1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-15 14:05:03 -05:00
Commit Graph

415 Commits

Author SHA1 Message Date
Nick Zitzmann
bf77101e5c darwinssl: PKCS#12 import feature now requires Lion or later
It turns out that some of the constants necessary to make this feature
work are missing from Snow Leopard's Security framework even though
they are defined in the headers.

Bug: http://curl.haxx.se/mail/lib-2013-11/0076.html
Reported by: myriachan
2013-11-12 20:18:04 -06:00
Steve Holme
f2584627c8 curl_easy_setopt: Added the ability to set the login options separately
Rather than set the authentication options as part of the login details
specified in the URL, or via the older CURLOPT_USERPWD option, added a
new libcurl option to allow the login options to be set separately.
2013-11-12 19:08:55 +00:00
Tomas Hoger
d7d8a8f922 curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation
- better describe what happens when 1 is specified as parameter
- clarify what "is ignored" means for NSS builds
2013-11-12 17:03:13 +01:00
Patrick Monnerat
f6c335d63f NSS: support for CERTINFO feature 2013-10-30 11:12:06 +01:00
Daniel Stenberg
947d431d50 CURLOPT_RESOLVE: mention they don't time-out
Clarify in the documentation that DNS entries added with CURLOPT_RESOLVE
won't time-out.

Bug: http://curl.haxx.se/mail/lib-2013-10/0062.html
Reported-by: Romulo Ceccon
2013-10-23 23:15:36 +02:00
Steve Holme
75b9b26465 DOCS: Added libcurl version number to CURLOPT_SSLVERSION 2013-10-16 20:18:18 +01:00
Gergely Nagy
ad34a2d5c8 SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).

axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.

darwinssl:
Added support for the new enum values.

SChannel:
Added support for the new enum values.

CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.

GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.

NSS:
TLS minor version cannot be set, so we don't allow the new enum values.

QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.

OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.

Command-line tool:
Added command line options for the new values.
2013-10-15 20:26:47 +02:00
Daniel Stenberg
c8b05b809e curl_easy_setopt.3: slight clarification of SEEKFUNCTION 2013-09-30 14:58:06 +02:00
Daniel Stenberg
af44da38d6 curl_easy_setopt.3: clarify that TIMEOUT and TIMEOUT_MS set the same value 2013-09-20 23:16:04 +02:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Daniel Stenberg
8a6dba520b curl_easy_setopt.3: mention RTMP URL quirks
URL: http://curl.haxx.se/bug/view.cgi?id=1278
Reported-by: Gorilla Maguila
2013-09-13 14:06:20 +02:00
Kim Vandry
df69440d05 libcurl: New options to bind DNS to local interfaces or IP addresses 2013-09-12 21:11:47 +02:00
Nick Zitzmann
d2fe616e7e darwinssl: add support for PKCS#12 files for client authentication
I also documented the fact that the OpenSSL engine also supports them.
2013-09-05 18:57:06 -05:00
Kyle L. Huff
e848942505 docs: Added documentation for CURLOPT_BEARER 2013-08-30 21:43:13 +01:00
Steve Holme
7da3caaf95 Revert "DOCS: Added IMAP URL example for listing new messages"
This reverts commit 82ab5f1b0c as this was the wrong place to
document the complexity of IMAP URLs and Custom Requests.
2013-08-02 14:25:21 +01:00
Steve Holme
82ab5f1b0c DOCS: Added IMAP URL example for listing new messages
In addition to listing the folder contents, in the URL examples, added
an example to list the new messages waiting in the user's inbox.
2013-08-02 10:08:55 +01:00
Daniel Stenberg
12d01cb6fa CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function
and CURLOPT_PROGRESSFUNCTION is considered deprecated.

This new callback uses pure 'curl_off_t' arguments to pass on full
resolution sizes. It otherwise retains the same characteristics: the
same call rate, the same meanings for the arguments and the return code
is used the same way.

The progressfunc.c example is updated to show how to use the new
callback for newer libcurls while supporting the older one if built with
an older libcurl or even built with a newer libcurl while running with
an older.
2013-07-18 23:44:06 +02:00
Daniel Stenberg
b1a295ac4e curl_easy_setopt.3: clarify CURLOPT_PROGRESSFUNCTION frequency
Make it clearer that the CURLOPT_PROGRESSFUNCTION callback will be
called more frequently than once per second when things are happening.
2013-06-14 23:17:14 +02:00
Peter Gal
c53fb36b0c curl_easy_setopt.3: HTTP header with no content
Update the documentation on how to specify a HTTP header with no
content.
2013-06-08 00:15:40 +02:00
Daniel Stenberg
7d4d4892d8 curl_easy_setopt.3: expand the PROGRESSFUNCTION section
Explain the callback and its arguments better and with more descriptive
text.
2013-05-20 10:50:51 +02:00
Steve Holme
945246988d DOCS: Corrected line length of recent Secure Transport changes 2013-04-28 12:17:15 +01:00
Nick Zitzmann
a5c0e20939 darwinssl: add TLS crypto authentication
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
2013-04-27 23:15:07 -06:00
Steve Holme
128517649c Corrected version numbers after bump 2013-04-27 23:02:20 +01:00
Steve Holme
f4e6e201b1 DOCS: Updated following the addition of CURLOPT_SASL_IR
Documented the the option in curl_easy_setopt() and added it to
symbols-in-versions.
2013-04-27 17:08:08 +01:00
Steve Holme
89acdf50fa DOCS: Minor rewording / clarification of host name protocol detection 2013-04-25 13:30:17 +01:00
Steve Holme
a8c92cb608 DOCS: Added reference to IETF draft for SMTP URL Interface
...when mentioning login options. Additional minor clarification of
"Windows builds" to be "Windows builds with SSPI"as a way of enabling
NTLM as Windows builds may be built with OpenSSL to enable NTLM or
without NTLM support altogether.
2013-04-24 19:35:38 +01:00
Steve Holme
bbf63b0faa DOCS: Reworked the scheme calculation explanation under CURLOPT_URL 2013-04-23 19:57:58 +01:00
Steve Holme
868d8e6831 DOCS: Added information about login options to CURLOPT_USERPWD 2013-04-22 20:22:12 +01:00
Steve Holme
e3aca1b2ce DOCS: Added information about login options in the URL 2013-04-22 20:22:10 +01:00
Daniel Stenberg
962eb3d9ed curl_easy_setopt.3: CURLOPT_HTTPGET disables CURLOPT_UPLOAD 2013-04-03 15:39:38 +02:00
Steve Holme
b99c9f7c7f DOCS: Corrected the IMAP URL grammar of the UIDVALIDITY parameter 2013-03-07 20:53:15 +00:00
Steve Holme
3df1e35838 DOCS: Added the list command to the IMAP URL section
Added examples of the list command and clarified existing example URLs
following recent changes.
2013-03-07 11:51:40 +00:00
Steve Holme
f67bd1a344 DOCS: Added the IMAP UIDVALIDITY property to the CURLOPT_URL section 2013-02-26 22:22:26 +00:00
Steve Holme
94336d3c1e DOCS: Corrected IMAP URL examples according to RFC5092
URL examples that included the UID weren't technically correct although
would pass the curl parser.
2013-02-25 09:36:52 +00:00
Steve Holme
e87a3ccc62 DOCS: Corrected layout of POP3 and IMAP URL examples
Corrected layout issues with the POP3 and IMAP URL examples introduced
in commit cb3ae6894f.
2013-02-24 00:47:38 +00:00
Steve Holme
cb3ae6894f DOCS: Updated CURLOPT_URL section following recent POP3 and IMAP changes
Updated the POP3 sub-section to refer to message ID rather than mailbox.

Added an IMAP sub-section with example URLs depicting the specification
of mailbox, uid and section.
2013-02-23 23:14:12 +00:00
Alexander Klauer
c3ea3eb6a3 libcurl documentation: clarifications and typos
* Elaborates on default values of some curl_easy_setopt() options.
* Reminds the user to cast variadic arguments to curl_easy_setopt() to
  'void *' where curl internally interprets them as such.
* Clarifies the working of the CURLOPT_SEEKFUNCTION option for
  curl_easy_setopt().
* Fixes typo 'forth' → 'fourth'.
* Elaborates on CURL_SOCKET_TIMEOUT.
* Adds some missing periods.
* Notes that the return value of curl_version() must not be passed to
  free().
2013-02-22 23:22:22 +01:00
Daniel Stenberg
10c1b11f88 docs: refer to CURLOPT_ACCEPT_ENCODING instead of the old name 2013-02-17 19:30:12 +01:00
Kamil Dudka
11dde6ac72 docs: update the comments about loading CA certs with NSS
Bug: https://bugzilla.redhat.com/696783
2013-01-28 14:12:57 +01:00
Steve Holme
91dc73ef44 DOCS: Updated CURLOPT_CONNECT_ONLY to reflect usage in other protocols 2012-11-23 13:43:53 +00:00
Daniel Stenberg
da82f59b69 CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
After a research team wrote a document[1] that found several live source
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
option thinking it was a boolean, this change now bans 1 as a value and
will make libcurl return error for it.

1 was never a sensible value to use in production but was introduced
back in the days to help debugging. It was always documented clearly
this way.

1 was never supported by all SSL backends in libcurl, so this cleanup
makes the treatment of it unified.

The report's list of mistakes for this option were all PHP code and
while there's a binding layer between libcurl and PHP, the PHP team has
decided that they have an as thin layer as possible on top of libcurl so
they will not alter or specifically filter a 'TRUE' value for this
particular option. I sympathize with that position.

[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
2012-11-06 19:46:53 +01:00
Daniel Stenberg
41a3bff3da curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION 2012-08-16 23:34:23 +02:00
Kamil Dudka
f208bf5a2d docs: update the links to cipher-suites supported by NSS
... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09 16:24:53 +02:00
Armel Asselin
0774386b23 docs: mention CURLSSH_AUTH_AGENT 2012-08-08 23:03:11 +02:00
Daniel Stenberg
8a279d2275 curl_easy_setopt: fix typo
Reported by: Santhana Todatry
2012-07-24 00:29:39 +02:00
Dan Fandrich
cb787b70bf Fixed some typos in documentation 2012-07-20 21:02:58 +02:00
Steve Holme
1eb74f94c4 DOCS: Added clarification to CURLOPT_CUSTOMREQUEST for the POP3 protocol
Bug: http://curl.haxx.se/mail/lib-2012-06/0302.html
Reported by: Nagai H
2012-06-24 23:23:30 +01:00
Daniel Stenberg
b511486fcd curl_easy_setopt.3: proto updates + cleanups
- For all *FUNCTION options, they now all show the complete prototype in
  the description. Previously some of them would just refer to a
  typedef'ed function pointer in the curl.h header.

- I made the phrasing of that "Pass a pointer to a function that matches
  the following prototype" the same for all *FUNCTION option descriptions.

- I removed some uses of 'should'. I think I sometimes over-use this
  word as in many places I actually mean MUST or otherwise more specific
  and not-so-optional synonyms.
2012-06-04 20:03:13 +02:00
Steve Holme
3124a8df93 DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH
Additionally corrected another RFC link that I missed yesterday.
2012-05-27 20:04:36 +01:00
Steve Holme
efb8471a69 DOCS: Fixed line spacing of authentication examples in CURLOPT_URL 2012-05-26 14:15:33 +01:00