neon

neon is an HTTP and WebDAV client library, with a C interface. Features:

• High-level wrappers for common HTTP and WebDAV operations (GET, MOVE, DELETE, etc)
Low-level interface to the HTTP request/response engine, allowing the use of arbitrary HTTP methods, headers, etc.
• Authentication support including Basic and Digest support, along with GSSAPI-based Negotiate on Unix, and SSPI-based Negotiate/NTLM on Win32
• SSL/TLS support using OpenSSL or GnuTLS; exposing an abstraction layer for verifying server certificates, handling client certificates, and examining certificate properties. Smartcard-based client certificates are also supported via a PKCS#11 wrapper interface.
• Abstract interface to parsing XML using libxml2 or expat, and wrappers for simplifying handling XML HTTP response bodies
• WebDAV metadata support; wrappers for PROPFIND and PROPPATCH to simplify property manipulation.

neon is free software, distributed under the GNU Library GPL.

Patches, feature requests, bug reports, questions etc. can be sent to the neon mailing list (for which a web archive is also available). The neon-commits list receives commit messages from the Subversion repository.

Current Release

Please note: The neon API is subject to backwards-incompatible change over minor versions (0.24.x -> 0.25.x) but is stable across patch releases (0.24.0 -> 0.24.x).

• Source code: neon-0.30.1.tar.gz
• Reference documention
• Subversion repository

Changes in release neon 0.30.1, 23rd September 2014 (PGP signature)

• Fix memory leak with GnuTLS (Werner Baumann, Patrick Ohly).
• Fix possible crash after DNS lookup errors on Windows (Olivier Goffart).
• Don't fail if the SSL cert changes between connections with OpenSSL, behaviour now matches that with GnuTLS.
• Fix PKCS#11 support under OpenSSL with TLS 1.2.
• Fix static linking with pkg-config file (Alan H)

Changes in release neon 0.30.0, 31st July 2013 (PGP signature)

• Interface changes:
  • none, API and ABI backwards-compatible with 0.27.x and later
• New interfaces and features:
  • ne_ssl.h: added ne_ssl_clicert_import, ne_ssl_context_get_flag
  • ne_session.h: added ne_set_addrlist2
  • ne_socket.h: added ne_addr_canonical
  • ne_auth.h: added NE_AUTH_GSSAPI_ONLY, NE_AUTH_SSPI (Nathanael Rensen)
  • ne_basic.h: added NE_CAP_EXT_MKCOL options test
  • ne_request.h: support chunked bodies with negative length passed to ne_set_request_body_provider (Julien Reichel)
• Bug fixes:
  • ne_path_escape: fix excessive memory allocation (Pierre Crokaert)
  • SSPI auth: use canonical server hostname, clear SSPI context after successful auth (Nathanael Rensen)
  • build fixes for Open Watcom compiler (NormW)
  • fix Win32 error code handling for local ne_sock_prebind bind failure
  • Win32: support LFS, thread-safe OpenSSL (Diego Santa Cruz)
  • GnuTLS: fix GnuTLS 3.x support (Matthias Petschick, Bartosz Brachaczek)

Changes in release neon 0.29.6, 3 May 2011 (PGP signature)

• Don't abort SSL handshake with GnuTLS if a client cert is requested but none is configured/available (thanks to Patrick Ohly)
• Fix GnuTLS build with Nettle (Arfrever Frehtes Taifersar Arahesis)
• Win32: Fix handling of SSPI challenges (Ivan Zhakov)
• Fix the method string passed to create_request hooks to have the same lifetime as the request object (Patrick Ohly)
• Docs updates.

Release history