1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

97 Commits

Author SHA1 Message Date
Daniel Stenberg
2a699bc6e9 CURLOPT_SSL_OPTIONS: added
Allow an appliction to set libcurl specific SSL options. The first and
only options supported right now is CURLSSLOPT_ALLOW_BEAST.

It will make libcurl to disable any work-arounds the underlying SSL
library may have to address a known security flaw in the SSL3 and TLS1.0
protocol versions.

This is a reaction to us unconditionally removing that behavior after
this security advisory:

http://curl.haxx.se/docs/adv_20120124B.html

... it did however cause a lot of programs to fail because of old
servers not liking this work-around. Now programs can opt to decrease
the security in order to interoperate with old servers better.
2012-02-09 22:22:54 +01:00
Dave Reisner
705f0f7a5b add library support for tuning TCP_KEEPALIVE
This adds three new options to control the behavior of TCP keepalives:

- CURLOPT_TCP_KEEPALIVE: enable/disable probes
- CURLOPT_TCP_KEEPIDLE: idle time before sending first probe
- CURLOPT_TCP_KEEPINTVL: delay between successive probes

While not all operating systems support the TCP_KEEPIDLE and
TCP_KEEPINTVL knobs, the library will still allow these options to be
set by clients, silently ignoring the values.
2012-02-09 18:53:51 +01:00
Gokhan Sengun
c834213ad5 FTP: perform active connections non-blocking
1- Two new error codes are introduced.

CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
FTP server connected.

CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.

Neither of these errors are considered fatal and control connection
remains OK because it could just be a firewall blocking server to
connect to the client.

2- One new setopt option was introduced.

CURLOPT_ACCEPTTIMEOUT_MS

It sets the maximum amount of time FTP client is going to wait for a
server to connect. Internal default accept timeout is 60 seconds.
2011-12-20 20:30:02 +01:00
Jonas Schnelli
f64812ca63 SFTP: support '*' prefix for quote operations
prefixing a command with '*' means it is allowed to fail without
aborting the chain actions
2011-11-18 16:04:52 +01:00
Daniel Stenberg
15e3e45170 share: don't use SSL unless enabled
Don't even declare the struct members for disabled features

Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface
when trying to set a sharing option that has been disabled (or not
enabled) in the library.
2011-10-03 22:35:04 +02:00
Yang Tse
d9f686db88 remove short-lived CURL_WRITEFUNC_OUT_OF_MEMORY 2011-09-26 13:05:42 +02:00
Yang Tse
119f43360b allow write callbacks to indicate OOM to libcurl
Allow (*curl_write_callback) write callbacks to return
CURL_WRITEFUNC_OUT_OF_MEMORY to properly indicate libcurl of OOM conditions
inside the callback itself.
2011-09-25 19:05:46 +02:00
Yang Tse
407e08baad NTLM single-sign on adjustments (X)
Functions renamed:

Curl_output_ntlm_sso -> Curl_output_ntlm_wb
sso_ntlm_close -> wb_ntlm_close
sso_ntlm_response -> wb_ntlm_response
sso_ntlm_initiate -> wb_ntlm_initiate

Preprocessor symbols renamed:

CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
2011-08-26 18:57:50 +02:00
Daniel Stenberg
73548e1d22 s/7.21.8/7.22.0 2011-08-08 10:13:09 +02:00
Kamil Dudka
a7864c41db curl_gssapi: refine the handling of CURLOPT_GSSAPI_DELEGATION
Suggested by Richard Silverman.
2011-08-03 10:56:41 +02:00
Daniel Stenberg
d95f45cd40 symbols-in-versions: add NTLM_SSO symbols 2011-07-19 00:54:41 +02:00
Daniel Stenberg
6dfa16c3c4 symbols-in-versions: add CLOSESOCKET* 2011-05-18 22:56:46 +02:00
Daniel Stenberg
8e4fb01e64 transfer-encoding: added new option and cmdline
Added CURLOPT_TRANSFER_ENCODING as the option to set to request Transfer
Encoding in HTTP requests (if built zlib enabled). I also renamed
CURLOPT_ENCODING to CURLOPT_ACCEPT_ENCODING (while keeping the old name
around) to reduce the confusion when we have to encoding options for
HTTP.

--tr-encoding is now the new command line option for curl to request
this, and thus I updated the test cases accordingly.
2011-04-18 19:46:21 +02:00
Daniel Stenberg
01f05d0c75 return code cleanup: build, init and run-time errors
Stop the abuse of CURLE_FAILED_INIT as return code for things not being
init related by introducing two new return codes:

CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION

CURLE_NOT_BUILT_IN replaces return code 4 that has been obsoleted for
several years. It is used for returning error when something is
attempted to be used but the feature/option was not enabled or
explictitly disabled at build-time. Getting this error mostly means that
libcurl needs to be rebuilt.

CURLE_FAILED_INIT is now saved and used strictly for init
failures. Getting this problem means something went seriously wrong,
like a resource shortage or similar.

CURLE_UNKNOWN_OPTION is the option formerly known as
CURLE_UNKNOWN_TELNET_OPTION (and the old name is still present,
separately defined to be removed in a very distant future). This error
code is meant to be used to return when an option is given to libcurl
that isn't known. This problem would mostly indicate a problem in the
program that uses libcurl.
2011-04-05 15:14:02 +02:00
Daniel Stenberg
d02f444759 symbols-in-versions: make test 1119 happy 2011-03-24 13:48:18 +01:00
Daniel Stenberg
e765afccb6 symbols-in-versions: many corrections
Scanned with a tool that checked for mistakes and this is the subsequent
cleanup.
2011-03-20 19:17:46 +01:00
Daniel Stenberg
929aeed386 symbols-in-versions: remove duplicates 2011-03-17 15:25:12 +01:00
Daniel Stenberg
42d95bcc44 symbols-in-versions: 2 corrections
CURLE_CHUNK_FAILED and CURLE_FTP_BAD_FILE_LIST were introduced in
7.21.0, not 7.20.1
2011-03-17 13:42:36 +01:00
Daniel Stenberg
d9805c5b2b symbols-in-versions: sorted
I forgot to sort it when I added the CURL_SOCKOPT_* symbols
2011-02-17 23:22:11 +01:00
Daniel Stenberg
4c33b0a200 SOCKOPTFUNCTION: documented new return codes 2011-02-17 22:42:19 +01:00
Quinn Slack
3cffcba3d0 CURLE_TLSAUTH_FAILED: removed
On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
was only being raised when an internal error occurred while allocating
or setting the GnuTLS SRP client credentials struct. For TLS
authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
appropriate; its error string already includes "passwords" as a possible
cause. Having a separate TLS auth error code might also cause people to
think that a TLS auth failure means the wrong username or password was
entered, when it could also be a sign of a man-in-the-middle attack.
2011-02-09 23:34:30 +01:00
Daniel Stenberg
c0a2ee65a4 symbols-in-versions: add the new TLSAUTH-SRP symbols 2011-01-19 22:45:02 +01:00
Daniel Stenberg
012f9b7f04 symbols-in-versions: CURLOPT_KEYPASSWD fixed
It was added in 7.17.0 and is not deprecated
2010-12-09 13:07:00 +01:00
Daniel Stenberg
8636742256 HTTP Auth: Add CURLAUTH_ONLY
This is a meta symbol. OR this value together with a single specific
auth value to force libcurl to probe for un-restricted auth and if not,
only that single auth algorithm is acceptable.

For example you can use CURLAUTH_DIGEST|CURLAUTH_ONLY to make libcurl
first probe for what method to use, but yet only consider Digest to be
acceptable.

Using _only_ CURLAUTH_DIGEST without the CURLAUTH_ONLY field, will make
libcurl explicitly use Digest right away and not do any probing.
2010-11-11 16:44:50 +01:00
Daniel Stenberg
7d8343934b symbols-in-version: add CURL_SOCKET_BAD
I also documented the filtering logic in the symbol-scan.pl function to
clarify why not all CURL_* symbols are included.
2010-11-09 14:20:23 +01:00
Daniel Stenberg
0a41318f1d CURLOPT_RESOLVE: documented 2010-11-08 09:53:35 +01:00
Daniel Stenberg
52e3c60c86 symbols-in-versions: added 119 missing symbols
I've developed a script I call symbol-scan.pl that scans the curl.h and
multi.h header files and compare the symbols it finds in there with the
symbols symbols-in-versions documents and outputs a report on the
differences.  Using this I've dug through the history to fill up
symbols-in-versions with all the symbols my script found mismatches for.

I will commit symbol-scan.pl separatly and think of a way to put it to
use in the build/tests so that we from now on will get this in-sync
check automatically.
2010-11-03 10:07:16 +01:00
Daniel Stenberg
13e9571dd0 symbols-in-versions: added missing symbols 2010-11-02 23:35:12 +01:00
Daniel Stenberg
ca9f9cb875 spellfix: CURLOPT_TFTP_BLKSIZE it is 2010-11-02 22:01:01 +01:00
Frank Meier
8098d9417c getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
Kamil Dudka
2ffe834bff ftp wildcard: a new option CURLOPT_FNMATCH_DATA 2010-05-16 02:52:33 +02:00
Daniel Stenberg
7871fbad4d updated with symbols added in recent commits for 7.21.0 2010-05-13 00:07:37 +02:00
Yang Tse
a07bc79117 removed trailing whitespace 2010-02-14 19:40:18 +00:00
Daniel Stenberg
c9f46446d5 more symbols added in 7.20.0 2010-02-03 18:18:13 +00:00
Daniel Stenberg
bc253a4d5f cleanups by Julien Chaffraix 2010-01-22 13:14:51 +00:00
Daniel Stenberg
241c0ad5bd added CURLOPT_FTP_USE_PRET 2010-01-01 14:52:12 +00:00
Daniel Stenberg
97141d08f7 CURLOPT_HEADERDATA was added in 7.10 2009-12-30 23:14:30 +00:00
Daniel Stenberg
b6ac8d62a1 symbols added in the CVS version meant for 7.20.0 2009-12-26 18:42:25 +00:00
Yang Tse
2c16681225 Adjusted to take in account that...
With the curl memory tracking feature decoupled from the debug build feature,
CURLDEBUG and DEBUGBUILD preprocessor symbol definitions are used as follows:

CURLDEBUG used for curl debug memory tracking specific code (--enable-curldebug)

DEBUGBUILD used for debug enabled specific code (--enable-debug)
2009-06-10 02:49:42 +00:00
Daniel Stenberg
644482fc99 more return codes added 2009-05-04 21:36:53 +00:00
Daniel Stenberg
bdf71e2685 a busload symbols added 2009-05-04 14:50:29 +00:00
Daniel Stenberg
dbf371344b mention the new CURL_SEEKFUNC_ symbols 2009-04-29 11:41:29 +00:00
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Daniel Stenberg
0517fa153c three new CURLFTP_CREATE_DIR* symbols 2009-02-17 09:43:27 +00:00
Daniel Stenberg
002cf105c6 - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
the condition in the previous request was unmet. This is typically a time
  condition set with CURLOPT_TIMECONDITION and was previously not possible to
  reliably figure out. From bug report #2565128
  (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-11 21:47:14 +00:00
Daniel Stenberg
517b8ed057 completed the CURLPROXY_ collection 2009-02-10 12:52:09 +00:00
Daniel Stenberg
c65f9acdc7 introducing the symbols-in-versions file, in an effort to help app authors
to better know and track symbols in earlier libcurl versions
2009-02-10 12:33:10 +00:00