1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

4946 Commits

Author SHA1 Message Date
Daniel Stenberg
c275aa9903
ROADMAP: thread-safe curl_global_init()
I'd like to see this happen.
2020-01-17 12:58:35 +01:00
Daniel Stenberg
6357a19ff2
polarssl: removed
As detailed in DEPRECATE.md, the polarssl support is now removed after
having been disabled for 6 months and nobody has missed it.

The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix
instead of the former 'polarssl' and the common functions that
previously were shared between mbedtls and polarssl and contained the
name 'polarssl' have now all been renamed to instead say 'mbedtls'.

Closes #4825
2020-01-16 11:55:56 +01:00
Daniel Stenberg
9d1a0922b7
HTTP-COOKIES.md: describe the cookie file format
... and refer to that file from from CURLOPT_COOKIEFILE.3 and
CURLOPT_COOKIELIST.3

Assisted-by: Jay Satiro
Reported-by: bsammon on github
Fixes #4805
Closes #4806
2020-01-13 23:18:32 +01:00
Emil Engler
cbb5429001 ngtcp2: Add an error code for QUIC connection errors
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
2020-01-11 18:19:32 -05:00
Jay Satiro
b700662b1c multi: Change curl_multi_wait/poll to error on negative timeout
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
2020-01-11 18:16:28 -05:00
Daniel Stenberg
920deff861
include: remove non-curl prefixed defines
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_
enums.
2020-01-09 22:57:33 +01:00
Daniel Stenberg
446665606c
KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all servers
Closes #4080
2020-01-09 16:19:34 +01:00
Daniel Stenberg
3b75084ce6
docs/RELEASE-PROCEDURE.md: pushed some release dates
Ref: https://curl.haxx.se/mail/lib-2020-01/0031.html
2020-01-09 09:31:52 +01:00
Daniel Stenberg
5059f5552f
RELEASE-PROCEDURE.md: fix next release date (Feb 26)
[skip ci]
2020-01-08 09:47:37 +01:00
Daniel Stenberg
72e304c779
THANKS: updated with names from the 7.68.0 release 2020-01-07 15:17:33 +01:00
Daniel Stenberg
f147c69472
RELEASE-PROCEDURE: add four future release dates
and remove four past release dates

[skip ci]
2020-01-07 15:17:17 +01:00
Jay Satiro
aeb32d059b CURLOPT_READFUNCTION.3: fix fopen params in example 2020-01-06 03:09:53 -05:00
Jay Satiro
e9dd17b754 CURLOPT_READFUNCTION.3: fix variable name in example
Reported-by: Paul Joyce

Fixes https://github.com/curl/curl/issues/4787
2020-01-06 03:01:33 -05:00
Daniel Stenberg
2150c4b5d3
docs: mention CURL_MAX_INPUT_LENGTH restrictions
... for curl_easy_setopt() and curl_url_set().

[skip ci]

Closes #4783
2020-01-05 17:06:47 +01:00
Jay Satiro
97934a2f71 CURLOPT_HEADERFUNCTION.3: Document that size is always 1
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback
is passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Reported-by: Frank Gevaerts
Commit-message-by: Christopher Head

Ref: https://github.com/curl/curl/pull/2787

Fixes https://github.com/curl/curl/issues/4758
2019-12-26 02:26:08 -05:00
Jay Satiro
68da0b8b86 examples/postinmemory.c: Call curl_global_cleanup always
Prior to this change curl_global_cleanup was not called if
curl_easy_init failed.

Reported-by: kouzhudong@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4751
2019-12-24 01:06:47 -05:00
Daniel Stenberg
4c2f5d52ba
url2file.c: fix copyright year
Follow-up to 5257872695
2019-12-21 18:18:12 +01:00
Rickard Hallerbäck
5257872695
examples/url2file.c: corrected a comment
The comment was confusing and suggested that setting CURLOPT_NOPROGRESS
to 0L would both enable and disable debug output at the same time, like
a Schrödinger's cat of CURLOPTs.

Closes #4745
2019-12-20 11:05:38 +01:00
Daniel Stenberg
a90d763548
HISTORY: OSS-Fuzz started fuzzing libcurl in 2017 2019-12-20 11:04:34 +01:00
Jay Satiro
c1592cc92b CURLOPT_QUOTE.3: fix typos
Prior to this change the EXAMPLE in the QUOTE/PREQUOTE/POSTQUOTE man
pages would not compile because a variable name was incorrect.

Reported-by: Bylon2@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4736
2019-12-18 15:21:58 -05:00
Daniel Stenberg
14f8b6e69e
CURLOPT_URL.3: "curl supports SMB version 1 (only)"
[skip ci]
2019-12-18 10:14:18 +01:00
Daniel Stenberg
4ec4787a10
HISTORY: the SMB(S) support landed in 2014 2019-12-18 08:25:51 +01:00
Daniel Stenberg
3ab45a9876
KNOWN_BUGS: TLS session cache doesn't work with TFO
[skip ci]
Closes #4301
2019-12-16 16:20:16 +01:00
Daniel Stenberg
8a9d6eeb32
KNOWN_BUGS: Connection information when using TCP Fast Open
Also point to #4296 for more details
Closes #4296
2019-12-16 16:17:16 +01:00
Daniel Stenberg
73ca946753
KNOWN_BUGS: LDAP on Windows doesn't work
Closes #4261
2019-12-16 16:15:39 +01:00
Daniel Stenberg
4147d58aee
docs: TLS SRP doesn't work with TLS 1.3
Reported-by: sayrer on github
Closes #4262
[skip ci]
2019-12-16 16:03:22 +01:00
mhasbini
1a46d7c976
docs: fix some typos
Closes #4680
2019-12-06 13:20:30 +01:00
Daniel Stenberg
2ebce6b060
CURLOPT_VERBOSE.3: see also ERRORBUFFER 2019-12-04 09:30:57 +01:00
Daniel Stenberg
564d88a8bd
openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains
Closes #4655
2019-12-03 16:28:50 +01:00
Daniel Stenberg
0092b6bf8a
OPENSOCKETFUNCTION.3: correct the purpose description
Reported-by: Jeff Mears
Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html

Closes #4667
2019-12-03 16:24:40 +01:00
Daniel Stenberg
d4a1862719
docs: add "added: 7.68.0" to the --etag-* docs 2019-12-02 11:22:32 +01:00
Daniel Stenberg
bc64377ff8
docs: add more references to curl_multi_poll
Fixes #4643
Closes #4652
2019-11-28 22:29:18 +01:00
Maros Priputen
18e5cb77e9
curl: two new command line options for etags
--etag-compare and --etag-save

Suggested-by: Paul Hoffman
Fixes #4277
Closes #4543
2019-11-28 13:05:20 +01:00
Daniel Gustafsson
1ff63fa69b docs: fix typos 2019-11-28 12:58:47 +01:00
John Schroeder
7cf18b05e0
XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE
(also for PROGRESSFUNCTION)

By returning this value from the callback, the internal progress
function call is still called afterward.

Closes #4599
2019-11-26 09:16:01 +01:00
Michael Forney
9b879160df
TLS: add BearSSL vtls implementation
Closes #4597
2019-11-26 08:32:23 +01:00
Daniel Stenberg
95e94c64fb
curl_multi_wakeup.3: add example and AVAILABILITY
Reviewed-by: Gergely Nagy
Closes #4635
2019-11-26 08:11:32 +01:00
Gergely Nagy
f3c35e371c
multi: add curl_multi_wakeup()
This commit adds curl_multi_wakeup() which was previously in the TODO
list under the curl_multi_unblock name.

On some platforms and with some configurations this feature might not be
available or can fail, in these cases a new error code
(CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup().

Fixes #4418
Closes #4608
2019-11-25 15:45:56 +01:00
Daniel Stenberg
74f441c6d3
test1175: verify symbols-in-versions and libcurl-errors.3 in sync
Closes #4628
2019-11-22 09:11:53 +01:00
Daniel Stenberg
f70da9c17e
include: make CURLE_HTTP3 use a new error code
To avoid potential issues with error code reuse.

Reported-by: Christoph M. Becker
Assisted-by: Dan Fandrich
Fixes #4601
Closes #4627
2019-11-21 23:16:29 +01:00
Daniel Stenberg
215baa74f7
curl: add --parallel-immediate
Starting with this change when doing parallel transfers, without this
option set, curl will prefer to create new transfers multiplexed on an
existing connection rather than creating a brand new one.

--parallel-immediate can be set to tell curl to prefer to use new
connections rather than to wait and try to multiplex.

libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default
on parallel transfers.

Suggested-by: Tom van der Woerdt
Closes #4500
2019-11-21 16:36:10 +01:00
Victor Magierski
8487734e8b docs: fix typos
Change 'experiemental' to 'experimental'.

Closes #4618
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-11-20 09:59:05 +01:00
Andreas Falkenhahn
0a906a45af
INSTALL.md: provide Android build instructions
Closes #4606
2019-11-16 23:37:20 +01:00
Daniel Stenberg
ea19dbe662
examples: add multi-poll.c
Show how curl_multi_poll() makes it even easier to use the multi
interface.

Closes #4596
2019-11-14 23:24:00 +01:00
Daniel Stenberg
674298d191
HISTORY: added cmake, HTTP/3 and parallel downloads with curl 2019-11-13 10:21:12 +01:00
Daniel Stenberg
b3eb7d172a
quiche: reject headers in the wrong order
Pseudo header MUST come before regular headers or cause an error.

Reported-by: Cynthia Coan
Fixes #4571
Closes #4584
2019-11-12 09:44:24 +01:00
Daniel Stenberg
cbaaae44fe
CURL-DISABLE: initial docs for the CURL_DISABLE_* defines
The disable-scan script used in test 1165 is extended to also verify
that the docs cover all used defines and all defines offered by
configure.

Reported-by: SLDiggie on github
Fixes #4545
Closes #4587
2019-11-12 09:35:39 +01:00
Daniel Stenberg
cba52e2c21
TODO: curl_multi_unblock
Closes #4418
2019-11-08 23:31:08 +01:00
Daniel Stenberg
d04ee4c82a
TODO: Run web-platform-tests url tests
Closes #4477
2019-11-08 23:27:37 +01:00
Daniel Stenberg
1464abf7e7
TODO: 1.4 alt-svc sharing
Closes #4476
2019-11-08 23:24:37 +01:00
Daniel Stenberg
0bc60d91de
copyrights: fix copyright year range
.. because checksrc's copyright year check stopped working.

Ref: https://github.com/curl/curl/pull/4547

Closes https://github.com/curl/curl/pull/4549
2019-11-08 14:51:42 +01:00
Daniel Stenberg
9367428c73
THANKS: add new names from 7.67.0 2019-11-05 16:50:55 +01:00
Vilhelm Prytz
d0319adb0c
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
2019-11-02 23:15:56 +01:00
Trivikram Kamat
4011802b35
INSTALL: add missing space for configure commands
Closes #4539
2019-10-29 22:51:07 +01:00
Daniel Stenberg
32cc5ca7ad
examples: remove the "this exact code has not been verified"
... as really confuses the reader to not know what to believe!
2019-10-29 09:48:49 +01:00
Trivikram Kamat
37aea3c944
HTTP3: fix typo somehere1 > somewhere1
Closes #4535
2019-10-29 08:03:59 +01:00
Marcel Raad
650677461f
examples/sslbackend: fix -Wchar-subscripts warning
With the `isdigit` implementation that comes with MSYS2, the argument
is used as an array subscript, resulting in a -Wchar-subscripts
warning. `isdigit`'s behavior is undefined if the argument is negative
and not EOF [0]. As done in lib/curl_ctype.h, cast the `char` variable
to `unsigned char` to avoid that.

[0] https://en.cppreference.com/w/c/string/byte/isdigit

Closes https://github.com/curl/curl/pull/4503
2019-10-18 13:04:49 +02:00
Jay Satiro
ce07f0b8a1 CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
Prior to this change some users did not understand that the "request"
starts when the handle is added to the multi handle, or probably they
did not understand that some of those transfers may be queued and that
time is included in timeout.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/4486
Closes https://github.com/curl/curl/pull/4489
2019-10-16 14:20:16 -04:00
Daniel Stenberg
07e987840c
TODO: Handle growing SFTP files
Closes #4344
2019-10-13 11:57:56 +02:00
Daniel Stenberg
a81836a7f2
KNOWN_BUGS: remove "CURLFORM_CONTENTLEN in an array"
The curl_formadd() function is deprecated and shouldn't be used so the
real fix for applications is to switch to the curl_mime_* API.
2019-10-13 11:35:57 +02:00
Daniel Stenberg
e80b5c8016
KNOWN_BUGS: "LDAP on Windows does authentication wrong"
Closes #3116
2019-10-12 22:45:13 +02:00
Daniel Stenberg
b8ea432d61
KNOWN_BUGS: IDN tests failing on Windows
Closes #3747
2019-10-09 13:05:55 +02:00
Daniel Stenberg
b1ae7f9b7f
docs: make sure the --no-progress-meter docs file is in dist too 2019-10-09 10:10:05 +02:00
Daniel Stenberg
9e03faccc3
docs: document it as --no-progress-meter instead of the reverse
Follow-up to 93373a960c

Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
2019-10-09 10:07:02 +02:00
Daniel Stenberg
93373a960c
curl: --no-progress-meter
New option that allows a user to ONLY switch off curl's progress meter
and leave everything else in "talkative" mode.

Reported-by: Piotr Komborski
Fixes #4422
Closes #4470
2019-10-08 20:56:17 +02:00
Daniel Stenberg
67bb7926ed
TODO: Consult %APPDATA% also for .netrc
Closes #4016
2019-10-08 20:45:02 +02:00
Daniel Stenberg
6379163877
CURLOPT_TIMEOUT.3: remove the mention of "minutes"
... just say that limiting operations risk aborting otherwise fine
working transfers. If that means seconds, minutes or hours, we leave to
the user.

Reported-by: Martin Gartner
Closes #4469
2019-10-07 18:02:57 +02:00
Andrei Valeriu BICA
b905e26b05
docs: added multi-event.c example
Similar to multi-uv.c but using libevent 2. This is a simpler libevent
integration example then hiperfifo.c.

Closes #4471
2019-10-07 17:58:12 +02:00
Denis Chaplygin
0b386392d6
docs: add note on failed handles not being counted by curl_multi_perform
Closes #4446
2019-10-03 14:36:03 +02:00
Daniel Stenberg
683102e0a0
CURLMOPT_MAX_CONCURRENT_STREAMS.3: fix SEE ALSO typo 2019-10-03 14:16:10 +02:00
Niall
0f48055c40
ESNI: initial build/setup
Closes #4011
2019-10-02 12:33:08 +02:00
Kunal Ekawde
c124e6b3c0
CURLMOPT_MAX_CONCURRENT_STREAMS: new setopt
Closes #4410
2019-10-02 07:47:48 +02:00
Daniel Stenberg
1c134e9cf4
BINDINGS: PureBasic, Net::Curl for perl and Nim 2019-09-29 22:39:31 +02:00
Daniel Stenberg
29a51e1538
BINDINGS: Kapito is an Erlang library, basically a binding 2019-09-29 11:57:24 +02:00
Daniel Stenberg
962ad8c5ba
BINDINGS: added clj-curl
Reported-by: Lucas Severo
2019-09-29 11:38:19 +02:00
Jay Satiro
00b65e3779
docs: disambiguate CURLUPART_HOST is for host name (ie no port)
Closes #4424
2019-09-28 18:13:33 +02:00
grdowns
922dcba613
INSTALL: add vcpkg installation instructions
Closes #4435
2019-09-27 13:44:40 +02:00
Spezifant
5f0b55ef22
HTTP3: fix prefix parameter for ngtcp2 build
Closes #4430
2019-09-26 23:26:25 +02:00
Daniel Stenberg
0ccdec339d
HTTP3: merged and simplified the two 'running' sections 2019-09-26 14:17:09 +02:00
Daniel Stenberg
8bdff35287
HTTP3: show an --alt-svc using example too 2019-09-26 14:12:16 +02:00
Daniel Stenberg
2078e7701b
HTTP3: update quic.aiortc.org + add link to server list
Reported-by: Jeremy Lainé
2019-09-26 13:18:17 +02:00
Alex Samorukov
9e78e739a5
HTTP3.md: move -p for mkdir, remove -j for make
- mkdir on OSX/Darwin requires `-p` argument before dir

- portabbly figuring out number of cores is an exercise for somewhere
  else

Closes #4407
2019-09-24 14:17:04 +02:00
Daniel Stenberg
d176a2c7e5
altsvc: both backends run h3-23 now
Closes #4395
2019-09-21 23:11:29 +02:00
Daniel Stenberg
698149e42c
THANKS-filter: deal with my typos 'Jat' => 'Jay' 2019-09-20 13:53:23 +02:00
Jens Finkhaeuser
0a4ecbdf1c
urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.

Closes #4349
2019-09-19 15:57:28 +02:00
Alessandro Ghedini
5eb75d4186 docs: remove trailing ':' from section names in CURLOPT_TRAILER* man 2019-09-15 12:25:02 +01:00
Alessandro Ghedini
4a2d47e0b7 docs: fix typo in CURLOPT_HTTP_VERSION man 2019-09-15 12:25:02 +01:00
Jimmy Gaussen
4e3dfe3323
docs/HTTP3: fix --with-ssl ngtcp2 configure flag
Closes #4338
2019-09-12 15:22:57 +02:00
Daniel Stenberg
fcd4aa4608
THANKS: from the 7.66.0 release 2019-09-10 19:47:19 +02:00
Daniel Stenberg
0f37c8df12 KNOWN_BUGS/TODO: cleanup and remove outdated issues 2019-09-05 14:40:18 +02:00
Daniel Stenberg
82a2168e61
ROADMAP: updated after recent user poll
In rough prio order
2019-09-02 09:49:31 +02:00
Daniel Stenberg
62ffab9dcb
THANKS: remove duplicate 2019-08-31 12:10:36 +02:00
Christopher Head
ff2bbfb637
CURLOPT_HEADERFUNCTION.3: clarify
Closes #4273
2019-08-28 08:52:29 +02:00
Daniel Stenberg
44c9884552
CURLINFO docs: mention that in redirects times are added
Suggested-by: Brandon Dong
Fixes #4250
Closes #4269
2019-08-28 00:03:12 +02:00
Daniel Stenberg
e93d7c3e90 HTTP3: switched openssl branch to use 2019-08-27 17:07:47 +02:00
Daniel Stenberg
cac07fb639
KNOWN_BUGS: USE_UNIX_SOCKETS on Windows
Closes #4040
2019-08-26 12:11:29 +02:00
Daniel Stenberg
32d64b2e87
defines: avoid underscore-prefixed defines
Double-underscored or underscore plus uppercase letter at least.

... as they're claimed to be reserved.

Reported-by: patnyb on github

Fixes #4254
Closes #4255
2019-08-23 11:47:57 +02:00
Gisle Vanem
216dd886e7
docs/examples/curlx: fix errors
Initialise 'mimetype' and require the -p12 arg.

Closes #4248
2019-08-21 09:48:00 +02:00
Alessandro Ghedini
08b99e17df
configure: use pkg-config to detect quiche
This removes the need to hard-code the quiche target path in
configure.ac.

This depends on https://github.com/cloudflare/quiche/pull/128

Closes #4237
2019-08-20 15:04:58 +02:00
Daniel Stenberg
6a90c9e0c4
CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
For a long time (since 7.28.1) we've returned error when setting the
value to 1 to make applications notice that we stopped supported the old
behavior for 1. Starting now, we treat 1 and 2 exactly the same.

Closes #4241
2019-08-20 14:57:59 +02:00
Daniel Stenberg
862393243d
curl: use .curlrc (with a dot) on Windows as well
Fall-back to _curlrc if the dot-version is missing.

Co-Authored-By: Steve Holme

Closes #4230
2019-08-20 11:48:49 +02:00
Daniel Stenberg
7c31a8980c
TODO/ROADMAP: remove "refuse downgrade redirects" and HTTP/3
HTTP3 is now already in full progress

Downgrade redirects can be achived almost exactly like that by setting
CURLOPT_REDIR_PROTOCOLS.
2019-08-16 23:18:45 +02:00
Daniel Stenberg
db80de0528
CURLOPT_ALTSVC.3: use a "" file name to not load from a file 2019-08-14 14:42:11 +02:00
Jay Satiro
dca6f73613 vauth: Use CURLE_AUTH_ERROR for auth function errors
- Add new error code CURLE_AUTH_ERROR.

Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.

Ref: https://github.com/curl/curl/pull/3848

Co-authored-by: Dominik Hölzl

Closes https://github.com/curl/curl/pull/3864
2019-08-14 03:14:01 -04:00
Daniel Stenberg
aae490229b
curl_version_info: make the quic_version a const
Follow-up from 1a2df1518a

Closes #4222
2019-08-13 23:15:49 +02:00
Daniel Stenberg
f3c34bf83c
examples: add http3.c, altsvc.c and http3-present.c
Closes #4221
2019-08-13 23:14:20 +02:00
Daniel Stenberg
125884e466
curl_version_info.3: mentioned ALTSVC and HTTP3
... and sorted the list alphabetically
2019-08-13 14:10:20 +02:00
Daniel Stenberg
b867ecf0c5
CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
Follow-up to 98c3f148 that removed it from the header file
2019-08-13 11:19:35 +02:00
Junho Choi
1c86622699
docs/HTTP3: simplify quiche build instruction
Use --recursive to get boringssl in one line

Closes #4219
2019-08-12 22:36:27 +02:00
Daniel Stenberg
1a2df1518a
curl_version_info: offer quic (and h3) library info
Closes #4216
2019-08-12 13:37:08 +02:00
Daniel Stenberg
551806255f
HTTP3: use ngtcp2's draft-22 branch 2019-08-12 12:45:48 +02:00
Daniel Stenberg
f88d865bf4
CURLOPT_READFUNCTION.3: provide inline example
... instead of mentioning one in another place
2019-08-12 09:20:52 +02:00
Daniel Stenberg
d85a1cf11d
nghttp3: required when ngtcp2 is used for QUIC
- checked for by configure
- updated docs/HTTP3.md
- shown in the version string

Closes #4210
2019-08-12 00:18:53 +02:00
Daniel Stenberg
42a06118c8
curl_global_init_mem.3: mention it was added in 7.12.0 2019-08-11 00:19:45 +02:00
Alex Mayorga
14b1fb1c68
HTTP3.md: Update quiche build instructions
Added cloning for quiche and BoringSSL and modified the build
instructions so they work on a clean folder.

Closes #4208
2019-08-10 10:51:18 +02:00
Daniel Stenberg
084404b8ab
CURLOPT_H3: removed
There's no use for this anymore and it was never in a release.

Closes #4206
2019-08-09 12:26:02 +02:00
Daniel Stenberg
6ee9e4bd47
cleanup: s/curl_debug/curl_dbg_debug in comments and docs
Leftovers from the function rename back in 76b6348949

Reported-by: Gisle Vanem
Bug: f3e0f071b1 (com)
mitcomment-34601751

Closes #4203
2019-08-08 16:01:00 +02:00
Daniel Stenberg
98c3f14871
alt-svc: send Alt-Used: in redirected requests
RFC 7838 section 5:

   When using an alternative service, clients SHOULD include an Alt-Used
   header field in all requests.

Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus
this is deemed ok).

You can disable sending this header just like you disable any other HTTP
header in libcurl.

Closes #4199
2019-08-08 08:24:37 +02:00
Daniel Stenberg
026840e35c
CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197
2019-08-08 08:17:24 +02:00
Daniel Stenberg
317076876a
docs/ALTSVC: remove what works and the experimental explanation
Also, put the TODO items at the bottom.

Closes #4198
2019-08-07 23:14:14 +02:00
Daniel Stenberg
f23d492777
docs/EXPERIMENTAL: explain what it means and what's experimental now 2019-08-07 14:52:02 +02:00
Daniel Stenberg
640b9733de
curl: make use of CURLINFO_RETRY_AFTER when retrying
If a Retry-After: header was used in the response, that value overrides
other retry timing options.

Fixes #3794
Closes #4195
2019-08-07 14:45:44 +02:00
Daniel Stenberg
f933449d3b
CURLINFO_RETRY_AFTER: parse the Retry-After header value
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794
2019-08-07 14:45:39 +02:00
Daniel Stenberg
2bdb26a507
docs/ALTSVC.md: first basic file format description 2019-08-07 14:18:42 +02:00
Daniel Stenberg
fd00e14adb
curl.h: add CURL_HTTP_VERSION_3 to the version enum
It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with
CURLINFO_HTTP_VERSION.
2019-08-07 12:51:52 +02:00
Steve Holme
29ec1f1981 examples: Added SASL PLAIN authorisation identity (authzid) examples
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:49 -04:00
Steve Holme
1e08a79258 curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:41 -04:00
Steve Holme
7c469fa537 sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:20 -04:00
Daniel Stenberg
d3be2ca7ba
docs/HTTP3: refreshed as it is now in master and HTTP/3 can be tested 2019-08-06 14:44:30 +02:00
Daniel Stenberg
02346abc32
curl_multi_poll: a sister to curl_multi_wait() that waits more
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163
2019-08-06 09:33:29 +02:00
Daniel Stenberg
a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Daniel Stenberg
7c14dde924
ROADMAP: parallel transfers are merged now 2019-07-31 16:47:23 +02:00
Balazs Kovacsics
802aa5ae27
HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME.  Update
test 1514 according to the new behaviour.

Closes #4138
2019-07-29 13:18:53 +02:00
Brad Spencer
fd5ab4358f examples: Avoid reserved names in hiperfifo examples
- Trade in __attribute__((unused)) for the classic (void)x to silence
  unused symbols.

Because the classic way is not gcc specific. Also because the prior
method mapped to symbol _Unused, which starts with _ and a capital
letter which is reserved.

Assisted-by: The Infinnovation team

Bug: https://github.com/curl/curl/issues/4120#issuecomment-512542108

Closes https://github.com/curl/curl/pull/4153
2019-07-25 22:23:40 -04:00
Daniel Stenberg
3af0e76d1e
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500
2019-07-21 23:49:03 +02:00
Daniel Stenberg
71299394ef
docs/PARALLEL-TRANSFERS: correct the version number 2019-07-20 19:19:56 +02:00
Daniel Stenberg
47b9930df9
docs/PARALLEL-TRANSFERS: added 2019-07-20 19:14:30 +02:00
Daniel Stenberg
b889408500
curl: support parallel transfers
This is done by making sure each individual transfer is first added to a
linked list as then they can be performed serially, or at will, in
parallel.

Closes #3804
2019-07-20 19:14:16 +02:00
Daniel Stenberg
14a385b3ae
docs/MANUAL.md: converted to markdown from plain text
... will make it render as a nicer web page.

Closes #4131
2019-07-20 19:10:05 +02:00
Daniel Stenberg
828392ae10
curl_version_info: provide nghttp2 details
Introducing CURLVERSION_SIXTH with nghttp2 info.

Closes #4121
2019-07-20 00:06:42 +02:00
Daniel Stenberg
56fc8db02f
THANKS: 7.65.3 status 2019-07-19 11:32:15 +02:00
Daniel Stenberg
51b0feb590
THANKS: add contributors from 7.65.2 2019-07-17 09:26:17 +02:00
Jay Satiro
28f6fda8dc CURLOPT_RANGE.3: Caution against using it for HTTP PUT
AFAICT CURLOPT_RANGE does not support ranged HTTP PUT uploads so I've
cautioned against using it for that purpose and included a workaround.

Bug: https://curl.haxx.se/mail/lib-2019-04/0075.html
Reported-by: Christopher Head

Closes https://github.com/curl/curl/issues/3814
2019-07-17 01:45:26 -04:00
Stefano Simonelli
fdcb0f40c3 CURLOPT_SEEKDATA.3: fix variable name
Closes https://github.com/curl/curl/pull/4118
2019-07-17 01:16:35 -04:00
georgeok
fea0120312 CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH
If the SSL backend is Schannel and the user specifies an Schannel CALG_
that is not supported by the protocol or the server then curl returns
CURLE_SSL_CONNECT_ERROR (35) SEC_E_ALGORITHM_MISMATCH.

Fixes https://github.com/curl/curl/issues/3389
Closes https://github.com/curl/curl/pull/4106
2019-07-17 01:08:23 -04:00
Jay Satiro
c7f3c073f4 docs: Explain behavior change in --tlsv1. options since 7.54
Since 7.54 --tlsv1. options use the specified version or later, however
older versions of curl documented it as using just the specified version
which may or may not have happened depending on the TLS library.
Document this discrepancy to allay confusion for users familiar with the
old documentation that expect just the specified version.

Fixes https://github.com/curl/curl/issues/4097
Closes https://github.com/curl/curl/pull/4119
2019-07-17 00:48:41 -04:00
Jay Satiro
e8442e4ffc libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.

- Update default allowed redirect protocols in documentation.

Follow-up to 6080ea0.

Ref: https://github.com/curl/curl/pull/4094

Closes https://github.com/curl/curl/pull/4115
2019-07-17 00:48:40 -04:00
Daniel Stenberg
647e726d78
test1173: make it also check all libcurl option man pages
... and adjust those that cause errors

Closes #4116
2019-07-16 12:38:42 +02:00
Bjarni Ingi Gislason
4c91ab7b2f docs: Fix missing lines caused by undefined macros
- Escape apostrophes at line start.

Some lines begin with a "'" (apostrophe, single quote), which is then
interpreted as a control character in *roff.

Such lines are interpreted as being a call to a macro, and if
undefined, the lines are removed from the output.

Bug: https://bugs.debian.org/926352
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>

Submitted-by: Alessandro Ghedini

Closes https://github.com/curl/curl/pull/4111
2019-07-15 02:39:35 -04:00
Daniel Stenberg
02a62074c7
libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults
follow-up to 6080ea098
2019-07-14 16:32:50 +02:00
Daniel Gustafsson
0428852c2c DEPRECATE: fixup versions and spelling
Correctly set the July 17 version to 7.65.2, and update spelling to
be consistent. Also fix a typo.

Closes https://github.com/curl/curl/pull/4107
2019-07-11 02:43:03 -04:00
Caleb Raitto
21e2df8015 CURLOPT_HEADEROPT.3: Fix example
Fix an issue where example builds a curl_slist, but fails to actually
use it, or free it.

Closes https://github.com/curl/curl/pull/4090
2019-07-06 23:21:39 -04:00
Daniel Stenberg
8ad61c6847 doh-url.d: added in 7.62.0 2019-07-04 14:02:43 +02:00
Jay Satiro
3609ab3147 docs: Fix links to OpenSSL docs
OpenSSL changed their manual locations and does not redirect to the new
locations.

Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html
Reported-by: Daniel Stenberg
2019-06-30 17:16:28 -04:00
Gaël PORTAY
44b5468e8e
curl_multi_wait.3: escape backslash in example
The backslash in the character Line Feed must be escaped.

The current man-page outputs the code as following:

	fprintf(stderr, "curl_multi failed, code %d.0, mc);

The commit fixes it as follow:

	fprintf(stderr, "curl_multi failed, code %d\n", mc);

Closes #4079
2019-06-26 15:02:26 +02:00
Niklas Hambüchen
8dd041bf0a
docs: fix string suggesting HTTP/2 is not the default
Commit 25fd1057c9 made HTTP2 the default, and further down in the
man page that new default is mentioned, but the section at the top
contradicted it until now.

Also remove claim that setting the HTTP version is not sensible.

Closes #4075
2019-06-25 17:40:21 +02:00
Daniel Stenberg
1853c884ef
KNOWN_BUGS: Don't clear digest for single realm
Closes #3267
2019-06-24 23:26:59 +02:00
Daniel Stenberg
53cc6c79f1
KNOWN_BUGS: Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname
Closes #3284
2019-06-24 23:23:13 +02:00
Daniel Gustafsson
1862cacd03 CURLMOPT_SOCKETFUNCTION.3: fix typo 2019-06-24 14:19:13 +02:00
Daniel Stenberg
ae99b4de1c
typecheck: CURLOPT_CONNECT_TO takes an slist too
Additionally, add an alias in curl.h for slist-using options so that
we can grep/parse those out at will.

Closes #4042
2019-06-20 08:47:42 +02:00
Daniel Stenberg
9dd731c94e
quote.d: asterisk prefix works for SFTP as well
Reported-by: Ben Voris
Fixes #4017
Closes #4019
2019-06-13 08:48:46 +02:00
Daniel Stenberg
f0b7b106ff
CURLMOPT_SOCKETFUNCTION.3: clarified
Moved away the callback explanation from curl_multi_socket_action.3 and
expanded it somewhat.

Closes #4006
2019-06-10 13:07:32 +02:00
Daniel Stenberg
027c065f3c
CURLOPT_CAINFO.3: polished wording
Clarify the functionality when built to use Schannel and Secure
Transport and stop calling it the "recommended" or "preferred" way and
instead rather call it the default.

Removed the reference to the ssl comparison table as it isn't necessary.

Reported-by: Richard Alcock
Bug: https://curl.haxx.se/mail/lib-2019-06/0019.html
Closes #4005
2019-06-10 12:43:46 +02:00
Daniel Stenberg
deb9462ff2
wolfssl: refer to it as wolfSSL only
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
references to ancient history.

Assisted-by: Daniel Gustafsson

Closes #3903
2019-06-10 09:18:16 +02:00
Sorcus
fb2839db24
libcurl-tutorial.3: Fix small typo (mutipart -> multipart)
Fixed-by: MrSorcus on github
Closes #4000
2019-06-09 18:36:16 +02:00
Marcel Raad
e1f3aaea0c
examples/htmltitle: use C++ casts between pointer types
Compilers and static analyzers warn about using C-style casts here.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:11 +02:00
Marcel Raad
992083b1ab
examples/fopen: fix comparison
As want is size_t, (file->buffer_pos - want) is unsigned, so checking
if it's less than zero makes no sense.
Check if file->buffer_pos is less than want instead to avoid the
unsigned integer wraparound.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:08 +02:00
Marcel Raad
e23c52b329
build: fix Codacy warnings
Reduce variable scopes and remove redundant variable stores.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:06 +02:00
Daniel Stenberg
fde3ae462a
THANKS: new contributors from 7.65.1 2019-06-04 22:33:57 +02:00
Daniel Stenberg
be527afad0
curl_share_setopt.3: improve wording [ci ship]
Reported-by: Carlos ORyan
2019-06-04 20:25:39 +02:00
Daniel Stenberg
8c88e8e623
TODO: "at least N milliseconds between requests" [ci skip]
Suggested-by: dkwolfe4 on github
Closes #3920
2019-06-03 22:55:48 +02:00
Daniel Stenberg
7e590b3ecd
tls13-docs: mention it is only for OpenSSL >= 1.1.1
Reported-by: Jay Satiro
Co-authored-by: Jay Satiro
Fixes #3938
Closes #3946
2019-06-02 16:15:45 +02:00
Daniel Stenberg
ca09d96574
dump-header.d: spell out that no headers == empty file [ci skip]
Reported-by: wesinator at github
Fixes #3964
Closes #3974
2019-06-01 10:42:00 +02:00
Hubert Kario
319ae9075e nss: allow to specify TLS 1.3 ciphers if supported by NSS
Closes #3916
2019-05-27 09:04:09 +02:00
Jay Satiro
db8ec1fa38
Revert all SASL authzid (new feature) commits
- Revert all commits related to the SASL authzid feature since the next
  release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID  / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a13.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2f.
2019-05-25 23:36:11 +02:00
dbrowndan
84086b39c1
FAQ: more minor updates and spelling fixes
Closes #3937
2019-05-25 23:33:53 +02:00
Steve Holme
8c1cc369d0
examples: Added SASL PLAIN authorisation identity (authzid) examples 2019-05-22 22:55:17 +01:00
Steve Holme
a9499ff136
curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool 2019-05-22 22:55:11 +01:00
Steve Holme
a14d72ca2f
sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixed #3653
Closes #3790
2019-05-22 22:55:05 +01:00
Marcel Raad
159ea554af
examples: fix "clarify calculation precedence" warnings
Closes https://github.com/curl/curl/pull/3919
2019-05-22 10:06:33 +02:00
Marcel Raad
acb097ca7f
hiperfifo: remove unused variable
Closes https://github.com/curl/curl/pull/3919
2019-05-22 10:06:29 +02:00
Marcel Raad
f91baf842a
examples: remove dead variable stores
Closes https://github.com/curl/curl/pull/3919
2019-05-22 10:06:25 +02:00
Marcel Raad
10b7067eb7
examples: reduce variable scopes
Closes https://github.com/curl/curl/pull/3919
2019-05-22 10:06:21 +02:00
Marcel Raad
918987a844
http2-download: fix format specifier
Closes https://github.com/curl/curl/pull/3919
2019-05-22 10:06:17 +02:00
Daniel Stenberg
269f7df0ae
PolarSSL: deprecate support step 1. Removed from configure.
Also removed mentions from most docs.

Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html

Closes #3888
2019-05-22 10:00:56 +02:00
Daniel Stenberg
adea6eddba
THANKS: from the 7.65.0 release-notes 2019-05-22 07:48:44 +02:00
Marcel Raad
b069815a7a
examples: remove unused variables
Fixes Codacy/CppCheck warnings.

Closes
2019-05-21 09:47:03 +02:00
Viktor Szakats
f3e0f071b1 docs: Markdown and misc improvements [ci skip]
Approved-by: Daniel Stenberg
Closes #3896
2019-05-16 22:11:27 +00:00
Viktor Szakats
196ae60402 docs/RELEASE-PROCEDURE: link to live iCalendar [ci skip]
Ref: 0af41b40b2 (commitcomment-33563135)
Approved-by: Daniel Stenberg
Closes #3895
2019-05-16 18:56:42 +00:00
Daniel Stenberg
8ece8177f1
cleanup: remove FIXME and TODO comments
They serve very little purpose and mostly just add noise. Most of them
have been around for a very long time. I read them all before removing
or rephrasing them.

Ref: #3876
Closes #3883
2019-05-16 09:16:56 +02:00
Daniel Stenberg
0af41b40b2
docs/RELEASE-PROCEDURE: updated coming releases dates [ci skip] 2019-05-15 13:56:19 +02:00
Daniel Stenberg
f778c356a8
CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE [ci skip]
Reported-by: Roy Bellingan
Bug: #3885
2019-05-15 12:05:49 +02:00
Daniel Stenberg
6123d718aa
CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later [ci skip]
Clues-provided-by: Jay Satiro
Clues-provided-by: Jeroen Ooms
Fixes #3711
Closes #3874
2019-05-14 08:19:58 +02:00
Jay Satiro
4d8461ae8a
docs/INSTALL: fix broken link [ci skip]
Reported-by: Joombalaya on github
Fixes #3818
2019-05-12 16:15:14 +02:00
Daniel Stenberg
b4988286a9
SECURITY-PROCESS: fix links [ci skip] 2019-05-11 17:50:37 +02:00
Daniel Stenberg
12d655d456
doh: disable DOH for the cases it doesn't work
Due to limitations in Curl_resolver_wait_resolv(), it doesn't work for
DOH resolves. This fix disables DOH for those.

Limitation added to KNOWN_BUGS.

Fixes #3850
Closes #3857
2019-05-11 11:38:58 +02:00
Daniel Stenberg
a07f376861
BUG-BOUNTY: minor formatting fixes [ci skip] 2019-05-09 23:30:26 +02:00
Daniel Stenberg
489a4be12a
BUG-BOUNTY.md: add the Dropbox "bonus" extra payout ability [ci skip]
Closes #3839
2019-05-09 10:03:47 +02:00
Daniel Stenberg
2d0e9b40d3
urlapi: add CURLUPART_ZONEID to set and get
The zoneid can be used with IPv6 numerical addresses.

Updated test 1560 to verify.

Closes #3834
2019-05-05 15:52:46 +02:00
Daniel Stenberg
139202bb68
CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk [ci skip]
Reported-by: Ricardo Gomes

Bug: #3537
Closes #3836
2019-05-03 23:21:07 +02:00
Daniel Stenberg
28f38da506
CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value
The time field in the curl_fileinfo struct will always be zero. No code
was ever implemented to actually convert the date string to a time_t.

Fixes #3829
Closes #3835
2019-05-03 23:19:56 +02:00
Daniel Stenberg
bdb2dbc103
urlapi: strip off scope id from numerical IPv6 addresses
... to make the host name "usable". Store the scope id and put it back
when extracting a URL out of it.

Also makes curl_url_set() syntax check CURLUPART_HOST.

Fixes #3817
Closes #3822
2019-05-03 12:17:22 +02:00
Reed Loden
361f9957cb
docs: minor polish to the bug bounty / security docs
Closes #3811
2019-04-29 08:09:10 +02:00
Daniel Gustafsson
7794cacf7e INTERNALS: fix misindentation of ToC item
Kerberos was incorrectly indented as a subsection under FTP, which is
incorrect as they are both top level sections. A fix for this was first
attempted in commit fef38a0898 but that
was a few paddles short of being complete.
2019-04-23 13:11:19 +02:00
Aron Bergman
c3666e431f INTERNALS: Add structs to ToC
Add the subsections under "Structs in libcurl" to the table of contents.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-04-23 13:10:32 +02:00
Aron Bergman
927ee2cc60 INTERNALS: Add code highlighting
Make all struct members under the Curl_handler section
print in monospace font.

Closes #3801
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-04-23 13:09:35 +02:00
Daniel Stenberg
10e4dd6a7b
docs/BUG-BOUNTY: bug bounty time [skip ci]
Introducing the curl bug bounty program on hackerone. We now recommend
filing security issues directly in the hackerone ticket system which
only is readable to curl security team members.

Assisted-by: Daniel Gustafsson

Closes #3488
2019-04-22 17:19:19 +02:00
Daniel Stenberg
e649432e72
CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse
... and disconnect too old ones instead of trying to reuse.

Default max age is set to 118 seconds.

Ref: #3722
Closes #3782
2019-04-21 23:06:23 +02:00
Jay Satiro
d69ffec9d8 TODO: Add issue link to an existing entry 2019-04-16 15:45:41 -04:00
Jay Satiro
538db66fe2 tool_help: Warn if curl and libcurl versions do not match
.. because functionality may be affected if the versions differ.

This commit implements TODO 18.7 "warning if curl version is not in sync
with libcurl version".

Ref: https://github.com/curl/curl/blob/curl-7_64_1/docs/TODO#L1028-L1033

Closes https://github.com/curl/curl/pull/3774
2019-04-16 03:09:42 -04:00
tmilburn
c3e38a4250
CURLOPT_ADDRESS_SCOPE: fix range check and more
Commit 9081014 fixed most of the confusing issues between scope id and
scope however 844896d added bad limits checking assuming that the scope
is being set and not the scope id.

I have fixed the documentation so it all refers to scope ids.

In addition Curl_if2ip refered to the scope id as remote_scope_id which
is incorrect, so I renamed it to local_scope_id.

Adjusted-by: Daniel Stenberg

Closes #3655
Closes #3765
Fixes #3713
2019-04-13 11:18:55 +02:00
Daniel Stenberg
d715d2ac89
urlapi: stricter CURLUPART_PORT parsing
Only allow well formed decimal numbers in the input.

Document that the number MUST be between 1 and 65535.

Add tests to test 1560 to verify the above.

Ref: https://github.com/curl/curl/issues/3753
Closes #3762
2019-04-13 11:17:30 +02:00
Daniel Stenberg
f73de32d46
CURLOPT_DNS_USE_GLOBAL_CACHE: remove
Remove the code too. The functionality has been disabled in code since
7.62.0. Setting this option will from now on simply be ignored and have
no function.

Closes #3654
2019-04-11 22:22:39 +02:00
Daniel Stenberg
20b8df1096
curl_easy_getinfo.3: fix minor formatting mistake 2019-04-11 16:06:40 +02:00
Daniel Stenberg
ebb2ebe18b
config.d: clarify that initial : and = might need quoting [skip ci]
Fixes #3738
Closes #3749
2019-04-08 21:57:22 +02:00
Daniel Stenberg
2f44e94efb
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651
2019-04-06 22:49:50 +02:00
cclauss
aba1c51553
tests: make Impacket (SMB server) Python 3 compatible
Closes #3731
Fixes #3289
2019-04-06 22:29:57 +02:00
Tim Rühsen
7b758e9835 documentation: Fix several typos
Closes #3724
Reviewed-by: Jakub Zakrzewski
Reviewed-by: Daniel Gustafsson
2019-04-03 22:06:06 +02:00
Daniel Stenberg
521bbbe299
RELEASE: 7.64.1 2019-03-27 07:53:33 +01:00
Jay Satiro
2bcdf722b8 CURLMOPT_PIPELINING.3: fix typo 2019-03-25 17:12:19 -04:00
Daniel Stenberg
401810434c
TODO: config file parsing
Closes #3698
2019-03-25 22:03:00 +01:00
Daniel Stenberg
7c46691178
curl_url.3: this is not experimental anymore 2019-03-22 18:33:06 +01:00
Daniel Stenberg
5cf5d57ab9
makefile: make checksrc and hugefile commands "silent"
... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.

Closes #3681
2019-03-14 20:11:24 +01:00
Daniel Stenberg
2af732f364
curl.1: --user and --proxy-user are hidden from ps output
Suggested-by: Eric Curtin
Improved-by: Dan Fandrich
Ref: #3680

Closes #3683
2019-03-14 20:09:41 +01:00
Daniel Stenberg
05a131eb77
curl.1: mark the argument to --cookie as <data|filename>
From a discussion in #3676

Suggested-by: Tim Rühsen

Closes #3682
2019-03-14 17:25:40 +01:00
Andre Guibert de Bruet
57c7076793 examples/externalsocket: add missing close socket calls
.. and for Windows also call WSACleanup since we call WSAStartup.

The example is to demonstrate handling the socket independently of
libcurl. In this case libcurl is not responsible for creating, opening
or closing the socket, it is handled by the application (our example).

Fixes https://github.com/curl/curl/pull/3663
2019-03-11 23:02:54 -04:00
Daniel Stenberg
50afa478e1
cmdline-opts/proxytunnel.d: the option tunnnels all protocols
Clarify the language and simplify.

Reported-by: Daniel Lublin
Closes #3658
2019-03-08 23:19:11 +01:00
Daniel Stenberg
5114f82331
KNOWN_BUGS: Client cert (MTLS) issues with Schannel
Closes #3145
2019-03-07 13:14:51 +01:00
Daniel Stenberg
af219e4492
ROADMAP: updated to some more current things to work on 2019-03-07 00:00:30 +01:00
Daniel Stenberg
dd7d7107c7
examples: only include <curl/curl.h>
That's the only public curl header we should encourage use of.

Reviewed-by: Marcel Raad
Closes #3645
2019-03-05 07:58:29 +01:00
Daniel Stenberg
98441f3586
docs/ALTSVC.md: docs describing the approach
Closes #3498
2019-03-03 11:17:52 +01:00
Daniel Stenberg
c51c78dd8d
alt-svc: the curl command line bits 2019-03-03 11:17:52 +01:00
Daniel Stenberg
e1be825453
alt-svc: the libcurl bits 2019-03-03 11:17:52 +01:00
Daniel Stenberg
8754ddb85d
curl_easy_duphandle.3: clarify that a duped handle has no shares
Reported-by: Sara Golemon

Fixes #3592
Closes #3634
2019-03-01 21:47:30 +01:00
Daniel Stenberg
091cdf2795
10-at-a-time.c: fix too long line 2019-03-01 21:46:59 +01:00
Arnaud Rebillout
a977d93805
examples: various fixes in ephiperfifo.c
The main change here is the timer value that was wrong, it was given in
usecs (ms * 1000), while the itimerspec struct wants nsecs (ms * 1000 *
1000). This resulted in the callback being invoked WAY TOO OFTEN.

As a quick check you can run this command before and after applying this
commit:

    # shell 1
    ./ephiperfifo 2>&1 | tee ephiperfifo.log
    # shell 2
    echo http://hacking.elboulangero.com > hiper.fifo

Then just compare the size of the logs files.

Closes #3633
Fixes #3632
Signed-off-by: Arnaud Rebillout <arnaud.rebillout@collabora.com>
2019-03-01 21:38:04 +01:00
Daniel Stenberg
8cf6c170cf
examples/10-at-a-time.c: improve readability and simplify
- use better variable names to explain their purposes
 - convert logic to curl_multi_wait()
2019-03-01 17:11:57 +01:00
Ԝеѕ
8f105b0534
docs: update max-redirs.d phrasing
clarify redir - "in absurdum" doesn't seem to make sense in this context

Closes #3631
2019-03-01 09:26:33 +01:00
Daniel Stenberg
b4755887b9
INSTALL: refer to the current TLS library names and configure options 2019-02-28 09:13:09 +01:00
Daniel Stenberg
1640bb6fc2
FAQ: minor updates and spelling fixes 2019-02-28 09:09:51 +01:00
Daniel Stenberg
4fac2899d0
GOVERNANCE.md: minor spelling fixes 2019-02-28 09:09:31 +01:00
Daniel Stenberg
76a9c3c4be
Secure Transport: no more "darwinssl"
Everyone calls it Secure Transport, now we do too.

Reviewed-by: Nick Zitzmann

Closes #3619
2019-02-28 08:42:59 +01:00
DaVieS
0f6c6efd81
cacertinmem.c: use multiple certificates for loading CA-chain
Closes #3421
2019-02-27 09:33:03 +01:00
georgeok
531b7ad43a schannel: support CALG_ECDH_EPHEM algorithm
Add support for Ephemeral elliptic curve Diffie-Hellman key exchange
algorithm option when selecting ciphers. This became available on the
Win10 SDK.

Closes https://github.com/curl/curl/pull/3608
2019-02-25 01:38:35 -05:00
Daniel Stenberg
47e540df8f
examples: remove recursive calls to curl_multi_socket_action
From within the timer callbacks. Recursive is problematic for several
reasons. They should still work, but this way the examples and the
documentation becomes simpler. I don't think we need to encourage
recursive calls.

Discussed in #3537
Closes #3601
2019-02-23 23:08:38 +01:00
Daniel Stenberg
8bc5ceb204
TODO: Allow SAN names in HTTP/2 server push
Suggested-by: Nicolas Grekas
2019-02-20 08:44:21 +01:00
Daniel Stenberg
c543da9a50
curl: remove MANUAL from -M output
... and remove it from the dist tarball. It has served its time, it
barely gets updated anymore and "everything curl" is now convering all
this document once tried to include, and does it more and better.

In the compressed scenario, this removes ~15K data from the binary,
which is 25% of the -M output.

It remains in the git repo for now for as long as the web site builds a
page using that as source. It renders poorly on the site (especially for
mobile users) so its not even good there.

Closes #3587
2019-02-20 08:20:27 +01:00
Daniel Stenberg
b08898fb29
connection: never reuse CONNECT_ONLY conections
and make CONNECT_ONLY conections never reuse any existing ones either.

Reported-by: Pavel Löbl
Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
Closes #3586
2019-02-19 22:50:02 +01:00
Daniel Stenberg
5e1b5e6936
curl_multi_remove_handle.3: use at any time, just not from within callbacks
[ci skip]
2019-02-19 11:22:29 +01:00
Daniel Stenberg
af143ef45e
examples/http2-serverpush: add some sensible error checks
To avoid NULL pointer dereferences etc in the case of problems.

Closes #3580
2019-02-18 14:57:38 +01:00
Daniel Gustafsson
e6522522f9 cookie: Add support for cookie prefixes
The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.

Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-17 00:09:30 +01:00
Daniel Stenberg
5341c65667
examples/sftpuploadresume: Value stored to 'result' is never read
Detected by scan-build
2019-02-14 23:30:44 +01:00
Daniel Stenberg
25233d9478
examples/http2-upload: cleaned up
Fix scan-build warnings, no globals, no silly handle scan. Also remove
handles from the multi before cleaning up.
2019-02-14 23:30:43 +01:00
Daniel Stenberg
b2e5af4aec
examples/http2-download: cleaned up
To avoid scan-build warnings and global variables.
2019-02-14 23:30:43 +01:00
Daniel Stenberg
52d98194b5
examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
Detected by scan-build
2019-02-14 23:30:43 +01:00
Daniel Stenberg
9bd704c02a
examples/httpcustomheader: Value stored to 'res' is never read
Detected by scan-build
2019-02-14 23:30:43 +01:00
Daniel Stenberg
b4beb3b115
examples: remove superfluous null-pointer checks
in ftpget, ftpsget and sftpget, so that scan-build stops warning for
potential NULL pointer dereference below!

Detected by scan-build
2019-02-14 23:30:43 +01:00
Daniel Stenberg
a75de9de40
KNOWN_BUGS: Cannot compile against a static build of OpenLDAP
Closes #2367
2019-02-14 15:36:43 +01:00
Daniel Stenberg
e6ac3ba657
KNOWN_BUGS: curl compiled on OSX 10.13 failed to run on OSX 10.10
Closes #2905
2019-02-14 10:49:22 +01:00
Daniel Stenberg
917b1bb192
KNOWN_BUGS: Deflate error after all content was received
Closes #2719
2019-02-14 10:46:18 +01:00
Daniel Stenberg
d957b61db3
TODO: Upgrade to websockets
Closes #3523
2019-02-14 08:30:49 +01:00
Daniel Stenberg
885eea10b0
TODO: cmake test suite improvements
Closes #3109
2019-02-14 08:09:31 +01:00
Daniel Stenberg
a7c228ab89
TODO: TFO support on Windows
Nobody works on this now.

Closes #3378
2019-02-13 08:28:28 +01:00
Jay Satiro
db239c07af examples/crawler: Fix the Accept-Encoding setting
- Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default
  supported encodings.

Prior to this change the specific encodings of gzip and deflate were set
but there's no guarantee they'd be supported by the user's libcurl.
2019-02-12 18:07:29 -05:00
Daniel Gustafsson
fef38a0898 INTERNALS.md: fix subsection depth and link
The Kerberos subsection was mistakenly a subsubsection under FTP, and
the curlx subsection was missing an anchor for the TOC link.

Closes #3529
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-06 10:29:14 +01:00
Daniel Stenberg
1c986c068d
RELEASE-PROCEDURE: update the release calendar 2019-02-06 07:57:13 +01:00
Daniel Stenberg
f3e5a91e44
THANKS: 7.64.0 status 2019-02-06 07:57:12 +01:00
Daniel Gustafsson
55e962cacb ROADMAP: remove already performed item
Commit 7a09b52c98 introduced support
for the draft-ietf-httpbis-cookie-alone-01 cookie draft, and while
the entry was removed from the TODO it was mistakenly left here.
Fix by removing and rewording the entry slightly.

Closes #3530
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-05 23:20:56 +01:00
Etienne Simard
e49ca2a115 CONTRIBUTE.md: Fix grammatical errors
Fix grammatical errors making the document read better. Also fixes
a typo.

Closes #3525
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-02-05 11:56:04 +01:00
Julian Z
2568441cab
docs: use $(INSTALL_DATA) to install man page
Fixes #3518
Closes #3522
2019-02-04 23:39:18 +01:00
Daniel Stenberg
180501cb02
schannel: stop calling it "winssl"
Stick to "Schannel" everywhere. The configure option --with-winssl is
kept to allow existing builds to work but --with-schannel is added as an
alias.

Closes #3504
2019-02-01 08:20:38 +01:00
John Marshall
427fa512be
doc: use meaningless port number in CURLOPT_LOCALPORT example
Use an ephemeral port number here; previously the example had 8080
which could be confusing as the common web server port number might
be misinterpreted as suggesting this option affects the remote port.

URL: https://curl.haxx.se/mail/lib-2019-01/0084.html
Closes #3513
2019-01-31 13:54:59 +01:00
Gisle Vanem
06f744d447
Escape the '\'
A backslash should be escaped in Roff / Troff.
2019-01-29 16:42:22 +01:00
Jay Satiro
3de607415c TODO: WinSSL: 'Add option to disable client cert auto-send'
By default WinSSL selects and send a client certificate automatically,
but for privacy and consistency we should offer an option to disable the
default auto-send behavior.

Reported-by: Jeroen Ooms

Closes https://github.com/curl/curl/issues/2262
2019-01-29 00:33:14 -05:00
Daniel Stenberg
458e898911
KNOWN_BUGS: tests not compatible with python3
Closes #3289
[skip ci]
2019-01-21 12:16:20 +01:00
Alessandro Ghedini
7c16871d0b Fix typo in manpage 2019-01-16 19:05:12 +00:00
Sergei Nikulov
99c2e7e554 cmake: updated check for HAVE_POLL_FINE to match autotools 2019-01-16 11:39:34 +03:00
Daniel Stenberg
13f09f6f6b
KNOWN_BUGS: cmake makes unusable tool_hugehelp.c with MinGW
Closes #3125
2019-01-10 16:52:39 +01:00
Daniel Stenberg
411d0c7244
KNOWN_BUGS: Improve --data-urlencode space encoding
Closes #3229
2019-01-10 15:55:37 +01:00
Katsuhiko YOSHIDA
1f30dc886d
cookies: skip custom cookies when redirecting cross-site
Closes #3417
2019-01-09 15:18:08 +01:00
Daniel Stenberg
89165c1a94
THANKS: fixups and a dedupe
[skip ci]
2019-01-09 11:08:47 +01:00
Daniel Stenberg
d42520f2c8
INTERNALS: correct some outdated function names
Closes #3431
2019-01-03 15:47:00 +01:00
Daniel Stenberg
f2d5e34bae
docs/version.d: mention MultiSSL
Reviewed-by: Daniel Gustafsson
Closes #3432
2019-01-03 15:45:18 +01:00
Rikard Falkeborn
251cabfb4a examples: Update .gitignore
Add a few missing examples to make `make examples` not leave the
workspace in a dirty state.

Closes #3427
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2019-01-02 14:32:01 +01:00
Daniel Gustafsson
b3e24e26e1 THANKS: add more missing names
Add Adrian Burcea who made the artwork for the curl://up 2018 event
which was held in Stockholm, Sweden.
2019-01-02 13:40:13 +01:00
Daniel Gustafsson
5cc3285574 docs: mention potential leak in curl_slist_append
When a non-empty list is appended to, and used as the returnvalue,
the list pointer can leak in case of an allocation failure in the
curl_slist_append() call. This is correctly handled in curl code
usage but we weren't explicitly pointing it out in the API call
documentation. Fix by extending the RETURNVALUE manpage section
and example code.

Closes #3424
Reported-by: dnivras on github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-01-02 12:49:49 +01:00
Daniel Stenberg
01ba09e25a THANKS: dedupe more names
Researched-by: Tae Wong
2019-01-01 17:55:41 +01:00
Daniel Stenberg
47e95c89b7 THANKS: added missing names from year <= 2000
Due to a report of a missing name in THANKS I manually went through an
old CHANGES.0 file and added many previously missing names here.
2018-12-31 20:03:49 +01:00
Daniel Stenberg
2a8801d7ba THANKS: dedupe Guenter Knauf
Reported-by: Tae Wong
2018-12-30 17:59:58 +01:00
Daniel Stenberg
1a6efadce8 THANKS: missing name from the 6.3.1 release! 2018-12-30 17:57:54 +01:00
Claes Jakobsson
d8cae791f4 hostip: support wildcard hosts
This adds support for wildcard hosts in CURLOPT_RESOLVE. These are
try-last so any non-wildcard entry is resolved first. If specified,
any host not matched by another CURLOPT_RESOLVE config will use this
as fallback.

Example send a.com to 10.0.0.1 and everything else to 10.0.0.2:
  curl --resolve *:443:10.0.0.2 --resolve a.com:443:10.0.0.1 \
       https://a.com https://b.com

This is probably quite similar to using:
  --connect-to a.com:443:10.0.0.1:443 --connect-to :443:10.0.0.2:443

Closes #3406
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-27 14:23:53 +01:00
Daniel Gustafsson
b3d111ae15 FAQ: remove mention of sourceforge for github
The project bug tracker is no longer hosted at sourceforge but is now
hosted on the curl Github page. Update the FAQ to reflect.

Closes #3410
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-25 23:20:55 +01:00
Daniel Stenberg
006ff62d8c
http: added options for allowing HTTP/0.9 responses
Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.

For now, both the tool and library allow HTTP/0.9 by default.
docs/DEPRECATE.md lays out the plan for when to reverse that default: 6
months after the 7.64.0 release. The options are added already now so
that applications/scripts can start using them already now.

Fixes #2873
Closes #3383
2018-12-21 10:49:30 +01:00
Daniel Stenberg
9e6518481c
TODO: Windows: set attribute 'archive' for completed downloads
Closes #3354
2018-12-14 11:18:57 +01:00
Daniel Stenberg
04b69c744c
http: minor whitespace cleanup from f464535b 2018-12-14 10:20:06 +01:00
Ayoub Boudhar
f464535bfd
http: Implement trailing headers for chunked transfers
This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing headers
with chunked transfers.

The test server (sws) was updated to take into account the detection of the
end of transfer in the case of trailing headers presence.

Test 1591 checks that trailing headers can be sent using libcurl.

Closes #3350
2018-12-14 10:10:48 +01:00
Daniel Gustafsson
7a09b52c98 cookies: leave secure cookies alone
Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.

Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-13 09:57:58 +01:00
Daniel Stenberg
fdc5563b6e
docs: fix the --tls-max description
Reported-by: Tobias Lindgren
Pointed out in #3367

Closes #3368
2018-12-13 08:35:55 +01:00
Daniel Stenberg
a58741aab7
THANKS: from the curl 7.62.0 cycle 2018-12-12 08:12:27 +01:00
Patrick Monnerat
37093a21a6 documentation: curl_formadd field and file names are now escaped
Prior to 7.56.0, fieldnames and filenames were set in Content-Disposition
header without special processing: this may lead to invalid RFC 822
quoted-strings.
7.56.0 introduces escaping of backslashes and double quotes in these names:
mention it in the documentation.

Reported-by: daboul on github
Closes #3361
2018-12-11 15:31:23 +01:00
Daniel Gustafsson
6381708970 checksrc: add COPYRIGHTYEAR check
Forgetting to bump the year in the copyright clause when hacking has
been quite common among curl developers, but a traditional checksrc
check isn't a good fit as it would penalize anyone hacking on January
1st (among other things). This adds a more selective COPYRIGHTYEAR
check which intends to only cover the currently hacked on changeset.

The check for updated copyright year is currently not enforced on all
files but only on files edited and/or committed locally. This is due to
the amount of files which aren't updated with their correct copyright
year at the time of their respective commit.

To further avoid running this expensive check for every developer, it
adds a new local override mode for checksrc where a .checksrc file can
be used to turn on extended warnings locally.

Closes #3303
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-03 23:13:40 +01:00
Daniel Stenberg
847b130244
CHECKSRC.md: document more warnings
Closes #3335
[ci skip]
2018-12-03 09:47:13 +01:00
Daniel Stenberg
4a01a20bdb
SECURITY-PROCESS: bountygraph shuts down
This backpedals back the documents to the state before bountygraph.

Closes #3311
2018-11-30 22:50:36 +01:00
Daniel Gustafsson
436b50f2f7 TODO: remove CURLOPT_DNS_USE_GLOBAL_CACHE entry
Commit 7c5837e792 deprecated the option
making it a manual code-edit operation to turn it back on. The removal
process has thus started and is now documented in docs/DEPRECATE.md so
remove from the TODO to avoid anyone looking for something to pick up
spend cycles on an already in-progress entry.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-11-29 12:15:04 +01:00
Daniel Gustafsson
8802ad965d cmdline-opts/gen.pl: define the correct varname
The variable definition had a small typo making it declare another
variable then the intended.

Closes #3304
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-11-26 09:56:49 +01:00
Daniel Stenberg
ae7a09db20
CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times 2018-11-23 16:55:33 +01:00
Daniel Stenberg
dcd6f81025
snprintf: renamed and we now only use msnprintf()
The function does not return the same value as snprintf() normally does,
so readers may be mislead into thinking the code works differently than
it actually does. A different function name makes this easier to detect.

Reported-by: Tomas Hoger
Assisted-by: Daniel Gustafsson
Fixes #3296
Closes #3297
2018-11-23 08:26:51 +01:00
Tobias Hintze
5b4cce2e36
host names: allow trailing dot in name resolve, then strip it
Delays stripping of trailing dots to after resolving the hostname.

Fixes #3022
Closes #3222
2018-11-22 13:40:51 +01:00
UnknownShadow200
2366697806
CURLOPT_HEADERFUNCTION.3: match 'nitems' name in synopsis and description
Closes #3295
2018-11-22 00:05:05 +01:00
Romain Fliedel
47ccb2d204
examples/ephiperfifo: report error when epoll_ctl fails 2018-11-20 19:58:41 +01:00
Han Han
89d2e95f78 docs: add more description to unified ssl error codes 2018-11-19 15:57:44 -08:00
Daniel Stenberg
f7fa04d7f3
docs: expanded on some CURLU details 2018-11-11 00:10:56 +01:00
Daniel Stenberg
a1aabed817
HISTORY: add some milestones
Added a few of the more notable milestones in curl history that were
missing. Primarily more recent ones but I also noted some older that
could be worth mentioning.

[ci skip]
Closes #3257
2018-11-09 17:46:05 +01:00
Daniel Gustafsson
10c91b6660 KNOWN_BUGS: add --proxy-any connection issue
Add the identified issue with --proxy-any and proxy servers which
advertise authentication schemes other than the supported one.

Closes #876
Closes #3250
Reported-by: NTMan on Github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-11-09 16:50:39 +01:00
Jim Fuller
5c4fe0d826
setopt: add CURLOPT_CURLU
Allows an application to pass in a pre-parsed URL via a URL handle.

Closes #3227
2018-11-09 15:47:28 +01:00
Gisle Vanem
073332b525
docs: ESCape "\n" codes
Groff / Troff will display a:
 printaf("Errno: %ld\n", error);
as:
  printf("Errno: %ld0, error);

when a "\n" is not escaped. Use "\\n" instead.

Closes #3246
2018-11-09 15:38:52 +01:00
Gisle Vanem
08b1a851cc
More "\n" ESCaping 2018-11-07 13:32:17 +01:00
Frank Gevaerts
e431daf013
curl: add %{stderr} and %{stdout} for --write-out
Closes #3115
2018-11-07 11:09:55 +01:00
Daniel Gustafsson
8a49b291cb winssl: be consistent in Schannel capitalization
The productname from Microsoft is "Schannel", but in infof/failf
reporting we use "schannel". This removes different versions.

Closes #3243
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-11-07 10:11:13 +01:00
Daniel Stenberg
64f9d391ed
TODO: Have the URL API offer IDN decoding
Similar to how URL decoding/encoding is done, we could have URL
functions to convert IDN host names to punycode.

Suggested-by: Alexey Melnichuk
Closes #3232
2018-11-07 08:46:34 +01:00
Daniel Stenberg
9aa8ff2895
urlapi: only skip encoding the first '=' with APPENDQUERY set
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip
encoding the first to better allow "name=content" for any content.

Reported-by: Alexey Melnichuk
Fixes #3231
Closes #3231
2018-11-07 08:28:48 +01:00
Michael Kaufmann
53db15ba55 netrc: don't ignore the login name specified with "--user"
- for "--netrc", don't ignore the login/password specified with "--user",
  only ignore the login/password in the URL.
  This restores the netrc behaviour of curl 7.61.1 and earlier.
- fix the documentation of CURL_NETRC_REQUIRED
- improve the detection of login/password changes when reading .netrc
- don't read .netrc if both login and password are already set

Fixes #3213
Closes #3224
2018-11-05 20:34:01 +01:00
Daniel Stenberg
29c05ce9c3
TODO: 2.6 multi upkeep
Closes #3199
2018-11-05 09:54:18 +01:00
Daniel Stenberg
66dc1570db
symbols-in-versions: add missing CURLU_ symbols
...and fix symbol-scan.pl to also scan urlapi.h

Reported-by: Alexey Melnichuk
Fixes #3226
Closes #3230
2018-11-04 23:15:12 +01:00
Daniel Stenberg
302d125b42
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.

Use a better supported TLS library!

Assisted-by: Daniel Gustafsson
Closes #3194
2018-11-01 10:29:53 +01:00
marcosdiazr
7f4c358541
schannel: make CURLOPT_CERTINFO support using Issuer chain
Closes #3197
2018-11-01 10:21:51 +01:00
Daniel Stenberg
bbed10da65
THANKS: 7.62.0 status 2018-10-30 17:53:59 +01:00
Daniel Gustafsson
1460e89e01 vtls: add MesaLink to curl_sslbackend enum
MesaLink support was added in commit 57348eb97d but the
backend was never added to the curl_sslbackend enum in curl/curl.h.
This adds the new backend to the enum and updates the relevant docs.

Closes #3195
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-30 16:56:51 +01:00
Daniel Stenberg
803496fa10
RELEASE-PROCEDURE: adjust the release dates
See: https://curl.haxx.se/mail/lib-2018-10/0107.html
2018-10-27 15:14:51 +02:00
Daniel Stenberg
067992baa7
docs/CIPHERS: fix the TLS 1.3 cipher names
... picked straight from the OpenSSL man page:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_ciphersuites.html

Reported-by: Ricky-Tigg on github
Bug: #3178
2018-10-27 10:46:36 +02:00
Daniel Stenberg
a0c2779d61
docs/RELEASE-PROCEDURE: remove old entries, modify the Dec 2018 date
... I'm moving it up one week due to travels. The rest stays.
2018-10-26 14:12:44 +02:00
Alexey Eremikhin
bbce45fb00
curl.1: --ipv6 mutexes ipv4 (fixed typo)
Fixes #3171
Closes #3172
2018-10-26 08:45:08 +02:00
Jay Satiro
a023dfa19a CIPHERS.md: Mention the options used to set TLS 1.3 ciphers
Closes https://github.com/curl/curl/pull/3159
2018-10-23 03:37:37 -04:00
Daniel Stenberg
db1338474c
docs/BUG-BOUNTY: the sponsors actually decide the amount
Retract the previous approach as the sponsors will be the ones to set the
final amounts.

Closes #3152
[ci skip]
2018-10-20 12:07:52 +02:00
Daniel Stenberg
1a0cf36fbf
docs/SECURITY-PROCESS: the hackerone IBB program drops curl
... now there's only BountyGraph.
2018-10-17 08:02:37 +02:00
Daniel Gustafsson
03186b1187 INSTALL: mention mesalink in TLS section
Commit 57348eb97d added support for the
MesaLink vtls backend, but missed updating the TLS section containing
supported backends in the docs.

Closes #3134
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-15 09:15:23 +02:00
Viktor Szakats
3455b4b374 replace rawgit links [ci skip]
Ref: https://rawgit.com/ "RawGit has reached the end of its useful life"
Ref: https://news.ycombinator.com/item?id=18202481
Closes https://github.com/curl/curl/pull/3131
2018-10-12 21:04:37 +00:00
Daniel Stenberg
aaab08311b
docs/BUG-BOUNTY.md: for vulns published since Aug 1st 2018
[ci skip]
2018-10-12 09:12:44 +02:00
Michael Kaufmann
d275c18c2a docs: add "see also" links for SSL options
- link TLS 1.2 and TLS 1.3 options
- link proxy and non-proxy options

Closes #3121
2018-10-10 22:23:11 +02:00
Daniel Stenberg
7da100010a
docs/DEPRECATE: minor reformat to render nicer on web 2018-10-09 10:06:04 +02:00
Daniel Gustafsson
4bc86270e1 CURLOPT_SSL_VERIFYSTATUS: Fix typo
Changes s/OSCP/OCSP/ and bumps the copyright year due to the change.
2018-10-09 09:47:40 +02:00
Daniel Stenberg
6450a55721
TODO: fixed 'API for URL parsing/splitting' 2018-10-08 23:35:55 +02:00
Daniel Gustafsson
238494fc81 KNOWN_BUGS: Fix various typos
Closes #3112
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-08 22:59:37 +02:00
Viktor Szakats
ff9d7f4447 spelling fixes [ci skip]
as detected by codespell 1.14.0

Closes https://github.com/curl/curl/pull/3114
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-08 19:37:40 +00:00
Daniel Stenberg
af500e9378
docs/BUG-BOUNTY: proposed additional docs
Bug bounty explainer. See https://bountygraph.com/programs/curl

Closes #3067
2018-10-08 08:45:58 +02:00
Daniel Gustafsson
c1af9b7690 TODO: add LD_PRELOAD support on macOS
Add DYLD_INSERT_LIBRARIES support to the TODO list. Reported in #2394.
2018-10-07 22:28:19 +02:00
Jay Satiro
ec49132faf INTERNALS.md: wrap lines longer than 79 2018-10-05 14:00:15 -04:00
Daniel Gustafsson
c5063a773f INTERNALS: escape reference to parameter
The parameter reference <string> was causing rendering issues in the
generated HTML page, as <string> isn't a valid HTML tag. Fix by back-
tick escaping it.

Closes #3099
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-05 13:37:02 +02:00
Daniel Gustafsson
af99662688 CURLOPT_SSLVERSION.3: fix typos and consistent spelling
Use TLS vX.Y throughout the document, instead of TLS X.Y, as that was
already done in all but a few cases. Also fix a few typos.

Closes #3076
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:22:10 +02:00
Daniel Gustafsson
e9605dbda2 SECURITY-PROCESS: make links into hyperlinks
Use proper Markdown hyperlink format for the Bountygraph links in order
for the generated website page to be more user friendly. Also link to
the sponsors to give them a little extra credit.

Closes #3082
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:17:09 +02:00
Jay Satiro
35ac49d4ed CURLOPT_HEADER.3: fix typo 2018-10-03 02:30:32 -04:00
Jay Satiro
f33312fe33 data-binary.d: clarify default content-type is x-www-form-urlencoded
- Advise user that --data-binary sends a default content type of
  x-www-form-urlencoded, and to have the data treated as arbitrary
  binary data by the server set the content-type header to octet-stream.

Ref: https://github.com/curl/curl/pull/2852#issuecomment-426465094

Closes https://github.com/curl/curl/pull/3085
2018-10-03 02:26:28 -04:00
Daniel Stenberg
835a2fe694
docs/CIPHERS: mention the colon separation for OpenSSL
Bug: #3077
2018-10-02 13:55:36 +02:00
Nate Prewitt
3edb0e369e
MANUAL: minor grammar fix
Noticed a typo reading through the docs.

Closes #3069
2018-10-01 07:54:58 +02:00
Sergei Nikulov
f8215f80ab cmake: fixed path used in generation of docs/tests during curl build through add_subdicectory(...) 2018-09-28 16:54:20 +03:00
Doron Behar
063f9a4c8b
example/htmltidy: fix include paths of tidy libraries
Closes #3050
2018-09-26 14:33:34 +02:00
Viktor Szakats
6ae6b2a533 update URLs in tests
- and one in docs/MANUAL as well

Closes https://github.com/curl/curl/pull/3038
2018-09-23 22:26:11 +00:00
Viktor Szakats
b801b453af whitespace fixes
- replace tabs with spaces where possible
- remove line ending spaces
- remove double/triple newlines at EOF
- fix a non-UTF-8 character
- cleanup a few indentations/line continuations
  in manual examples

Closes https://github.com/curl/curl/pull/3037
2018-09-23 22:24:02 +00:00
Viktor Szakats
efc696a2e0 docs/examples: URL updates
- also update two URLs outside of docs/examples
- fix spelling of filename persistant.c
- fix three long lines that started failing checksrc.pl

Closes https://github.com/curl/curl/pull/3036
2018-09-23 09:23:29 +00:00
Viktor Szakats
c42849bb48 examples/Makefile.m32: sync with core [ci skip]
also:
- fix two warnings in synctime.c (one of them Windows-specific)
- upgrade URLs in synctime.c and remove a broken one

Closes https://github.com/curl/curl/pull/3033
2018-09-22 21:44:36 +00:00
Daniel Stenberg
5c41f88c05
examples/parseurl.c: show off the URL API a bit
Closes #3030
2018-09-22 12:04:35 +02:00
Daniel Stenberg
3cae1cd699
SECURITY-PROCESS: mention the bountygraph program [ci skip]
Closes #3032
2018-09-22 12:00:00 +02:00
Viktor Szakats
f078361c0e URL and mailmap updates, remove an obsolete directory [ci skip]
Closes https://github.com/curl/curl/pull/3031
2018-09-22 07:58:32 +00:00
Daniel Stenberg
e968029b4d
TODO: c-ares and CURLOPT_OPENSOCKETFUNCTION
Removed DoH.

Closes #2734
2018-09-20 23:57:05 +02:00
Daniel Stenberg
5c73093edb
urlapi: document the error codes, remove two unused ones
Assisted-by: Daniel Gustafsson
Closes #3019
2018-09-19 23:25:11 +02:00
Daniel Stenberg
9307c219ad
urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptance
In order for this API to fully work for libcurl itself, it now offers a
CURLU_GUESS_SCHEME flag that makes it "guess" scheme based on the host
name prefix just like libcurl always did. If there's no known prefix, it
will guess "http://".

Separately, it relaxes the check of the host name so that IDN host names
can be passed in as well.

Both these changes are necessary for libcurl itself to use this API.

Assisted-by: Daniel Gustafsson
Closes #3018
2018-09-19 23:21:52 +02:00
Daniel Gustafsson
056cc37ed4 todo: Update reference to already done item
TODO item 1.1 was implemented in commit 946ce5b61f, update reference
to it with instead referencing the implemented option.

Closes #3013
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-19 09:12:45 +02:00
Daniel Stenberg
ef38059f7e
examples/http2-pushinmemory: receive HTTP/2 pushed files in memory
Closes #3004
2018-09-18 10:37:26 +02:00
Kruzya
23524bf85b examples: Fix memory leaks from realloc errors
Make sure to not overwrite the reallocated pointer in realloc() calls
to avoid a memleak on memory errors.
2018-09-17 14:07:47 +02:00
Si
093ba904c9
curl: update --tlsv* descriptions in --help output
Closes #2994
2018-09-16 23:40:01 +02:00
Viktor Szakats
420087bb30 secure Openwall URLs 2018-09-14 18:48:35 +00:00
Dave Reisner
c1e5980f66
curl_url_set.3: properly escape \n in example code
This yields

  "the scheme is %s\n"

instead of

  "the scheme is %s0

Closes #2970
2018-09-13 08:07:36 +02:00
Dave Reisner
0411057380
curl_url_set.3: fix typo in reference to CURLU_APPENDQUERY 2018-09-13 08:07:15 +02:00
Daniel Gustafsson
683fed1a22 TODO: fix typo in item
Closes #2968
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-12 13:12:15 +02:00
Marcel Raad
6a7feb103a
anyauthput: fix compiler warning on 64-bit Windows
On Windows, the read function from <io.h> is used, which has its byte
count parameter as unsigned int instead of size_t.

Closes https://github.com/curl/curl/pull/2972
2018-09-12 12:25:53 +02:00
Daniel Stenberg
11e8a43f85
libcurl-url.3: overview man page for the URL API
Closes #2967
2018-09-10 23:29:37 +02:00
Daniel Stenberg
00c3254595 example/asiohiper: insert warning comment about its status
This example is simply not working correctly but there's nobody around
with the skills and energy to fix it.

Closes #2407
2018-09-10 17:42:39 +02:00
Kamil Dudka
9ba22ce6b5 docs/cmdline-opts: update the documentation of --tlsv1.0
... to reflect the changes in 6015cefb1b

Closes #2955
2018-09-10 12:23:23 +02:00
Kamil Dudka
1d173f3413 docs/examples: do not wait when no transfers are running
Closes #2948
2018-09-10 12:23:23 +02:00
Daniel Stenberg
8b85a3cac5
curl_url_set.3: correct description 2018-09-08 19:39:57 +02:00
Daniel Stenberg
890eea5aad
curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0 2018-09-08 16:02:25 +02:00
Daniel Stenberg
fb30ac5a2d
URL-API
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.

Closes #2842
2018-09-08 15:36:11 +02:00
Daniel Stenberg
17ca0ccff4
curl_easy_upkeep: removed 'conn' from the name
... including the associated option.

Fixes #2951
Closes #2952
2018-09-07 13:43:26 +02:00
Max Dymond
7b655fcbad
upkeep: add a connection upkeep API: curl_easy_conn_upkeep()
Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641
2018-09-07 09:45:29 +02:00
Nicklas Avén
6987fcef65
imap: change from "FETCH" to "UID FETCH"
... and add "MAILINDEX".

As described in #2789, this is a suggested solution.  Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior).  So MAILINDEX=1 gives the
first non deleted mail in the mail box.

Fixes #2789
Closes #2815
2018-09-06 10:57:48 +02:00
Daniel Stenberg
2825f46d95
CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
This is step 3 of #2888.

Fixes #2888
Closes #2896
2018-09-06 10:53:39 +02:00
Daniel Stenberg
5ffbb63e42
curl: --doh-url added 2018-09-06 09:17:25 +02:00
Daniel Stenberg
abff183387
setopt: add CURLOPT_DOH_URL
Closes #2668
2018-09-06 09:17:17 +02:00
Han Han
3f3b26d6fe
ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
Long live CURLE_PEER_FAILED_VERIFICATION
2018-09-06 08:27:15 +02:00
Daniel Stenberg
7c5837e792
CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for
deprecation and complete removal in six months.

Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html
Closes #2942
2018-09-06 08:24:54 +02:00
Daniel Stenberg
25fd1057c9
url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
Closes #2709
2018-09-05 14:36:19 +02:00
Daniel Stenberg
d7c4213bd0
multiplex: enable by default
Starting 7.62.0, multiplexing is enabled by default in multi handles.
2018-09-05 14:35:57 +02:00
Daniel Stenberg
f7208df7d9
pipelining: deprecated
Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.

To re-enable the support, the single line change in lib/multi.c needs to
be reverted.

See docs/DEPRECATE.md

Closes #2705
2018-09-05 11:34:03 +02:00
Daniel Stenberg
432eb5f5c2
THANKS: 7.61.1 status 2018-09-04 23:49:50 +02:00
Jay Satiro
351c0f3a55
tool_operate: Add http code 408 to transient list for --retry
- Treat 408 request timeout as transient so that curl will retry the
  request if --retry was used.

Closes #2925
2018-09-03 13:19:14 +02:00
Jay Satiro
c10f5b02a8 CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning
Reported-by: Daniel Stenberg

Closes https://github.com/curl/curl/issues/2916
2018-08-29 10:08:16 -04:00
Daniel Stenberg
843d161031
THANKS-filter: dedup Daniel Jeliński 2018-08-28 00:51:53 +02:00
Daniel Stenberg
cc67b0a2ee
CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip] 2018-08-27 11:16:23 +02:00
Daniel Stenberg
0e7e5e1ad1
CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]
Added a warning!

Closes #2915
2018-08-27 10:49:58 +02:00
Daniel Stenberg
2345388728
cmdline-opts/page-footer: fix edit mistake
There was a missing newline.

follow-up to a7ba60bb72
2018-08-25 23:37:00 +02:00