1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-10 19:45:04 -05:00
Commit Graph

4370 Commits

Author SHA1 Message Date
Daniel Stenberg
00c3254595 example/asiohiper: insert warning comment about its status
This example is simply not working correctly but there's nobody around
with the skills and energy to fix it.

Closes #2407
2018-09-10 17:42:39 +02:00
Kamil Dudka
9ba22ce6b5 docs/cmdline-opts: update the documentation of --tlsv1.0
... to reflect the changes in 6015cefb1b

Closes #2955
2018-09-10 12:23:23 +02:00
Kamil Dudka
1d173f3413 docs/examples: do not wait when no transfers are running
Closes #2948
2018-09-10 12:23:23 +02:00
Daniel Stenberg
8b85a3cac5
curl_url_set.3: correct description 2018-09-08 19:39:57 +02:00
Daniel Stenberg
890eea5aad
curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0 2018-09-08 16:02:25 +02:00
Daniel Stenberg
fb30ac5a2d
URL-API
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.

Closes #2842
2018-09-08 15:36:11 +02:00
Daniel Stenberg
17ca0ccff4
curl_easy_upkeep: removed 'conn' from the name
... including the associated option.

Fixes #2951
Closes #2952
2018-09-07 13:43:26 +02:00
Max Dymond
7b655fcbad
upkeep: add a connection upkeep API: curl_easy_conn_upkeep()
Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641
2018-09-07 09:45:29 +02:00
Nicklas Avén
6987fcef65
imap: change from "FETCH" to "UID FETCH"
... and add "MAILINDEX".

As described in #2789, this is a suggested solution.  Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior).  So MAILINDEX=1 gives the
first non deleted mail in the mail box.

Fixes #2789
Closes #2815
2018-09-06 10:57:48 +02:00
Daniel Stenberg
2825f46d95
CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
This is step 3 of #2888.

Fixes #2888
Closes #2896
2018-09-06 10:53:39 +02:00
Daniel Stenberg
5ffbb63e42
curl: --doh-url added 2018-09-06 09:17:25 +02:00
Daniel Stenberg
abff183387
setopt: add CURLOPT_DOH_URL
Closes #2668
2018-09-06 09:17:17 +02:00
Han Han
3f3b26d6fe
ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
Long live CURLE_PEER_FAILED_VERIFICATION
2018-09-06 08:27:15 +02:00
Daniel Stenberg
7c5837e792
CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for
deprecation and complete removal in six months.

Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html
Closes #2942
2018-09-06 08:24:54 +02:00
Daniel Stenberg
25fd1057c9
url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
Closes #2709
2018-09-05 14:36:19 +02:00
Daniel Stenberg
d7c4213bd0
multiplex: enable by default
Starting 7.62.0, multiplexing is enabled by default in multi handles.
2018-09-05 14:35:57 +02:00
Daniel Stenberg
f7208df7d9
pipelining: deprecated
Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.

To re-enable the support, the single line change in lib/multi.c needs to
be reverted.

See docs/DEPRECATE.md

Closes #2705
2018-09-05 11:34:03 +02:00
Daniel Stenberg
432eb5f5c2
THANKS: 7.61.1 status 2018-09-04 23:49:50 +02:00
Jay Satiro
351c0f3a55
tool_operate: Add http code 408 to transient list for --retry
- Treat 408 request timeout as transient so that curl will retry the
  request if --retry was used.

Closes #2925
2018-09-03 13:19:14 +02:00
Jay Satiro
c10f5b02a8 CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning
Reported-by: Daniel Stenberg

Closes https://github.com/curl/curl/issues/2916
2018-08-29 10:08:16 -04:00
Daniel Stenberg
843d161031
THANKS-filter: dedup Daniel Jeliński 2018-08-28 00:51:53 +02:00
Daniel Stenberg
cc67b0a2ee
CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip] 2018-08-27 11:16:23 +02:00
Daniel Stenberg
0e7e5e1ad1
CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]
Added a warning!

Closes #2915
2018-08-27 10:49:58 +02:00
Daniel Stenberg
2345388728
cmdline-opts/page-footer: fix edit mistake
There was a missing newline.

follow-up to a7ba60bb72
2018-08-25 23:37:00 +02:00
Daniel Stenberg
a7ba60bb72
docs: clarify NO_PROXY env variable functionality
Reported-by: Kirill Marchuk
Fixes #2773
Closes #2911
2018-08-24 23:22:46 +02:00
Daniel Stenberg
1b8ed4ad23
libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Either way, a multi-threaded application that uses libcurl/openssl needs
to have a signhandler for or ignore SIGPIPE on its own.

Based on discussions in #2800
Closes #2904
2018-08-23 08:29:55 +02:00
Marcel Raad
60776a0515
curl-compilers: enable -Wbad-function-cast on GCC
This warning used to be enabled only for clang as it's a bit stricter
on GCC. Silence the remaining occurrences and enable it on GCC too.

Closes https://github.com/curl/curl/pull/2747
2018-08-21 18:53:45 +02:00
Daniel Stenberg
362e9cc89b
INTERNALS: require GnuTLS >= 2.11.3
Since the public pinning support was brought in e644866caf. GnuTLS
2.11.3 was released in October 2010.

Figured out in #2890
2018-08-21 10:45:20 +02:00
Daniel Stenberg
9dad3bd665
SSLCERTS: improve the openssl command line
... for extracting certs from a live HTTPS server to make a cacerts.pem
from them.
2018-08-20 14:05:28 +02:00
Daniel Stenberg
a040ff88e4
docs/SECURITY-PROCESS: now we name the files after the CVE id 2018-08-20 11:49:58 +02:00
Daniel Stenberg
39cb7130c3
TODO: host name sections in config files 2018-08-15 09:17:03 +02:00
Kamil Dudka
233908a55a docs: add disallow-username-in-url.d and haproxy-protocol.d on the list
... to make make the files appear in distribution tarballs

Closes #2856
2018-08-13 14:21:57 +02:00
Michael Kaufmann
b676b66f4d docs: Improve the manual pages of some callbacks
- CURLOPT_HEADERFUNCTION: add newlines
- CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata'
- CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA
- CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain
  how to set it

Closes https://github.com/curl/curl/pull/2868
2018-08-11 14:33:28 -04:00
Daniel Jelinski
53d211bfd1
Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bug
Closes #2867
2018-08-10 23:45:08 +02:00
Daniel Stenberg
6fac5a3e65
docs: mention NULL is fine input to several functions
Fixes #2837
Closes #2858
Reported-by: Markus Elfring
2018-08-10 00:24:12 +02:00
Anderson Toshiyuki Sasaki
298d2565e2
ssl: set engine implicitly when a PKCS#11 URI is provided
This allows the use of PKCS#11 URI for certificates and keys without
setting the corresponding type as "ENG" and the engine as "pkcs11"
explicitly. If a PKCS#11 URI is provided for certificate, key,
proxy_certificate or proxy_key, the corresponding type is set as "ENG"
if not provided and the engine is set to "pkcs11" if not provided.

Acked-by: Nikos Mavrogiannopoulos
Closes #2333
2018-08-08 09:46:01 +02:00
Daniel Stenberg
8bab3e2eba
DEPRECATE: remove release date from 7.62.0
Since it will slip and the version is the important part there, not the
date.
2018-08-04 00:21:16 +02:00
Jay Satiro
0898331474 examples/ephiperfifo: checksrc compliance 2018-07-29 15:06:00 -04:00
Daniel Stenberg
1fb8048abb
TODO: Support Authority Information Access certificate extension (AIA)
Closes #2793
2018-07-28 23:26:42 +02:00
Josh Bialkowski
7f5e570616
docs/examples: add hiperfifo example using linux epoll/timerfd
Closes #2804
2018-07-28 22:34:54 +02:00
Darío Hereñú
7212c4cd60
docs/INSTALL.md: minor formatting fixes
Closes #2794
2018-07-26 16:37:36 +02:00
Christopher Head
812d05daff
docs/CURLOPT_URL: fix indentation
The statement, “The application does not have to keep the string around
after setting this option,” appears to be indented under the RTMP
paragraph. It actually applies to all protocols, not just RTMP.
Eliminate the extra indentation.

Closes #2788
2018-07-26 16:26:49 +02:00
Christopher Head
9526cbe6bc
docs/CURLOPT_WRITEFUNCTION: size is always 1
For compatibility with `fwrite`, the `CURLOPT_WRITEFUNCTION` callback is
passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Closes #2787
2018-07-26 16:24:43 +02:00
Rodger Combs
092f6815c8 darwinssl: add support for ALPN negotiation 2018-07-14 18:32:47 -05:00
Daniel Stenberg
29b78a537f
docs/SECURITY-PROCESS: mention bounty, drop pre-notify
+ The hackerone bounty and its process

- We don't and can't handle pre-notification
2018-07-12 12:32:54 +02:00
Daniel Stenberg
1f6e38e6af
examples/crawler.c: move #ifdef to column 0
Apparently the C => HTML converter on the web site doesn't quite like it
otherwise.

Reported-by: Jeroen Ooms
2018-07-11 11:47:21 +02:00
Daniel Stenberg
eb8138405a
release: 7.61.0 2018-07-11 07:57:42 +02:00
Daniel Stenberg
d3bd7cb388
TODO: Configurable loading of OpenSSL configuration file
Closes #2724
2018-07-10 10:57:20 +02:00
Daniel Stenberg
522236f55e
post303.d: clarify that this is an RFC violation
... and not the other way around, which this previously said.

Reported-by: Vasiliy Faronov
Fixes #2723
Closes #2726
2018-07-10 10:08:07 +02:00
Marcel Raad
5bd8c389a3
examples: fix -Wformat warnings
When size_t is not a typedef for unsigned long (as usually the case on
Windows), GCC emits -Wformat warnings when using lu and lx format
specifiers with size_t. Silence them with explicit casts to
unsigned long.

Closes https://github.com/curl/curl/pull/2721
2018-07-09 18:08:27 +02:00
Daniel Stenberg
6e61668b9c
KNOWN_BUGS: Stick to same family over SOCKS proxy 2018-07-06 09:31:52 +02:00
Daniel Stenberg
75105480dc
KNOWN_BUGS: Borland support is dropped, AIX problem is too old 2018-07-05 23:11:22 +02:00
Jeroen Ooms
74e0bde773
example/crawler.c: simple crawler based on libxml2
Closes #2706
2018-07-05 15:52:31 +02:00
Daniel Stenberg
91d03fce96
DEPRECATE: include year when specifying date 2018-07-02 23:41:06 +02:00
Daniel Stenberg
9aabe91c8d
DEPRECATE: linkified 2018-07-02 13:16:09 +02:00
Daniel Stenberg
d56feb610d
DEPRECATE: mention the PR that disabled axTLS 2018-07-02 09:41:07 +02:00
Daniel Stenberg
6b919801d0
docs/DEPRECATE.md: spelling and minor formatting 2018-07-02 08:14:53 +02:00
Daniel Stenberg
f5ba9cea0c
DEPRECATE: new doc describing planned item removals
Closes #2704
2018-07-02 07:46:38 +02:00
Daniel Stenberg
9679790b23 docs: fix missed option name markups 2018-06-30 18:33:07 +02:00
Daniel Stenberg
6015cefb1b
openssl: make the requested TLS version the *minimum* wanted
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
2018-06-29 22:53:02 +02:00
Daniel Stenberg
08c845cfdb
openssl: allow TLS 1.3 by default
Reported-by: Andreas Olsson
Fixes #2692
Closes #2693
2018-06-29 09:15:34 +02:00
Adrian Peniak
24cb114c53
CURLINFO_TLS_SSL_PTR.3: improve the example
The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.

Closes #2690
2018-06-28 09:43:23 +02:00
Daniel Stenberg
be231ef88a
GOVERNANCE: linkify, changed some titles 2018-06-27 09:41:36 +02:00
Daniel Stenberg
a5ed2a2cdd
GOVERNANCE: add maintainer details/duties 2018-06-27 08:21:20 +02:00
Daniel Stenberg
810ce31886
CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake
Follow-up to b6a16afa0a
2018-06-24 23:18:52 +02:00
Patrick Schlangen
b6a16afa0a
CURLOPT_SSL_VERIFYPEER.3: Add performance note
Closes #2673
2018-06-23 22:35:12 +02:00
Daniel Stenberg
dfb873e308
CURLOPT_INTERFACE.3: interface names not supported on Windows 2018-06-18 23:14:28 +02:00
Daniel Stenberg
f404f9a285
docs/RELEASE-PROCEDURE.md: renamed to use .md extension
Closes #2663
2018-06-15 16:51:12 +02:00
Daniel Stenberg
66f727c8b0
RELEASE-PROCEDURE: gpg sign the tags 2018-06-15 16:51:06 +02:00
Daniel Stenberg
a78c5c7aae
CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0 2018-06-15 11:17:02 +02:00
Daniel Stenberg
023e80e477
GOVERNANCE.md: explains how this project is run
Closes #2657
2018-06-14 17:11:47 +02:00
Daniel Stenberg
81758be831
KNOWN_BUGS: NTLM doen't support password with § character
Closes #2120
2018-06-14 14:04:48 +02:00
Daniel Stenberg
6bc8304488
KNOWN_BUGS: slow connect to localhost on Windows
Closes #2281
2018-06-14 13:55:45 +02:00
Daniel Stenberg
54066f5d09
TODO: "Option to refuse usernames in URLs" done
Implemented by Björn in 946ce5b61f
2018-06-13 11:24:34 +02:00
Robert Prag
9aefbff30d
schannel: support selecting ciphers
Given the contstraints of SChannel, I'm exposing these as the algorithms
themselves instead; while replicating the ciphersuite as specified by
OpenSSL would have been preferable, I found no way in the SChannel API
to do so.

To use this from the commandline, you need to pass the names of contants
defining the desired algorithms. For example, curl --ciphers
"CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM"
https://github.com The specific names come from wincrypt.h

Closes #2630
2018-06-12 12:08:40 +02:00
Daniel Stenberg
7e799d22d6
RELEASE-PROCEDURE: update the release calendar for 2019 2018-06-11 08:36:30 +02:00
Daniel Stenberg
a8324599d2
cmdline-opts/cert-type.d: mention "p12" as a recognized type as well 2018-06-05 14:53:33 +02:00
Viktor Szakats
4bd91bc474 spelling fixes
Detected using the `codespell` tool (version 1.13.0).

Also secure and fix an URL.
2018-06-03 12:14:45 +00:00
Daniel Stenberg
aca1aba0bd
build: remove the Borland specific makefiles
According to the user survey 2018, not even one out of 670 users use
them. Nobody on the mailing list spoke up for them either.

Closes #2629
2018-06-02 11:23:40 +02:00
Alibek.Jorajev
f66d97b677
CURLOPT_RESOLVE: always purge old entry first
If there's an existing entry using the selected name.

Closes #2622
2018-06-01 12:47:52 +02:00
Daniel Stenberg
8a6a01c988 KNOWN_BUGS: CURL_GLOBAL_SSL
Closes #2276
2018-05-31 17:41:42 +02:00
Björn Stenberg
946ce5b61f
option: disallow username in URL
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
libcurl reject URLs with a username in them.

Closes #2340
2018-05-31 11:27:16 +02:00
Daniel Stenberg
71d35e4a1d
libcurl-security.3: improved layout for two rememdy lists 2018-05-31 11:19:05 +02:00
Daniel Stenberg
5f07fca8f7
libcurl-security.3: refer to URL instead of in-source markdown file 2018-05-31 11:11:38 +02:00
Daniel Stenberg
050c93c46f
setopt: add TLS 1.3 ciphersuites
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.

curl: added --tls13-ciphers and --proxy-tls13-ciphers

Fixes #2435
Reported-by: zzq1015 on github
Closes #2607
2018-05-29 16:12:52 +02:00
Daniel Stenberg
c10f3a1e0b
INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib
... the older description doesn't work

Reported-by: Peter Varga
Fixes #2615
Closes #2616
2018-05-29 07:59:24 +02:00
Will Dietz
c2423c37b7
KNOWN_BUGS: restore text regarding #2101.
This was added earlier but appears to have been removed accidentally.

AFAICT this is very much still an issue.

-----

I say "accidentally" because the text seems to have harmlessly snuck
into [1] (which makes no mention of it).  [1] was later reverted for
unspecified reasons in [2], presumably because the mentioned issue was
fixed or invalid.

[1] de9fac00c4
[2] 16d1f36940

Closes #2618
2018-05-29 07:57:41 +02:00
Patrick Monnerat
8541d02c96 psl: use latest psl and refresh it periodically
The latest psl is cached in the multi or share handle. It is refreshed
before use after 72 hours.
New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing.
If the latest psl is not available, the builtin psl is used.

Reported-by: Yaakov Selkowitz
Fixes #2553
Closes #2601
2018-05-28 20:37:14 +02:00
Daniel Stenberg
06a72880d6
cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing options 2018-05-28 15:02:03 +02:00
Frank Gevaerts
7c189c6608
curl.1: Fix cmdline-opts reference errors.
--data, --form, and --ntlm were declared to be mutually exclusive with
non-existing options. --data and --form referred to --upload (which is
short for --upload-file and therefore did work, so this one was merely
a bit confusing), --ntlm referred to --negotiated instead of --negotiate.

Closes #2612
2018-05-28 15:02:03 +02:00
Frank Gevaerts
c78dd2e1d0
docs: fix cmdline-opts metadata headers case consistency.
Almost all headers start with an uppercase letter, but some didn't.
2018-05-28 15:02:03 +02:00
Linus Lewandowski
239a7061f8
httpauth: add support for Bearer tokens
Closes #2102
2018-05-24 20:39:49 +02:00
Daniel Stenberg
49fe65ccd8
TODO: CURLINFO_PAUSE_STATE
Closes #2588
2018-05-24 20:35:39 +02:00
Daniel Stenberg
2ceab09451
CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit 2018-05-22 08:23:30 +02:00
Daniel Stenberg
6b35e4c94b
KNOWN_BUGS: mention the -O with %-encoded file names
Closes #2573
2018-05-21 23:45:21 +02:00
Daniel Stenberg
cb529b713f
checksrc: make sure sizeof() is used *with* parentheses
... and unify the source code to adhere.

Closes #2563
2018-05-21 23:21:47 +02:00
Daniel Stenberg
f3d836b736
curl: added --styled-output
It is enabled by default, so --no-styled-output will switch off the
detection/use of bold headers.

Closes #2538
2018-05-21 20:29:12 +02:00
Daniel Stenberg
d5a2df5f1d
docs: clarify CURLOPT_HTTPGET somewhat
Reported-by: bsammon on github
Fixes #2590
2018-05-21 10:29:28 +02:00
Daniel Stenberg
404c8850da
curl_fnmatch: only allow two asterisks for matching
The previous limit of 5 can still end up in situation that takes a very
long time and consumes a lot of CPU.

If there is still a rare use case for this, a user can provide their own
fnmatch callback for a version that allows a larger set of wildcards.

This commit was triggered by yet another OSS-Fuzz timeout due to this.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369

Closes #2587
2018-05-18 23:33:44 +02:00
Aleks
e05ad5dd99
docs: mention HAproxy protocol "version 1"
...as there's also a version 2.

Closes #2579
2018-05-18 17:48:40 +02:00
Daniel Stenberg
ccf85d4c2b
examples/progressfunc: make it build on older libcurls
This example was changed in ce2140a8c1 to use the new microsecond based
getinfo option. This change makes it conditionally keep using the older
option so that the example still builds with older libcurl versions.

Closes #2584
2018-05-18 13:42:18 +02:00
Philip Prindeville
ce2140a8c1
getinfo: add microsecond precise timers for various intervals
Provide a set of new timers that return the time intervals using integer
number of microseconds instead of floats.

The new info names are as following:

CURLINFO_APPCONNECT_TIME_T
CURLINFO_CONNECT_TIME_T
CURLINFO_NAMELOOKUP_TIME_T
CURLINFO_PRETRANSFER_TIME_T
CURLINFO_REDIRECT_TIME_T
CURLINFO_STARTTRANSFER_TIME_T
CURLINFO_TOTAL_TIME_T

Closes #2495
2018-05-17 13:41:04 +02:00
Daniel Stenberg
a1269b5961
THANKS: added people from the curl 7.60.0 release 2018-05-15 16:43:56 +02:00
Daniel Stenberg
f38220259c
docs/libcurl/index.html: removed
The HTML files are long gone from the dist, now remove the last HTML
file pointing to those missing files.

d
2018-05-15 16:41:55 +02:00
Daniel Stenberg
07b9826541
CODE_STYLE: mention return w/o parens, but sizeof with
... and remove the github markdown syntax so that it renders better on
the web site. Also, don't use back-ticks inlined to allow the CSS to
highlight source code better.
2018-05-14 10:47:59 +02:00
Rikard Falkeborn
13505dcb55
examples: Fix format specifiers
Closes #2561
2018-05-14 09:43:15 +02:00
Daniel Gustafsson
e953475de5
URLs: fix one more http url
This file wasn't included in commit 4af40b3646 which updated all
haxx.se http urls to https. The file was committed prior to that update,
but may have been merged after it and hence didn't get updated.

Closes #2550
2018-05-05 23:02:40 +02:00
Denis Ollier
0be4679ba9
docs: remove extraneous commas in man pages
Closes #2544
2018-05-03 15:17:33 +02:00
Daniel Stenberg
d29c455d8c
Revert "TODO: remove configure --disable-pthreads"
This reverts commit d5d683a97f.

--disable-pthreads can be used to disable pthreads and get the threaded
resolver to use the windows threading when building with mingw.
2018-05-03 15:05:48 +02:00
Daniel Stenberg
d5d683a97f
TODO: remove configure --disable-pthreads 2018-05-02 11:21:04 +02:00
Daniel Stenberg
97f63f512d
CURLOPT_URL.3: add ENCODING section [ci skip]
Feedback-by: Michael Kilburn
2018-04-30 14:31:04 +02:00
Daniel Stenberg
f022c91df6
KNOWN_BUGS: Client cert with Issuer DN differs between backends
Closes #1411
2018-04-30 10:26:26 +02:00
Daniel Stenberg
72be6abb50
KNOWN_BUGS: Passive transfer tries only one IP address
Closes #1508
2018-04-30 10:22:17 +02:00
Daniel Stenberg
44936865d5
KNOWN_BUGS: --upload-file . hang if delay in STDIN
Closes #2051
2018-04-30 10:19:45 +02:00
Daniel Stenberg
822ef4c454
KNOWN_BUGS: Connection information when using TCP Fast Open
Closes #1332
2018-04-30 10:17:10 +02:00
Daniel Stenberg
e085ea95ef
TODO: Support the clienthello extension
Closes #2299
2018-04-30 00:42:34 +02:00
Daniel Stenberg
0cbfff9895
TODO: CLOEXEC
Closes #2252
2018-04-30 00:10:45 +02:00
Daniel Stenberg
f84139fd08
CURLINFO_PROTOCOL.3: mention the existing defined names 2018-04-27 11:50:16 +02:00
Daniel Stenberg
1778135a9f
examples/http2-upload: expand buffer to avoid silly warning
http2-upload.c:135:44: error: ‘%02d’ directive output may be truncated
writing between 2 and 11 bytes into a region of size between 8 and 17
2018-04-24 14:14:23 +02:00
Daniel Stenberg
300f40eb99
examples/sftpuploadresume: typecast fseek argument to long
/docs/examples/sftpuploadresume.c:102:12: warning: conversion to 'long
int' from 'curl_off_t {aka long long int}' may alter its value
2018-04-24 14:11:53 +02:00
Christian Schmitz
d0394de152
curl_global_sslset: always provide available backends
Closes #2499
2018-04-23 14:18:55 +02:00
Daniel Stenberg
a39593d282
curl.1: clarify that options and URLs can be mixed
Fixes #2515
Closes #2517
2018-04-23 13:48:14 +02:00
Archangel_SDY
f0819f99ae CURLOPT_SSLCERT.3: improve WinSSL-specific usage info
Ref: https://github.com/curl/curl/pull/2376#issuecomment-381858780

Closes https://github.com/curl/curl/pull/2504
2018-04-23 03:16:52 -04:00
Jay Satiro
0f72716676 tool_help: clarify --max-time unit of time is seconds
Before:
 -m, --max-time <time> Maximum time allowed for the transfer

After:
 -m, --max-time <seconds> Maximum time allowed for the transfer
2018-04-21 14:19:37 -04:00
Dan McNulty
8996300211 schannel: add support for CURLOPT_CAINFO
- Move verify_certificate functionality in schannel.c into a new
  file called schannel_verify.c. Additionally, some structure defintions
  from schannel.c have been moved to schannel.h to allow them to be
  used in schannel_verify.c.

- Make verify_certificate functionality for Schannel available on
  all versions of Windows instead of just Windows CE. verify_certificate
  will be invoked on Windows CE or when the user specifies
  CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER.

- In verify_certificate, create a custom certificate chain engine that
  exclusively trusts the certificate store backed by the CURLOPT_CAINFO
  file.

- doc updates of --cacert/CAINFO support for schannel

- Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString
  when available. This implements a TODO in schannel.c to improve
  handling of multiple SANs in a certificate. In particular, all SANs
  will now be searched instead of just the first name.

- Update tool_operate.c to not search for the curl-ca-bundle.crt file
  when using Schannel to maintain backward compatibility. Previously,
  any curl-ca-bundle.crt file found in that search would have been
  ignored by Schannel. But, with CAINFO support, the file found by
  that search would have been used as the certificate store and
  could cause issues for any users that have curl-ca-bundle.crt in
  the search path.

- Update url.c to not set the build time CURL_CA_BUNDLE if the selected
  SSL backend is Schannel. We allow setting CA location for schannel
  only when explicitly specified by the user via CURLOPT_CAINFO /
  --cacert.

- Add new test cases 3000 and 3001. These test cases check that the first
  and last SAN, respectively, matches the connection hostname. New test
  certificates have been added for these cases. For 3000, the certificate
  prefix is Server-localhost-firstSAN and for 3001, the certificate
  prefix is Server-localhost-secondSAN.

- Remove TODO 15.2 (Add support for custom server certificate
  validation), this commit addresses it.

Closes https://github.com/curl/curl/pull/1325
2018-04-18 03:59:47 -04:00
Jakub Wilk
24e8355877 docs: fix typos
Closes https://github.com/curl/curl/pull/2503
2018-04-17 15:32:51 -04:00
Archangel_SDY
e35b0256eb
schannel: add client certificate authentication
Users can now specify a client certificate in system certificates store
explicitly using expression like `--cert "CurrentUser\MY\<thumbprint>"`

Closes #2376
2018-04-17 00:23:01 +02:00
Daniel Gustafsson
9b96e0bb44 checksrc: Fix typo
Fix typo in "semicolon" spelling and remove stray tab character.

Closes https://github.com/curl/curl/pull/2498
2018-04-15 03:05:45 -04:00
Daniel Gustafsson
94400f32e9 all: Refactor malloc+memset to use calloc
When a zeroed out allocation is required, use calloc() rather than
malloc() followed by an explicit memset(). The result will be the
same, but using calloc() everywhere increases consistency in the
codebase and avoids the risk of subtle bugs when code is injected
between malloc and memset by accident.

Closes https://github.com/curl/curl/pull/2497
2018-04-15 03:00:37 -04:00
Jay Satiro
817d1c0106 examples/sftpuploadresmue: Fix Windows large file seek
- Use _fseeki64 instead of fseek (long) to seek curl_off_t in Windows.

- Use CURL_FORMAT_CURL_OFF_T specifier instead of %ld to print
  curl_off_t.

Caught by Marc's CI builds.
2018-04-07 16:03:55 -04:00
Daniel Stenberg
67bd4ab19e
RELEASE-NOTES: synced 2018-04-06 15:52:19 +02:00
Jay Satiro
cbc0f131c2 docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
- Put a percent sign before each CURL_FORMAT_CURL_OFF_T in printf.

For example "%" CURL_FORMAT_CURL_OFF_T becomes %lld or similar.

Bug: https://curl.haxx.se/mail/lib-2018-03/0140.html
Reported-by: David L.
2018-03-31 14:52:55 -04:00
Daniel Stenberg
2bd8e684a4
TODO: connection cache sharing is now supporte 2018-03-27 00:36:09 +02:00
Daniel Stenberg
a26d11b8e1
gitignore: ignore more generated files 2018-03-24 00:24:24 +01:00
Daniel Stenberg
3ff09ce777
CURLINFO_SSL_VERIFYRESULT.3: fix the example, add some text
Reported-by: Michal Trybus

Fixes #2400
2018-03-21 01:04:41 +01:00
Daniel Stenberg
cf7b009f57
TODO: expand ~/ in config files
Closes #2317
2018-03-21 00:50:27 +01:00
Daniel Stenberg
d92a9bd4ec
cookie.d: mention that "-" as filename means stdin
Reported-by: Dongliang Mu
Fixes #2410
2018-03-20 23:25:12 +01:00
Daniel Stenberg
27d7e511d5
CURLINFO_COOKIELIST.3: made the example not leak memory
Reported-by: Muz Dima
2018-03-20 23:18:23 +01:00
Jay Satiro
712c916d94 examples/hiperfifo: checksrc compliance 2018-03-20 03:12:35 -04:00
Rick Deist
d95f3dc0b1
resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSES
This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request
shuffling of IP addresses returned for a hostname when there is more
than one. This is useful when the application knows that a round robin
approach is appropriate and is willing to accept the consequences of
potentially discarding some preference order returned by the system's
implementation.

Closes #1694
2018-03-17 20:44:14 +01:00
Daniel Stenberg
fb4f568b1e
add_handle/easy_perform: clear errorbuffer on start if set
To offer applications a more defined behavior, we clear the buffer as
early as possible.

Assisted-by: Jay Satiro

Fixes #2190
Closes #2377
2018-03-17 12:07:37 +01:00
Lawrence Matthews
6baeb6df35
CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocol
Add --haproxy-protocol for the command line tool

Closes #2162
2018-03-17 11:50:06 +01:00
Daniel Stenberg
9572831b04
curl_version_info.3: fix ssl_version description
Reported-by: Vincas Razma
Fixes #2364
2018-03-17 11:18:00 +01:00
Philip Prindeville
9434194be8
examples/hiperfifo.c: improved
* use member struct event’s instead of pointers to alloc’d struct
   events

 * simplify the cases for the mcode_or_die() function via macros;

 * make multi_timer_cb() actually do what the block comment says it
   should;

 * accept a “stop” command on the FIFO to shut down the service;

 * use cleaner notation for unused variables than the (void) hack;

 * allow following redirections (304’s);
2018-03-16 16:01:01 +01:00
luz.paz
236402fc2d
cleanup: misc typos in strings and comments
Found via `codespell`

Closes #2389
2018-03-16 11:08:31 +01:00
Daniel Stenberg
2b083dcc40
user-agent.d:: mention --proxy-header as well
Bug: https://github.com/curl/curl/issues/2381
2018-03-15 23:52:43 +01:00
Daniel Stenberg
a857057536
SECURITY-PROCESS: mention how we write/add advisories 2018-03-14 14:20:24 +01:00
Daniel Stenberg
4d6bd91ab3
release: 7.59.0 2018-03-13 23:06:58 +01:00
Daniel Stenberg
d974b39a9e
CURLOPT_COOKIEFILE.3: "-" as file name means stdin
Reported-by: Aron Bergman
Bug: https://curl.haxx.se/mail/lib-2018-03/0049.html

[ci skip]
2018-03-13 13:04:12 +01:00
Viktor Szakats
62a71af6d3 FAQ: fix a broken URL [ci skip] 2018-03-12 18:17:05 +00:00
Daniel Stenberg
7fe68c39b3
credits: Viktor prefers without accent 2018-03-12 07:55:58 +01:00
Daniel Stenberg
ddb879c6ae
BUGS: updated link to security process 2018-03-12 00:34:33 +01:00
Daniel Stenberg
029ae11034
docs/SECURITY.md -> docs/SECURITY-PROCESS.md 2018-03-11 23:41:50 +01:00
Daniel Stenberg
9c05701bed
SECURITY.md: call it the security process 2018-03-11 23:40:24 +01:00
Daniel Stenberg
8b754c430b SECURITY: distros' max embargo time is 14 days now 2018-03-09 21:42:36 +01:00
Daniel Stenberg
b2afc36da1
THANKS + mailmap: remove duplicates, fixup full names 2018-03-05 11:57:44 +01:00
Daniel Stenberg
cb281f9df0
RELEASE-NOTES/THANKS: synced with cc1d4c505 2018-03-04 23:20:12 +01:00
Daniel Stenberg
c74521628b
curl.1: mention how to add numerical IP addresses in NO_PROXY 2018-03-04 19:57:43 +01:00
Daniel Stenberg
4d0b1e6887
CURLOPT_NOPROXY.3: mention how to list numerical IPv6 addresses 2018-03-04 19:51:37 +01:00
Daniel Stenberg
8b0b1a3088
build: get CFLAGS (including -werror) used for examples and tests
... so that the CI and more detects compiler warnings/errors properly!

Closes #2337
2018-03-04 19:46:26 +01:00
Daniel Stenberg
ee84085924 docs/MANUAL: formfind.pl is not accessible on the site anymore
Fixes #2342
2018-02-26 20:12:23 +01:00
Viktor Szakats
7e35eb7729 spelling fixes
Detected using the `codespell` tool.

Also contains one URL protocol upgrade.

Closes https://github.com/curl/curl/pull/2334
2018-02-23 23:29:01 +00:00
Daniel Stenberg
1be96a2952
TODO: remove "sha-256 digest", added in 2b5b37cb91 2018-02-23 14:40:10 +01:00
Daniel Stenberg
1a99ecdf50
curl_share_setopt.3: connection cache is shared within multi handles 2018-02-23 12:52:22 +01:00
Daniel Stenberg
93e7a6ffd1
form.d: rephrased somewhat, added two example command lines 2018-02-22 08:28:05 +01:00
Francisco Sedano
23713645d4 url: Add option CURLOPT_RESOLVER_START_FUNCTION
- Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that
  will be called every time before a new resolve request is started
  (ie before a host is resolved) with a pointer to backend-specific
  resolver data. Currently this is only useful for ares.

- Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to
  pass to the resolver start callback.

Closes https://github.com/curl/curl/pull/2311
2018-02-21 21:29:10 -05:00
Jay Satiro
dd027c80fe lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
- In keeping with the naming of our other connect timeout options rename
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.

This change adds the _MS suffix since the option expects milliseconds.
This is more intuitive for our users since other connect timeout options
that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS,
CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS.

The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms.

Follow-up to 2427d94 which added the lib and tool option yesterday.

Ref: https://github.com/curl/curl/pull/2260
2018-02-21 15:16:50 -05:00
Daniel Stenberg
7b71b5150b
RELEASE-NOTES: synced with 2427d94c6 2018-02-21 00:18:54 +01:00
Anders Bakken
2427d94c6d url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT
- Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy
  eyeball timeout value.

- Add new optval macro CURL_HET_DEFAULT to represent the default happy
  eyeballs timeout value (currently 200 ms).

- Add new tool option --happy-eyeballs-timeout-ms to expose
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the
  other -timeout options in the tool expect seconds not milliseconds.

Closes https://github.com/curl/curl/pull/2260
2018-02-20 17:51:43 -05:00
Daniel Stenberg
9b4c2165f1
TODO: warning if curl version is not in sync with libcurl version 2018-02-20 11:17:52 +01:00
Anders Bakken
50d1b3379a CURLOPT_RESOLVE: Add support for multiple IP addresses per entry
This enables users to preresolve but still take advantage of happy
eyeballs and trying multiple addresses if some are not connecting.

Ref: https://github.com/curl/curl/pull/2260
2018-02-20 04:24:28 -05:00
Sergio Borghese
e77f0e5a5a
examples/sftpuploadresume: resume upload via CURLOPT_APPEND
URL: https://curl.haxx.se/mail/lib-2018-02/0072.html
2018-02-20 09:31:06 +01:00
Daniel Stenberg
a3e52a7b2d
TODO: "Support in-memory certs/ca certs/keys"
removed SSLKEYLOGFILE support (fixed)

removed "consider SSL patches" (outdated)

Closes #2310
2018-02-18 22:45:17 +01:00
Daniel Stenberg
174212972c
CURLOPT_HEADER.3: clarify problems with different data sizes 2018-02-16 22:54:51 +01:00
Daniel Stenberg
5a44c9fa8b
CURLOPT_HEADERFUNCTION.3: fix typo from d939226813
Reported-by: Erik Johansson
Bug: d939226813 (commitcomment-27607495)
2018-02-16 16:25:52 +01:00
Daniel Stenberg
d939226813
CURLOPT_HEADERFUNCTION.3: mention folded headers 2018-02-16 12:11:23 +01:00
Daniel Stenberg
f549b2cefe
TODO: 1.1 Option to refuse usernames in URLs
Also expanded the CURL_REFUSE_CLEARTEXT section with more ideas.
2018-02-16 09:39:20 +01:00
Daniel Stenberg
74b1f89b1a
TODO: 1.7 Support HTTP/2 for HTTP(S) proxies 2018-02-16 09:24:28 +01:00
Daniel Stenberg
16d1f36940
Revert "KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy"
This reverts commit de9fac00c4.

Reported-by: Jay Satiro
2018-02-15 22:47:49 +01:00
Daniel Stenberg
ccd1ec7aa8
TODO: 18.18 retry on network is unreachable
Closes #1603
2018-02-15 13:52:13 +01:00
Daniel Stenberg
de9fac00c4
KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy
Closes #1254
2018-02-15 13:31:39 +01:00
Björn Stenberg
b46cfbc068
TODO fixed: Detect when called from within callbacks
Closes #2302
2018-02-15 09:36:03 +01:00
Daniel Stenberg
43a50a2580
BINDINGS: fix curb link (and remove ruby-curl-multi)
Reported-by: Klaus Stein
2018-02-14 14:57:00 +01:00
Daniel Stenberg
63f6b3b220
libcurl-security.3: separate file:// section
... just to make it more apparent. Even if it repeats
some pieces of information.
2018-02-13 14:04:04 +01:00
Daniel Stenberg
1e720400aa
libcurl-security.3: the http://192.168.0.1/my_router_config case
Mentioned-By: Rich Moore
2018-02-13 13:54:11 +01:00
Daniel Stenberg
03b7b2e8fc
libcurl-security.3: mention the URL standards problems too 2018-02-13 12:05:43 +01:00
Daniel Stenberg
3901842055
libcurl-security.3: split out from libcurl-tutorial.3
To make more accessible.

Merged in some new language from "URLs are dangerous things" as discussed on
the mailing list a few days ago:

Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html
2018-02-13 12:02:09 +01:00
Kamil Dudka
08029a7e73 tlsauthtype.d: works only if libcurl is built with TLS-SRP support
Bug: https://bugzilla.redhat.com/1542256

Closes #2306
2018-02-12 18:09:54 +01:00
Daniel Stenberg
34ecdffe90
progress-bar.d: update to match implementation
... since commit 993dd5651a

Reported-by: Martin Dreher
Bug: https://github.com/curl/curl/pull/2242#issuecomment-361059228

Closes #2271
2018-01-30 23:46:58 +01:00
Daniel Stenberg
8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Daniel Stenberg
fecec1d8ae
curl: add --proxy-pinnedpubkey
To verify a proxy's public key. For when using HTTPS proxies.

Fixes #2192
Closes #2268
2018-01-30 08:00:31 +01:00
Daniel Stenberg
094647fcac TODO: UTF-8 filenames in Content-Disposition
Closes #1888
2018-01-28 14:53:10 +01:00
Daniel Stenberg
d76709080b KNOWN_BUGS: DICT responses show the underlying protocol
Closes #1809
2018-01-28 14:38:38 +01:00
Alessandro Ghedini
4021bac4cd docs: fix typos in man pages
Closes https://github.com/curl/curl/pull/2266
2018-01-27 14:50:40 -05:00
5c497343d9
GSKit: restore pinnedpubkey functionality
inadvertently removed in 283babfaf8

Closes #2263
2018-01-25 23:16:14 +01:00
Daniel Stenberg
1c39128d97
parsedate: fix date parsing for systems with 32 bit long
Make curl_getdate() handle dates before 1970 as well (returning negative
values).

Make test 517 test dates for 64 bit time_t.

This fixes bug (3) mentioned in #2238

Closes #2250
2018-01-25 22:20:52 +01:00
e178fbd40a
SChannel/WinSSL: Implement public key pinning
Closes #1429
2018-01-25 22:14:39 +01:00
Daniel Stenberg
03ae81097e TODO: hardcode the "localhost" addresses 2018-01-25 17:23:06 +01:00
Daniel Stenberg
fd9f20737e
TODO: CURL_REFUSE_CLEARTEXT
An idea that popped up in discussions on twitter.
2018-01-25 08:17:09 +01:00
Daniel Stenberg
d6c21c8eec
RELEASE: 7.58.0 2018-01-23 22:49:00 +01:00