1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-05 09:05:04 -05:00
Commit Graph

492 Commits

Author SHA1 Message Date
eb16305e6a SecureTransport/DarwinSSL: Implement public key pinning
Closes #1400
2017-05-15 22:54:33 +02:00
Daniel Stenberg
1919569633 man pages: fix example syntax errors
follow-up to 5ddad099b4
2017-05-15 13:01:15 +02:00
Daniel Stenberg
5ddad099b4 docs/libcurl/opts: added more examples in man pages 2017-05-15 11:45:19 +02:00
Daniel Stenberg
e366ca2b85 CURLOPT_HTTPPROXYTUNNEL: clarify, add example 2017-05-15 10:11:23 +02:00
Dan Fandrich
d836c9fee4 url.c: add a compile-time check that CURL_MAX_WRITE_SIZE is large enough
Some code (e.g. Curl_fillreadbuffer) assumes that this buffer is not
exceedingly tiny and will break if it is. This same check is already
done at run time in the CURLOPT_BUFFERSIZE option.
2017-05-13 23:21:27 +02:00
Daniel Stenberg
289236b223 opts: fix bad example formatting \n => \\n
...to render properly nroff.
2017-05-06 23:51:29 +02:00
Daniel Stenberg
271c63748a opts: examples added to 8 more libcurl option man pages 2017-05-06 23:38:39 +02:00
Daniel Stenberg
2b7bde4d3f docs/opts: 24 more man pages now have examples 2017-05-05 17:26:08 +02:00
Daniel Stenberg
58a6265a40 docs/opts: 23 more man pages now have examples 2017-05-05 16:30:23 +02:00
Daniel Stenberg
4b93382193 CURLINFO_REDIRECT_URL.3: add example 2017-05-04 00:00:13 +02:00
Daniel Stenberg
b065a508c6 CURLINFO_EFFECTIVE_URL.3: add example 2017-05-04 00:00:07 +02:00
Kamil Dudka
e3e8d0204b nss: load libnssckbi.so if no other trust is specified
The module contains a more comprehensive set of trust information than
supported by nss-pem, because libnssckbi.so also includes information
about distrusted certificates.

Reviewed-by: Kai Engert
Closes #1414
2017-04-25 13:24:24 +02:00
Jay Satiro
fa66403280 CURLINFO_SCHEME.3: fix variable type
- Change documented param type to char ** from incorrect long *.
2017-04-08 15:44:39 -04:00
Daniel Stenberg
721f8c05c7 docs: added examples for CURLINFO_FILETIME.3 and CURLOPT_FILETIME.3 2017-04-03 00:00:43 +02:00
Peter Wu
ec493dbda2 cmake: fix build with cmake 2.8.12.2
For some reason, CMake 2.8.12.2 did not expand the list argument in a
single DEPENDS argument. Remove the quotes, so it gets expanded into
multiple arguments for add_custom_command and add_custom_target.

Fixes https://github.com/curl/curl/issues/1370
Closes #1372
2017-03-30 23:43:35 +02:00
Daniel Stenberg
f8952932e7 cmake: add cmake file in docs/libcurl/opts/ to dist 2017-03-30 08:16:56 +02:00
klemens
f7df67cff0 spelling fixes
Closes #1356
2017-03-26 23:56:23 +02:00
Daniel Stenberg
e369303cdc CURLINFO_PRIMARY_IP.3: add example 2017-03-22 11:28:33 +01:00
Ales Mlakar
a360906de6 mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION
Ref: https://curl.haxx.se/mail/lib-2017-02/0097.html

Closes https://github.com/curl/curl/pull/1272
2017-03-21 23:51:44 -04:00
Peter Wu
898b012a9b cmake: add support for building HTML and PDF docs
Note that for some reason there is this warning (that also exists with
autotools, added since curl-7_15_1-94-ga718cb05f):

    docs/libcurl/curl_multi_socket_all.3:1: can't open `man3/curl_multi_socket.3': No such file or directory

Additionally, adjust the roffit --mandir option to support creating
links when doing out-of-tree builds.

Ref: https://github.com/curl/curl/pull/1288
2017-03-21 14:49:53 +01:00
Peter Wu
6f6e9193df docs: split file lists into Makefile.inc
For easier sharing with CMake. The contents were reformatted to use
two-space indent and expanded tabs (matching lib/Makefile.common).

Ref: https://github.com/curl/curl/pull/1288
2017-03-21 14:49:53 +01:00
Jay Satiro
f7b3914c55 CURLINFO_LOCAL_PORT.3: fix typo 2017-03-16 18:18:49 -04:00
Daniel Stenberg
49f7b13536 CURLINFO_LOCAL_PORT.3: added example 2017-03-16 23:05:22 +01:00
Desmond O. Chang
d2bcf1e3e2 url: add option CURLOPT_SUPPRESS_CONNECT_HEADERS
- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing
  proxy CONNECT response headers from the user callback functions
  CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION.

- Add new tool option --suppress-connect-headers to expose
  CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT
  response headers from --dump-header and --include.

Assisted-by: Jay Satiro
Assisted-by: CarloCannas@users.noreply.github.com
Closes https://github.com/curl/curl/pull/783
2017-03-12 01:32:33 -05:00
Jozef Kralik
6448f98c18 vtls: add options to specify range of enabled TLS versions
This commit introduces the CURL_SSLVERSION_MAX_* constants as well as
the --tls-max option of the curl tool.

Closes https://github.com/curl/curl/pull/1166
2017-03-08 15:54:07 +01:00
Steve Brokenshire
f5712ca277 Makefile.am: Remove distribution man pages when running 'make clean' 2017-03-07 23:27:31 +01:00
Jay Satiro
21512a015f CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors
.. also document that CURLE_NOT_BUILT_IN is a RETURN VALUE.

Ref: https://github.com/curl/curl/pull/1290
2017-03-04 16:07:28 -05:00
JDepooter
0966ab5bd4 darwinssl: Warn that disabling host verify also disables SNI
In DarwinSSL the SSLSetPeerDomainName function is used to enable both
sending SNI and verifying the host. When host verification is disabled
the function cannot be called, therefore SNI is disabled as well.

Closes https://github.com/curl/curl/pull/1240
2017-03-02 02:42:15 -05:00
Peter Wu
eac0dc6a3f docs: de-duplicate file lists in the Makefiles
Make use of macro substitution of suffix patterns to remove duplication
of manual names. This approach is portable according to
http://pubs.opengroup.org/onlinepubs/009695399/utilities/make.html

Closes https://github.com/curl/curl/pull/1287
2017-02-25 16:26:22 -05:00
Jay Satiro
b259646ea1 url: Improve CURLOPT_PROXY_CAPATH error handling
- Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option
  is not supported, which is the same as what we already do for
  CURLOPT_CAPATH.

- Change the curl tool to handle CURLOPT_PROXY_CAPATH error
  CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the
  same as what we already do for CURLOPT_CAPATH.

- Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the
  respective CAPATH option is not supported by the SSL library.

Ref: https://github.com/curl/curl/pull/1257
2017-02-21 22:24:40 -05:00
Daniel Stenberg
1dcf244721 CURLOPT_SSL_VERIFYPEER.3: also the https proxy version 2017-02-09 23:22:57 +01:00
Jay Satiro
423a93ce32 docs: Add more HTTPS proxy documentation
- Document HTTPS proxy type.

- Document --write-out %{proxy_ssl_verify_result}.

- Document SOCKS proxy + HTTP/HTTPS proxy combination.

HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS.

Ref: https://github.com/curl/curl/commit/cb4e2be
2017-02-06 03:13:42 -05:00
Richy Kim
6b7616690e CURLOPT_BUFFERSIZE: support enlarging receive buffer
Replace use of fixed macro BUFSIZE to define the size of the receive
buffer.  Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive
buffer size.  Upon setting, resize buffer if larger than the current
default size up to a MAX_BUFSIZE (512KB). This can benefit protocols
like SFTP.

Closes #1222
2017-01-19 23:38:04 +01:00
Isaac Boukris
1d786faee1 unix_socket: add support for abstract unix domain socket
In addition to unix domain sockets, Linux also supports an
abstract namespace which is independent of the filesystem.

In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET
option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH
internally, along with a flag to specify abstract socket.

On non-supporting platforms, the abstract address will be
interpreted as an empty string and fail gracefully.

Also add new --abstract-unix-socket tool parameter.

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: Chungtsun Li (typeless)
Reviewed-by: Daniel Stenberg
Reviewed-by: Peter Wu
Closes #1197
Fixes #1061
2017-01-13 16:25:20 +01:00
Frank Gevaerts
dbd3793859 docs: Add note about libcurl copying strings to CURLOPT_* manpages
Closes #1169
2017-01-13 15:14:55 +01:00
Frank Gevaerts
d2b2c63852 CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char* 2017-01-13 15:14:38 +01:00
Dan Fandrich
bbee0d4eee wolfssl: support setting cipher list 2017-01-06 23:02:09 +01:00
Jay Satiro
4f2239c5ca docs/libcurl: TCP_KEEPALIVE start and interval default to 60
Since the TCP keep-alive options were added in 705f0f7 the start and
interval default values have been 60, but that wasn't documented.

Bug: https://curl.haxx.se/mail/lib-2017-01/0000.html
Reported-by: Praveen Pvs
2017-01-02 13:43:05 -05:00
Daniel Stenberg
209b230227 docs/ciphers: link to our own new page about ciphers
... as the former ones always go stale!
2016-12-25 11:01:17 +01:00
Michael Kaufmann
afff64dbcd curl_easy_recv: Improve documentation and example program
Follow-up to 82245ea: Fix the example program sendrecv.c (handle
CURLE_AGAIN, handle incomplete send). Improve the documentation
for curl_easy_recv() and curl_easy_send().

Reviewed-by: Frank Meier
Assisted-by: Jay Satiro

See https://github.com/curl/curl/pull/1134
2016-12-18 12:56:23 +01:00
Daniel Stenberg
c588840568 CURLINFO_SSL_VERIFYRESULT.3: language 2016-12-16 16:59:08 +01:00
Daniel Stenberg
b0fcb92f80 HTTPS-PROXY docs: update/polish 2016-12-16 16:57:39 +01:00
Daniel Stenberg
845522cadb preproxy: renamed what was added as SOCKS_PROXY
CURLOPT_SOCKS_PROXY -> CURLOPT_PRE_PROXY

Added the corresponding --preroxy command line option. Sets a SOCKS
proxy to connect to _before_ connecting to a HTTP(S) proxy.
2016-12-16 16:04:23 +01:00
Daniel Stenberg
7907a2bec9 CURLOPT_SOCKS_PROXYTYPE: removed
This was added as part of the SOCKS+HTTPS proxy merge but there's no
need to support this as we prefer to have the protocol specified as a
prefix instead.
2016-12-16 15:10:19 +01:00
Daniel Stenberg
c67f842093 CURLOPT_PROXY_*.3: polished some proxy option man pages 2016-11-27 00:21:15 +01:00
Daniel Stenberg
3f7d9b9001 CURLOPT_PROXY_CAINFO.3: clarify proxy use 2016-11-25 16:40:32 +01:00
Daniel Stenberg
2527dd4378 CURLOPT_PROXY_CRLFILE.3: clarify https proxy and availability 2016-11-25 16:36:27 +01:00
Daniel Stenberg
9bfb00efc9 docs: include all opts man pages in dist
Sorted the lists too.

... and include the new ones in the PDF and HTML generation targets
2016-11-25 11:14:58 +01:00
Thomas Glanzmann
4f8b17743d HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY 2016-11-25 10:49:38 +01:00
Thomas Glanzmann
1232dbb8bd url: proxy: Use 443 as default port for https proxies 2016-11-25 10:01:58 +01:00
Frank Gevaerts
ba410f6c64 add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
Adds access to the effectively used protocol/scheme to both libcurl and
curl, both in string and numeric (CURLPROTO_*) form.

Note that the string form will be uppercase, as it is just the internal
string.

As these strings are declared internally as const, and all other strings
returned by curl_easy_getinfo() are de-facto const as well, string
handling in getinfo.c got const-ified.

Closes #1137
2016-11-25 00:45:18 +01:00
Okhin Vasilij
c6da05a5ec HTTPS-proxy: fixed mbedtls and polishing 2016-11-24 23:41:45 +01:00
Alex Rousskov
cb4e2be7c6 proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.

With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.

A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):

  --proxy-cacert FILE        CA certificate to verify peer against
  --proxy-capath DIR         CA directory to verify peer against
  --proxy-cert CERT[:PASSWD] Client certificate file and password
  --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
  --proxy-ciphers LIST       SSL ciphers to use
  --proxy-crlfile FILE       Get a CRL list in PEM format from the file
  --proxy-insecure           Allow connections to proxies with bad certs
  --proxy-key KEY            Private key file name
  --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
  --proxy-pass PASS          Pass phrase for the private key
  --proxy-ssl-allow-beast    Allow security flaw to improve interop
  --proxy-sslv2              Use SSLv2
  --proxy-sslv3              Use SSLv3
  --proxy-tlsv1              Use TLSv1
  --proxy-tlsuser USER       TLS username
  --proxy-tlspassword STRING TLS password
  --proxy-tlsauthtype STRING TLS authentication type (default SRP)

All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.

Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.

Supported backends: OpenSSL, GnuTLS, and NSS.

* A SOCKS proxy + HTTP/HTTPS proxy combination:

If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.

TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.
2016-11-24 23:41:44 +01:00
Kamil Dudka
cfd69c1339 docs: the next release will be 7.52.0 2016-11-15 12:21:00 +01:00
Kamil Dudka
6ad3add606 vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
Fully implemented with the NSS backend only for now.

Reviewed-by: Ray Satiro
2016-11-07 11:52:07 +01:00
Jay Satiro
568037f6af CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2
- Clarify that this option is only for HTTP/1.1 pipelining.

Bug: https://github.com/curl/curl/issues/1059
Reported-by: Jeroen Ooms

Assisted-by: Daniel Stenberg
2016-10-27 23:15:41 -04:00
Daniel Stenberg
0f1996321f s/cURL/curl
The tool was never called cURL, only the project. But even so, we have
more and more over time switched to just use lower case.
2016-10-18 13:59:54 +02:00
Daniel Stenberg
358fd32820 dist: remove PDF and HTML converted docs from the releases 2016-10-10 23:33:13 +02:00
Rainer Müller
c271b1c29a CURLOPT_DEBUGFUNCTION.3: unused argument warning (#1056)
The 'userp' argument is unused in this example code.
2016-10-06 08:06:13 +02:00
Daniel Stenberg
15aefc6adc CURLOPT_KEEP_SENDING_ON_ERROR.3: mention when it is added 2016-10-04 23:46:45 +02:00
Michael Kaufmann
e9e5366193 New libcurl option to keep sending on error
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether
sending the request body shall be completed when the server responds
early with an error status code.

This is suitable for manual NTLM authentication.

Reviewed-by: Jay Satiro

Closes https://github.com/curl/curl/pull/904
2016-09-22 22:22:31 +02:00
Jay Satiro
36e53ec6ff docs: Remove that --proto is just used for initial retrieval
.. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not
override protocols denied by --proto and CURLOPT_PROTOCOLS.

- Add a test to enforce: --proto deny must override --proto-redir allow

Closes https://github.com/curl/curl/pull/1031
2016-09-21 17:23:24 -04:00
Jay Satiro
6ee9ea5e70 CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting 2016-09-18 17:56:35 -04:00
Olivier Brunel
4b86113f5e speed caps: not based on average speeds anymore
Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE &
CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits
with the cumulative average speed of the entire transfer; While this
might work at times with good/constant connections, in other cases it
can result to the limits simply being "ignored" for more than "short
bursts" (as told in man page).

Consider a download that goes on much slower than the limit for some
time (because bandwidth is used elsewhere, server is slow, whatever the
reason), then once things get better, curl would simply ignore the limit
up until the average speed (since the beginning of the transfer) reached
the limit.  This could prove the limit useless to effectively avoid
using the entire bandwidth (at least for quite some time).

So instead, we now use a "moving starting point" as reference, and every
time at least as much as the limit as been transferred, we can reset
this starting point to the current position. This gets a good limiting
effect that applies to the "current speed" with instant reactivity (in
case of sudden speed burst).

Closes #971
2016-09-04 13:11:23 +02:00
Daniel Stenberg
4c44155cfe CURLMOPT_PIPELINING.3: language 2016-09-01 14:09:21 +02:00
Daniel Stenberg
a409b4b466 CURLMOPT_PIPELINING.3: extended and clarified
Especially in regards to the multiplexing part.
2016-09-01 14:08:01 +02:00
Nick Zitzmann
e171968ba3 darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only
In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.
2016-08-28 16:46:59 -05:00
Daniel Stenberg
2497c42172 CURLMOPT_MAX_TOTAL_CONNECTIONS.3: mention it can also multiplex 2016-08-19 09:40:40 +02:00
Daniel Stenberg
84e45f4b3a CURLOPT_PROXY.3: unsupported schemes cause errors now
Follow-up to a96319ebb9 (document the new behavior)
2016-08-15 14:49:26 +02:00
Daniel Stenberg
4732ca5724 CURLOPT_TCP_NODELAY: now enabled by default
After a few wasted hours hunting down the reason for slowness during a
TLS handshake that turned out to be because of TCP_NODELAY not being
set, I think we have enough motivation to toggle the default for this
option. We now enable TCP_NODELAY by default and allow applications to
switch it off.

This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be
used to disable it.

Thanks-to: Tim Rühsen
Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
2016-08-05 00:12:57 +02:00
Kamil Dudka
8b9ba132f0 docs: distribute the CURLINFO_HTTP_VERSION(3) man page, too 2016-07-21 13:06:17 +02:00
Timothy Polich
16fe3f6b0a CURLMOPT_SOCKETFUNCTION.3: fix typo
Closes https://github.com/curl/curl/pull/914
2016-07-14 02:58:59 -04:00
Jay Satiro
f77dfbc5fb CURLOPT_POSTFIELDS.3: Clarify what happens when set empty
When CURLOPT_POSTFIELDS is set to an empty string libcurl will send a
zero-byte POST. Prior to this change it was documented as sending data
from the read callback.

This also changes the wording of what happens when empty or NULL so that
it's hopefully easier to understand for people whose primary language
isn't English.

Bug: https://github.com/curl/curl/issues/862
Reported-by: Askar Safin
2016-06-11 17:33:16 -04:00
Andrew Kurushin
6cabd78531 schannel: add CURLOPT_CERTINFO support
Closes #822
2016-06-01 08:50:01 +02:00
Frank Gevaerts
071c561394 http: add CURLINFO_HTTP_VERSION and %{http_version}
Adds access to the effectively used http version to both libcurl and
curl.

Closes #799
2016-05-30 22:58:51 +02:00
Michael Kaufmann
53ae37088c CURLOPT_CONNECT_TO.3: user must not free the list prematurely
The connect-to list isn't copied so as long as the handle may be used
for a transfer the list must be valid.

Bug: https://github.com/curl/curl/pull/819
Reported-by: Michael Kaufmann
2016-05-20 00:14:38 -04:00
Frank Gevaerts
5db313985e CURLOPT_RESOLVE.3: fix typo
Closes #811
2016-05-17 14:28:12 +02:00
Daniel Stenberg
ab5a68937b docs: CURLOPT_RESOLVE overrides CURLOPT_IPRESOLVE 2016-05-17 13:17:07 +02:00
Daniel Stenberg
d415bdb883 CURLOPT_HTTPPOST.3: the data needs to be around while in use 2016-05-17 11:08:10 +02:00
Daniel Stenberg
dac8ce9558 docs: unified man page references to use \fI 2016-05-02 09:09:59 +02:00
Isaac Boukris
7987f5cb14 CURLOPT_ACCEPT_ENCODING.3: Follow-up clarification
Mention possible content-length mismatch with sum of bytes reported
by write callbacks when auto decoding is enabled.

See #785
2016-05-01 23:27:01 +02:00
Daniel Stenberg
6485d4ee9d CURLOPT_CONV_TO_NETWORK_FUNCTION.3: fix bad man page reference 2016-05-01 23:24:09 +02:00
Daniel Stenberg
ea8694da41 CURLOPT_BUFFERSIZE.3: fix reference to CURLOPT_MAX_RECV_SPEED_LARGE 2016-05-01 23:24:09 +02:00
Daniel Stenberg
aba4727533 opts: fix broken/bad references 2016-05-01 16:41:04 +02:00
Michael Kaufmann
6940f4b52a docs: fix bugs in CURLOPT_HTTP_VERSION.3 and CURLOPT_PIPEWAIT.3
Closes #786
2016-05-01 13:32:49 +02:00
Daniel Stenberg
ffd0e6193f CURLOPT_ACCEPT_ENCODING.3: clarified
As discussed in #785
2016-05-01 13:29:11 +02:00
Jay Satiro
7028ed6d31 CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability
Bug: https://curl.haxx.se/mail/lib-2016-04/0126.html
Reported-by: Bru Rom
2016-04-28 16:48:38 -04:00
Jay Satiro
9f498de9a2 mbedtls: Fix session resume
This also fixes PolarSSL session resume.

Prior to this change the TLS session information wasn't properly
saved and restored for PolarSSL and mbedTLS.

Bug: https://curl.haxx.se/mail/lib-2016-01/0070.html
Reported-by: Thomas Glanzmann

Bug: https://curl.haxx.se/mail/lib-2016-04/0095.html
Reported-by: Moti Avrahami
2016-04-28 02:57:38 -04:00
Michael Kaufmann
f4298fcc6d opts: Fix some syntax errors in example code fragments
Fixes #779
2016-04-27 00:05:04 +02:00
Daniel Stenberg
e24e1c9cc6 CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0 2016-04-26 15:17:07 +02:00
33623d7196 PolarSSL: Implement public key pinning 2016-04-24 12:27:39 +02:00
Daniel Stenberg
8c8177a8a1 opts/Makefile.am: list all docs file one by one
... to make it easier to add lines in patches that won't just break all
other patches trying to add lines too.
2016-04-19 07:59:35 +02:00
Alessandro Ghedini
03de4e4b21 connect: implement TCP Fast Open for Linux
Closes #660
2016-04-18 23:21:50 +02:00
Alessandro Ghedini
dc68f2dab9 url: add CURLOPT_TCP_FASTOPEN option 2016-04-18 23:17:19 +02:00
Daniel Stenberg
26ec93dd6a opts: fix option references missing (section) 2016-04-18 00:02:29 +02:00
Michael Kaufmann
cd8d236245 news: CURLOPT_CONNECT_TO and --connect-to
Makes curl connect to the given host+port instead of the host+port found
in the URL.
2016-04-17 23:50:59 +02:00
Steve Holme
ccf7a82605 CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME
As these two options provide identical functionality, the former for
SOCK5 proxies and the latter for HTTP proxies, merged the two options
together.

As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of
7.49.0.
2016-04-09 20:47:05 +01:00
Steve Holme
b43fb04516 docs: Added clarification following commit 9d89a0387 2016-04-08 21:45:08 +01:00
Steve Holme
9d89a03872 ftp/imap/pop3/smtp: Allow the service name to be overridden
Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5
authentication in FTP, IMAP, POP3 and SMTP.
2016-04-08 18:59:33 +01:00
Viktor Szakats
a24f71aac4 URLs: change http to https in many places
Closes #754
2016-04-06 11:58:34 +02:00
Daniel Stenberg
a71012c03e code: style updates 2016-04-03 22:38:36 +02:00
Daniel Stenberg
213d3c7b0c http2: more documentation for prior knowledge 2016-03-31 22:23:15 +02:00
Daniel Stenberg
d532645afd build: use roffit 0.11 feature
... load file specified as argument.
2016-03-29 16:45:17 +02:00
Daniel Stenberg
5a9ea4b18c CURLMOPT_SOCKETFUNCTION.3: describe the 'what' argument 2016-03-27 23:50:36 +02:00
marquis-de-muesli
7a23e40f7b docs: curlinfo_filetime sftp support, new curlopt_quote "statvfs"
Closes #677
2016-03-27 17:55:24 +02:00
Jay Satiro
949c388ffb CURLINFO_TLS_SSL_PTR.3: Warn about limitations
Bug: https://github.com/curl/curl/issues/685
2016-03-23 01:16:21 -04:00
Daniel Stenberg
4574bde908 CURLINFO_TLS_SSL_PTR.3: minor nroff format fix 2016-03-22 10:33:24 +01:00
Jay Satiro
732983eb41 CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support
Bug: https://curl.haxx.se/mail/lib-2016-03/0150.html
Reported-by: Oliver Graute
2016-03-15 16:00:36 -04:00
Jay Satiro
307f3cf3b3 opt-docs: fix heading macros
..SH should be .SH

Bug: https://github.com/curl/curl/issues/705
Reported-by: Eric S. Raymond
2016-03-08 13:23:35 -05:00
Daniel Stenberg
b90f9fa5ee CURLOPT_ACCEPTTIMEOUT_MS.3: added example 2016-03-06 23:33:18 +01:00
Daniel Stenberg
4da5e65dee CURLOPT_ACCEPT_ENCODING.3: added example 2016-03-06 23:30:42 +01:00
Daniel Stenberg
c13a54a2fb CURLOPT_APPEND.3: added example 2016-03-06 23:28:35 +01:00
Daniel Stenberg
4ce153c62c CURLOPT_NOPROGRESS.3: added example, conform to stardard style 2016-03-06 23:14:23 +01:00
Daniel Stenberg
66fa069f1b opts: added two examples 2016-03-06 17:42:37 +01:00
Daniel Stenberg
ad90a9d9d1 CURLOPT_SSL_CTX_FUNCTION.3: use .NF for example 2016-03-06 17:20:16 +01:00
Daniel Stenberg
aed91f3a7c CURLOPT_SSL_CTX_FUNCTION.3: added example
and removed erroneous reference to test case lib509
2016-03-06 16:59:06 +01:00
Jay Satiro
2e0a3b935c getinfo: Add support for mbedTLS TLS session info
.. and preprocessor check TLS session info is defined for all backends.
2016-02-27 19:01:00 -05:00
Jay Satiro
332414a30e getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION
The two options are almost the same, except in the case of OpenSSL:

CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *.

CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *.

For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to
return an SSL pointer for OpenSSL.

Also, add support for the 'internals' member to point to SSL object for
the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and
wolfSSL.

Bug: https://github.com/curl/curl/issues/234
Reported-by: dkjjr89@users.noreply.github.com

Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html
Reported-by: Michael König
2016-02-23 19:03:03 -05:00
Jay Satiro
186546f1c5 TFTP: add option to suppress TFTP option requests (Part 2)
- Add tests.

- Add an example to CURLOPT_TFTP_NO_OPTIONS.3.

- Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:01:07 -05:00
Michael Koenig
9dc3eaee29 TFTP: add option to suppress TFTP option requests (Part 1)
Some TFTP server implementations ignore the "TFTP Option extension"
(RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing
problems with libcurl. Another switch for curl_easy_setopt
"CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from
sending TFTP option requests to a server, avoiding many problems caused
by faulty implementations.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:00:58 -05:00
Jay Satiro
2ac3f427f7 CURLOPT_DEBUGFUNCTION.3: Fix example 2016-02-20 16:23:05 -05:00
Jay Satiro
bdaaba5315 CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie style
Bug: https://github.com/curl/curl/issues/666
Reported-by: baumanj@users.noreply.github.com
2016-02-18 21:07:57 -05:00
Daniel Stenberg
091dee8631 opts: add references 2016-02-18 09:14:48 +01:00
Clint Clayton
ede0bfc079 CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option
Change the example in the docs for CURLOPT_CONNECTTIMEOUT_MS to use
CURLOPT_CONNECTTIMEOUT_MS instead of CURLOPT_CONNECTTIMEOUT.

Closes #653
2016-02-14 22:38:12 +01:00
Daniel Stenberg
a87cb257b4 opt-docs: add more references 2016-02-14 15:54:47 +01:00
Timotej Lazar
50cd9c8aa1 opts: update references to renamed options 2016-02-09 14:19:31 -05:00
Viktor Szakats
b4f595bde4 URLs: change more http to https 2016-02-02 22:29:47 -05:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Schauenberg
1074cca8cd CURLINFO_RESPONSE_CODE.3: add example 2016-01-16 23:05:07 -05:00
Kamil Dudka
be538e0766 ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL
The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle
empty strings specially since curl-7_25_0-31-g05a443a but the behavior
was unintentionally removed in curl-7_38_0-47-gfa7d04f.

This commit restores the original behavior and clarifies it in the
documentation that NULL and "" have both the same meaning when passed
to CURLOPT_SSH_PUBLIC_KEYFILE.

Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html
2016-01-15 10:34:34 +01:00
Daniel Stenberg
133cd19244 CURLOPT_RESOLVE.3: minor language polish 2016-01-13 09:11:12 +01:00
Thomas Glanzmann
bf93a1217c mbedtls: implement CURLOPT_PINNEDPUBLICKEY 2016-01-10 00:17:26 +01:00
Daniel Stenberg
90c2d215d7 CURLOPT_RANGE: for HTTP servers, range support is optional 2015-12-24 23:35:54 +01:00
Daniel Stenberg
4bcc532de5 http: add libcurl option to allow HTTP/2 for HTTPS only
... and stick to 1.1 for HTTP. This is in line with what browsers do and
should have very little risk.
2015-12-13 09:24:51 +01:00
Daniel Stenberg
fc5d783589 CURLOPT_HEADERFUNCTION.3: fix typo
Refer to _HEADERDATA not _WRITEDATA.

Reported-by: Michał Piechowski
2015-11-23 16:11:57 +01:00
Daniel Stenberg
6c5f4303fe CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
... if there are more than one using the same name
2015-11-16 08:26:48 +01:00
Steve Holme
007f3e0971 opts: Corrected TLS protocols list to include POP3S rather than POP3 2015-11-07 22:11:04 +00:00
Kurt Fankhauser
529f9310b1 ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
This allows FTP transfers with growing (or shrinking) files without
causing a transfer error.

Closes #480
2015-10-23 14:57:30 +02:00
Daniel Stenberg
b1199def8c CURLOPT_STREAM_WEIGHT.3: call argument 'weight' too
... and add a little example of what the weight actually means. "Relative
proportion of bandwidth".
2015-10-23 09:23:46 +02:00
Daniel Stenberg
b7d894d808 http2: add stream options to dist and curl_easy_setopt.3 2015-10-23 09:16:00 +02:00
Daniel Stenberg
d31ed6ac71 http2: s/priority/weight 2015-10-23 08:22:38 +02:00
Daniel Stenberg
3042cb5043 http2: added three stream prio/deps options
CURLOPT_STREAM_DEPENDS

CURLOPT_STREAM_DEPENDS_E

CURLOPT_STREAM_PRIORITY
2015-10-23 08:22:38 +02:00
Svyatoslav Mishyn
2e373f4a6f CURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET 2015-10-08 22:50:42 +02:00
Daniel Stenberg
bce689605d CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO 2015-10-08 13:47:52 +02:00
Svyatoslav Mishyn
963b7bd4f7 docs: fix unescaped '\n' in man pages
Closes https://github.com/bagder/curl/pull/459
2015-09-27 23:45:41 -04:00
Daniel Stenberg
7362008c1c CURLINFO_TLS_SESSION: always return backend info
... even for those that don't support providing anything in the
'internals' struct member since it offers a convenient way for
applications to figure this out.
2015-09-22 17:21:37 +02:00
Richard van den Berg
0583ed3e48 CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment
Closes #449
2015-09-22 16:54:28 +02:00
Viktor Szakats
bb72b9453d CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com
closes #443
2015-09-20 18:41:23 +02:00
Daniel Stenberg
65ca3b083c CURLOPT_PINNEDPUBLICKEY.3: mention error code 2015-09-17 08:54:32 +02:00
Jay Satiro
b550a1c067 CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example
- Show how a certificate can be obtained using OpenSSL.

Bug: https://github.com/bagder/curl/pull/430
Reported-by: Daniel Hwang
2015-09-14 03:16:04 -04:00
Daniel Stenberg
a7cb6a28e2 CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET 2015-09-12 23:37:52 +02:00
Daniel Stenberg
3d4ffa71f7 opts: add CURLINFO_* man pages to dist 2015-09-12 23:22:33 +02:00
Daniel Stenberg
cdba82e1c2 opts: 19 more CURLINFO_* options made into stand-alone man pages 2015-09-12 23:13:47 +02:00
Svyatoslav Mishyn
0e17369f5b CURLOPT_FNMATCH_FUNCTION.3: fix typo
s => is

Closes #428
2015-09-11 18:43:54 +02:00
Svyatoslav Mishyn
4e6f7aee64 docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_*
long => double
2015-09-08 21:19:34 -04:00
Daniel Stenberg
87e533ace0 parse_proxy: reject illegal port numbers
If the port number in the proxy string ended weirdly or the number is
too large, skip it. Mostly as a means to bail out early if a "bare" IPv6
numerical address is used without enclosing brackets.

Also mention the bracket requirement for IPv6 numerical addresses to the
man page for CURLOPT_PROXY.

Closes #415

Reported-by: Marcel Raad
2015-09-08 15:17:00 +02:00
Svyatoslav Mishyn
664398e43b CURLOPT_TLSAUTH_TYPE.3: update description
Closes #414
Closes #413
2015-09-06 23:12:17 +02:00
Svyatoslav Mishyn
3a4f42dd0c CURLOPT_PATH_AS_IS.3: fix typo
leavit => leaveit

closes #412
2015-09-05 23:19:49 +02:00
Svyatoslav Mishyn
5ea0004438 CURLINFO_SSL_VERIFYRESULT.3: add short description 2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
f1ccf68e8c CURLINFO_SSL_ENGINES.3: add short description 2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
d36d83ba4b CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency 2015-09-05 23:19:33 +02:00
Svyatoslav Mishyn
5dc556031b CURLINFO_REDIRECT_TIME.3: remove redundant '!' 2015-09-05 23:19:33 +02:00
Daniel Stenberg
e1a4bab86a CURLOPT_POSTREDIR.3: update RFC number and section 2015-09-03 17:33:16 +02:00
Daniel Stenberg
8a0ff1e529 CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
and some general cleaning up
2015-09-03 17:27:40 +02:00
Jay Satiro
cb6a07fed0 docs: Warn about any-domain cookies and multiple transfers
- Warn that cookies without a domain are sent to any domain:
CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie

- Note that imported Set-Cookie cookies without a domain are no longer
exported:
CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar
2015-09-03 02:35:11 -04:00
Daniel Stenberg
9bb198026e opts: 8 more CURLINFO* options as stand-alone man pages 2015-09-02 00:00:53 +02:00
Daniel Stenberg
c764cb4add man-pages: more SEE ALSO links 2015-08-31 16:03:53 +02:00
Daniel Stenberg
6099f5fcac opts: more CURLINFO_* options as stand-alone man pages 2015-08-31 15:28:21 +02:00
Jay Satiro
dfeb85a187 CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now 2015-08-29 23:23:58 -04:00
Daniel Stenberg
96a3488eae CURLINFO_RESPONSE_CODE.3: added short description 2015-08-29 13:55:00 +02:00
Daniel Stenberg
45e918564a opts: 7 initial CURLINFO_* options as stand-alone man pages 2015-08-28 22:58:00 +02:00
Nathaniel Waisbrot
9756d1da76 CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
2015-08-22 21:57:14 -04:00
Sam Roth
e67e71d62b CURLMOPT_PUSHFUNCTION.3: fix argument types
Closes #389
Closes #386
2015-08-19 10:35:24 +02:00
Jay Satiro
1f1f131e09 docs: Update the redirect protocols disabled by default
- Clarify that FILE and SCP are disabled by default since 7.19.4
- Add that SMB and SMBS are disabled by default since 7.40.0
- Add CURLPROTO_SMBS to the list of protocols
2015-08-18 01:38:07 -04:00
Daniel Stenberg
7166d91a03 CURLOPT_HTTP_VERSION.3: connection re-use goes before version 2015-08-15 23:36:28 +02:00
Alessandro Ghedini
5be0c88297 docs: fix typos
closes #376
2015-08-12 11:29:55 +02:00
Jay Satiro
c22fae7ccc CURLOPT_RESOLVE.3: Note removal support was added in 7.42
Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html
Reported-by: Inca R
2015-08-09 02:33:25 -04:00
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
55b78c5ae9 SSL: Pinned public key hash support 2015-07-01 19:43:47 +02:00
Daniel Stenberg
37402b5eb8 CURLOPT_FAILONERROR.3: mention that it closes the connection
Reported-by: bemoody
Bug: https://github.com/bagder/curl/issues/325
2015-06-24 15:26:15 -07:00
Tatsuhiro Tsujikawa
77044b53f7 CURLMOPT_PUSHFUNCTION.3: Remove unused variable 2015-06-24 23:44:42 +02:00
Daniel Stenberg
c712aa0ebe CURLMOPT_PUSHFUNCTION.3: added example 2015-06-24 23:44:42 +02:00
Daniel Stenberg
a384f28ca6 http2: curl_pushheader_byname now takes a const char * 2015-06-24 23:44:42 +02:00
Daniel Stenberg
f65ab8864e http2: fixed the header accessor functions for the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
ea7134ac87 http2: initial implementation of the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
70191958b5 http2: initial HTTP/2 server push types/docs 2015-06-24 23:44:42 +02:00
Jay Satiro
f72b30e6fb CURLOPT_ERRORBUFFER.3: Fix example, escape backslashes 2015-06-17 02:49:14 -04:00
Jay Satiro
52d83cb0c6 CURLOPT_ERRORBUFFER.3: Improve example 2015-06-17 02:25:51 -04:00
Ville Skyttä
56b7663f73 docs: Spelling fixes 2015-06-08 13:43:31 +02:00
Jay Satiro
3013bb6b1c cookie: Stop exporting any-domain cookies
Prior to this change any-domain cookies (cookies without a domain that
are sent to any domain) were exported with domain name "unknown".

Bug: https://github.com/bagder/curl/issues/292
2015-06-03 21:48:47 -04:00
Jay Satiro
b18a1654c1 CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain
Document that if Set-Cookie is used without a domain then the cookie is
sent for any domain and will not be modified.

Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html
Reported-by: Alexander Dyagilev
2015-05-25 17:27:53 -04:00
Jay Satiro
96c0164b88 CURLOPT_COOKIE.3: Explain that the cookies won't be modified
The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the
outgoing request(s)." However there seems to be some user confusion
about cookie modification. Document that the cookies set by this option
are not modified by the cookie engine.

Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html
Reported-by: Alexander Dyagilev
2015-05-24 19:01:13 -04:00
Jay Satiro
4bef1c7bf4 CURLOPT_COOKIELIST.3: Add example 2015-05-24 15:39:49 -04:00
Daniel Stenberg
ee04c20b74 CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy! 2015-05-21 14:17:17 +02:00
Jay Satiro
db979fea73 CURLOPT_POSTFIELDS.3: Mention curl_easy_escape
.. also correct some variable naming in curl_easy_escape.3

Bug: https://github.com/bagder/curl/issues/281
Reported-by: bsammon@users.noreply.github.com
2015-05-20 01:48:31 -04:00
Daniel Stenberg
811443754a CURLOPT_PIPEWAIT: added
By setting this option to 1 libcurl will wait for a connection to reveal
if it is possible to pipeline/multiplex on before it continues.
2015-05-18 09:33:47 +02:00
Daniel Stenberg
02ec1ced9b CURLMOPT_PIPELINE: bit 1 is for multiplexing 2015-05-18 08:57:18 +02:00
Daniel Stenberg
a6af3df660 CURLMOPT_MAX_HOST_CONNECTIONS: host = host name + port number 2015-05-12 23:47:01 +02:00
Egon Eckert
8936a23f51 opts: improved the TCP keepalive examples 2015-05-08 08:27:19 +02:00
Daniel Stenberg
6ba2e88a64 CURLOPT_HEADEROPT: default to separate
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.

Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
2015-04-28 21:02:37 +02:00