCache: fix the timestamp for responses (bgo#791031). - Drop libsoup-tld-parser-py3.patch: fixed upstream. * Fri Jan 19 2018 bjorn.lie@gmail.com - Update to version 2.60.3: + heap-buffer-overflow in soup_ntlm_parse_challenge() (bgo#788037). + session: don't request Keep-Alive for upgraded connections (bgo#788723). + soup-headers: accept any 3 digit number as message status code (bgo#792124). * Tue Dec 05 2017 dimstar@opensuse.org - Use python3 during build: + Add libsoup-tld-parser-py3.patch: Use python3 for tld-parser. + Add python3-base BuildRequires. * Fri Oct 27 2017 luc14n0@linuxmail.org - Update to version 2.60.2: + Fix documentation typos (bgo#788920). + format-zero-length warning triggered in soup-logger.c (bgo#789096). + Warnings while generating inrospection files (bgo#789099). + Updated translations. - Add conditional use for translation-update-upstream: suse-only requirement. - Update Url to https://wiki.gnome.org/Projects/libsoup: current libsoup's project web page. - Run spec-cleaner -p to get respectives pkgconfig(*): gio-2.0, gobject-2.0, gobject-introspection-1.0, gtk-doc and libxml-2.0. * Wed Oct 11 2017 luc14n0@linuxmail.org - Update to version 2.60.1: + Fallback to another authentication type if the current failed (bgo#788238). + Fix unbalanced G_GNUC_BEGIN_IGNORE_DEPRECATIONS use in soup-session.c (bgo#787166). + SoupCache: fix setting default value for cache dir (bgo#788452). + Updated translations. - Update Url to https://wiki.gnome.org/LibSoup: current LibSoup's web page. * Tue Sep 12 2017 dimstar@opensuse.org - Update to version 2.60.0: + Updated translations. * Tue Aug 15 2017 zaitor@opensuse.org - Update to version 2.59.90.1: + Fixed a chunked decoding buffer overrun that could be exploited against either clients or servers (bgo#785774, CVE-2017-2885). - Changes from version 2.59.90: + Several SoupAuthNegotiate compatibility fixes (bgo#783780, bgo#783781). + Include a payload in SoupWebsocketConnection's "ping" messages (to avoid problems with certain buggy server implementations), and emit a signal when receiving a "pong" (to allow apps to notice when the remote peer has disconnected them) (bgo#785660). + Fix the interpretation of wss:// URIs, which previously mostly didn't work (bgo#784766). + Fixed SoupContentSniffer behavior on XML files with no Content-Type (webkit#173923). + Fixed a bug with cancelling async requests (bgo#773257). + Reverted the (undocumented) change in 2.58.0 to call soup_session_abort() after changing SoupSession:proxy-resolver; while this made its behavior more consistent with :proxy-uri, it ended up breaking things (bgo#781590). + Allow HTTP responses that have no trailing CRLF after the response headers (and no body) (bgo#780352). + Fixed an out-of-bounds read in SoupURI parsing (bgo#785042). + Fixed a spurious (debug-level) error message in SoupWebsocketConnection (bgo#784935). + Fixed introspection annotations on soup_message_headers_get_content_range(). + Fixed a flake in tests/header-parsing (bgo#777258). + Update tests/test-cert.pem to use stronger algorithms to avoid problems with newer gnutls (bgo#784949). + Fixed examples/get to not accidentally break https certificate validation (bgo#784259). + Misc updates to apache/php stuff in unit tests. * Mon Aug 14 2017 zaitor@opensuse.org - Update to version 2.58.2 (CVE-2017-2885, boo#1052916): + Fixed a chunked decoding buffer overrun that could be exploited against either clients or servers (bgo#785774, CVE-2017-2885). * Sat May 20 2017 dimstar@opensuse.org - Replace krb5-devel BuildRequires with pkgconfig(krb5): This does not exactly reproduce what configure is looking for (it ignores the .pc file) but it helps OBS in chosing between krb5 and krb5-mini, shortening build cycles. * Wed May 10 2017 zaitor@opensuse.org - Update to version 2.58.1: + Reverts a change to SoupSession to close all open connections when the :proxy-resolver property is changed (bgo#777326). This change was made in 2.58.0 but accidentally left out of the NEWS for that release; although that behavior made :proxy-resolver more consistent with :proxy-uri, it ended up breaking Evolution EWS (bgo#781590). + Fixed undefined behavior in tests/header-parsing that could make the test spuriously fail (bgo#777258). + Updates to the configure tests for Apache for use in tests/: - Dropped support for Apache 2.2. - Changed PHP support from PHP 5 to PHP 7. - mod_unixd can now be either built-in or dynamically loaded (bgo#776478). + Updated translations. * Tue Apr 25 2017 dimstar@opensuse.org - Update to version 2.58.0: + Fix authentication issues when the SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag is used (bgo#778497, bgo#777936). + MSVC build improvements. + Updated translations. * Tue Dec 13 2016 dimstar@opensuse.org - Update to version 2.57.1: + Added SoupWebsocketConnection:keepalive-interval, to make a connection send regular pings (bgo#773253). + Added soup_auth_manager_clear_cached_credentials() and SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE, to allow greater control over the use of cached HTTP auth credentials (bgo#774031, bgo#774033). + Fixed the use of SoupSession:proxy-uri values containing passwords (bgo#772932). + Various minor WebSocket fixes: - Avoid sending data after we start closing the connection (bgo#774957). - Do not log a critical if the peer sends an invalid close status code. - Log a debug message when a "pong" is received. + Fix introspection of soup_message_headers_get_content_range(). + Replaced Vala [Deprecated] annotations with [Version] to avoid build warnings (bgo#773177). + MSVC build improvements. + Updated error/message strings to use Unicode punctuation (bgo#772217). + Updated translations. * Tue Sep 20 2016 zaitor@opensuse.org - Update to version 2.56.0: + Added SoupWebsocketConnection:max-incoming-payload-size property, to override the default maximum incoming payload size (bgo#770022). + Added soup-version.h symbols (in particular soup_check_version()) to introspection (bgo#771439). + Updated the copy of the public suffix list used by SoupTLD (bgo#769650). + Updated translations. * Tue Aug 16 2016 dimstar@opensuse.org - Update to version 2.55.90: + Removed support for SSLv3 fallback; sites that reject TLS 1.x handshakes will now just fail with an error (Firefox and Chrome have both already switched to this behavior) (bgo#765940). + Fixed the parsing of <double>s in the new GVariant-based XMLRPC code (bgo#767707). + Fixed soup_server_set_ssl_cert_file(), which was added in 2.48 but didn't actually work. + Added GObject properties to SoupLogger to make it bindings-friendly (bgo#768053). + Fixed build error on FreeBSD (bgo#765376). + Fixed build with certain new versions of glibc that define "EOF" as a macro (bgo#768731). + Updated m4/ax_code_coverage.m4 with support for lcov 1.12. + Updated po files for future gettext versions. + Updated translations. - Drop libsoup-Prefix-signal-ID.patch: fixed upstream. * Tue Jul 26 2016 zaitor@opensuse.org - Add libsoup-Prefix-signal-ID.patch: Buildfix commit from upstream git. * Tue Apr 26 2016 zaitor@opensuse.org - Update to version 2.54.1: + Fixed an ABI break in 2.54.0 caused by adding a member to SoupAuthClass; 2.54.1 is ABI-compatible with 2.53.92 and earlier, but NOT with the anomalous 2.54.0. If you built packages against 2.54.0, you will need to rebuild them against 2.54.1. + Fixed NTLM authentication when ntlm_auth from the latest version of Samba is present (bgo#765106). + Updates to MSVC build, including for GSS-API support. + Updated translations. - Drop libsoup-auth-ntlm-fix.patch: Fixed upstream. * Fri Apr 22 2016 zaitor@opensuse.org - Add libsoup-auth-ntlm-fix.patch: Fix NTLM auth failure with latest samba (bgo#765106, boo#976110). * Fri Mar 25 2016 zaitor@opensuse.org - Update to version 2.54.0.1: + Fix a build problem with the 2.54.0 tarball, which would not build if you configured with "--without-gnome". * Tue Mar 22 2016 dimstar@opensuse.org - Update to version 2.54.0: + Fixed examples/simple-httpd on Windows (bgo758759). * Tue Mar 15 2016 dimstar@opensuse.org - Update to version 2.53.92: + libsoup now supports HTTP "Negotiate"/GSSAPI/Kerberos authentication. It must be enabled specifically by the application and is also subject to certain other restrictions, some of which are not yet controllable through the API (bgo#587145). + Added support for building under MSVC (bgo#758759). + Fixed a problem with the 2.53.90 tarball that caused translations to be mis-installed. + Updated translations. - Remove intltoolize call: the tarball has been corrected. - Add krb5-devel BuildRequires: new dependency for krb5 support. - Pass --with-krb5-config=%{_libexecdir}/mit/bin/krb5-config and - -with-gssapi to configure in order to enable krb5 support. * Tue Feb 16 2016 dimstar@opensuse.org - Update to version 2.53.90: + NUL bytes in headers are now ignored (bgo#760832). + Fixed transfer annotation of soup_form_decode* functions (bgo#743966). + Updated translations. - Call intltoolize before configure in order to fix up the tarball to work with recent versions of intltool. * Tue Nov 24 2015 zaitor@opensuse.org - Update to version 2.53.2: + Fixed up symbol visibility handling for mingw by copying GLib's system (bgo#757146). + Finally marked the old SoupSessionAsync and SoupSessionSync methods as deprecated (bgo#757146). + Added libsoup-2.4.deps for valac. + Make it possible to build from git without gtk-doc being installed. + Updated translations. * Tue Nov 24 2015 zaitor@opensuse.org - Update to version 2.53.1: + Really fixed build under MinGW for sure this time. + Fixed SoupServer Web Sockets code so that the SoupClientContext passed to a SoupServerWebsocketCallback is fully usable (rather than crashing when you try to do most things). * Tue Nov 10 2015 zaitor@opensuse.org - Update to version 2.52.2: + Fixed build under MinGW. + Fix SoupServerWebsocketCallback handling so that the SoupClientContext passed to it is still valid. + Added a .deps file to define dependencies for valac. * Mon Oct 12 2015 zaitor@opensuse.org - Update to version 2.52.1: + Fixed build under MinGW. + Fixed build with --disable-introspection (bgo#755389). + Fixed HTTP authentication protection space handling for files directly under the root directory (bgo#755617). + Fixed a warning when loading data from SoupCache while using an authenticated proxy (bgo#756076). + Updated translations. * Mon Sep 21 2015 dimstar@opensuse.org - Update to version 2.52.0: + Removed duplicate test paths from tests/date so it will pass with glib 2.46.0. * Wed Sep 16 2015 dimstar@opensuse.org - Update to version 2.51.92: + Added g_autoptr() support for all libsoup types (bgo#754721). + Added a missing (allow-none) annotation to soup_uri_normalize() (bgo#754776). + Updated translations. * Mon Aug 17 2015 zaitor@opensuse.org - Update to version 2.51.90: + Added a new GVariant-based XMLRPC API, and deprecated the old GValue-based API (along with the associated GValue-manipulating utilities) (bgo#746495). + Multiple build fixes for Visual Studio (bgo#752952). + Added VAPI generation (bgo#750679). + Fixed the mode bits on soup-cookie.c, which was previously marked executable for some reason (rh#1247285). + Updated translations. - Add pkgconfig(vapigen) BuildRequires: New dependency. * Fri Jun 26 2015 zaitor@opensuse.org - Update to version 2.51.3: + Fixed "make check" in non-English locales (rh#1224989, bgo#749397). + Fixed some compiler warnings (bgo#748514). + Updated translations. * Mon Mar 23 2015 dimstar@opensuse.org - Update to version 2.50.0: + Updated translations. * Tue Mar 17 2015 dimstar@opensuse.org - Update to version 2.49.92: + Fixed an NTLM problem that caused spurious "Authentication Failed" errors in evolution-ews (bgo#735197). + Updated translations. * Tue Mar 03 2015 dimstar@opensuse.org - Update to version 2.49.91.1: + websockets: minor optimization. + websockets: fix 32-bit build. + docs: fix build. + tests: fix when building without glib-networking available. * Tue Mar 03 2015 dimstar@opensuse.org - Update to version 2.49.91: + Libsoup now has support for WebSockets in both SoupSession and SoupServer (bgo#627738). + Added support for NTLMv2 Session Security to SoupAuthNTLM. (This is transparent to the app/user; if the server supports it, it will be used) (bgo#739192). + Added soup_server_accept_iostream() to allow feeding a non-GSocketConnection GIOStream to SoupServer (eg, when accepting HTTP requests on some other sort of connection) (bgo#744186). + Added soup_session_steal_connection() and soup_client_context_steal_connection(), to allow you to steal a GIOStream from a SoupSession or SoupServer and then use it for non-HTTP purposes (bgo#721343). + Added soup_server_add_early_handler(), for adding SoupServer handlers to run at :got-headers time rather than :got-body (eg, to set up a streaming read of the request body) (bgo#625645). + Added a new SOUP_MESSAGE_IGNORE_CONNECTION_LIMITS flag, which can be used to bypass SoupSession:max-conns and SoupSession:max-conns-per-host on a per-message basis (bgo#744720). + Multiple SoupCache fixes: - Leaked resources are now cleaned up when opening the cache (bgo#667682). - The "Age" header is no longer added to cached responses (bgo#741108). - Fixed the interpretation of the "must-revalidate" directive to not be stricter than required (bgo#744468). - Messages retrieved from cache now behave slightly more like non-cache messages in terms of SoupSession signals and timing (bgo#744788). Additionally, there is a new SoupMessage::starting signal, which is like SoupSession::request-started, but emitted for cached resources as well (bgo#731153). + Fixed soup_session_cancel_message() to work reliably on paused messages (bgo#745094). + Added code-coverage support to the build (bgo#744744). + Fixed the library symbol check in "make check" to work when building with linker options that result in slightly different organization (bgo#741348). + Added a hack to SoupSessionFeature so that people will stop re-reporting an old Eclipse bug against libsoup (bgo#710242). + Miscellaneous bug and leak fixes in the test programs, leak fixes in libsoup, and documentation updates. + Updated translations. * Wed Dec 17 2014 zaitor@opensuse.org - Update to version 2.49.1: + Fixed a bug in the SoupMessage:event signal that broke evolution's ability to connect to https hosts with "bad" certificates (bgo#739951). + Fixed a case where the async codepaths could potentially block on a synchronous write (bgo#727138). + Fixed the symbol soup_server_set_ssl_cert_file() to get exported, and added soup_server_get_uris() to the documentation. + Improved a bunch of introspection annotations (bgo#729987). + Clarified some documentation. + Fixed Windows build, twice (bgo#738003, bgo#738551). + Updated translations. * Wed Dec 17 2014 zaitor@opensuse.org - Update to version 2.48.1: + Fixed a bug in the SoupMessage:event signal that broke evolution's ability to connect to https hosts with "bad" certificates (bgo#739951). + Fixed a case where the async codepaths could potentially block on a synchronous write (bgo#727138). + Fixed the symbol soup_server_set_ssl_cert_file() to get exported, and added soup_server_get_uris() to the documentation. + Improved a bunch of introspection annotations (bgo#729987). + Clarified some documentation. + Fixed Windows build, twice (bgo#738003, bgo#738551). + Updated translations. * Tue Sep 23 2014 dimstar@opensuse.org - Update to version 2.48.0: + Updated translations. * Mon Sep 15 2014 zaitor@opensuse.org - Update to version 2.47.92: + Fixed a crash in SoupCache when receiving certain invalid Cache-Control headers (bgo#733587). + Updated translations. * Tue Jul 22 2014 dimstar@opensuse.org - Update to version 2.47.4: + Fixed two crashes that could occur in multithreaded use (in particular, with the latest git gvfs) (bgo#732783, bgo#732925). + Fixed the handling of data: URIs with base64-encoded data but no explicit MIME type (bgo#732112). + Fixed a bug in SoupAuthNTLM that affected 28-character-long passwords (bgo#732087). + Fixed tests to pass with GLib git master (which warns if you use deprecated GObject properties, and which also caught a mutex-handling bug in test-utils.c). + Updated translations. * Sat Jul 12 2014 dimstar@opensuse.org - Update to version 2.47.3: + Added new-and-improved SoupServer API, and deprecated much of the existing API. + SoupSession now has a :tls-interaction property, which can be used to add a GTlsInteraction to a session, allowing it to provide a client-side certificate if the server requests one (bgo#334021). + soup_session_abort() no longer tries to close active connections, which was causing crashes in evolution (rh#1093314). + Fixed a GMainContext-handling bug that could cause crashes in gstreamer's souphttpsrc (bgo#729737). + Fixed a memory leak when requesting to delete a cookie that didn't exist. + Updated translations. * Tue Mar 25 2014 dimstar@opensuse.org - Update to version 2.46.0: + No changes, just a version bump. * Wed Mar 19 2014 dimstar@opensuse.org - Update to version 2.45.92: + Fixed problems with using an http proxy on port 80. + Plugged a small per-connection leak. + Belatedly bumped up the glib requirement to 2.38, which is required for the TAP driver. + Fixed up some leftover issues from the test porting to gtestutils. * Wed Feb 19 2014 zaitor@opensuse.org - Update to version 2.45.90: + Fixed a problem where libsoup would use the "http" proxy settings for "https" requests (bgo#724316). + Updated SoupContentSniffer to match the current version of the MIME sniffing specification (bgo#648849, bgo#715126). + Updated the soup-tld APIs to accept ASCII-encoded hostnames in addition to UTF-8 ones. + Ported the test programs to the gtestutils framework, added support for installed tests, and made the tests use the TAP driver. + Some tests still need to be split up into more pieces, and the debug output is now somewhat less useful in some cases. + Fixed the test programs to not depend on local proxy settings. + Added some more checks to header-tests (bgo#722341). + Fixed the "simple-proxy" example program, which had been broken for a while. + Updated translations. * Mon Dec 16 2013 dimstar@opensuse.org - Update to version 2.45.3: + The documentation has finally been updated to reflect the new APIs added in 2.42. + Added GBytes-valued :request-body-data and :response-body-data properties to SoupMessage, which should help some bindings. + We now set TCP_NODELAY on sockets, improving throughput a bit. In particular, this avoids an unnecessary extra round trip in the TLS handshake. + The SoupSession APIs that return GErrors now return the actual underlying gio errors in the event of connection failures and the like. + Updated the copy of the Public Suffix list used by soup-tld. + Updated the soup_server_pause_message() / soup_server_unpause_message() documentation to clarify when you can and can't call them (bgo#710602). + soup_message_set_request() and soup_message_set_response() now g_warn_if_fail() if you pass an invalid Content-Type (And they also have better introspection annotations) (bgo#686766). + session-test now passes when run against the dummy TLS backend (ie, if you don't have glib-networking installed), as long as you have the latest glib. + Fixed build with -Werror=format-nonliteral (bgo#720082). + Fix build with --without-ntlm (bgo#710267). + Fixed a few warnings. + Updated translations. * Mon Nov 11 2013 dimstar@opensuse.org - Update to version 2.44.2 (bnc#849913): + Fixed a hang with internet radio streams in Rhythmbox (and some other places) (bgo#710494). + Fixed a connection leak when cancelling the close of a message GInputStream (bgo#711260). + Plugged a few memory leaks (bgo#711085) + Fix build with --without-ntlm (bgo#710267) + Fixed a few warnings. + Fixed connection-test to pass with current glib (bgo#711361). + Tests are now more verbose by default under "make check", since current automake just redirects all the output to a log file anyway. * Tue Oct 15 2013 dimstar@opensuse.org - Update to version 2.44.1: + Fixed a sporadic failure in tests/connection-test. + Bugs fixed: bgo#695652, bgo#707711, bgo#708621, bgo#708696, bgo#709647. + Updated translations. * Tue Sep 24 2013 dimstar@opensuse.org - Update to version 2.44.0: + Updated translations. * Tue Sep 17 2013 dimstar@opensuse.org - Update to version 2.43.92: + Fixed a bug in the connection-pool code, which would in certain cases accidentally keep using a connection after a message was cancelled while in progress (bgo#708006). + Fixed some problems when falling back from samba single-sign-on-based NTLM to ordinary ask-for-a-password NTLM. (bgo#703186). + When sending a conditional GET request, SoupCache now preserves the original message's list of disabled features, ensure that it gets back the same kind of response the original message would have (bgo#706338). + Fixed a warning when the remote host closes the connection while we are writing something using chunked encoding (bgo#703297). + Added SoupServer:http-aliases and :https-aliases properties, to specify URI schemes that should be treated as though they were http (bgo#703694). + Fixed race conditions in cache-test and timeout-test that could cause spurious failures (bgo#698305). * Mon Aug 19 2013 dimstar@opensuse.org - Update to version 2.43.90: + Fixed the handling of unsatisfiable range requests in SoupServer. + Fixed the handling of IPv6 address literals with scope IDs (bgo#669724). * Tue Jul 30 2013 dimstar@opensuse.org - Update to version 2.43.5: + SoupProxyURIResolver is now deprecated in favor of the SoupSession:proxy-resolver property (bgo#680273). + The SoupKnownStatusCode enum is now called SoupStatus (bgo#684409). + Fixed the parsing of URI schemes in SoupURI (bgo#703776). + Fixed SoupLogger to print a message's response headers even if the message gets cancelled before the complete response body is received (bgo#703200). + Fixed a build problem in non-UTF-8 locales (bgo#702534). + SoupSession now warns if you use soup_session_pause_message() or soup_session_unpause_message() on a synchronous message (bgo#703461). * Tue Jul 09 2013 dimstar@opensuse.org - Update to version 2.43.4: + Fixed a bug that could cause synchronous sessions to get stuck in a state where no new messages would ever get processed (bgo#703463). + Fixed another memory leak in SoupSocket (found while added a test case for bgo#700472). + Switched to using g_cclosure_marshal_generic() rather than using glib-genmarshal (bgo#686042). + Changed SoupServer to call unref() on the query hash table after calling the handler, rather than destroy(), so that the handler can keep a copy of the query data if it wants (bgo#702793). + Fixed a few introspection annotations. + Updated examples/get to use SoupLogger and to allow redirecting the output to a file (bgo#703231, bgo#703229). * Tue May 28 2013 dimstar@opensuse.org - Update to version 2.43.2: + Fixed an authentication error when using NTLM when connecting to an https site over a proxy; the code was getting confused and thinking that the 200 OK response to the CONNECT meant that NTLM auth had succeeded (bgo#698728). + Fixed a memory leak in SoupSocket (bg0#700472). + Fixed a missing include error on some platforms (bgo#700003). + Fixed warnings when running against the "dummy" TLS backend (bgo#700518). * Wed May 01 2013 dimstar@opensuse.org - Update to version 2.43.1: + Including <libsoup/soup.h> no longer pulls in the system networking headers. This may cause some packages to no longer compile, if they were accidentally depending on this. Adding "#include <gio/gnetworking.h>" will fix them (bgo#692134). + Fixed SoupSession:proxy-resolver (bgo#698163). + Added soup_message_set_priority(), to mark messages as being high, low, or normal priority, and update the message queue to prioritize them accordingly (bgo#696277). + Fixed several test programs to still work if glib-networking isn't installed and fixed another to still work if the kernel has no IPv6 support (bgo#698220). * Tue Apr 16 2013 dimstar@opensuse.org - Update to version 2.42.1: + Fixed SoupProxyResolverDefault (bgo#697028). + Fixed a gigantic memory leak when using SoupCache (bgo#696594). + Fixed a build problem on Windows (bgo#696354). + Fixed ntlm-test to pass whether or not Samba ntlm_auth support was compiled in (bgo#697510). + Updated translations. * Mon Mar 25 2013 dimstar@opensuse.org - Update to version 2.42.0: + Fixed a compiler warning on 32bit in a test program. + Updated translations. * Thu Mar 21 2013 sbrabec@suse.cz - Added support for translation-update-upstream. * Mon Mar 18 2013 dimstar@opensuse.org - Update to version 2.41.92: + Fixed a bug that caused libsoup to retry an incorrect password repeatedly, forever, in a certain case that affected Google calendars in evolution in particuar (rh##916224). + Also added code to make such infinite retry loops impossible in the future. + Fixed SoupRequestData's handling of URIs with "%00" in them (bgo##695246). + Added the SoupSession:proxy-resolver property (bgo#680273). + Added missing G_BEGIN_DECLS/G_END_DECLS to soup-message-headers.h, so that its functions can be called from C++. + Updated translations. * Tue Mar 05 2013 dimstar@opensuse.org - Update to version 2.41.91: + Fixed a crash that showed up with XMLRPC requests in WebKitGTK (bgo#694920). + Fixed SoupCache to update the cached headers when it receives a 304 Not Modified response, and added a test for this (bgo#695121). + libsoup now builds under automake 1.13 (and "make check" works under the parallel test harness which is the default in 1.13) (bgo#694135). + The tests/ directory now contains only actual test programs that are run by "make check", and the programs that are intended more as example code are under examples/. + Updated translations. * Tue Feb 19 2013 dimstar@opensuse.org - Update to version 2.41.90: + Added SoupSession:local-address property, which allows you to force connections to bind to a particular local address (bgo#693215). + Fixed SoupCache to properly handle messages that get cancelled, and added tests for this (bgo#692310). + Fixed a reference leak in SoupCache that resulted in epiphany hanging for several seconds on exit and then eventually printing "Cache flush finished despite X pending requests". And added more tests (bgo#682527). + Fixed SoupAuthNTLM so that SoupSession:authenticate gets emitted with retrying=TRUE if the first attempt fails (bgo#693222). + Fixed the SoupSession:add-feature-by-type property to accept non-SoupSessionFeature features as well. + Fixed a build bug that would break all the apache-based tests if you didn't have PHP installed (bgo#693311). + Updated translations. * Tue Feb 05 2013 dimstar@opensuse.org - Update to version 2.41.5: + Reverted the change to SoupURI's password handling from 2.41.4, since it turns out to have broken some things (bgo#692149). + Avoid a g_return_if_fail() when loading SoupSession:ssl-ca-file fails (bgo#691930). + Fixed a bug in SoupBodyInputStream that caused redirects in WebKitGTK to hang. (bgo#692026). + Updated translations. * Wed Jan 16 2013 dimstar@opensuse.org - Update to version 2.41.4: + Lots of docs fixes. + The plain SoupSession type now supports soup_session_queue_message(), soup_session_send_message() and there are now soup_session_new() and soup_session_new_with_options(). + The mirroring of the SoupMessage API onto SoupRequestHTTP, added in 2.41.3, has been reverted. However, new APIs soup_session_send() and soup_session_send_async() have been added that let you use the GInputStream-based API with SoupMessages rather than SoupRequest, so if you're doing HTTP-specific stuff, you can just use that instead. + soup_message_get_https_status() now returns the certificate and flags for unsuccessful https connections as well as successful ones (bgo#690176). + Fixed a deadlock when calling soup_session_abort() on a SoupSessionSync in some cases (bgo#691399). + Internal SoupCache rewrites/improvements (bgo#682112). + Plugged a memory leak in SoupCache (bgo#690382) and in SoupAuthDigest (bgo#690142). + LIBSOUP_DISABLE_DEPRECATED has been renamed to SOUP_DISABLE_DEPRECATED. + Fixed the samba-windbind-based NTLM support. + SoupAuthManager is now a public class. + SoupURI now treats "http://user@example.com" as having a password of "" rather than NULL. + build: libsoup now uses autoreconf instead of gnome-autogen.sh, and no longer uses AM_GLIB_GNU_GETTEXT. + Updated translations. * Wed Jan 16 2013 dimstar@opensuse.org - Update to version 2.41.3: + SoupRequest is now stable API. SoupRequester, however, is deprecated. Instead you can now call soup_session_request() or soup_session_request_uri() to create a SoupRequest. + SoupRequestHTTP now has a number of fields and methods that mirror the SoupMessage data, so you don't have to use soup_request_http_get_message() in many cases. On the flip side, there is also now soup_message_get_request(). And you can create a SoupRequestHTTP directly (and override its request method) by using soup_session_request_http() or soup_session_request_http_uri()). + soup_message_set_chunk_allocator() is now deprecated; apps that want to do streaming reads should just use SoupRequest, which is vastly more sane. + SoupPasswordManager is now deprecated, and SoupPasswordManagerGNOME is now a no-op (and libsoup-gnome no longer links against libgnome-keyring) (bgo#594377, bgo#679866) + SoupCookieJarSqlite is now deprecated in favor of SoupCookieJarDB, which is exactly the same thing except that it's in libsoup itself rather than being in libsoup-gnome + SoupProxyResolverGNOME is now deprecated; there hasn't been any real reason to use it since SoupProxyResolverDefault was added. + SoupSession is no longer an abstract class, and you can create a plain SoupSession, which behaves in a more traditionally-gio-like way. + Usernames and passwords passed into SoupSession a URI will now be cleared after they're used, so that if they are wrong, the authenticate signal will be emitted on the next round (bgo#689673) + SoupURI now leaves "%00" in URIs as-is, rather than decoding it to "\0", which was not intended and is never useful. + Fixed a bug in SoupBodyOutputStream that could cause libsoup to sometimes use blocking I/O rather than non-blocking when writing chunked message bodies (bgo#688974) + Fixed a bug in SoupFilterInputStream that could cause some non-blocking reads to suck up CPU while waiting for the network + tests: misc small fixes + Updated translations. - Replace sqlite3-devel BuildRequires with pkgconfig(sqlite3). - Drop libgnome-keyring-devel BuildRequires: no longer needed. * Tue Jan 15 2013 dimstar@opensuse.org - Update to version 2.41.2: + libsoup-2.4.so and libsoup-gnome-2.4.so now only export the symbols that are part of the public API. (bgo#595176) + Added SOUP_VERSION_MIN_REQUIRED / SOUP_VERSION_MAX_ALLOWED macros like the corresponding glib ones, to allow libsoup users to request per-version deprecation/availability warnings. + Fixed a crash caused by a race condition in SoupSessionSync, and reorganized some code to avoid other possible similar race conditions. (bgo#684238) + Fixed a crash when a DNS resolution failed, caused by a bug in the GTask porting in 2.41.1. (bgo#688330) + Fixed a problem that would cause g_warning()s in epiphany when browsing sites that (incorrectly) returned empty Cache-Control headers. (bgo#683433) + We now add a Host header to HTTP/1.0 requests as well as HTTP/1.1 ones. + Fixed a bug in the printing of IPv6 address literals in the Host header in SoupLogger. + Belatedly added soup-multipart-input-stream.h to soup.h. + Removed an evil hack in the long-deprecated SoupProxyResolver code (not to be confused with SoupProxyURIResolver) (bgo#687659) + Fixed a few race conditions in the test programs that could cause "make check" to fail on slow or heavily-loaded machines. + Further cleaned up and reorganized the internal HTTP I/O codepaths, in preparation for an improved SoupCache. (bgo#682112). + Updated translations. * Tue Jan 15 2013 dimstar@opensuse.org - Update to version 2.41.1: + Changed the behavior of NTLM authentication to be more like what other apps apparently do (bgo#624613) + Fixed a crash caused by a race condition in SoupSessionSync. (bgo#684238) + SoupRequest now supports resource:// URIs, for reading from gresource (bgo#682721) + Added new compile-time and runtime APIs for checking the libsoup version (bgo#684514) + Updated to take advantage of (and require) glib 2.35: removed all g_type_init() calls and ported to GTask. + Added support for Apache 2.4 to the unit tests. + Updated translations. * Tue Jan 15 2013 dimstar@opensuse.org - Update to version 2.40.3: + soup_message_get_https_status() now returns the certificate and flags for unsuccessful https connections as well as successful ones (bgo#690176) + Fixed a deadlock when calling soup_session_abort() on a SoupSessionSync in some cases. (bgo#691399) + Fixed a bug in SoupFilterInputStream that could cause some non-blocking reads to suck up CPU while waiting for the network. + SoupURI now leaves "%00" in URIs as-is, rather than decoding it to "\0", which was not intended and is never useful. + A few minor docs fixes. + Updated translations. * Tue Nov 13 2012 dimstar@opensuse.org - Update to version 2.40.2: + Fixed a crash caused by a race condition in SoupSessionSync (bgo#684238) + Fixed a problem that would cause g_warning()s in epiphany when browsing sites that (incorrectly) returned empty Cache-Control headers (bgo#683433) + Belatedly added soup-multipart-input-stream.h to soup.h. + Added support for Apache 2.4 to the unit tests. Also fixed a few race conditions that could cause "make check" to fail on slow or heavily-loaded machines. + Updated translations. * Tue Oct 16 2012 dimstar@opensuse.org - Update to version 2.40.1: + Improved the parsing of multipart/x-mixed-replace responses (bgo#685752). + Fixed handling of IPv6 address literals (bgo#684990). + Updated translations. * Mon Sep 24 2012 dimstar@opensuse.org - Update to version 2.40.0: + Updated translations. * Mon Sep 17 2012 zaitor@opensuse.org - Update to version 2.39.92: + Fixed some g_warnings (and a possible crash) with the soup_request_send_async() (bgo#683404). + Fixed a hang with SoupSessionSync (bgo#682923). + Handle empty "Cache-Control" headers. + Updated translations. * Tue Sep 04 2012 dimstar@opensuse.org - Update to version 2.39.91: + Added missing annotations. + Fixed a crash (bgo#682569) + Fixed the SoupMessage:network-event signal + Bugs fixed: bgo#683200 + Updated translations. * Tue Aug 21 2012 dimstar@opensuse.org - Update to version 2.39.90: + Added SoupMultipartInputStream, for handling multipart responses (particularly multipart/x-mixed-replace) (bgo#656684) + Fixed a potential crash in SoupSessionAsync after the session is finalized + Fixed a regression in soup_tls_is_public_suffix() (bgo#681085) + Added a SOUP_MESSAGE_IDEMPOTENT flag, so that apps can bypass the "POSTs must be sent on new connections" check, which was causing evolution-ews to have to create a new connection for every request (bgo#681493) + Changed SoupSession so that pending SoupMessages now hold a ref on the session. It is possible that this will break code that was depending on the old, dumb, behavior (where unreffing the session with messages pending would cause those messages to be cancelled), in which case this will be reverted before 2.40. + Fixed memory leaks found by valgrind + Cleaned up some code in SoupCache (bgo#681509) + Updated translations. * Tue Aug 07 2012 dimstar@opensuse.org - Update to version 2.39.5: + Fixed several bugs in the soup-message-io updates that could cause hangs or I/O errors (bgo#679527) + Fixed SoupServer:async-context to work properly again + Further fixes to soup_uri_normalize() when using the "unescape_extra" parameter. (bgo#680018) + Fixed soup_xmlrpc_parse_method_call() to handle the case where there is no <params> element (which is legal) (bgo#671661) + Fixed the deprecation warning on soup_message_headers_get() (bgo#680143) + Added warnings to some erroneous SoupSocket usages rather than returning bogus data (bgo#673083) + Fixed build under Windows/MinGW + SoupSocket no longer emits the "readable" signal when a socket is disconnected if that socket is non-blocking + Updated public suffix list to the current version + Updated translations. * Tue Jul 17 2012 dimstar@opensuse.org - Update to version 2.39.4.1: + Fixed indentation problems in tld-parser.py so it will work under python 3 (bgo#680089) + Actually fixed cookies in non-suffixed/private domains, which still didn't work after the last fix (bgo#679230) + Updated translations. * Tue Jul 17 2012 dimstar@opensuse.org - Update to version 2.39.4: + Fixed the SoupRequest codepaths to properly retry in the case where the server closes a persistent connection when we try to use it (bgo#679527) + Fixed the content-type and content-length of requests retrieved from SoupCache (bgo#680029) + Fixed the handling of cookies in non-suffixed and private domains ("localhost", "foo.local", etc., bgo#679230) + Fixed cookie parsing to allow attribute values on "secure" and "HttpOnly" (bgo#678753) + Fixed a (rare) crash when closing the stream returned from SoupRequestHTTP. + Bugs fixed: bgo#671770, bgo#678909, bgo#680055, bgo#680018. + Updated translations. * Tue Jun 26 2012 dimstar@opensuse.org - Update to version 2.39.3: + Added new functions for comparing domains against the "public suffix" list, and in particular fixed SoupCookieJar to not allow setting cookies in "public" domains (eg, ".co.uk"). [bgo#673802] + Added two new SoupCookieJar APIs (soup_cookie_jar_get_cookies() and soup_cookie_jar_set_cookie_with_first_party()) as part of fixing the handling of HttpOnly cookies in WebKitGTK. [bgo#677922] + Fixed g-i annotation of soup_message_headers_get_content_type() [bgo#677002] + Updated translations. * Mon Jun 04 2012 dimstar@opensuse.org - Update to version 2.39.2: + Fixed several bugs that resulted from the I/O code rewrite in 2.39.1, and added more test cases to exercise the new code paths: - Problems with cancelling messages from the got-headers signal (bgo#674747) - Persistent connections were not always being closed properly after a message was cancelled mid-response. - Cancelling a SoupRequest before it started I/O didn't work. - Asynchronous HTTP authentication via the SoupRequest API (bgo#675306) - Memory leak (bgo#676038) - Refcounting bug that manifested as a crash in rygel (bgo#676038) - Handling failed CONNECT requests via SoupRequest (bgo#675865) - Messages with trailing junk following a compressed message body (bgo#676477) + Fixed three cache-related bugs that affect some sites + Fixed a bug in the /usr/bin/ntlm_auth integration when you don't already have credentials cached, and avoid printing warning messages when ntlm_auth is present but not usable. + Fixed some g-ir-scanner warnings, and included SoupRequester/SoupRequest in the introspected API (bgo#676742) + Added soup_buffer_get_as_bytes() (bgo#676776) + Updated translations. * Wed May 02 2012 dimstar@opensuse.org - Update to version 2.39.1: + Major rewrite of the I/O code to use gio streams more directly. + Libsoup now finally supports SOCKS proxies again (bgo#553269) + Certain error messages returned from the streaming API are now localized + Added a SoupCookieJar:is-persistent property, to distinguish memory-only jars from SoupCookieJarText and SoupCookieJarSqlite (bgo#672838) + Updated translations. - Add intltool BuildRequires: new dependency. - Create a lang package, which is recommended by the library. * Tue Apr 17 2012 vuntz@opensuse.org - Update to version 2.38.1: + Fixed a situation where soup_connection_disconnect() could end up calling g_object_unref(NULL) when an idle connection was closed. [bgo#672178] + Fixed two warnings when cancelling an in-progress soup_socket_connect_async(). + Fixed a crash when disposing a SoupServer with open connections. [bgo#673468] + Fixed the SoupSession:ssl-use-system-ca-file property to get turned off (rather than on) when you set it to FALSE... Also fixed up the property notifications around the various certificate-verification properties (ssl-ca-file, ssl-use-system-ca-file, and tls-database). + Fixed SoupSession to not leak paused SoupMessages that were still in progress when it was unreffed. [bgo#673905] + Updated the win32 file: URI code again, to fix regressions in the WebKit tests. [webkit#82484] * Tue Mar 27 2012 vuntz@opensuse.org - Update to version 2.38.0: + Minor documentation fixes * Tue Mar 20 2012 vuntz@opensuse.org - Update to version 2.37.92: + Added soup_session_prefetch_dns() and deprecated soup_session_prepare_for_uri(). The new method takes a completion callback, allowing you to know how many DNS resolutions are currently outstanding, so you don't spam the resolver. [webkit#41630] * Tue Mar 06 2012 vuntz@opensuse.org - Update to version 2.37.91: + Fixed an out-of-bounds memory read that could occur when parsing malformed requests/responses. + Fixed a build-related bug in Makefile.glib that affected locales such as Estonian where "Z" is not the last (ASCII) letter of the alphabet. [bgo#654395] + Fixed the handling of file: URIs with query components, which got broken in 2.37.90. + Fixed SoupAuthManagerNTLM to not fall back to allowing Basic auth when NTLM failed. + Further tweaked the warnings/fallback in SoupURI, so that soup_uri_to_string() on an http URI with a NULL path would translate that to "/" like it used to. [bgo#670431] + Fixed a warning when cancelling the load of a page with many subresources. [bgo#667245] + Use G_GNUC_BEGIN/END_IGNORE_DEPRECATIONS if GLib is new enough, to avoid getting warned about the use of GValueArray. * Tue Feb 21 2012 vuntz@opensuse.org - Update to version 2.37.90: + Added various return-if-fails and other sanity checks to various functions. [bgo#669479] + Updated docs/annotation of soup_form_decode_multipart() to note that all of the out parameters are (allow-none). Fixed the file_control_name parameter to actually allow NULL like the docs already claimed. [bgo#669479] + Fixed a minor URI parsing bug. (It was allowing URI schemes to contain numbers.) + Fixed a few memory leaks introduced in the 2.37 cycle. + Fixed SoupServer to be able to correctly respond to HTTP/1.0 requests over IPv6 (which previously would always have returned "400 Bad Request"). [bgo#666399] + Changed SoupSessionAsync to make it possible to finalize it from the "wrong" thread. [bgo#667364] + Fixed SoupCache to not cache resources whose URIs have query components (unless they have explicit cache headers); to not generate broken conditional requests for resources that cannot be conditionally validated; and to not spew warnings when receiving invalid Cache-Control headers. [bgo#668865] * Fri Feb 10 2012 vuntz@opensuse.org - Update to version 2.37.5.1: + Replace some of the newly-added SoupURI g_return_if_fail()s with g_warn_if_fail()s. Although it had always been documented that SoupURIs must have a non-NULL path, most functions treated NULL the same as "", and various apps (eg, rhythmbox, midori) were accidentally relying on this. * Tue Feb 07 2012 vuntz@opensuse.org - Update to version 2.37.5: + Fixed a bug in SoupSession:use-thread-context. + Fixed the case of cancelling a message from SoupSession::request-started [bgo#668098] + Fixed a crash in epiphany when loading a page with more than 1000 or so images. [bgo#668508] + Fixed a bunch of cases involving invalid URLs found while testing SoupServer against an HTTP protocol fuzzer. Also fixed up some documentation/annotations and added some new test cases. [bgo#667637] + Fixed SoupRequestFile to work on Windows. - Remove xz BuildRequires now that it comes for free in the build system. * Tue Jan 17 2012 vuntz@opensuse.org - Update to version 2.37.4: + SoupMessage now has a "network-event" signal that can be monitored for information about DNS, proxy lookup, TCP connections, and TLS handshakes. + The HTTP header parsing code now avoids hitting g_return_if_fails() (and returns an error instead) in a few cases of seriously-invalid headers. [bgo#666316] + POSTs and other non-idempotent requests are now always sent on newly-created connections. You can also force this behavior on other messages by setting the SOUP_MESSAGE_NEW_CONNECTION flag. [bgo#578990] + Server-closed idle connections are now detected ahead of time on Windows, preventing occasional spurious "Connection terminated unexpectedly" errors. (This had been fixed on UNIX since 2.28, but the earlier fix didn't work with WinSock.) [bgo#578990] + Plugged a leak in SoupRequestHTTP. [bgo#667099] * Tue Dec 20 2011 vuntz@opensuse.org - Update to version 2.37.3: + Simplified SoupHTTPInputStream and SoupRequestHTTP, allowing related simplifications in WebKit's ResourceHandleSoup. This is an ABI-incompatible change, but SoupHTTPInputStream is an unstable API. [bgo#663451] + Fixed a bug that caused the SOUP_MESSAGE_CERTIFICATE_TRUSTED flag to always be cleared, causing epiphany to claim all https pages were untrusted. [bgo#665182] + Fixed some bugs in the handling of SoupSession:http-aliases and SoupSession:https-aliases. + Fixed SoupContentDecoder's "ignore Content-Encoding: gzip because the server didn't actually mean it" hack to handle x-gzip too. + Clarified the documentation on SoupSession:ssl-strict [bgo#666280] + Fixed handling of ACLOCAL_FLAGS [bgo#641470] - Add xz BuildRequires because we can't build a package for a xz-compressed tarball without explicitly specifying that... See bnc#697467 for more details. * Mon Dec 12 2011 vuntz@opensuse.org - Remove explicit Requires for glib2-devel, libgnutls-devel, libgcrypt-devel, libgpg-error-devel, libxml2-devel in devel subpackage: the needed ones will automatically be added the pkgconfig() way. * Thu Dec 08 2011 dimstar@opensuse.org - Split typelib files into typelib-1_0-Soup-2_4 subpackage. - Add typelib-1_0-Soup-2_4 Requires to devel subpackage. * Tue Nov 22 2011 vuntz@opensuse.org - Update to version 2.37.2: + Fixed up the output of SoupDirectoryInputStream, thus improving the display of local directories in WebKit-based browsers. [bgo#662266] + Fixed a bug introduced in 2.37.1 that caused some cancelled SoupMessages to be leaked. [bgo#662847] + Added new SoupSession properties "http-aliases" and "https-aliases" that allow you to configure more explicitly what URL protocols are treated as aliases for http (eg, "dav:", "webcal:", etc), and which should be recognized as meaning something else, (eg, "ftp:") + Added soup_session_would_redirect() and soup_session_redirect_message(), to help users that want to handle some or all redirects themselves. Added soup_message_set_redirect() to make it easier to return redirection responses from a SoupServer. + Added the SoupSession "use-thread-context" property, which tells it to use GMainContexts in a gio-compliant way (and in particular, allows having different messages running in different GMainContexts on the same SoupSession, though only to a limited extent since SoupSessionAsync is still not thread-safe). In particular, this was added in order to address webkit#68238. + Made SoupURI %-encode non-ASCII characters when parsing URIs, in particular to fix a problem with certain servers sending syntactically invalid redirects that they would then only interpret correctly if you fixed the syntax for them. [bgo#662806] + Fixed a connection-handling bug that could cause problems with servers that requested authentication and then timed out the connection while the application was waiting for the user to enter a password. [bgo#660057] + Made NTLM and Basic authentication handle some non-ASCII usernames and passwords. (NTLM should handle most. It's impossible to fix Basic in the general case.) [bgo#576838] + Added support for "deflate" Content-Encoding, so that we can work with broken servers that insisted on using it even though we explicitly indicated in the request headers that we didn't support it. [bgo#661682] * Thu Oct 27 2011 dimstar@opensuse.org - Update to version 2.37.1: + Fixed a problem with connections being assigned to multiple requests at once after a redirection [bgo#651146]. + Ported SoupSession to use GTlsDatabase internally, and added two new properties, SoupSession:use-system-ca-file (to specify that the session should use the default system tlsdb) and SoupSession:tlsdb (to specify a specific tlsdb to use) + Likewise, added SoupServer:tls-certificate, for specifying a certificate/key for an https server to use. + Made SoupHTTPInputStream more memory efficient [bgo#659255] + Fixed soup_message_get_https_status() to return information more reliably (with latest glib-networking). * Tue Oct 18 2011 vuntz@opensuse.org - Update to version 2.36.1: + Fixed a problem with connections being assigned to multiple requests at once after a redirection [bgo#651146] * Mon Sep 26 2011 vuntz@opensuse.org - Update to version 2.36.0: + Improvements to gtk-doc documentation. * Tue Sep 20 2011 vuntz@opensuse.org - Update to version 2.35.92: + Fixed a problem where SoupHTTPRequest response bodies could be truncated. [bgo#659256] + Fixed a bug in copying TLS information from SoupSocket to SoupMessage, causing all https connections to be reported as "untrusted" in epiphany. + Made SoupSession remove items from its host cache after a while, so that if a host changes IP address, it will eventually try to re-resolve it. [bgo#646959] * Wed Aug 31 2011 vuntz@opensuse.org - Update to version 2.35.90: + Added SOUP_MESSAGE_CAN_REBUILD flag, to use with soup_message_body_set_accumulate(FALSE) on a request body, to indicate that the caller will recreate the request body after it has been discarded if the message needs to be re-sent. [bgo#656650] + Fixed the build on mingw-w64 by not using "interface" as variable name. [bgo#656402] + (The multihosted https server regression mentioned in the 2.35.5 NEWS turned out to be a glib-networking bug, which is fixed as of 2.29.18.) - Add samba-winbind Suggests to libsoup-2_4-1: the NTLM single sign on feature works with /usr/bin/ntlm_auth (but can fallback to the old method if this is not present). - Remove Requires for libsoup-2_4-1 and Obsoletes for libsoup-64bit from main package since there is no such main package anymore. * Tue Aug 16 2011 dimstar@opensuse.org - Update to version 2.35.5: + bgo#650940: Support NTLM single sign on via samba's /usr/bin/ntlm_auth. + bgo#581342: Default to TLS+extensions for https connections, falling back to SSLv3-without-extensions only if the server fails to negotiate TLS. + bgo#631368: Fixed a problem with https pages sometimes not loading when using a proxy. + bgo#648848: SoupContentSniffer: don't use gio's sniffing rules, since the spec now recommends that browsers not do any additional sniffing beyond what's in the spec. + bgo#653707: Fixed SoupRequestHTTP to work properly with alternate GMainContexts. + bgo#655397: Added some annotations from Vala's vapi files. * Thu Jul 28 2011 vuntz@opensuse.org - Update to version 2.35.4: + CVE-2011-2054: Fixed a security hole that caused some SoupServer users to unintentionally allow accessing the entire local filesystem when they thought they were only providing access to a single directory. [bgo#653258] + Plugged another SoupCache memory leak. + Simplified SoupCache keys, and handle collisions. [bgo#649963] + Annotate SoupSession:add-feature, etc, as (skip), so they don't conflict with the methods of the same name. [bgo#655150] * Tue Jul 05 2011 vuntz@opensuse.org - Update to version 2.35.3: + Always send the "Keep-Alive" header. + Deal with broken apache Content-Encoding for .gz files, that was leading to decompressing the files. + Various cache improvements, including: - Do not store hop-by-hop headers in cache. - Store the HTTP status code in the cache. - Add versioning support to SoupCache. + Fix integer overflow on 32bit. + Fix memory leaks. + Build fixes. * Mon May 23 2011 dimstar@opensuse.org - Update to version 2.34.2: + Two SoupCache-related leak fixes + bgo#648948: Minor build fix for Debian/Ubuntu + Fixed a docs typo. * Tue Apr 26 2011 fcrozat@novell.com - Update to version 2.34.1: + Two multipart forms/Content-Disposition fixes: . UTF-8-encoded header encoding/decoding rules updated to match RFC 5987. In particular, a UTF-8-encoded filename parameter in Content-Disposition will now override an ASCII one. . When not using UTF-8-encoded filenames in Content-Disposition, always quote the filename, since some servers erroneously fail to handle non-quoted ones. (bgo#641280) + Fixed several memory leaks + Fixed decoding base64 data: URLs (bgo#646896) + Fixed a bug in soup_uri_to_string() in which (invalid) port numbers could be output as negative numbers (tripping up a WebKit "sanity checking" test) (bgo#647767) + Fixed a cache corruption bug in SoupCache (bgo#648285) + Fixed a crash in SoupSessionSync when using soup_session_abort(). * Tue Apr 05 2011 fcrozat@novell.com - Update to version 2.34.0: + Fixed the GMainContext handling of the new SoupProxyResolverDefault (which among other things fixes gstreamer usage inside epiphany). bgo#646201 + Tweaked the introspection Makefile rules to fix a problem building on Debian/Ubuntu. bgo#645505 + Belated bumped the shared library versioning to reflect the API additions since 2.32.0 * Tue Mar 22 2011 fcrozat@novell.com - Update to version 2.33.92: + LIBSOUP NO LONGER DEPENDS ON GCONF OR LIBPROXY. (see below). + Added SoupProxyResolverDefault, which uses uses gio's GProxyResolver to resolve proxies [bgo#642982] Despite the "default" in the name, it is not used by default, for compatibility reasons, but it is available in plain libsoup, not libsoup-gnome. (Of course, it depends on having glib-networking installed.) + Updated SoupProxyResolverGNOME to be based on SoupProxyResolverDefault, but explicitly requesting the "gnome" GProxyResolver if it is available [bgo#625898], and removed the old code that used GConf and libproxy directly. + Added soup_server_disconnect(), to explicitly disconnect a SoupServer, since it is not possible to g_object_unref() it from memory-managed language bindings. [bgo#638576] + SoupDate now parses month names case-insensitively [bgo#644048] + Avoid a g_return_if_fail() when using SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY with non-http URIs (file:, data:, etc). [bgo#643226] + SoupCookieJar now catches overflows when parsing very distant dates [bgo#643462] + Fixed a buggy interaction between request body streaming and restarted requests. Added some new tests to tests/chunk-test.c to make sure that a specific (unsupported!) way of using those methods would not get broken in the future. + Fixed soup_socket_get_remote_address(), which had been broken since 2.33.4 (and which in turn caused soup_client_context_get_address/_get_host to be broken). [bgo#645227] - Drop gconf2-devel and libproxy-devel BuildRequires. * Tue Feb 22 2011 fcrozat@novell.com - Update to version 2.33.90: + glib-networking is a compile and runtime dependency now. + bgo#642075: fixed a bug in talking to servers with virtual hosts with Unicode names (IDNs). + bgo#640414: added a "Connection: Keep-Alive" header when talking to HTTP/1.0 hosts, to improve performance. + bgo#642028: changed SoupCache to not cache multipart/x-mixed-replace content. - Changes from version 2.33.6: + bgo#639768: made SoupSessionAsync do idle-connection cleanup more sanely, resulting in faster load times for pages with lots of subresources. + bgo#639783: fixed soup_form_decode()'s behavior (and by extension, SoupServer query string handling) with datasets that contain multiple values for the same key, and added a test case. + bgo#640556: fixed warnings pointed out by gcc 4.6, including a bug in SoupCache that would cause unnecessary revalidations. + bgo#641022: belated copied a fix from the WebKit copy of soup-cache.c into ours, and fixed a bug in the local copy of soup-request-data.c, in preparation for making WebKit use the libsoup versions. - Changes from version 2.33.5: + bgo#637741: fixed certain cases of soup_session_cancel_message() with SoupSessionSync that could previously cause warnings or crashes. - Changes from version 2.33.4: + SoupSocket now uses GSocketConnection and GTlsConnection internally rather than making socket calls directly and using GIOStream, and TLS is handled via glib's APIs rather than using gnutls directly. + The gzip Content-Encoding handler is now implemented using GZlibDecompressor + As a result of the above two changes, libsoup no longer directly depends on gnutls, libgcrypt, or zlib, though it still indirectly depends on zlib via glib and libxml2. Also, although libsoup does not depend on glib-networking as a build-time dependency, some "make check" tests will be skipped if it is not installed. + bgo#523100: the SoupRequest/SoupCache code from WebKit has been imported, but it is not yet recommended for general use, and is not necessarily API stable. + Added SoupMessage:tls-certificate and SoupMessage:tls-errors, which give more information about the certificate used to authenticate a TLS connection. + It is now possible to disable Basic or Digest auth in a session by using soup_session_remove_feature_by_type() with SOUP_TYPE_AUTH_BASIC or SOUP_TYPE_AUTH_DIGEST. Likewise, the right way to enable NTLM support now is to call soup_session_add_feature_by_type() with SOUP_TYPE_AUTH_NTLM; SOUP_SESSION_USE_NTLM is now deprecated. + bgo#603825: allow setting cookies on file:// URIs, since other browsers do, and WebKit has a test for it. + bgo#635395: .gir/.typelib files now include C header/library information (needed by vala and some other bindings) + Added annotations on soup_message_headers_get_content_type() and SoupHTTPVersion + bgo#636741: fixed a Set-Cookie processing leak. - Add glib-networking BuildRequires, and explicit Requires in libsoup-2_4-1 since we need the gio module for TLS support. - Remove now unneeded gnutls-devel BuildRequires. - Drop libsoup-gnutls-allow-tls.patch: the TLS handling is now done in glib-networking. * Tue Nov 30 2010 dimstar@opensuse.org - Update to version 2.32.2: + bgo#634422: Fixed a regression in 2.32.0 that caused evolution-exchange to get stuck and stop updating. + bgo#635101: Fixed a regression in 2.32.0 with apps using asynchronous sessions from multiple threads. + Fixed the regression tests. * Tue Nov 16 2010 dimstar@opensuse.org - Update to version 2.32.1: + bgo#631525: Fixed a regression in 2.32.0 with the use of persistent connections that caused spurious "Connection terminated unexpectedly" errors. + Fixed a regression in 2.32.0 that caused proxy-related DNS errors to return SOUP_STATUS_CANT_RESOLVE rather than SOUP_STATUS_CANT_RESOLVE_PROXY. + bgo#631679: Usernames/passwords specified explicitly in request URIs now override existing cached auth info. + bgo#630540: Changed soup_uri_decode() and soup_uri_normalize() to just ignore malformed %-encoding rather than returning NULL, for consistency with soup_uri_new(). + bgo#620220: Fixed soup_form_decode() to ignore invalid parameters, and soup_form_encode_hash() to just g_return_if_fail() rather than crashing if there are NULL values in the hash. + bgo#629160: Added another workaround for stupid servers that close the connection before returning the full response + bgo#631641: Fixed a bug in SoupCookieJarText that deleted excess cookies whenever any cookie expired. + Fixed a small leak in SoupContentDecoder + bgo#631679: Added regression tests for passwords-in-URIs * Tue Sep 28 2010 vuntz@opensuse.org - Update to version 2.32.0: + No changes, just a version bump. * Mon Sep 20 2010 vuntz@opensuse.org - Add libsoup-gnutls-allow-tls.patch: let gnutls try to use TLS, instead of being SSL 3.0-only. This might lead to some websites not being accessible with libsoup, and upstream does not want this behavior; a proper fix needs a lot of work. See discussion in bnc#634040. * Mon Sep 13 2010 dimstar@opensuse.org - Update to version 2.31.92: + Updated for gobject-introspection 0.9.5. Also added some new annotations and removed a bunch of private headers from the scanning process. + bgo#628728: Percent-encoded characters in URIs are no longer automatically normalized to uppercase, since apparently some servers are stupid. + bgo#629449: Fixed a crash when resolving a URI containing both spaces and non-UTF8 8bit characters. * Tue Aug 17 2010 dimstar@opensuse.org - Update to version 2.31.90: + bgo#526321: libsoup now tries to connect to each IP address associated with a hostname, if the first one fails. + Fixed Accept-Language header generation in locales where "," is used as the decimal point. * Fri Aug 06 2010 vuntz@opensuse.org - Update to version 2.31.6: + Disabled TLS 1.2 in addition to the already-disabled 1.1 and 1.0, thus making libsoup usable with gnutls 2.10. [bgo#622857] + When using libproxy 0.3 or newer, libsoup no longer leaks proxy-related environment variables into child processes [bgo#603285] + Changed the way message/connection binding works in SoupSession so that (among other things), when there are multiple requests queued to a host, and one of them gets a network error, the other requests are still allowed to try to succeed, rather than all failing immediately. [bgo#619633] + SoupSession now limits the number of times a message can be redirected, to avoid infinite loops [bgo#604383] + Fixed handling of certain messages where the response headers included "Connection: close" but the server did not actually close the connection at the end. [bgo#611481] + Fixed some incorrect g-i annotations [bgo#621021] + Fixed an out-of-bounds memory access when processing certain Set-Cookie headers [bgo#620288] + Improved msg->reason_phrase on network errors [bgo#623274] + Fixed gir file disting [bgo#621727] * Tue Jul 06 2010 dimstar@opensuse.org - Update to version 2.31.2: + bgo#576595: gobject-introspection has now been merged in + bgo#617216: Marked SoupSession abstract + bgo#618641: Fixed a problem with SoupSessionAsync that would cause messages to get lost if you aborted a previous message while it was still looking up the hostname + bgo#615535: Fixed another connecting-to-lame-http-server problem. - Add gobject-introspection-devel BuildRequires and pass - -enable-introspection to %configure. * Thu Apr 29 2010 dimstar@opensuse.org - Update to version 2.30.1: + bgo#611663 - Fix for https through proxies that close the connection when returning a "407 Proxy Authentication Required" response, and add a regression test for that case. + bgo#614176 - Don't quote the multipart boundary string if it's not needed, since RFC 2616 recommends that you don't, and some servers don't handle quotes there correctly + bgo#614183 - Don't put an extra blank line before the first multipart part, since it's unnecessary and some servers don't handle a multipart preamble correctly. + bgo#614198 - Don't put Content-Transfer-Encoding headers in the multipart/form-data parts, even though the HTML 4 spec says you must, since no other browsers do, and some servers don't handle them correctly. + bgo#615711 - Changed SoupCookieJarSqlite to actually erase deleted cookies from the database. + bgo#611663 - Fixed SoupLogger to be more robust against getting passed bad data by the session. + Fixed SoupAuthDomain to ignore paths when doing proxy auth + bgo#613442 - Fixed a g_warning when hovering over a javascript link in WebKit. + Updated translations. * Mon Mar 29 2010 vuntz@opensuse.org - Update to version 2.30.0: + Fixed a crash in the whitespace-stripping code in soup_uri_new() [bgo#612644] + Update content-sniffing algorithm to match Chrome and the soon-to-be-updated sniffing spec. [bgo#611502] + We now handle "Content-Encoding: x-gzip" as well as "gzip" (even though "x-gzip" has been deprecated for more than 10 years). [bgo#611476] + Fixed leaks found by valgrind + Make the "make check" programs only bind to 127.0.0.1, not any public network interfaces. [bgo#609489] + Add a test to sniffing-test to make sure that Content-Type parameters are preserved correctly. * Tue Feb 23 2010 vuntz@opensuse.org - Update to version 2.29.91: + Added SOUP_SESSION_SSL_STRICT and SOUP_MESSAGE_CERTIFICATE_TRUSTED, to allow callers to determine if an https response comes from a server with a recognized/valid or unrecognized/invalid certificate. [bgo#610374] + Fixed handling of certain badly-formatted URIs [bgo#590524] * Wed Feb 10 2010 vuntz@opensuse.org - Update to version 2.29.90: + Added soup_cookie_jar_set_accept_policy() and related API for implementing cookie acceptance policies. [bgo#608353] + Fixed the "request-read" signal in SoupServer to actually be emitted. * Tue Jan 26 2010 vuntz@opensuse.org - Update to version 2.29.6: + Fixed SoupContentDecoder to ignore trailing junk after the encoded message body (as other browsers do), rather than getting stuck in an infinite loop. [bgo#606352] + Fixed an invalid read in soup_cookie_applies_to_uri() [bgo#607024] + Fixed linking on OS X [bgo#606959] + Removed a harmless warning in SoupServer. [bgo#606645] * Wed Jan 13 2010 captain.magnus@opensuse.org - Update to version 2.29.5: + Added SoupContentDecoder, providing support for Content-Encoding: gzip for WebKitGTK. [bgo#522772] + Added "accept-language" and "accept-language-auto" properties to SoupSession, to support the Accept-Language header. [bgo#597004] + Fixed a bug in SoupPasswordManagerGNOME that could cause crashes if you typed the wrong password once and then tried again. [bgo#595554] + Fixed a crash in SoupAuthDigest if the server claims support for both qop=auth and qop=auth-int. (This was not noticed sooner because no one actually supports qop=auth-int, and the server in question here was probably confused. :) + Updated cookie parsing/output to more closely match draft-ietf-httpstate-cookie-00. [Also fixes bgo#603496 (WebKit unit test), and bgo#604794 (hang parsing malformed Set-Cookie header)] + Fixed https-via-proxy to not hang if there is an error communicating with the proxy immediately after the TLS negotiation. [bgo#587528] + Fixed a bug that broke gobject-introspection's introspection of libsoup. [bgo#603696] + Handle spurious CR/LFs between responses. [bgo#602863] + Fixed soup-message-client-io to not erroneously include URI fragments on the Request-Line when sending via a proxy. + Fixed Digest authentication against certain (buggy?) clients/servers that require you to use quotes in exactly the same places where the spec uses them. [bgo#582219] + Fix ugly gtype-related hack to work with the latest unstable glib - Remove libsoup-gir-repository-build.patch. Fixed upstream * Tue Jan 05 2010 jengelh@medozas.de - Package baselibs.conf * Wed Dec 23 2009 vuntz@opensuse.org - Change gnome-keyring-devel BuildRequires to libgnome-keyring-devel, following the module split upstream. * Thu Dec 03 2009 vuntz@opensuse.org - Add libsoup-gir-repository-build.patch to fix the gir-repository build. * Wed Dec 02 2009 vuntz@opensuse.org - Update to version 2.29.3: + Fixed a crash in SoupCookieJarSqlite when using cookie databases not created by libsoup (eg, upgraded epiphany installations). + Fixed SoupCookieJar to handle non-http URIs properly (so that, eg, JavaScript bookmarklets that try to set/read cookies won't cause crashes). [bgo#602498] + HEAD requests that receive a "303 See Other" response will now do a HEAD, not a GET, on the redirected-to resource. Fixes gvfs access to some sites, including certain youtube.com URIs. [bgo#600830] + Fixed a g_warning that would always trigger in the server-side SoupCookie code. [bgo#602389] + Fixed the server-side SoupMultipart code to be able to parse multiparts containing binary attachments, rather than rejecting them as malformed. [bgo#601640] + Fixed the Request-Line format in the https-over-proxy case. Among other things, this fixes access to bugzilla.gnome.org from WebKitGTK-based browsers. [bgo#598277, bgo#600826] + Fixed a leak in SoupSession if a message was cancelled while the initial socket connection was in progress. [bgo#596074] + Fixed server-side parsing of Digest auth. [bgo#602898] + Fixed WinSock initialization on Windows. [bgo#600689] + Fixed a sporadic crash in the SSL code on Windows. [bgo#600748] + Fixed handling of https connections with timeouts on Windows. [bgo#600749] + Added soup_session_prepare_for_uri(), to allow DNS prefetching for faster browsing. [bgo#598948] + SoupSession now avoids redundant DNS lookups again when first connecting to a new site, resulting in (probably imperceptibly) faster loads. + Added some debugging APIs to SoupConnection and SoupSession for use by, eg, epiphany's soup-fly extension. [bgo#589163] * Sat Nov 14 2009 vuntz@opensuse.org - Update to version 2.28.1: + libsoup will now attempt to make multiple connections to a server at once when there are multiple messages queued to that server. The previous behavior (only allowing a single pending connection to each server) resulted in slow load times on pages with lots of subresources (images, css, js, etc) on servers that disallow persistent connections. [bgo#594768] + There should now be fewer (no?) "Connection terminated unexpectedly" errors in WebKitGTK. + Fixed a crash in SoupCookieJarSqlite [bgo#596859] + Fixed soup_address_get_physical() and address-to-name resolution of SoupAddress? + Fixed a bug in SoupContentSniffer that could cause false negatives [bgo#597545]. + Fixed the configure error if you have gnutls-devel but not gcrypt-devel installed [bgo#587709]. * Wed Sep 23 2009 dimstar@opensuse.org - Update to version 2.28.0: + Fixed a handful of leaks found with valgrind, including a large one in SoupContentSniffer + bgo#584522 - Changed the behavior of SoupCookieJarSqlite to improve performance. + bgo#59495 - Fixed a crash in SoupSocket that affected gupnp + bgo#594508 - Fixed the type of the SOUP_METHOD_* and SOUP_URI_SCHEME_* macros to be const char * rather than gpointer. * Wed Sep 09 2009 vuntz@opensuse.org - Update to version 2.27.92: + Removed SoupPasswordManager from the public API until its problems can be addressed. Although it is still present, you need to #define a special symbol for it to be visible in the header files; see bgo#594377 for details. + Fixed a bug where empty query components were dropped from URIs. [bgo#594405] + Fixed "make check" to work (but warn) when building with - -disable-ssl. + Fixed some small documentation bugs. * Tue Aug 25 2009 vuntz@novell.com - Update to version 2.27.91: + Added SoupPasswordManager, an interface for managing persistent password storage, and SoupPasswordManagerGNOME (in libsoup-gnome), which implements it using gnome-keyring. + libsoup should now notice when the server closes a persistent connection, and close its side of the connection sooner. This should hopefully fix the spurious "Connection terminated unexpectedly" errors in WebKitGTK. [bgo#578990] + Fixed some problems with connection management in SoupSession that could cause a session to eventually "stall" and be unable to process new requests. [bgo#592084] + Fixed an infinite loop that caused 100% CPU usage if the network went down at exactly the right time while there were unsent messages in the queue. [bgo#592492] + Fixed a crash in SoupLogger. [bgo#591857] + Fixed the definition of soup_message_is_keepalive() for HTTP/1.0 messages, to fix a problem introduced in 2.27.90 where some messages would load completely but never emit "finished". + Fixed a crash in SoupServer introduced in 2.27.90 when processing a request with no "Host" header. - Add gnome-keyring-devel BuildRequires. * Tue Aug 11 2009 captain.magnus@opensuse.org - Update to version 2.27.90: + libsoup now uses glib's GResolver rather than its own DNS code. For 2.27.90, the only visible change should be that internationalized domain names are now supported. [bgo#548287] + Added soup_message_disable_feature(), which allows you to disable particular features (eg, cookies, proxy, content-sniffing, etc) on a per-message basis. [bgo#574773] + It is now possible to implement "OPTIONS *" in a SoupServer; you must explicitly register a handler for "*" in order to do this. [bgo#590751] + Ignore Content-Length on EOF-terminated responses, to match other browsers and therefore cope with broken servers that send the wrong length. + Fixed the status code when trying to fetch an https URI with a non-gnutls build of libsoup. [bgo#590464] + Fixed strict-aliasing warnings introduced in 2.27.4 [bgo#588771] + Fixed some warnings noted by fortify [bgo#591226] and -Wextra + libsoup now uses automake 1.11's silent-rules support by default (if you are building with automake 1.11). Use "./configure --disable-silent-rules" or "make V=1" to disable * Tue Jul 28 2009 lmedinas@gmail.com - Update to version 2.27.5: + Fixed a crash when a web server redirected a request to a non-http URI (eg, "about:blank"). [bgo#528882] + Fixed a hang when trying to create an attachment on certain bugzilla installations from epiphany. [bgo#584645] + Fixed verification of V1 TLS certificates [bgo#589323] + Fixed compile problems on Windows (in the ssl code), and on Linux (when the most recent version of gtk-doc was installed). * Sun Jul 19 2009 vuntz@novell.com - Update to version 2.27.4: + Added SoupContentSniffer and the "content-sniffed" signal on SoupMessage, to do Content-Type sniffing per the HTML5 / draft-abarth-mime-sniff algorithm. [bgo#572589] + Updated the earlier SoupSession timeout fixes ([bgo#574414], [bgo#578928]) so that async connect() also times out [bgo#588177] and SSL works on Windows again [bgo#587910]. + Fixed the behavior on a 301 response to a POST to match real-world usage rather than what the spec says. (We were doing the right thing on 302 and 303, but had missed 301.) [bgo#586692] + Changed configure so that if GNUTLS isn't found then it errors out, rather than silently building an SSL-less libsoup. Configure with --disable-ssl if you actually don't want SSL. [bgo#584955] * Tue Jun 16 2009 vuntz@novell.com - Update to version 2.27.2: + Replaced SoupProxyResolver with SoupProxyURIResolver, which is a bit simpler, works with non-HTTP URIs (and so could be used by gvfsd-ftp) and supports proxy auth correctly. [bgo#580051] + Fixed SoupSession to not try to resolve http server hostnames when it's just going to pass the hostname off to a proxy server anyway. This fixes things on hosts that use a proxy for everything and have no working DNS config [bgo#577532] and also makes WebKitGTK behave more like other browsers in terms of per-host connection limits (we now limit connections based on hostname rather than on IP address). + We also no longer set the AI_CANONNAME flag when calling getaddrinfo(), which saves us a little bit of unnecessary network traffic. + libsoup now always uses SSL 3.0 (not TLS 1.0 or 1.1) for https URIs, to work around problems with older servers that don't implement the (apparently quite confusing) TLS/SSL compatibility rules correctly. Makes a bunch of previously-inaccessible sites now accessible in WebKitGTK (notably PayPal) [bgo#581342]. Will eventually be revisited, to first try TLS 1.1 and fall back if that fails. + Fixed Digest auth to (recent) Apple CalDAV servers. [bgo#583091] + Changed the way the SoupSession "authenticate" signal works a bit. We now never emit "authenticate" before sending a request, even if we know for sure that it's going to fail, because this makes the semantics of the authenticate handler too complicated (and because we'll only get into this situation if a previous call to the authenticate handler failed anyway). Fixes problems in WebKitGTK when you cancel a password dialog, and then later try to load the page again. [bgo#583462] + Fixed a bug in the CRLF-vs-LF patch (bgo#571283) that caused libsoup to fail to parse the response headers (returning SOUP_STATUS_MALFORMED) if a CR LF got split across two read()s. [bgo#582002] + Allow using PUT in soup_form_request_for_data(), to work with certain broken web APIs. [bgo#581860]. Also, fixed a problem with empty POST bodies that made some parts of gmail not work in WebKitGTK. + Applied some minor bugfixes to configure.in and autogen.sh [bgo#583911, bgo#583942]. Fixed configure.in to not use gcc warning options that the installed version of gcc doesn't recognize [bgo#578851]. + Added G_GNUC_NULL_TERMINATED and G_GNUC_PRINTF to a few methods that should have had them. [bgo#581754] * Tue May 05 2009 vuntz@novell.com - Update to version 2.27.1: + SOUP_SESSION_TIMEOUT now works properly with SoupSessionAsync [bgo#574414] and SSL [bgo#578928]. Added tests/timeout-test to test this. + SoupDate fixes: - soup_date_to_string() now handles SOUP_DATE_RFC2822 [bgo#579055] - soup_date_new_from_string() now accepts 24:00 as a time in ISO8601 timestamps - soup_date_to_string() now coerces the date to UTC for HTTP and cookie dates, and outputs the UTC correct offset for the other date types. - Added regression tests to tests/date + soup_headers_parse() now completely ignores syntactically-incorrect headers, rather than passing them to soup_message_headers_append() and causing a g_warning. soup_message_headers_append() now also rejects 0-length header names. Updated tests/header-parsing to check this. [bgo#579318] + Fix a crash when cancelling a message from a "restarted" handler, and updated a regression test to notice the underlying cause. [bgo#380193] + Completing the API updates for bgo#576760 from 2.26.1, soup_message_headers_get() is now marked deprecated in favor of soup_message_headers_get_one() and _get_list(). - Do not package ChangeLog file: it's not distributed anymore. * Tue Apr 14 2009 vuntz@novell.com - Update to version 2.26.1: + Fix SoupProxyResolverGNOME bugs [bgo#578746, bgo#578809] + Fixed warnings when a message has a network problem when many other messages are queued. [bgo#578809] * Thu Apr 09 2009 vuntz@novell.com - Update to version 2.26.0.9: + libsoup uses libproxy for PAC and WPAD proxy resolution again. However, it arranges to do all communication with GConf itself, to ensure that libproxy doesn't call it in non-thread-safe ways. [bgo#571527] + Fixed a bug in SoupSessionSync when proxy resolution failed. [bgo#574957] + SoupURI now handles unencoded spaces in URIs. In particular, redirects via Location headers with spaces in them now work. [bgo#566530] + libsoup can now deal with servers (and clients) that erroneously use LF LF instead of CR LF CR LF to separate the headers and body. [bgo#571283] + Added soup_message_headers_get_one() and soup_message_headers_get_list(), which will eventually deprecate soup_message_headers_get(). This lets applications deal correctly with implementations that erroneously send multiple copies of single-valued headers. [bgo#576760] + In particular, soup_message_headers_get_content_type() now ignores duplicate Content-Type headers [bgo#576760] and also ignores syntactically-incorrect Content-Type headers. [bgo#577630] + SoupCookieJar can now store multiple cookies with the same domain and name, but different paths. [bgo#577360] + Abnormal SSL connection closes are now treated as ordinary EOFs, for compatibility with certain sites. [bgo#577386] + soup_header_g_string_append_param() now allows NULL values. [bgo#577728] + soup_message_headers_append() now rejects header names and values with newlines or certain other illegal data in them, rather than generating syntactically invalid headers. + Fixed a small bug in soup_date_new_from_string's ISO 8601 handling [bgo578369 for g_time_val_from_iso8601]. + The regression tests now work correctly on machines where "localhost" resolves to "::1" instead of "127.0.0.1". [bgo#576583] + Miscellaneous documentation fixes/clarifications. * Mon Mar 16 2009 vuntz@novell.com - Update to version 2.26.0: + Temporarily disable libproxy support to work around a bug in its gnome plugin that causes gvfsd-http (and probably eventually other apps) to crash. (bgo#571527) + Fixed a bug that showed up in WebKit, where if many messages were queued all at once to a server that doesn't support persistent connections, some of the requests will get lost. (bgo#574365) + Fixed SoupServer to support using SOUP_ENCODING_EOF, so you can stream responses of unknown length to HTTP/1.0 clients. (bgo#572153) + Fixed several bugs that prevented SoupCookieJarSqlite from working. (bgo#572409) + Added G_{BEGIN,END}_DECLS guards to public headers that were missing it. + Misc gtk-doc improvements. - Remove AutoReqProv: it's default now. - Remove -fno-strict-aliasing from CFLAGS. - Do not create an empty libsoup package. Have libsoup2_4-1 provide/obsolete it. - Merge the doc with the devel package since it only contained gtk-doc. - Add gconf2-devel BuildRequires since it's needed again (see first item in upstream changes). * Tue Feb 17 2009 mboman@suse.de - Update to version 2.25.91: + Fixed a crash in SoupProxyResolverGNOME when the proxy requires authentication. (This does not make proxy authentication *work* yet, it just makes it not crash.) + Updated documentation * Thu Feb 05 2009 vuntz@novell.com - Update to version 2.25.5: + SoupProxyResolverGConf (which was incomplete) is gone, and libsoup-gnome now requires libproxy. + Fixed a bug in SoupCookieJar that was making it send "Cookie: (null)" when it had no cookies for a site, which confused some web servers. + Fixed a bug with using SOUP_MEMORY_TEMPORARY buffers and soup_message_body_set_accumulate(FALSE). + Fixed the build with non-gcc compilers - BuildRequires libproxy-devel. - Remove gconf2-devel BuildRequires. * Wed Jan 07 2009 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Tue Jan 06 2009 mboman@suse.de - Update to version 2.25.4: + Added soup_session_get_feature() and soup_session_get_features(), to query the features currently available in a session * Tue Dec 23 2008 mboman@suse.de - Update to version 2.25.3: + Fixed a crash when using both cookies and a proxy. [bgo#562191] + Fixed soup_form_decode() to correctly handle forms with URI-encoded parameter names [bgo#563302] + Fixed a crash in SoupProxyResolverGConf. [bgo#563145] + Fixed client behavior when presented with multiple auth types to choose the *strongest* auth type (eg, Digest) rather than the *weakest* one [bgo#562339] Added a regression test for this. + Moved libsoup-gnome headers to a different directory to make it easier to split libsoup and libsoup-gnome into separate packages, and to ensure that things that only want to be looking at plain libsoup headers (like gir-repository) don't accidentally see the libsoup-gnome ones. + Some minor doc fixes + Fixed libsoup-gnome linking with --as-needed. [bgo#559342] + New library libsoup-gnome + SoupCookieJarText, like SoupCookieJarSqlite, but using the old-style cookies.txt format, and in the base libsoup rather than libsoup-gnome. + Various bugfixes to SoupCookie and SoupCookieJar to fix the problems with cookies not working on certain sites. + The new SoupMultipart type provides support for multipart MIME bodies, and soup-form now includes several methods for generating and parsing multipart form data and file uploads. + SoupMessageHeaders now has methods for easy handling of the Content-Type, Content-Disposition, Range, and Content-Range headers. The Content-Disposition handling recognizes RFC2231-encoded UTF-8 filenames. + SoupServer now automatically handles partial GET requests; if your server returns SOUP_STATUS_OK in response to a partial GET, libsoup will automatically convert it to a SOUP_STATUS_PARTIAL_CONTENT response with only the requested portions. - Drop libsoup-334021-client-ssl-certs.patch: it required a gnutls patch (gnutls-1.4.4-sign-callback.patch) that was dropped in August 2007. * Wed Oct 22 2008 mboman@suse.de - Update to version 2.24.1: + Bugs fixed: bgo#533473, bgo##536285, bgo#498509, bgo#553976, bgo#557072 + Updated generated documentation * Fri Oct 03 2008 mboman@suse.de - Update to version 2.24.0.1: + Reverted part of the fix for bgo#528882, which caused the DAAP plugin in rhythmbox to crash. [bgo#553466] * Tue Sep 23 2008 mboman@suse.de - Update to version 2.24.0: + Cosmetic version bump * Fri Sep 12 2008 maw@suse.de - Update to version 2.23.92: + Fixed the handling of a 302 response to a HEAD request, which should NOT be treated like a 303 response (bgo#551190). * Tue Sep 02 2008 mboman@novell.com - Update to version 2.23.91: + Fixed a crash in gvfs [bgo#528882] + Added soup_date_to_timeval() for gvfs. [bgo#549006] * Wed Aug 06 2008 maw@suse.de - Update to version 2.23.6: + Fixed use of g_idle_add() so that heavy I/O won't end up blocking libsoup callbacks (bgo#536676) + Allow the caller to override the Host header (bgo#539803) + Properly handle responses larger than 4G (bgo#539861) + Fixed the build when using certain LDFLAGS (bgo#541506) + Fixed a small bug in Digest auth handling (bgo#544681). * Mon Jun 16 2008 maw@suse.de - Update to version 2.23.1: + This is the first unstable release leading up to GNOME 2.24; the large version number bump is so that libsoup's version matches that of GNOME at large, but note that the API version is still "2.4", meaning that it is still referred to as "libsoup-2.4" when using pkg-config + Added SoupSessionFeature, an interface type that will be used for several new features. Ported SoupLogger and SoupAuthManager to use it + Added SoupCookie and SoupCookieJar; this API is already being used in Epiphany, via WebKit, but it is not yet complete. * Tue Apr 29 2008 cthiel@suse.de - obsolete libsoup-<arch> via baselibs.conf * Mon Apr 21 2008 maw@suse.de - Drop libsoup-2.2.100-r924.patch, because it is now upstream - Respin libsoup-334021.patch, and rename it to libsoup-334021-client-ssl-certs.patch. * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support * Wed Apr 09 2008 maw@suse.de - Update to version 2.4.1: + Fixed SoupMessage to not downgrade to HTTP/1.0 for the second attempt when it receives an HTTP/1.0 redirect or 401 (bgo#521848) + Fixed Host: header syntax when the host is an IPv6 address literal + Fixed SoupSession to not emit "authenticate" multiple times for messages that have been requeued (bgo#522601); also added two new signals to SoupSession, request-queued and request-unqueued, to help simplify certain session-helpers and avoid bugs like this in the future + Fixed soup_server_pause_message() to actually work (rather than *un*pausing the message) + Added a property SOUP_SESSION_IDLE_TIMEOUT that can be used to set a timeout after which idle connections will automatically be closed (bgo#518214) + Implemented RFC 2069-style Digest auth, and fixed SoupAuth to compare auth scheme names case-insensitively, to fix authentication against Apple's calendar server (bgo#498484) + Fixed a crash in SoupAuthDomainDigest if the client provided an unrecognized username + Fixed a few SoupDate bugs (in particular, it was outputting the wrong day of the week when stringifying dates) + Improved the cleanup of idle connections, to fix slow load times with the libsoup backend of WebKit + Added a new SoupMessage signal "wrote-body-data" that can be used for progress information when sending a large request body; also allow providing the request body in multiple chunks even when using Content-Length encoding (bgo#525101) + libsoup now ignores SIGPIPE globally, instead of un-thread-safe-ly ignoring it only around network writes; in particular, this means it is ignored when the SSL code needs to unexpectedly do a write when we asked it to do a read (bgo#524397) + The discard-body-chunks-once-they're-no-longer-needed behavior, confusingly called SOUP_MESSAGE_OVERWRITE_CHUNKS, is now controlled by a SoupMessageBody method (soup_message_body_set_accumulate()), and can be applied to either the request body or the response body; (OVERWRITE_CHUNKS is still available for backward compatibility) (bgo#522146) + The DNS cache no longer caches "no such host" results, since some name servers lie to clients outside their firewall, which could then cause problems for laptops moved between networks (bgo#523269) * Added some new regression tests, fixed some small bugs in the existing ones. * Fri Mar 14 2008 maw@suse.de - Update to version 2.4.0: + Fixed a small memory leak in SoupSession (bgo#518798) + Minor fixes to redirect behavior; PROPFINDs can now be automatically redirected and 302 is treated like 307, not 303; also fixed to make sure that redirect-test actually gets run by "make check" + The SoupSocket I/O methods now set nread/nwrote even on error. * Mon Mar 03 2008 maw@suse.de - Update to version 2.3.4: + Documentation is once again available from devhelp (bgo#518384 and bgo#518317) + Tidied up libsoup-2.4.pc file (bgo#517631) - The shared library subpackage is now called libsoup-2_4-1. * Mon Feb 18 2008 maw@suse.de - Update to version 2.3.2: + API changes / Behavior changes: * soup_server_add_auth_domain() now refs the auth domain when adding it. (soup_server_remove_auth_domain() already unreffed it.) This means existing applications using SoupAuthDomain will now have a small memory leak. Those applications should update their libsoup-2.4 requirement to ">= 2.3.2" at some point before the final GNOME 2.22.0 release, and then fix the code to unref the auth domain after adding it to the server. * SoupSession's automatic redirect-handling behavior now obeys RFC 2616 more closely. In particular, status codes 300 and 304 are no longer mistakenly considered redirects; POSTs that receive 303 are now redirected into GETs; and POSTs that receive 301, 302, or 307 are now not redirected. Applications that were using the SOUP_MESSAGE_NO_REDIRECT flag to prevent libsoup from redirecting POSTs incorrectly before should now be able to remove that if they depend on libsoup-2.4 >= 2.3.2. + API additions: * Added a SOUP_SESSION_USER_AGENT property to SoupSession, and SOUP_SERVER_SERVER_HEADER to SoupServer, to support automatically adding "User-Agent" and "Server" headers to messages. (The default behavior is to do nothing, as before.) * Added several new methods to soup-forms.h. Applications that are encoding a fixed set of form fields can now just pass them to soup_form_encode(), rather than needing to construct a GHashTable or GData list. (Likewise, the new soup_uri_set_query_from_fields() behaves similarly for directly updating a URI with form data.) There are also now soup_form_request_new() and other related methods, to directly create a GET or POST SoupMessage for submitting a form query. The original soup_form_* methods have all been renamed, although bgo#defines exist for backward compatibility. * Added soup_message_set_chunk_allocator() and soup_buffer_new_with_owner(), to give applications more control over memory usage/copying when doing streaming HTTP. [Wouter Cloetens, bgo#513810]. * Added several new methods to soup-value-utils.h for working with multiple array or hash table values at once: soup_value_hash_new_with_vals(), soup_value_hash_insert_vals(), soup_value_hash_lookup_vals(), soup_value_array_new_with_vals(), and soup_value_array_append_vals(). This helps to simplify XML-RPC calls that send or receive structs or arrays. * Added soup_date_to_time_t(). * Added SoupMessageHeadersIterator, an iterator type for SoupMessageHeaders that can be used instead of soup_message_headers_foreach(). + Bug fixes: * Fixed a crash-when-idle in evolution-exchange [bgo#437835] and rhythmbox [bgo#506552]. * Added the API version to the gtk-doc installation dir, to prevent parallel-installation problems with libsoup 2.2 and 2.4. [bgo#512810, Daniel Gryniewicz]. * Fixed tests/query-test to compile correctly on Solaris. [bgo#513602, patch from Jeff Cai] * Fixed some other minor HTTP conformance issues. * Thu Jan 31 2008 maw@suse.de - Split out a shared library subpackage - Build with -fno-strict-aliasing - s#%run_ldconfig#/sbin/ldconfig# - Remove libtool archives and static libraries. * Tue Jan 29 2008 rodrigo@suse.de - Update to version 2.3.0.1: * SoupURI now correctly handles URIs with complex encoded queries * It is now possible for a SoupServer to use Digest auth without needing to have the cleartext password available * Digest authentication now properly handles "stale=true" and "nextnonce=..." * SoupServer is now subclassible * soup_server_run_async and soup_server_quit no longer ref and unref the server, as that doesn't match ordinary GObject conventions * The test programs no longer use a symbol name that conflicts with Cygwin * libsoup can now handle the not-quite-HTTP responses returned by Shoutcast servers * If you use libsoup while disconnected from the network, it no longer caches the failed DNS results * "Expect: 100-continue" processing now works correctly on both client and server * SoupSessions are no longer leaked * The XML-RPC API is improved. The SOAP API is gone... * Added utility functions for HTML form handling * Improved message header handling * SoupServer now automatically adds a "Date" header - Disabled not working patches - Fixed summaries * Mon Aug 06 2007 jberkman@novell.com - export new smartcard functionality from gnutls for evo-exchange (gnome bug [#334021]) * Mon Feb 19 2007 maw@suse.de - Update to version 2.2.100 - Remove header-parsing.patch which is now upstream. * Tue Feb 13 2007 sbrabec@suse.cz - Do not build unusable static libraries (#238552#c17). * Tue Jan 16 2007 maw@suse.de - Add header-parsing.patch (#235084 and CVE-2006-5876). * Mon Jan 08 2007 sbrabec@suse.cz - Spec file cleanup. * Fri Dec 08 2006 maw@suse.de - Move to /usr. * Tue Nov 07 2006 cstender@suse.de - removed 'rm -rf $RPM_BUILD_ROOT' from build section - added ldconfig call * Tue Aug 15 2006 jhargadon@suse.de - update to version 2.2.96 - SoupServer now works even if you don't explicitly set an encoding for the response. - WWW-Authenticate and Proxy-Authenticate responses with no realm parameter are now ignored - Fixed a bug in soup_mktime_utc() * Wed Jul 05 2006 dgollub@suse.de - update to 2.2.94: * Various fixes to the XML-RPC code (which apparently had not actually ever worked before) from Brent Smith. [343973, 344222, 344458] * Added client and server API tutorials to the docs * auth-test now uses a local Apache 2.2 install, if possible, rather than depending on files that used to be on an old Ximian web server but haven't been anywhere for a long time. [311825] - changes from 2.2.92 to 2.2.93 * Fixed outgoing data corruption caused when SoupServer started writing out a response a second time after already having started once. [334469]. Also fixed 342640 and another bug caused by the workaround for 334469 in 2.2.92. Based on patches and analysis from William Jon McCann and Armin Bauer. * Fixed a deadlock when changing a session's proxy URI. [309867 / bnc 174255, based on a patch by Veerapuram Varadhan]. * Fixed https-via-proxies in the synchronous case. [bnc 174255] * Fixed a crash in evolution-exchange [342545, fix based on an analysis by Wang Xin]. * Fixed simple-proxy to not crash at startup. Oops. (Alex Larsson) - changes from 2.2.91 to 2.2.92 * Fixed server-side digest auth to return a valid "algorithm" value and client-side to not crash if it sees an invalid one [328615]. * Fixed the Request-Line parsing code to not hardcode a maximum URI length (to allow very long DAAP requests from iTunes in Rhythmbox). [335040] - changes from 2.2.90 to 2.2.91 * SoupSession, SoupServer, SoupConnection, SoupSocket, and SoupAddress now have an "async-context" property that allows you to use the async API in a non-default GMainContext. [Based on patches from Armin Bauer and Jörg Billeter.] * Fixed some bugs in soup_date_iso8601_parse(). [324671, from Emmanuele Bassi] * Mon Feb 27 2006 danw@suse.de - Add a patch from CVS for use by evolution (make connection timeout configurable) * Tue Feb 21 2006 sbrabec@suse.cz - Do not require exact release in devel file. * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Thu Nov 17 2005 danw@suse.de - update to 2.2.90, which includes the opensync patches * Wed Nov 02 2005 dmueller@suse.de - don't build as root * Mon Aug 22 2005 jpr@suse.de - Update to released 2.2.6.1 which includes the cvs patches we were already folding in plus the second part of the fix for 104319 * Thu Aug 18 2005 ro@suse.de - update to cvs version folding in other patches * Thu Aug 18 2005 ro@suse.de - added libsoup-2.2.3-danw-tambet-threading.patch * Mon Aug 15 2005 ro@suse.de - fixed memory leak (port of patch from #95454) * Fri Aug 12 2005 ro@suse.de - updated and re-enabled patches... * Fri Aug 12 2005 jpr@suse.de - Add lzo and lzo-devel to neededforbuild to get ssl support back (104319) * Thu Aug 11 2005 gekker@suse.de - Update to version 2.2.5 * Tue Jun 28 2005 gekker@suse.de - Update to version 2.2.3 * Tue Jun 28 2005 gekker@suse.de - Add patch for close exec (62176). * Thu Mar 10 2005 hvogel@suse.de - More gnutls patching. Fixed CPU sucking bug #57811 (ximian) * Sat Feb 05 2005 gekker@suse.de - Update to version 2.2.2 * Fri Jan 28 2005 meissner@suse.de - Added sentinels to spot bad valist handling, no-strict-aliasing is not needed here. * Sat Jan 22 2005 ro@suse.de - GNUTLS_CERT_NOT_TRUSTED is no longer present in current gnutls * Mon Nov 29 2004 gekker@suse.de - Update to version 2.2.1 * Wed Oct 20 2004 dobey@suse.de - Add patch for bugzilla.ximian.com bug #68583 * Fri Aug 27 2004 dobey@suse.de - Update to version 2.2.0 * Fri Aug 13 2004 dobey@suse.de - Update to version 2.1.13 - Require glib2-devel for the libsoup-devel package * Thu Aug 05 2004 dobey@suse.de - Add proper dependencies to the devel package * Thu Aug 05 2004 dobey@suse.de - Fix support for SSL * Wed Jul 28 2004 dobey@suse.de - Updated to version 2.1.12 * Fri Jun 04 2004 mibarra@suse.de - Updated to version 2.1.11 * Sat May 22 2004 mibarra@suse.de - Updated to version 2.1.10. * Tue May 18 2004 clahey@suse.de - Updated to version 2.1.9. * Mon Mar 22 2004 hhetter@suse.de - updated to version 1.99.28 * Tue Mar 16 2004 meissner@suse.de - -fno-strict-aliasing. * Fri Aug 08 2003 sbrabec@suse.cz - Updated to version 1.99.23. * Tue Aug 05 2003 sbrabec@suse.cz - Package renamed to libsoup. * Mon Jul 14 2003 sbrabec@suse.cz - GNOME prefix change to /opt/gnome. * Thu May 22 2003 sbrabec@suse.cz - Initial SuSE version of GNOME2 port.
/usr/lib64/libsoup-3.0.so.0 /usr/lib64/libsoup-3.0.so.0.7.1 /usr/share/doc/packages/libsoup-3_0-0 /usr/share/doc/packages/libsoup-3_0-0/NEWS /usr/share/licenses/libsoup-3_0-0 /usr/share/licenses/libsoup-3_0-0/COPYING
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 12 00:02:43 2024