moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity
curl/src/tool_cfgable.h

284 lines
10 KiB
C
Raw Normal View History

curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
#ifndef HEADER_CURL_TOOL_CFGABLE_H
#define HEADER_CURL_TOOL_CFGABLE_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
curl: remove tool_writeenv.[ch] ... and USE_ENVIRONMENT and --environment. It was once added for RISC OS support and its platform specific behavior has been annoying ever since. Added in commit c3c8bbd3b2688da8e, mostly unchanged since then. Most probably not actually used for years. Closes #1463
2017-05-03 08:28:40 -04:00
* Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
URLs: change all http:// URLs to https://
2016-02-02 18:19:02 -05:00
* are also available at https://curl.haxx.se/docs/copyright.html.
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
curl tool: use configuration files from lib directory Configuration files such as curl_config.h and all config-*.h no longer exist nor are generated/copied into 'src' directory, now these only exist in 'lib' directory from where curl tool sources uses them. Additionally old src/setup.h has been refactored into src/tool_setup.h which now pulls lib/setup.h The possibility of a makefile needing an include path adjustment exists.
2012-04-06 17:35:15 -04:00
#include "tool_setup.h"
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
curl tool: reviewed code moved to tool_*.[ch] files Overhauled FindWin32CACert()
2011-09-20 09:58:35 -04:00
#include "tool_sdecls.h"
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
Support Metalink. This change adds experimental Metalink support to curl. To enable Metalink support, run configure with --with-libmetalink. To feed Metalink file to curl, use --metalink option like this: $ curl -O --metalink foo.metalink We use libmetalink to parse Metalink files.
2012-04-26 09:59:52 -04:00
#include "tool_metalink.h"
curl: prevent binary output spewed to terminal ... unless "--output -" is used. Binary detection is done by simply checking for a binary zero in early data. Added test 1425 1426 to verify. Closes #1512
2017-06-16 05:30:36 -04:00
typedef enum {
ERR_NONE,
ERR_BINARY_TERMINAL = 1, /* binary to terminal detected */
ERR_LAST
} curl_error;
tool_cfgable: Added GlobalConfig pointer to OperationConfig In order to ease the moving of global options such as the error stream, updated the OperationConfig structure to point to the GlobalConfig.
2014-02-26 16:02:53 -05:00
struct GlobalConfig;
tool_cfgable: Renamed Configurable structure to OperationConfig To allow for the addition of a global config structure and prevent confusion between the two.
2014-02-23 07:59:59 -05:00
struct OperationConfig {
tool_cfgable: Added global config structure
2014-02-23 08:15:31 -05:00
CURL *easy; /* A copy of the handle from GlobalConfig */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool remote_time;
char *random_file;
char *egd_file;
char *useragent;
char *cookie; /* single line with specified cookies */
char *cookiejar; /* write to this file */
char *cookiefile; /* read from this file */
bool cookiesession; /* new session? */
bool encoding; /* Accept-Encoding please */
bool tr_encoding; /* Transfer-Encoding please */
Take in account that CURLAUTH_* bitmasks are now 'unsigned long' Data type of internal vars holding CURLAUTH_* bitmasks changed from 'long' to 'unsigned long' for proper handling and operating.
2012-04-18 17:04:35 -04:00
unsigned long authtype; /* auth bitmask */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool use_resume;
bool resume_from_current;
bool disable_epsv;
bool disable_eprt;
bool ftp_pret;
long proto;
bool proto_present;
long proto_redir;
bool proto_redir_present;
CURLOPT_DEFAULT_PROTOCOL: added - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default protocol for schemeless URLs. - Add new tool option --proto-default to expose CURLOPT_DEFAULT_PROTOCOL. In the case of schemeless URLs libcurl will behave in this way: When the option is used libcurl will use the supplied default. When the option is not used, libcurl will follow its usual plan of guessing from the hostname and falling back to 'http'.
2015-08-22 21:49:26 -04:00
char *proto_default;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
curl_off_t resume_from;
char *postfields;
curl_off_t postfieldsize;
char *referer;
src/tool: allow timeouts to accept decimal values Implement wrappers around strtod to convert the user argument to a double with sane error checking. Use this to allow --max-time and --connect-timeout to accept decimal values instead of strictly integers. The manpage is updated to make mention of this feature and, additionally, forewarn that the actual timeout of the operation can vary in its precision (particularly as the value increases in its decimal precision).
2013-04-30 10:23:39 -04:00
double timeout;
double connecttimeout;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
long maxredirs;
curl_off_t max_filesize;
char *headerfile;
char *ftpport;
char *iface;
int localport;
int localportrange;
unsigned short porttouse;
char *range;
long low_speed_limit;
long low_speed_time;
curl: Fixed usage of DNS options when not using c-ares resolver Commit 32352ed6adddcb introduced various DNS options, however, these would cause curl to exit with CURLE_NOT_BUILT_IN when c-ares wasn't being used as the backend resolver even if the options weren't set by the user. Additionally corrected some minor coding style errors from the same commit.
2013-09-13 13:50:11 -04:00
char *dns_servers; /* dot notation: 1.1.1.1;2.2.2.2 */
char *dns_interface; /* interface name */
char *dns_ipv4_addr; /* dot notation */
char *dns_ipv6_addr; /* dot notation */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *userpwd;
login options: remove the ;[options] support from CURLOPT_USERPWD To avoid the regression when users pass in passwords containing semi- colons, we now drop the ability to set the login options with the same options. Support for login options in CURLOPT_USERPWD was added in 7.31.0. Test case 83 was modified to verify that colons and semi-colons can be used as part of the password when using -u (CURLOPT_USERPWD). Bug: http://curl.haxx.se/bug/view.cgi?id=1311 Reported-by: Petr Bahula Assisted-by: Steve Holme Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 16:39:27 -05:00
char *login_options;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *tls_username;
char *tls_password;
char *tls_authtype;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_tls_username;
char *proxy_tls_password;
char *proxy_tls_authtype;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *proxyuserpwd;
char *proxy;
int proxyver; /* set to CURLPROXY_HTTP* define */
char *noproxy;
char *mail_from;
struct curl_slist *mail_rcpt;
curl: Added support for --mail-auth Added an extra command-line argument to support the optional AUTH parameter in SMTPs MAIL FROM command.
2012-02-16 07:19:47 -05:00
char *mail_auth;
sasl-ir: Added --sasl-ir option to curl command line tool
2013-04-27 04:54:14 -04:00
bool sasl_ir; /* Enable/disable SASL initial response */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool proxytunnel;
bool ftp_append; /* APPE on ftp */
bool use_ascii; /* select ascii or text transfer */
bool autoreferer; /* automatically set referer */
bool failonerror; /* fail on (HTTP) errors */
bool include_headers; /* send headers to data output */
bool no_body; /* don't get the body */
bool dirlistonly; /* only get the FTP dir list */
bool followlocation; /* follow http redirects */
bool unrestricted_auth; /* Continue to send authentication (user+password)
when following ocations, even when hostname
changed */
bool netrc_opt;
bool netrc;
char *netrc_file;
struct getout *url_list; /* point to the first node */
struct getout *url_last; /* point to the last/current node */
struct getout *url_get; /* point to the node to fill in URL */
struct getout *url_out; /* point to the node to fill in outfile */
curl: speed up handling of many URLs By properly keeping track of the last entry in the list of URLs/uploads to handle, curl now avoids many meaningless traverses of the list which speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K URLs). Added test 1291, to verify that it doesn't take ages - but we don't have any detection of "too slow" command in the test suite. Reported-by: arainchik on github Fixes #1959 Closes #2052
2017-11-04 07:56:30 -04:00
struct getout *url_ul; /* point to the node to fill in upload */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *cipher_list;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_cipher_list;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *cert;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_cert;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *cert_type;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_cert_type;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *cacert;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_cacert;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *capath;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_capath;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *crlfile;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_crlfile;
SSL: implement public key pinning Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
2014-09-30 22:31:17 -04:00
char *pinnedpubkey;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *key;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_key;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *key_type;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_key_type;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *key_passwd;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
char *proxy_key_passwd;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
char *pubkey;
char *hostpubmd5;
char *engine;
bool crlf;
char *customrequest;
char *krblevel;
--request-target: instead of --strip-path-slash ... and CURLOPT_REQUEST_TARGET instead of CURLOPT_STRIP_PATH_SLASH. This option instead provides the full "alternative" target to use in the request, instead of extracting the path from the URL. Test 1298 and 1299 updated accordingly. Idea-by: Evert Pot Suggestion: https://daniel.haxx.se/blog/2017/06/19/options-with-curl/comment-page-1/#comment-18373 Closes #1593
2017-06-21 17:35:08 -04:00
char *request_target;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
long httpversion;
bool nobuffer;
bool readbusy; /* set when reading input returns EAGAIN */
bool globoff;
bool use_httpget;
bool insecure_ok; /* set TRUE to allow insecure SSL connects */
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
bool proxy_insecure_ok; /* set TRUE to allow insecure SSL connects
for proxy */
curl: prevent binary output spewed to terminal ... unless "--output -" is used. Binary detection is done by simply checking for a binary zero in early data. Added test 1425 1426 to verify. Closes #1512
2017-06-16 05:30:36 -04:00
bool terminal_binary_ok;
curl: add --cert-status option This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2014-06-16 14:47:26 -04:00
bool verifystatus;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool create_dirs;
bool ftp_create_dirs;
bool ftp_skip_ip;
bool proxynegotiate;
bool proxyntlm;
bool proxydigest;
bool proxybasic;
bool proxyanyauth;
char *writeout; /* %-styled format string to output */
struct curl_slist *quote;
struct curl_slist *postquote;
struct curl_slist *prequote;
long ssl_version;
vtls: add options to specify range of enabled TLS versions This commit introduces the CURL_SSLVERSION_MAX_* constants as well as the --tls-max option of the curl tool. Closes https://github.com/curl/curl/pull/1166
2016-12-13 15:10:00 -05:00
long ssl_version_max;
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
long proxy_ssl_version;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
long ip_version;
curl_TimeCond timecond;
time_t condtime;
struct curl_slist *headers;
curl: add --proxy-header
2014-02-04 17:48:16 -05:00
struct curl_slist *proxyheaders;
mime: use in curl cli tool instead of form API. Extended -F option syntax to support multipart mail messages. -F keyword headers= added to include custom headers in parts. Documentation upgraded.
2017-09-02 13:17:33 -04:00
curl_mime *mimepost;
curl_mime *mimecurrent;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
struct curl_slist *telnet_options;
struct curl_slist *resolve;
news: CURLOPT_CONNECT_TO and --connect-to Makes curl connect to the given host+port instead of the host+port found in the URL.
2016-01-25 08:37:24 -05:00
struct curl_slist *connect_to;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
HttpReq httpreq;
/* for bandwidth limiting features: */
curl_off_t sendpersecond; /* send to peer */
curl_off_t recvpersecond; /* receive from peer */
bool ftp_ssl;
bool ftp_ssl_reqd;
bool ftp_ssl_control;
bool ftp_ssl_ccc;
int ftp_ssl_ccc_mode;
preproxy: renamed what was added as SOCKS_PROXY CURLOPT_SOCKS_PROXY -> CURLOPT_PRE_PROXY Added the corresponding --preroxy command line option. Sets a SOCKS proxy to connect to _before_ connecting to a HTTP(S) proxy.
2016-12-16 10:02:08 -05:00
char *preproxy;
CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0.
2016-04-09 15:47:05 -04:00
int socks5_gssapi_nec; /* The NEC reference server does not protect the
encryption type exchange */
curl --socks5-{basic,gssapi}: control socks5 auth Closes https://github.com/curl/curl/pull/1454
2017-05-19 12:11:47 -04:00
unsigned long socks5_auth;/* auth bitmask for socks5 proxies */
CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0.
2016-04-09 15:47:05 -04:00
char *proxy_service_name; /* set authentication service name for HTTP and
SOCKS5 proxies */
url: Corrected comments following 9d89a0387
2016-04-09 00:33:03 -04:00
char *service_name; /* set authentication service name for DIGEST-MD5,
Kerberos 5 and SPNEGO */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool tcp_nodelay;
tool: add --tcp-fastopen option
2016-02-16 07:21:34 -05:00
bool tcp_fastopen;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
long req_retry; /* number of retries */
curl: Add --retry-connrefused to consider ECONNREFUSED as a transient error. Closes #1064
2016-10-09 19:00:25 -04:00
bool retry_connrefused; /* set connection refused as a transient error */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
long retry_delay; /* delay between retries (in seconds) */
long retry_maxtime; /* maximum time to keep retrying */
char *ftp_account; /* for ACCT */
char *ftp_alternative_to_user; /* send command if USER/PASS fails */
int ftp_filemethod;
long tftp_blksize; /* TFTP BLKSIZE option */
TFTP: add option to suppress TFTP option requests (Part 2) - Add tests. - Add an example to CURLOPT_TFTP_NO_OPTIONS.3. - Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS. Bug: https://github.com/curl/curl/issues/481
2015-08-24 00:15:01 -04:00
bool tftp_no_options; /* do not send TFTP options requests */
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool ignorecl; /* --ignore-content-length */
bool disable_sessionid;
bool raw;
bool post301;
bool post302;
curl: add --post303 to set the CURL_REDIR_POST_303 option
2012-04-05 17:34:12 -04:00
bool post303;
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool nokeepalive; /* for keepalive needs */
long alivetime;
bool content_disposition; /* use Content-disposition filename */
int default_node_flags; /* default flags to search for each 'node', which
is basically each given URL to transfer */
curl tool: fix some more OOM handling
2011-09-30 14:56:56 -04:00
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
bool xattr; /* store metadata in extended attributes */
long gssapi_delegation;
--ssl-allow-beast added This new option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols. It uses the new libcurl option CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.
2012-02-06 16:25:04 -05:00
bool ssl_allow_beast; /* allow this SSL vulnerability */
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
bool proxy_ssl_allow_beast; /* allow this SSL vulnerability for proxy*/
SSL: Add an option to disable certificate revocation checks New tool option --ssl-no-revoke. New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. Currently this option applies only to WinSSL where we have automatic certificate revocation checking by default. According to the ssl-compared chart there are other backends that have automatic checking (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at some later point. Bug: https://github.com/bagder/curl/issues/264 Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
bool ssl_no_revoke; /* disable SSL certificate revocation checks */
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16 12:49:15 -05:00
/*bool proxy_ssl_no_revoke; */
Reduced #ifdef HAVE_METALINK
2012-05-26 09:51:03 -04:00
curl: Made --metalink option toggle Metalink functionality In this change, --metalink option no longer takes argument. If it is specified, given URIs are processed as Metalink XML file. If given URIs are remote (e.g., http URI), curl downloads it first. Regardless URI is local file (e.g., file URI scheme) or remote, Metalink XML file is not written to local file system and the received data is fed into Metalink XML parser directly. This means with --metalink option, filename related options like -O and -o are ignored. Usage examples: $ curl --metalink http://example.org/foo.metalink This will download foo.metalink and parse it and then download the URI described there. $ curl --metalink file://foo.metalink This will parse local file foo.metalink and then download the URI described there.
2012-06-20 11:51:06 -04:00
bool use_metalink; /* process given URLs as metalink XML file */
Minimize usage of structs from libmetalink
2012-05-25 06:24:32 -04:00
metalinkfile *metalinkfile_list; /* point to the first node */
metalinkfile *metalinkfile_last; /* point to the last/current node */
curl_easy_perform_ev: debug/test function This function is meant to work *exactly* as curl_easy_perform() but will use the event-based libcurl API internally instead of curl_multi_perform(). To avoid relying on an actual event-based library and to not use non-portable functions (like epoll or similar), there's a rather inefficient emulation layer implemented on top of Curl_poll() instead. There's currently some convenience logging done in curl_easy_perform_ev which helps when tracking down problems. They may be suitable to remove or change once things seem to be fine enough. curl has a new --test-event option when built with debug enabled that then uses curl_easy_perform_ev() instead of curl_easy_perform(). If built without debug, using --test-event will only output a warning message. NOTE: curl_easy_perform_ev() is not part if the public API on purpose. It is only present in debug builds of libcurl and MUST NOT be considered stable even then. Use it for libcurl-testing purposes only. runtests.pl now features an -e command line option that makes it use --test-event for all curl command line tests. The man page is updated.
2013-08-10 16:55:59 -04:00
#ifdef CURLDEBUG
bool test_event_based;
#endif
oauth2: Don't use XOAUTH2 in OAuth 2.0 variables
2015-09-04 02:11:09 -04:00
char *oauth_bearer; /* OAuth 2.0 bearer token */
code/docs: Use Unix rather than UNIX to avoid use of the trademark Use Unix when generically writing about Unix based systems as UNIX is the trademark and should only be used in a particular product's name.
2014-12-26 15:45:21 -05:00
bool nonpn; /* enable/disable TLS NPN extension */
bool noalpn; /* enable/disable TLS ALPN extension */
char *unix_socket_path; /* path to Unix domain socket */
unix_socket: add support for abstract unix domain socket In addition to unix domain sockets, Linux also supports an abstract namespace which is independent of the filesystem. In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH internally, along with a flag to specify abstract socket. On non-supporting platforms, the abstract address will be interpreted as an empty string and fail gracefully. Also add new --abstract-unix-socket tool parameter. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: Chungtsun Li (typeless) Reviewed-by: Daniel Stenberg Reviewed-by: Peter Wu Closes #1197 Fixes #1061
2017-01-08 17:51:08 -05:00
bool abstract_unix_socket; /* path to an abstract Unix domain socket */
curl: add --false-start option
2015-02-14 12:17:04 -05:00
bool falsestart;
CURLOPT_PATH_AS_IS: added --path-as-is is the command line option Added docs in curl.1 and CURLOPT_PATH_AS_IS.3 Added test in test 1241
2015-03-23 05:51:49 -04:00
bool path_as_is;
curl --expect100-timeout: added This is the new command line option to set the value for the existing libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
2015-12-14 07:29:13 -05:00
double expect100timeout;
url: add option CURLOPT_SUPPRESS_CONNECT_HEADERS - Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing proxy CONNECT response headers from the user callback functions CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION. - Add new tool option --suppress-connect-headers to expose CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT response headers from --dump-header and --include. Assisted-by: Jay Satiro Assisted-by: CarloCannas@users.noreply.github.com Closes https://github.com/curl/curl/pull/783
2016-04-28 05:33:25 -04:00
bool suppress_connect_headers; /* suppress proxy CONNECT response headers
from user callbacks */
curl: prevent binary output spewed to terminal ... unless "--output -" is used. Binary detection is done by simply checking for a binary zero in early data. Added test 1425 1426 to verify. Closes #1512
2017-06-16 05:30:36 -04:00
curl_error synthetic_error; /* if non-zero, it overrides any libcurl
error */
ssh: add the ability to enable compression (for SCP/SFTP) The required low-level logic was already available as part of `libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1] option.) This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION` (boolean) and the new `curl` command-line option `--compressed-ssh` to request this `libssh2` feature. To have compression enabled, it is required that the SSH server supports a (zlib) compatible compression method and that `libssh2` was built with `zlib` support enabled. [1] https://www.libssh2.org/libssh2_session_flag.html Ref: https://github.com/curl/curl/issues/1732 Closes https://github.com/curl/curl/pull/1735
2017-08-05 05:26:04 -04:00
bool ssh_compression; /* enable/disable SSH compression */
tool_cfgable: Added GlobalConfig pointer to OperationConfig In order to ease the moving of global options such as the error stream, updated the OperationConfig structure to point to the GlobalConfig.
2014-02-26 16:02:53 -05:00
struct GlobalConfig *global;
tool_cfgable: Code policing of structure pointers
2014-02-27 15:59:15 -05:00
struct OperationConfig *prev;
code/docs: Use Unix rather than UNIX to avoid use of the trademark Use Unix when generically writing about Unix based systems as UNIX is the trademark and should only be used in a particular product's name.
2014-12-26 15:45:21 -05:00
struct OperationConfig *next; /* Always last in the struct */
tool_getparam: Added support for parsing of specific URL options
2014-02-07 16:14:43 -05:00
};
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
tool_cfgable: Added global config structure
2014-02-23 08:15:31 -05:00
struct GlobalConfig {
CURL *easy; /* Once we have one, we keep it here */
tool: Moved --showerror to the global config Other global options such as --libcurl, --trace and --verbose to follow.
2014-02-23 11:37:28 -05:00
int showerror; /* -1 == unset, default => show errors
0 => -s is used to NOT show errors
1 => -S has been used to show errors */
tool: Moved --silient to the global config Other global options such as --libcurl, --trace and --verbose to follow.
2014-02-27 15:21:23 -05:00
bool mute; /* don't show messages, --silent given */
tool: Moved --progress-bar to the global config
2014-03-01 08:20:20 -05:00
bool noprogress; /* don't show progress bar --silent given */
tool: Moved internal variable isatty to the global config
2014-03-01 08:49:28 -05:00
bool isatty; /* Updated internally if output is a tty */
tool: Moved --stderr to the global config
2014-03-01 08:00:31 -05:00
FILE *errors; /* Error stream, defaults to stderr */
bool errors_fopened; /* Whether error stream isn't stderr */
tool: Moved --trace and --verbose to the global config
2014-02-27 15:51:49 -05:00
char *trace_dump; /* file to dump the network trace to */
FILE *trace_stream;
bool trace_fopened;
trace tracetype;
bool tracetime; /* include timestamp? */
tool: Moved --progress-bar to the global config
2014-03-01 08:20:20 -05:00
int progressmode; /* CURL_PROGRESS_BAR / CURL_PROGRESS_STATS */
tool: Moved --libcurl to the global config
2014-03-01 08:38:00 -05:00
char *libcurl; /* Output libcurl code to this file name */
curl: add --fail-early Exit with an error on the first transfer error instead of continuing to do the rest of the URLs. Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html
2016-11-12 08:19:29 -05:00
bool fail_early; /* exit on first transfer error */
tool_cfgable: Added global config structure
2014-02-23 08:15:31 -05:00
struct OperationConfig *first;
tool_cfgable: Added support for knowing the current operation
2014-02-23 10:30:24 -05:00
struct OperationConfig *current;
tool_cfgable: Added global config structure
2014-02-23 08:15:31 -05:00
struct OperationConfig *last; /* Always last in the struct */
};
tool_cfgable: Code policing of structure pointers
2014-02-27 15:59:15 -05:00
void config_init(struct OperationConfig *config);
void config_free(struct OperationConfig *config);
curl tool: move 'Configurable' and free_config_fields() to tool_cfgable.[ch] Reviewing fields being free'd in free_config_fields() still pending
2011-09-16 15:44:45 -04:00
#endif /* HEADER_CURL_TOOL_CFGABLE_H */