Feature string literal NTLM_SSO renamed to NTLM_WB.
Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
Fix some comments to make clear that this is actually a NTLM delegation.
Follow-up to commit 5eb2396cd as that wasn't complete.
At times HEADERFUNCTION+HEADERDATA was set only to have only HEADERDATA
set in the subsequent loop which could cause a NULL to get sent as
userdata to 'header_callback' which wasn't made to handle that.
Now HEADERFUNCTION is explicitly set to NULL if it isn't set to the
callback.
Using this option with an argument being set to one of
none/policy/always instructs libcurl how to deal with GSS
credentials. Or rather how it tells the server that delegation is fine
or not.
Content-disposition headers can provide file names with semicolons which
previously would be cut off at that point.
Added test case 1311 and 1312 to verify -J.
Bug: http://curl.haxx.se/bug/view.cgi?id=3375603
Reported by: Peter Hjalmarsson
First, the -J/--remote-header-name was wrongly sorted in the --help
output as pointed out in bug report #3349271.
Then, I changed the format of the texts to follow the man page better in
that it now uses "-A, --long" intead of "-A/--long". I also made all
additional arguments get written as in "-A, --long FILENAME" instead of
the previous "<filename>" style.
Reported by: Herve Amblard
Bug: http://curl.haxx.se/bug/view.cgi?id=3349271
Added CURLOPT_TRANSFER_ENCODING as the option to set to request Transfer
Encoding in HTTP requests (if built zlib enabled). I also renamed
CURLOPT_ENCODING to CURLOPT_ACCEPT_ENCODING (while keeping the old name
around) to reduce the confusion when we have to encoding options for
HTTP.
--tr-encoding is now the new command line option for curl to request
this, and thus I updated the test cases accordingly.
This enables people to specify a path to the netrc file to use.
The new option override --netrc if both are present. However it
does follow --netrc-optional if specified.
Since the feature requires support for TCP_KEEPIDLE and TCP_KEEPINTVL to
function as documented, it now warns if that support is missing when the
option is used.
... to not make the connection between the tool and the libcurl used
tighter than necessary, the tlsauth options are now always present but
if the used libcurl doesn't have TLSAUTH support it will return failure.
Also, replaced strncmp() with strequal to get case insensitive matching.
Instead of reopening the downloaded file, fsetxattr uses the (already
open) file descriptor to attach extended attributes. This makes the
procedure more robust against errors caused by moved or deleted files.
CURLOPT_RESOLVE is a new option that sends along a curl_slist with
name:port:address sets that will populate the DNS cache with entries so
that request can be "fooled" to use another host than what otherwise
would've been used. Previously we've encouraged the use of Host: for
that when dealing with HTTP, but this new feature has the added bonus
that it allows the name from the URL to be used for TLS SNI and server
certificate name checks as well.
This is a first change. Surely more will follow to make it decent.
setxattr is a glibc call to set extended attributes, so configure now
checks for it and the code is adapted to only build when the
functionality is present.
It is often convinient to track back the source of a once downloaded
file; this patch makes curl store the source URL and other metadata
alongside the retrieved file by using the extended attributes (if
supported by the file system and enabled by --xattr).
Some options, such as the automatic decompression and some SSL related
ones now will bail out if the underlying libcurl doesn't have support
for the particular feature needed.
If the filename contains a backslash, only use filename portion. The
idea is that even systems that don't handle backslashes as path
separators probably want that path removed for convenience.
This flaw is considered a security problem, see the curl security
vulnerability http://curl.haxx.se/docs/adv_20101013.html
It was introduced in commit eeb2cb05 along with the -F type=
change. Also fixed a typo in the name of the magic filename=
parameter. Tweaked tests 39 and 173 to better test this path.
The -F option allows some custom parameters within the given string, and
those strings are separated with semicolons. You can for example specify
"name=daniel;type=text/plain" to set content-type for the
field. However, the use of semicolons like that made it not work fine if
you specified one within the content-type, like for:
"name=daniel;type=text/plain;charset=UTF-8"
... as the second one would be seen as a separator and "charset" is no
parameter curl knows anything about so it was just silently discarded.
The new logic now checks if the semicolon and following keyword looks
like a parameter it knows about and if it isn't it is assumed to be
meant to be used within the content-type string itself.
I modified test case 186 to verify that this works as intended.
Reported by: Larry Stone
Bug: http://curl.haxx.se/bug/view.cgi?id=3048988
The --retry logic does retry HTTP when some specific response codes are
returned, but because the -f option sets the CURLOPT_FAILONERROR to
libcurl, the return codes are different for such situations and then the
curl tool failed to consider it for retrying.
Reported by: Mike Power
Bug: http://curl.haxx.se/bug/view.cgi?id=3037362
The --remote-header-name option for the command-line tool assumes that
everything beyond the filename= field is part of the filename, but that
might not always be the case, for example:
Content-Disposition: attachment; filename=file.txt; modification-date=...
This fix chops the filename off at the next semicolon, if there is one.
When getting multiple URLs, curl didn't properly reset the byte counter
after a successful transfer so if the subsequent transfer failed it
would wrongly use the previous byte counter and behave badly (segfault)
because of that. The code assumes that the byte counter and the 'stream'
pointer is well in synch.
Reported by: Jon Sargeant
Bug: http://curl.haxx.se/bug/view.cgi?id=3028241
Since uploading from stdin is very likely to not work with anyauth and
its multi-phase probing for what authentication to actually use, alert
the user about it. Multi-phase negotiate almost certainly will involve
sending data and thus libcurl will need to rewind the stream to send
again, and it cannot do that with stdin.
