1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

4917 Commits

Author SHA1 Message Date
Denis Laxalde
dc7bd62c67
docs: remove redundant "better" in --fail help
Closes #6385
2020-12-29 17:08:41 +01:00
Kevin Ushey
0be8818f6e
curl.1: fix typo microsft -> microsoft
Closes #6380
2020-12-27 11:07:46 +01:00
XhmikosR
aadc75626b
misc: assorted typo fixes
Closes #6375
2020-12-26 23:54:25 +01:00
Daniel Stenberg
ec424f311a
KNOWN_BUGS: 6.10 curl never completes Negotiate over HTTP
Closes #5235
Closes #6370
2020-12-26 16:11:17 +01:00
Daniel Stenberg
a66df02864
INSTALL: update the list known OSes and CPU archs curl has run on
Closes #6366
2020-12-25 16:06:49 +01:00
Daniel Stenberg
64e6e54f4b
curl_easy_pause.3: add multiplexed pause effects
and generally refresh and update. Remove details for ancient versions.

Reviewed-by: Jay Satiro
Closes #6360
2020-12-22 23:08:03 +01:00
Jay Satiro
f0ba3d5e1b curl_easy_pause.3: fix man page reference
Follow-up to ac9a724 from earlier today.

Ref: https://github.com/curl/curl/pull/6359
2020-12-22 16:51:19 -05:00
Daniel Stenberg
4d1a620891
EXPERIMENTAL: add the Hyper backend to the list
... of current experimental features in curl.
2020-12-22 17:17:59 +01:00
Daniel Stenberg
ac9a7245fc
speedcheck: exclude paused transfers
Paused transfers should not be stopped due to slow speed even when
CURLOPT_LOW_SPEED_LIMIT is set. Additionally, the slow speed timer is
now reset when the transfer is unpaused - as otherwise it would easily
just trigger immediately after unpausing.

Reported-by: Harry Sintonen
Fixes #6358
Closes #6359
2020-12-22 13:51:07 +01:00
Daniel Stenberg
44c5e3901c
cmdline-opts/gen.pl: return hard on errors
... as the warnings tend to go unnoticed otherwise!

Closes #6354
2020-12-21 22:39:26 +01:00
Daniel Stenberg
a93c647de8
examples/libtest: add .checksrc to dist
... so that (auto)builds from tarballs also get the correct instructions.

Fixes #6176
Closes #6353
2020-12-21 17:06:06 +01:00
Daniel Stenberg
7a90ddf88f
curl: add variables to --write-out
In particular, these ones can help a user to create its own error
message when one or transfers fail.

writeout: add 'onerror', 'url', 'urlnum', 'exitcode', 'errormsg'

onerror - lets a user only show the rest on non-zero exit codes

url - the input URL used for this transfer

urlnum - the numerical URL counter (0 indexed) for this transfer

exitcode - the numerical exit code for the transfer

errormsg - obvious

Reported-by: Earnestly on github
Fixes #6199
Closes #6207
2020-12-21 16:38:48 +01:00
Matthias Gatto
e2b2afbeea
docs: add AWS HTTP v4 Signature 2020-12-21 16:28:03 +01:00
Matthias Gatto
08e8455ddd
http: introduce AWS HTTP v4 Signature
It is a security process for HTTP.

It doesn't seems to be standard, but it is used by some cloud providers.

Aws:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
Outscale:
https://wiki.outscale.net/display/EN/Creating+a+Canonical+Request
GCP (I didn't test that this code work with GCP though):
https://cloud.google.com/storage/docs/access-control/signing-urls-manually

most of the code is in lib/http_v4_signature.c

Information require by the algorithm:
- The URL
- Current time
-  some prefix that are append to some of the signature parameters.

The data extracted from the URL are: the URI, the region,
the host and the API type

example:
https://api.eu-west-2.outscale.com/api/latest/ReadNets
        ~~~ ~~~~~~~~               ~~~~~~~~~~~~~~~~~~~
        ^       ^                          ^
       /         \                        URI
   API type     region

Small description of the algorithm:
- make canonical header using content type, the host, and the date
- hash the post data
- make canonical_request using custom request, the URI,
  the get data, the canonical header, the signed header
  and post data hash
- hash canonical_request
- make str_to_sign using one of the prefix pass in parameter,
  the date, the credential scope and the canonical_request hash
- compute hmac from date, using secret key as key.
- compute hmac from region, using above hmac as key
- compute hmac from api_type, using above hmac as key
- compute hmac from request_type, using above hmac as key
- compute hmac from str_to_sign using above hmac as key
- create Authorization header using above hmac, prefix pass in parameter,
  the date, and above hash

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

Closes #5703
2020-12-21 16:27:50 +01:00
Daniel Stenberg
a7696c7343
curl: add --create-file-mode [mode]
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.

Closes #6244
2020-12-21 10:52:41 +01:00
Daniel Stenberg
6e2392f177
KNOWN_BUGS: Remote recursive folder creation with SFTP
Closes #5204
2020-12-20 22:49:59 +01:00
Jay Satiro
4cc115a85b KNOWN_BUGS: Secure Transport disabling hostname validation also disables SNI
That behavior is a limitation of Apple's Secure Transport.

Reported-by: Cory Benfield
Reported-by: Ian Spence
Confirmed-by: Nick Zitzmann

Ref: https://github.com/curl/curl/issues/998

Closes https://github.com/curl/curl/issues/6347
Closes https://github.com/curl/curl/pull/6348
2020-12-20 15:58:26 -05:00
Daniel Stenberg
ccbdbe13c4
TODO: alt-svc should fallback if alt-svc doesn't work
Closes #4908
2020-12-18 23:39:22 +01:00
Daniel Stenberg
9211cb2034
version: include hyper version 2020-12-18 09:58:03 +01:00
Daniel Stenberg
8a113ba93c
docs: add HYPER.md 2020-12-18 09:58:03 +01:00
Daniel Stenberg
f25112074d
TODO: Prevent terminal injection when writing to terminal
Closes #6150
2020-12-16 23:38:20 +01:00
Daniel Stenberg
1451f4d2e1
examples: remove superfluous asterisk uses
... for function pointers. Breaks in ancient compilers.
2020-12-16 09:24:16 +01:00
Daniel Stenberg
98b6aa14d9
URL-SYNTAX: add gophers details 2020-12-15 12:58:19 +01:00
Daniel Stenberg
be8c94da78
TODO: Package curl for Windows in a signed installer
Closes #5424
2020-12-15 12:02:14 +01:00
Daniel Stenberg
c4d88f89a9
BUG-BOUNTY: minor language update
... and remove the wording about entries from before 2019 as the "within
12 months" is still there and covers that.

Closes #6318
2020-12-15 08:57:07 +01:00
Jay Satiro
9f85b986a9 KNOWN_BUGS: SHA-256 digest not supported in Windows SSPI builds
Closes https://github.com/curl/curl/issues/6302
2020-12-14 01:08:15 -05:00
Daniel Stenberg
78af8b68cf
URL-SYNTAX: add default port numbers and IDNA details
Closes #6316
2020-12-13 23:20:36 +01:00
Daniel Stenberg
7ba2577988
URL-SYNTAX: mention how FILE:// access can access network on windows
Closes #6314
2020-12-13 12:24:57 +01:00
Jay Satiro
b90c23d580 URL-SYNTAX: Document default SMTP port 25
Note that ports 25 and 587 are common ports for smtp, the former being
the default.

Closes https://github.com/curl/curl/pull/6310
2020-12-12 19:09:42 -05:00
Daniel Stenberg
a0f0c7149f
CURLOPT_URL.3: remove scheme specific details
... that are now found in URL-SYNTAX.md

Closes #6307
2020-12-12 22:46:37 +01:00
Dan Fandrich
2a264d494e docs: Fix some typos
[skip ci]
2020-12-12 09:59:28 -08:00
Daniel Stenberg
c29db0303d
URL-SYNTAX: mention all supported schemes
Closes #6311
2020-12-12 16:37:16 +01:00
Douglas R. Reno
940d414980
URL-SYNTAX.md: minor language improvements
Closes #6308
2020-12-12 11:19:10 +01:00
Daniel Stenberg
ea0916d41b
docs/URL-SYNTAX: the URL syntax curl accepts and works with
Closes #6285
2020-12-11 23:57:46 +01:00
0xflotus
5253444090
docs: enable syntax highlighting in several docs files
... for better readability

Closes #6286
2020-12-11 18:06:41 +01:00
Daniel Stenberg
e052859759
RELEASE-NOTES: synced
for 7.74.0
2020-12-09 07:38:24 +01:00
Daniel Stenberg
0611fded46
VERSIONS: refreshed
We always use the patch number these days: all releases are
"major.minor.patch"
2020-12-07 13:23:04 +01:00
Daniel Stenberg
ec9cc725d5
ftp: CURLOPT_FTP_SKIP_PASV_IP by default
The command line tool also independently sets --ftp-skip-pasv-ip by
default.

Ten test cases updated to adapt the modified --libcurl output.

Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284

Reported-by: Varnavas Papaioannou
2020-12-07 08:38:05 +01:00
Daniel Stenberg
6703eb2f4c
SECURITY-PROCESS: disclose on hackerone
Once a vulnerability has been published, the hackerone issue should be
disclosed. For tranparency.

Closes #6275
2020-12-03 22:29:34 +01:00
Daniel Gustafsson
41b3b830f1 docs: fix typos and markup in ETag manpage sections
Reported-by: emanruse on github
Fixes #6273
2020-12-03 13:25:42 +01:00
Daniel Stenberg
221c9da9af
NEW-PROTOCOL: document what needs to be done to add one
Closes #6263
2020-12-01 10:18:46 +01:00
Daniel Stenberg
020aa0131b
docs/INTERNALS: remove reference to Curl_sendf()
The function has been removed from common usage. Also removed comment in
gopher.c that still referenced it.

Reported-by: Rikard Falkeborn
Fixes #6242
Closes #6243
2020-11-24 13:17:25 +01:00
Rikard Falkeborn
77b2f702c4
examples: update .gitignore
Add files that are generated by 'make examples' and remove some that
have been renamed.

The commits that renamed the programs are e9625c5bc6 (imap.c and
simplesmtp.c were renamed to imap-fetch.c and smtp-send.c) and
ad39e7ec01 (pop3slist.c and pop3s.c were renamed to pop3-list.c and
pop3-ssl.c).

Closes #6240
2020-11-23 23:09:33 +01:00
Daniel Stenberg
a95a6ce6b8
urldata: remove 'void *protop' and create the union 'p'
... to avoid the use of 'void *' for the protocol specific structs done
per transfer.

Closes #6238
2020-11-23 16:16:16 +01:00
Daiki Ueno
898fca27cd
http3: use the master branch of GnuTLS for testing
Closes #6235
2020-11-22 16:40:05 +01:00
Daniel Stenberg
7fa6d5e383
KNOWN_BUGS: curl with wolfSSL lacks support for renegotiation
Closes #5839
2020-11-22 00:06:24 +01:00
Daniel Stenberg
10818dc7cb
KNOWN_BUGS: wakeup socket disconnect causes havoc
Closes #6132
Closes #6133
2020-11-22 00:01:29 +01:00
Cristian Morales Vega
f21cc62832
cmake: make CURL_ZLIB a tri-state variable
By differentiating between ON and AUTO it can make a missing zlib
library a hard error when CURL_ZLIB=ON is used.

Reviewed-by: Jakub Zakrzewski
Closes #6221
Fixes #6173
2020-11-19 13:38:47 +01:00
Daniel Stenberg
33a0b7ad73
KNOWN_BUGS: cmake: libspsl is not supported
Closes #6214
2020-11-18 22:51:08 +01:00
Daniel Stenberg
bf9e14159c
KNOWN_BUGS: cmake autodetects cert paths when cross-compiling
Closes #6178
2020-11-18 22:51:08 +01:00