1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

446 Commits

Author SHA1 Message Date
Kamil Dudka
4ef6b2d6c6 curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts
The behavior has been clarified in CURLOPT_FTP_USE_{EPRT,EPSV}.3 man
pages since curl-7_12_3~131.  This patch makes it clear in the curl.1
man page, too.

Bug: https://bugzilla.redhat.com/1305970
2016-02-12 18:47:17 +01:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
6b485c7407 HTTPS: update a bunch of URLs from HTTP to HTTPS 2016-02-02 00:24:30 +01:00
Jay Satiro
96596334c8 curl.1: Explain remote-name behavior if file already exists
.. also warn about letting the server pick the filename.
2016-01-29 03:28:48 -05:00
Daniel Stenberg
b4a39491ca curl --expect100-timeout: added
This is the new command line option to set the value for the existing
libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
2015-12-15 13:59:56 +01:00
Daniel Stenberg
748ffc77c6 curl.1: remove the overlap --range example
... it is just weird to include by default even if it still works.
2015-11-06 15:03:00 +01:00
Daniel Stenberg
9b87078d55 curl.1: -E: s/private certificate/client certificate
... as the certificate is strictly speaking not private.

Reported-by: John Levon
2015-10-28 13:17:54 +01:00
Daniel Stenberg
b1fc8c0e97 curl.1: --ignore-content-length now works for FTP too 2015-10-23 15:24:31 +02:00
Daniel Stenberg
4ceddcf8ca curl.1: update RFC references 2015-09-03 19:52:23 +02:00
Jay Satiro
cb6a07fed0 docs: Warn about any-domain cookies and multiple transfers
- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie

- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
2015-09-03 02:35:11 -04:00
Nathaniel Waisbrot
9756d1da76 CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
2015-08-22 21:57:14 -04:00
Jay Satiro
1f1f131e09 docs: Update the redirect protocols disabled by default
- Clarify that FILE and SCP are disabled by default since 7.19.4
- Add that SMB and SMBS are disabled by default since 7.40.0
- Add CURLPROTO_SMBS to the list of protocols
2015-08-18 01:38:07 -04:00
Daniel Kahn Gillmor
31673ff517 curl.1: Document weaknesses in SSLv2 and SSLv3
Acknowledge that SSLv3 is also widely considered to be insecure.

Also, provide references for people who want to know more about why it's
insecure.
2015-08-15 22:53:46 +02:00
Alessandro Ghedini
5be0c88297 docs: fix typos
closes #376
2015-08-12 11:29:55 +02:00
Daniel Stenberg
c092b0f0f3 docs: formpost needs the full size at start of upload
Closes #360
2015-08-02 00:15:39 +02:00
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
55b78c5ae9 SSL: Pinned public key hash support 2015-07-01 19:43:47 +02:00
Viktor Szakats
45f21e0f37 docs: update URLs 2015-06-16 09:08:00 +02:00
Daniel Stenberg
45bad4ac97 curl.1: netrc is in man section 5 2015-06-15 08:28:42 +02:00
Daniel Stenberg
f3288196ff curl.1: small format fix
use \fI-style instead of .BR for references
2015-06-15 08:26:37 +02:00
Ville Skyttä
025dbe46df docs: man page indentation and syntax fixes 2015-06-08 13:37:14 +02:00
Jay Satiro
265f83a9f0 curl.1: fix missing space in section --data 2015-05-19 15:43:40 -04:00
Linus Nielsen
97c272e5d1 Negotiate: custom service names for SPNEGO.
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
2015-04-28 08:29:56 +02:00
Anthony Avina
6a7261359b tool: New option --data-raw to HTTP POST data, '@' allowed.
Add new option --data-raw which is almost the same as --data but does
not have a special interpretation of the @ character.

Prior to this change there was no (easy) way to pass the @ character as
the first character in POST data without it being interpreted as a
special character.

Bug: https://github.com/bagder/curl/issues/198
Reported-by: Jens Rantil
2015-04-25 14:51:14 -04:00
Jay Satiro
0675abbc75 cyassl: Implement public key pinning
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-22 17:07:19 -04:00
Alessandro Ghedini
26cbd7a1d9 curl.1: fix typo 2015-04-22 21:47:32 +02:00
Kamil Dudka
b47c17d67c nss: implement public key pinning for NSS backend
Bug: https://bugzilla.redhat.com/1195771
2015-04-22 13:21:31 +02:00
Daniel Stenberg
5d23279299 CURLOPT_PATH_AS_IS: added
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
2015-03-24 10:31:58 +01:00
Nick Zitzmann
7f5a170442 darwinsssl: add support for TLS False Start
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2015-03-21 12:22:56 -05:00
Alessandro Ghedini
1f651d1d4d curl: add --false-start option 2015-03-20 20:14:35 +01:00
Daniel Stenberg
6bba85d500 curl.1: fix "The the" typo
Reported-by: Jon Seymour
2015-03-04 07:29:06 +01:00
Alessandro Ghedini
49655a6822 curl.1: --cert-status is also supported by OpenSSL now 2015-02-14 20:30:32 +00:00
Daniel Stenberg
0daf1ef729 curl.1: clarify that -X is used for all requests
Reported-by: Jon Seymour
2015-02-09 10:33:54 +01:00
Daniel Stenberg
499024d208 curl.1: add warning when using -H and redirects 2015-02-08 00:05:55 +01:00
Daniel Stenberg
a4065ebf1c copyright years: after OCSP stapling changes 2015-01-16 23:23:29 +01:00
Alessandro Ghedini
bd0c3b3c66 curl: add --cert-status option
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16 23:23:29 +01:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Daniel Stenberg
7853c1cfe6 curl.1: added --unix-socket 2014-12-04 02:52:19 +01:00
Dave Reisner
8ef77547d0 curl.1: fix trivial typo 2014-12-03 22:38:46 +01:00
Bill Nagel
96c3b1a1bb docs: Updated for the SMB protocol
This patch updates the documentation for the SMB/CIFS protocol.
2014-11-30 21:53:30 +00:00
Steve Holme
982a649aa5 docs: Updated for commit 4bd860a001 and SMTP Unix line ending conversion 2014-11-26 23:32:38 +00:00
be1a505189 SSL: Add PEM format support for public key pinning 2014-11-24 19:30:09 +01:00
Steve Holme
338b641370 docs: Updated following the addition of SSPI based HTTP digest auth 2014-11-06 23:44:11 +00:00
Daniel Stenberg
9f59fb6d33 curl.1: show zone index use in a URL 2014-11-06 17:35:22 +01:00
Steve Holme
f7e24683c4 sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
Fixed the ability to use the current log-in credentials with DIGEST-MD5.
I had previously disabled this functionality in commit 607883f13c as I
couldn't get this to work under Windows 8, however, from testing HTTP
Digest authentication through Windows SSPI and then further testing of
this code I have found it works in Windows 7.

Some further investigation is required to see what the differences are
between Windows 7 and 8, but for now enable this functionality as the
code will return an error when AcquireCredentialsHandle() fails.
2014-10-29 14:24:38 +00:00
Daniel Stenberg
50313059fc curl.1: edited for clarity 2014-10-21 11:57:13 +02:00
93e450793c SSL: implement public key pinning
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).

Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().

Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Jeremy Lin
fa7d04fed4 ssh: improve key file search
For private keys, use the first match from: user-specified key file
(if provided), ~/.ssh/id_rsa, ~/.ssh/id_dsa, ./id_rsa, ./id_dsa

Note that the previous code only looked for id_dsa files. id_rsa is
now generally preferred, as it supports larger key sizes.

For public keys, use the user-specified key file, if provided.
Otherwise, try to extract the public key from the private key file.
This means that passing --pubkey is typically no longer required,
and makes the key-handling behavior more like OpenSSH.
2014-10-03 16:20:54 +02:00
Daniel Stenberg
69ce8a72f5 curl.1: mention quoting in the URL section
and separate the example URLs with newlines
2014-10-01 08:29:43 +02:00
Daniel Stenberg
7bff23b166 curl.1: add an example for -H 2014-08-29 08:07:47 +02:00