1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-26 10:08:48 -05:00
Commit Graph

5046 Commits

Author SHA1 Message Date
Daniel Stenberg
5cb475de99
KNOWN_BUGS: LDAPS with NSS is slow
Reported-by: nosajsnikta on github
Closes #5874
2020-11-04 23:43:43 +01:00
Daniel Stenberg
2cfc4ed983
hsts: add read/write callbacks
- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks

Closes #5896
2020-11-03 16:08:48 +01:00
Daniel Stenberg
7385610d0c
hsts: add support for Strict-Transport-Security
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle

Closes #5896
2020-11-03 16:08:42 +01:00
Daniel Stenberg
b8895509a0
header.d: fix syntax mistake
follow-up from 1144886f38
2020-11-02 10:31:02 +01:00
Daniel Stenberg
1144886f38
header.d: mention the "Transfer-Encoding: chunked" handling
Ref: #6144
Closes #6148
2020-10-31 23:45:36 +01:00
Daniel Stenberg
5106f1dc40
curl.1: add an "OUTPUT" section at the top of the manpage
Explain the basic concepts behind curl output.

Inspired by #6124

Closes #6134
2020-10-29 09:29:41 +01:00
Jay Satiro
9f4c1c0cce CURLOPT_DNS_USE_GLOBAL_CACHE.3: fix typo
Reported-by: Rui LIU

Closes https://github.com/curl/curl/issues/6131
2020-10-26 17:18:44 -04:00
Jay Satiro
b1ff27995b range.d: fix typo
Follow-up to 15ae039 from earlier today.
2020-10-26 17:18:37 -04:00
José Joaquín Atria
15ae039883
range.d: clarify that curl will not parse multipart responses
Closes #6127
Fixes #6124
2020-10-26 11:02:49 +01:00
Daniel Stenberg
96450a1a33
alt-svc: enable by default
Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported.

alt-svc support in curl is no longer considered experimental

Closes #5868
2020-10-25 23:08:54 +01:00
Daniel Stenberg
4bfca0a807
libssh2: require version 1.0 or later
... and simplify the code accordingly. libssh2 version 1.0 was released
in April 2009.

Closes #6116
2020-10-22 16:45:40 +02:00
Daniel Stenberg
141e23d789
KNOWN_BUGS: mention the individual cmake issues
... to make them easier to refer to and address separately and
one-by-one.
2020-10-21 08:25:19 +02:00
Daniel Stenberg
65fb4d16a3
curl_url_set.3: fix typo in the RETURN VALUE section
Reported-by: Basuke Suzuki
Fixes #6102
2020-10-18 23:02:57 +02:00
Daniel Stenberg
6f85968678
CURLOPT_NOBODY.3: fix typo
Reported-by: Basuke Suzuki
Fixes #6097
2020-10-16 23:02:49 +02:00
Daniel Stenberg
bfd35d5eda
CURLOPT_URL.3: clarify SCP/SFTP URLs are for uploads as well 2020-10-16 15:36:01 +02:00
Zenju
6d1a05b0bf
CURLOPT_TCP_NODELAY.3: fix comment in example code
Closes #6096
2020-10-16 15:06:51 +02:00
Viktor Szakats
769c9a4eec
Makefile.m32: add support for HTTP/3 via ngtcp2+nghttp3
Approved-by: Daniel Stenberg
Closes #6092
2020-10-16 07:15:19 +00:00
Daniel Stenberg
621e147ca7
docs/FEATURE: convert to markdown
... and clean it up a bit.

Closes #6067
2020-10-15 15:47:38 +02:00
Daniel Stenberg
2cbd2a2abf
THANKS: from 7.73.0 and .mailmap fixes 2020-10-14 07:50:16 +02:00
Daniel Stenberg
a4c26b0abe
HISTORY: curl verifies SSL certs by default since version 7.10 2020-10-09 17:29:33 +02:00
Emil Engler
639c6bfcfa
--help: move two options from the misc category
The cmdline opts delegation and suppress-connect-headers
fit better into auth and proxy rather than misc.

Follow-up to aa8777f63f
Closes #6038
2020-10-03 22:59:50 +02:00
Samanta Navarro
2ead0ca482
docs/opts: fix typos in two manual pages
Closes #6039
2020-10-03 22:53:16 +02:00
Emil Engler
6603917c3a
TODO: Add OpenBSD libtool notice
See #5862
Closes #6030
2020-09-30 22:48:31 +02:00
Daniel Stenberg
7b9e3c4b4c
examples/README: convert to markdown
Closes #6028
2020-09-30 22:45:29 +02:00
Daniel Gustafsson
2aac895fb6 src: Consistently spell whitespace without whitespace
Whitespace is spelled without a space between white and space, so
make sure to consistently spell it that way across the codebase.

Closes #6023
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
2020-09-30 21:10:14 +02:00
Daniel Gustafsson
021f2c25fd MANUAL: update examples to resolve without redirects
www.netscape.com is redirecting to a cookie consent form on Aol, and
cool.haxx.se isn't responding to FTP anymore. Replace with examples
that resolves in case users try out the commands when reading the
manual.

Closes #6024
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
2020-09-30 21:05:14 +02:00
Daniel Stenberg
025b20971c
HISTORY: add some 2020 events 2020-09-30 13:44:32 +02:00
Daniel Stenberg
cbe7fad20d
ECH: renamed from ESNI in docs and configure
Encrypted Client Hello (ECH) is the current name.

Closes #6022
2020-09-29 11:23:23 +02:00
Daniel Stenberg
a7de1c0d81
TODO: SSH over HTTPS proxy with more backends
... as right now only the libssh2 backend supports it.
2020-09-29 07:50:15 +02:00
Daniel Stenberg
422b257fef
ROADMAP: updates and cleanups
Fix the HSTS PR

Remove DoT, thread-safe init and hard-coded localhost. I feel very
little interest for these with users so I downgrade them to plain "TODO"
entries again.
2020-09-28 17:03:20 +02:00
Daniel Stenberg
f74afa40f8
dynbuf: add Curl_dyn_vaddf
Closes #6004
2020-09-23 15:13:46 +02:00
Daniel Stenberg
2355857702
KNOWN_BUGS: Unable to use PKCS12 certificate with Secure Transport
Closes #5403
2020-09-23 08:50:52 +02:00
Daniel Stenberg
a8e08a87df
setopt: return CURLE_BAD_FUNCTION_ARGUMENT on bad argument
Fixed two return code mixups. CURLE_UNKNOWN_OPTION is saved for when the
option is, yeah, not known. Clarified this in the setopt man page too.

Closes #5993
2020-09-22 09:04:13 +02:00
Daniel Stenberg
f4873ebd0b
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).

Removed security.c
Renamed curl_sec.h to krb5.h

Closes #5987
2020-09-21 23:31:39 +02:00
Daniel Stenberg
553588897a
docs/MQTT: remove outdated paaragraphs 2020-09-21 11:02:32 +02:00
Daniel Stenberg
e1485bd069
docs/MQTT: not experimental anymore
Follow-up to e37e446868
2020-09-21 10:59:26 +02:00
Daniel Stenberg
559ed3ca25
docs/RESOURCES: remove
This document is not maintained and rather than trying to refresh it,
let's kill it. A more up-to-date document with relevant RFCs is this
page on the curl website: https://curl.haxx.se/rfc/

Closes #5980
2020-09-18 16:08:16 +02:00
Daniel Stenberg
d3d8773b14
docs/TheArtOfHttpScripting: convert to markdown
Makes it easier to browse on github etc. Offers (better) links.

It should be noted that this document is already mostly outdated and
"Everything curl" at https://ec.haxx.se/ is a better resource and
tutorial.

Closes #5981
2020-09-18 16:06:29 +02:00
Daniel Stenberg
6f82ebd8ae
BUGS: convert document to markdown
Closes #5979
2020-09-18 16:05:47 +02:00
Daniel Stenberg
2df7414a73
CHECKSRC: document two missing warnings 2020-09-18 13:54:27 +02:00
Daniel Stenberg
83cc966708
man pages: switch to https://example.com URLs
Since HTTPS is "the new normal", this update changes a lot of man page
examples to use https://example.com instead of the previous "http://..."

Closes #5969
2020-09-17 16:28:18 +02:00
Daniel Stenberg
af09599958
TODO: dynamically decide to use socketpair
Suggested-by: Anders Bakken

Closes #4829
2020-09-16 23:35:39 +02:00
Daniel Stenberg
15f5d59891
TODO: add PR reference for native IDN support on macOS
As there was work started on this that never got completed.

Closes #5371
2020-09-16 23:27:07 +02:00
anio
0c1e767e83
tool_writeout: add new writeout variable, %{num_headers}
This variable gives the number of headers.

Closes #5947
2020-09-15 00:37:08 +02:00
Daniel Stenberg
33bca7c9f6
docs/LICENSE-MIXING: remove
This document is not maintained and I feel that it doesn't provide much
value to users anymore (if it ever did).

Closes #5955
2020-09-11 23:36:27 +02:00
Daniel Stenberg
4ba275a46a
HISTORY: mention alt-svc added in 2019
... and make 1996 the first year subtitle
2020-09-10 17:39:15 +02:00
Daniel Stenberg
36f60494ae
curl_mime_headers.3: fix the example's use of curl_slist_append
Reported-by: sofaboss on github
Fixes #5942
Closes #5943
2020-09-08 22:51:16 +02:00
Daniel Stenberg
17fcdf6a31
lib: fix -Wassign-enum warnings
configure --enable-debug now enables -Wassign-enum with clang,
identifying several enum "abuses" also fixed.

Reported-by: Gisle Vanem
Bug: 879007f811 (commitcomment-42087553)

Closes #5929
2020-09-08 13:53:02 +02:00
Daniel Stenberg
d63b3908da
FAQ: refreshed some very old language 2020-09-07 17:08:07 +02:00
Daniel Stenberg
8ca54a03ea
test1541: remove since it is a known bug
A shared connection cache is not thread-safe is a known issue. Stop
testing this until we believe this issue is addressed. Reduces
occasional test failures we don't care about.

The test code in lib1541.c is left in git to allow us to restore it when
we get to fix this.

Closes #5922
2020-09-06 09:51:06 +02:00
Emil Engler
5dddc1dc7e
docs: add categories to all cmdline opts
Adapted gen.pl with 'listcats'

This commit is a part of "--help me if you can"

Closes #5680
2020-09-04 15:38:14 +02:00
Marc Hoersken
3e4b32a3e1
win32: drop support for WinSock version 1, require version 2
IPv6, telnet and now also the multi API require WinSock
version 2 which is available starting with Windows 95.

Therefore we think it is time to drop support for version 1.

Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Reviewed-by: Viktor Szakats

Follow up to #5634
Closes #5854
2020-09-02 16:30:39 +02:00
Daniel Stenberg
401d237b85
cmdline-opts/gen.pl: generate nicer "See Also" in curl.1
If there are more than two items in the list, use commas for all but the
last separator which is set to 'and'. Reads better.

Closes #5898
2020-09-01 11:36:41 +02:00
Daniel Stenberg
82149e70a5
curl.1: add see also no-progress-meter on two spots
Ref: #5894

Closes #5897
2020-09-01 10:04:46 +02:00
Daniel Stenberg
e37e446868
mqtt: enable by default
No longer considered experimental.

Closes #5858
2020-08-31 09:45:09 +02:00
Michael Baentsch
ede125b7b7
tls: add CURLOPT_SSL_EC_CURVES and --curves
Closes #5892
2020-08-30 17:24:04 +02:00
Marc Hoersken
61aab81c5c
docs: add description about CI platforms to CONTRIBUTE.md
Reviewed-by: Daniel Stenberg
Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro

Closes #5882
2020-08-29 21:39:13 +02:00
Daniel Stenberg
68a5132474
TLS: fix SRP detection by using the proper #ifdefs
USE_TLS_SRP will be true if *any* selected TLS backend can use SRP

HAVE_OPENSSL_SRP is defined when OpenSSL can use it

HAVE_GNUTLS_SRP is defined when GnuTLS can use it

Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
set if at least one of the supported backends offers SRP.

Reported-by: Stefan Strogin
Fixes #5865
Closes #5870
2020-08-28 14:13:05 +02:00
Dan Kenigsberg
c77f6fd1cb
docs: SSLCERTS: fix English syntax
Signed-off-by: Dan Kenigsberg <danken@redhat.com>

Closes #5876
2020-08-28 13:39:09 +02:00
Alessandro Ghedini
0ac310a825
docs: non-existing macros in man pages
As reported by man(1) when invoked as:

  man --warnings -E UTF-8 -l -Tutf8 -Z <file> >/dev/null

Closes #5846
2020-08-27 23:07:53 +02:00
Alessandro Ghedini
3165ea053b
curl.1: fix typo invokved -> invoked
Closes #5846
2020-08-27 23:07:39 +02:00
Daniel Stenberg
0da301a082
docs/libcurl: update "Added in" version for curl_easy_option*
Follow-up to 6ebe63fac2
2020-08-27 16:13:41 +02:00
Daniel Stenberg
ad691b191a
configure: added --disable-get-easy-options
To allow disabling of the curl_easy_option APIs in a build.

Closes #5365
2020-08-27 14:17:42 +02:00
Daniel Stenberg
6ebe63fac2
options: API for meta-data about easy options
const struct curl_easyoption *curl_easy_option_by_name(const char *name);

 const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);

 const struct curl_easyoption *
 curl_easy_option_next(const struct curl_easyoption *prev);

The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.

Assisted-by: Jeroen Ooms
Closes #5365
2020-08-27 14:17:36 +02:00
Eric Curtin
9ee5701f12
HTTP/3: update to OpenSSL_1_1_1g-quic-draft-29
Closes #5871
2020-08-27 14:15:25 +02:00
Daniel Stenberg
d854572ccc
socketpair: allow CURL_DISABLE_SOCKETPAIR
... to completely disable the use of socketpair

Closes #5850
2020-08-26 22:58:21 +02:00
Daniel Stenberg
3a9042ea14
docs: --output-dir is added in 7.73.0, nothing else
Follow-up to 5620d2cc78
2020-08-24 22:49:32 +02:00
Daniel Stenberg
5620d2cc78
curl: add --output-dir
Works with --create-dirs and with -J

Add test 3008, 3009, 3011, 3012 and 3013 to verify.

Closes #5637
2020-08-24 22:41:37 +02:00
Michael Musset
ebc6c54c74
sftp: add the option CURLKHSTAT_FINE_REPLACE
Replace the old fingerprint of the host with a new.

Closes #5685
2020-08-24 17:26:08 +02:00
Daniel Stenberg
4be1f8dc01
curl: support XDG_CONFIG_HOME to find .curlrc
Added test433 to verify. Updated documentation.

Reviewed-by: Jay Satiro
Suggested-by: Eli Schwartz
Fixes #5829
Closes #5837
2020-08-24 16:37:09 +02:00
COFFEETALES
fab5185275
sftp: add new quote commands 'atime' and 'mtime'
Closes #5810
2020-08-24 09:01:56 +02:00
Daniel Stenberg
88b1ca7cba
CURLE_PROXY: new error code
Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.

In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.

Closes #5770
2020-08-24 08:41:48 +02:00
Daniel Stenberg
712d16cbe0
KNOWN_BUGS: 'no_proxy' string-matches IPv6 numerical addreses
Also: the current behavior is now documented in the curl.1 and
CURLOPT_NOPROXY.3 man pages.

Reported-by: Andrew Barnes
Closes #5745
Closes #5841
2020-08-23 00:09:39 +02:00
Viktor Szakats
38039da764
Makefile.m32: add ability to override zstd libs [ci skip]
Similarly to brotli, where this was already possible.
E.g. it allows to link zstd statically to libcurl.dll.

Ref: https://github.com/curl/curl-for-win/issues/12
Ref: d9b266afd2

Closes https://github.com/curl/curl/pull/5840
2020-08-22 21:08:28 +00:00
Daniel Stenberg
6b60767bd8
TODO: Virtual external sockets
Closes #5835
2020-08-21 10:06:31 +02:00
Daniel Stenberg
b8d7857a12
THANKS: add names from curl 7.72.0 release 2020-08-19 09:37:27 +02:00
Jay Satiro
6332f65714 KNOWN_BUGS: Schannel TLS 1.2 handshake bug in old Windows versions
Reported-by: plujon@users.noreply.github.com

Closes https://github.com/curl/curl/issues/5488
2020-08-18 03:24:38 -04:00
Daniel Stenberg
687908c6e6
examples/rtsp.c: correct the copyright year 2020-08-17 10:44:39 +02:00
Daniel Stenberg
16e038b276
RELEASE-PROCEDURE.md: add more future release dates 2020-08-17 10:44:10 +02:00
H3RSKO
3d221409e2
docs: change "web site" to "website"
According to wikipedia:

 While "web site" was the original spelling, this variant has become
 rarely used, and "website" has become the standard spelling

Closes #5822
2020-08-17 00:14:18 +02:00
Daniel Stenberg
d491916a4a
docs: clarify MAX_SEND/RECV_SPEED functionality
... in particular what happens if the maximum speed limit is set to a
value that's smaller than the transfer buffer size in use.

Reported-by: Tomas Berger
Fixes #5788
Closes #5813
2020-08-15 00:22:05 +02:00
Emil Engler
9744614434
docs: Add video link to docs/CONTRIBUTE.md
Closes #5811
2020-08-14 10:25:13 +02:00
Daniel Stenberg
010fb9830b
copyright: update/correct the year range on a few files 2020-08-14 10:20:27 +02:00
Daniel Stenberg
cb8cf9d70f
KNOWN_BUGS: A shared connection cache is not thread-safe
Closes #4915
Closes #5802
2020-08-12 07:55:45 +02:00
Daniel Stenberg
c46339eca1
CONTRIBUTE: extend git commit message description
In particular how the first line works.

Closes #5803
2020-08-12 07:52:58 +02:00
Daniel Stenberg
2429f45a97
TLS naming: fix more Winssl and Darwinssl leftovers
The CMake option is now called CMAKE_USE_SCHANNEL

The winbuild flag is USE_SCHANNEL

The CI jobs and build scripts only use the new names and the new name
options

Tests now require 'Schannel' (when necessary)

Closes #5795
2020-08-08 00:19:21 +02:00
Daniel Stenberg
ca222824f3
curl.1: add a few missing valid exit codes
93 - 96 can be returned as well.

Closes #5777
2020-08-04 16:34:54 +02:00
Daniel Stenberg
532dfa3bc0
TODO: Use multiple parallel transfers for a single download
Closes #5774
2020-08-04 16:14:41 +02:00
Daniel Stenberg
28f22a9524
TODO: Set the modification date on an uploaded file
Closes #5768
2020-08-04 16:09:08 +02:00
Daniel Stenberg
dfa4863792
tlsv1.3.d. only for TLS-using connections
... and rephrase that "not all" TLS backends support it.

Closes #5764
2020-08-02 23:24:32 +02:00
Daniel Stenberg
5ad8d3af48
tls-max.d: this option is only for TLS-using connections
Ref: #5763
Closes #5764
2020-08-02 23:24:31 +02:00
Daniel Stenberg
faeec840f3
checksrc: invoke script with -D to find .checksrc proper
Without the -D command line option, checksrc.pl won't know which
directory to load the ".checksrc" file from when building out of the
source tree.

Reported-by: Marcel Raad
Fixes #5715
Closes #5755
2020-08-01 10:47:55 +02:00
Jay Satiro
40909c405b TODO: Schannel: 'Add option to allow abrupt server closure'
We should offer an option to allow abrupt server closures (server closes
SSL transfer without sending a known termination point such as length of
transfer or close_notify alert). Abrupt server closures are usually
because of misconfigured or very old servers.

Closes https://github.com/curl/curl/issues/4427
2020-07-30 12:25:05 -04:00
divinity76
be6d2f3418
docs: add date of 7.20 to CURLM_CALL_MULTI_PERFORM mentions
it helps make it obvious that most developers don't have to care about
the CURLM_CALL_MULTI_PERFORM value (last release using it is nearly 11
years old, November 4 2009)

Closes #5744
2020-07-30 00:02:24 +02:00
Daniel Stenberg
2f72ad44fc
checksrc: ban gmtime/localtime
They're not thread-safe so they should not be used in libcurl code.

Explictly enabled when deemed necessary and in examples and tests

Reviewed-by: Nicolas Sterchele
Closes #5732
2020-07-28 23:51:17 +02:00
Daniel Stenberg
34e5ad21d2
CURLOPT_NOBODY.3: fix the syntax for referring to options
As test 1140 fails otherwise!

Follow-up to e1bac81cc8
2020-07-27 23:59:00 +02:00
Daniel Stenberg
e1bac81cc8
CURLOPT_NOBODY.3: clarify what setting to 0 means
... and mention that HTTP with other methods than HEAD might get a body and
there's no option available to stop that.

Closes #5729
2020-07-27 19:34:53 +02:00
Alessandro Ghedini
d10cd52406
travis: update quiche builds for new boringssl layout
This is required after https://github.com/cloudflare/quiche/pull/593
moved BoringSSL around slightly.

This also means that Go is not needed to build BoringSSL anymore (the
one provided by quiche anyway).

Closes #5691
2020-07-18 12:35:21 +02:00
Daniel Stenberg
d5814c0af0
page-header: provide protocol details in the curl.1 man page
Add protocol and version specific information about all protocols curl
supports.

Fixes #5679
Reported-by: tbugfinder on github
Closes #5686
2020-07-16 23:54:26 +02:00
Daniel Gustafsson
f0a6ea21b3 docs: Update a few leftover mentions of DarwinSSL
Commit 76a9c3c4be renamed DarwinSSL to the
more correct/common name Secure Transport, but a few mentions in the docs
remained.

Closes #5688
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2020-07-16 10:11:10 +02:00
Daniel Stenberg
954cd3eb48
CURL_PUSH_ERROROUT: allow the push callback to fail the parent stream
... by adding support for a new dedicated return code.

Suggested-by: Jonathan Cardoso
Assisted-by: Erik Johansson
URL: https://curl.haxx.se/mail/lib-2020-06/0099.html
Closes #5636
2020-07-16 00:24:29 +02:00
Daniel Stenberg
f5e6907d52
curl: add %{method} to the -w variables
Gets the CURLINFO_EFFECTIVE_METHOD from libcurl.

Added test 1197 to verify.
2020-07-14 17:53:45 +02:00
Daniel Stenberg
d75e3ab74c
CURLINFO_EFFECTIVE_METHOD: added
Provide the HTTP method that was used on the latest request, which might
be relevant for users when there was one or more redirects involved.

Closes #5511
2020-07-14 17:53:45 +02:00
Viktor Szakats
8fa3f7809a
windows: add unicode to feature list
Reviewed-by: Marcel Raad
Reviewed-by: Marc Hörsken

Closes #5491
2020-07-14 08:30:17 +00:00
Gilles Vollant
e13357b14b
content_encoding: add zstd decoding support
include zstd curl patch for Makefile.m32 from vszakats
and include Add CMake support for zstd from Peter Wu

Helped-by: Viktor Szakats
Helped-by: Peter Wu
Closes #5453
2020-07-12 18:11:37 +02:00
Filip Salomonsson
963d17add2 CURLINFO_CERTINFO.3: fix typo
Closes https://github.com/curl/curl/pull/5655
2020-07-06 01:58:14 -04:00
Daniel Stenberg
54f21be2e3
curl_version_info.3: CURL_VERSION_KERBEROS4 is deprecated
This came up in #5640. It make sense to clarify this in the docs!

Reminded-by: Kamil Dudka
Closes #5642
2020-07-03 00:15:51 +02:00
Daniel Stenberg
a6f45c3b75
THANKS: add contributors to 7.71.1 2020-06-30 15:30:38 +02:00
Daniel Stenberg
ea6b812b73
TODO: Add flag to specify download directory 2020-06-29 23:53:27 +02:00
Daniel Stenberg
42320a7120
TODO: return code to CURLMOPT_PUSHFUNCTION to fail connection 2020-06-29 23:50:44 +02:00
Daniel Stenberg
600db1e706
examples/multithread.c: call curl_global_cleanup()
Reported-by: qiandu2006 on github
Fixes #5622
Closes #5623
2020-06-29 14:52:56 +02:00
Daniel Stenberg
032e838b73
terminology: call them null-terminated strings
Updated terminology in docs, comments and phrases to refer to C strings
as "null-terminated". Done to unify with how most other C oriented docs
refer of them and what users in general seem to prefer (based on a
single highly unscientific poll on twitter).

Reported-by: coinhubs on github
Fixes #5598
Closes #5608
2020-06-28 00:31:24 +02:00
Daniel Stenberg
43f7ffb6c4
CURLOPT_READFUNCTION.3: provide the upload data size up front
Assisted-by: Jay Satiro
Closes #5607
2020-06-26 15:12:21 +02:00
Denis Baručić
923296dc1c
DYNBUF.md: fix a typo: trail => tail
Closes #5599
2020-06-24 11:33:02 +02:00
Daniel Stenberg
cc9144b1f3
THANKS: curl 7.71.0 additions 2020-06-23 23:41:49 +02:00
Jay Satiro
abbc5d6044 openssl: Don't ignore CA paths when using Windows CA store
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.

The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.

Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
2020-06-22 15:31:38 -04:00
Daniel Stenberg
0f55269aff
copyright: update mismatched copyright years 2020-06-22 11:55:34 +02:00
Daniel Stenberg
477a4e31d7
manpage: add three missing environment variables
CURL_SSL_BACKEND, QLOGDIR and SSLKEYLOGFILE

Closes #5571
2020-06-17 00:03:07 +02:00
Daniel Stenberg
350a99b21f
CODE_REVIEW.md: how to do code reviews in curl
Assisted-by: Daniel Gustafsson
Assisted-by: Rich Salz
Assisted-by: Hugo van Kemenade
Assisted-by: James Fuller
Assisted-by: Marc Hörsken
Assisted-by: Jay Satiro

Closes #5555
2020-06-13 22:16:58 +02:00
Daniel Stenberg
17f2dcf6b2
version.d: expanded and alpha-sorted
Added a few missing features not previously mentioned. Ordered them
alphabetically.

Closes #5558
2020-06-12 17:08:27 +02:00
Daniel Stenberg
2a0269589a
ABI.md: rename to .md and polish the markdown
Closes #5562
2020-06-12 17:05:21 +02:00
Daniel Stenberg
bc392074d2
HELP-US: add a section for "smaller tasks"
The point of this section is to meet the CII Best Practices gold level
critera:

 "The project MUST clearly identify small tasks that can be performed by
  new or casual contributors"

Closes #5560
2020-06-12 15:22:58 +02:00
Daniel Stenberg
95f2732e75
TODO: retry on the redirected-to URL
Closes #5462
2020-06-12 14:43:27 +02:00
Sterchele Nicolas
d5bf9f94e2
TODO: remove 19.3 section title
Follow-up to ad64169867, which caused wrong formatting on
curl documentation website

Closes #5561
2020-06-12 13:36:15 +02:00
Daniel Stenberg
eab2f95c0d
wording: avoid blacklist/whitelist stereotypes
Instead of discussing if there's value or meaning (implied or not) in
the colors, let's use words without the same possibly negative
associations.

Closes #5546
2020-06-10 08:49:17 +02:00
Adnan Khan
3bde2e3f78
HTTP3.md: clarify cargo build directory
Cargo needs to be called from within the 'quiche' directory.

Closes #5522
2020-06-05 18:00:36 +02:00
Daniel Stenberg
95a6580409
user-agent.d: spell out what happens given a blank argument
Closes #5525
2020-06-05 17:59:19 +02:00
Daniel Stenberg
a00668d296
CURLINFO_ACTIVESOCKET.3: clarify the description
Reported-by: Jay Satiro
Fixes #5299
Closes #5520
2020-06-05 08:50:48 +02:00
Daniel Stenberg
c048dd0b7c
KNOWN_BUGS: RTSP authentication breaks without redirect support
Closes #4750
2020-06-04 10:40:32 +02:00
Radoslav Georgiev
abfd154efd
examples/http2-down/upload: add error checks
If `index.html` does not exist in the directory from which the example
is invoked, the fopen(upload, "rb") invocation in `setup` would fail,
returning NULL.  This value is subsequently passed as the FILE* argument
of the `fread` invocation in the `read_callback` function, which is the
actual cause of the crash (apparently `fread` assumes that argument to
be non-null).

In addition, mitigate some possible crashes of similar origin.

Closes #5463
2020-06-02 00:14:08 +02:00
kotoriのねこ
066b303231
examples/ephiperfifo: turn off interval when setting timerfd
Reported-by: therealhirudo on github
Fixes #5485
Closes #5497
2020-06-02 00:11:38 +02:00
Daniel Stenberg
155551c446
urldata: fix comments: Curl_done() is called multi_done() now
... since 575e885db
2020-05-28 10:13:39 +02:00
Viktor Szakats
308c243db5
all: fix codespell errors
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Closes https://github.com/curl/curl/pull/5452
2020-05-25 19:44:04 +00:00
Gilles Vollant
7f40633422
setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency
Closes #5431
2020-05-23 23:19:13 +02:00
Peter Wu
421171a8d4 travis: simplify quiche build instructions wrt boringssl
quiche builds boringssl as static library, reuse that instead of
building another shared library.

Closes #5438
2020-05-22 21:10:07 +02:00
Daniel Stenberg
6c889a0dd1
TODO: --dry-run
Closes #5426
2020-05-19 09:46:50 +02:00
Daniel Stenberg
39177b8ef9
TODO: Ratelimit or wait between serial requests
Closes #5406
2020-05-19 09:42:11 +02:00
Daniel Stenberg
5646e563ae
TODO: forbid TLS post-handshake auth and do TLS record padding
Closes #5396
Closes #5398
2020-05-18 17:59:18 +02:00
Daniel Stenberg
3df42ca949
dynbuf: return NULL when there's no buffer length
... as returning a "" is not a good idea as the string is supposed to be
allocated and returning a const string will cause issues.

Reported-by: Brian Carpenter
Follow-up to ed35d6590e
Closes #5405
2020-05-17 23:20:56 +02:00
Peter Wu
a158a09166 CMake: add libssh build support
Closes #5372
2020-05-15 21:58:12 +02:00
Daniel Stenberg
a384e870bc
KNOWN_BUGS: wolfssh: publickey auth doesn't work
Closes #4820
2020-05-15 17:01:32 +02:00
Daniel Stenberg
938228dda2
KNOWN_BUGS: OS400 port requires deprecated IBM library
Closes #5176
2020-05-15 16:58:45 +02:00
Gilles Vollant
cac5374298
setopt: support certificate options in memory with struct curl_blob
This change introduces a generic way to provide binary data in setopt
options, called BLOBs.

This change introduces these new setopts:

CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.

Reviewed-by: Daniel Stenberg
Closes #5357
2020-05-15 13:03:59 +02:00
Daniel Stenberg
8df455479f
source cleanup: remove all custom typedef structs
- Stick to a single unified way to use structs
 - Make checksrc complain on 'typedef struct {'
 - Allow them in tests, public headers and examples

 - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
   typedef different types/structs depending on build conditions.

Closes #5338
2020-05-15 08:54:42 +02:00
Marcel Raad
aa6cf7f3b6
KNOWN_BUGS: adapt 5.5 to recent changes
It only applies to non-Unicode builds now.
Also merge 5.10 into it as it's effectively a duplicate.

Closes https://github.com/curl/curl/pull/3784
2020-05-14 18:13:38 +02:00
Jay Satiro
f9983a6f9e curl.1: Quote globbed URLs
- Quote the globbing example URLs that contain characters [] {} since
  otherwise they may be interpreted as shell metacharacters.

Bug: https://github.com/curl/curl/issues/5388
Reported-by: John Simpson

Closes https://github.com/curl/curl/pull/5394
2020-05-13 18:24:34 -04:00
Daniel Stenberg
66b0775763
checksrc: enhance the ASTERISKSPACE and update code accordingly
Fine: "struct hello *world"

Not fine: "struct hello* world" (and variations)

Closes #5386
2020-05-14 00:02:05 +02:00
Daniel Stenberg
f3f5d82e28
docs/options-in-versions: which version added each cmdline option
Added test 971 to verify that the list is in sync with the files in
cmdline-opts. The check also verifies that .d-files that uses Added:
specify the same version number as the options-in-versions file does.

Closes #5381
2020-05-13 23:58:36 +02:00
Daniel Stenberg
72b1aaf9da
docs: unify protocol lists
We boast support for 25 transfer protocols. Make sure the lists are
consistent

Closes #5384
2020-05-13 16:51:19 +02:00
Daniel Stenberg
81a54b12c6
OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN
... to avoid an OpenSSL bug that otherwise makes the CRL check to fail.

Reported-by: Michael Kaufmann
Fixes #5374
Closes #5376
2020-05-13 16:39:36 +02:00
Daniel Stenberg
9242bee3fe
tls13-ciphers.d: shorten the Arg 2020-05-13 16:37:29 +02:00
Daniel Stenberg
63b524c4ec
sasl-authzid.d: add Arg: and shorten the desc 2020-05-13 16:37:28 +02:00
Daniel Stenberg
16d8ff77a1
cert-type.d: mention the available types in the desc 2020-05-13 16:37:28 +02:00
Daniel Stenberg
cd35371163
tool: shorten 3 --help descriptions
--happy-eyeballs-timeout-ms, --resolve and --ssl-revoke-best-effort

gen.pl already warned about these lines but we didn't listen

Closes #5379
2020-05-13 16:37:22 +02:00
Daniel Stenberg
3ff89286a9
list-only.d: this option existed already in 4.0 2020-05-12 13:25:47 +02:00
Jay Satiro
79d60a9282 retry-all-errors.d: Shorten the summary line
Follow-up to b995bb5 from a few moments ago.

Reported-by: Daniel Stenberg

Ref: https://github.com/curl/curl/commit/b995bb5#r39108929
2020-05-12 03:12:55 -04:00
Jay Satiro
b995bb58cb tool: Add option --retry-all-errors to retry on any error
The "sledgehammer" of retrying.

Closes https://github.com/curl/curl/pull/5185
2020-05-12 03:00:15 -04:00
Peter Wu
ad64169867
CMake: fix runtests.pl with CMake, add new test targets
* runtests.pl:
    - Fix out-of-tree build under CMake when srcdir is not set. Default
      srcdir to the location of runtests.pl.
    - Add a hack to allow CMake to use the TFLAGS option as documented
      in tests/README and used in scripts/travis/script.sh.
  * Bump CMake version to 3.2 for USES_TERMINAL, dropping Debian Jessie
    support (no one should care, it is already EOL.).
  * Remove CTest since it defines its own 'test' target with no tests
    since all unittests are already broken and not built by default.
  * Add new test targets based on the options from Makefile.am. Since
    new test targets are rarely added, I opted for duplicating the
    runtests.pl options as opposed to creating a new Makefile.inc file.
    Use top-level target names (test-x) instead of x-test since that is
    used by CI and others.

Closes #5358
2020-05-12 08:50:17 +02:00
Daniel Stenberg
743e9c234b write-out.d: added "response_code" 2020-05-11 17:47:01 +02:00
Daniel Stenberg
4b88ac71f2
KNOWN_BUGS: Build with staticly built dependency
I rewrote the item 5.4 to be more generic about static dependencies.
2020-05-11 11:24:33 +02:00
Daniel Stenberg
eed30a3101
ROADMAP: remove old entries
MQTT - the start has already landed

tiny-curl - also mostly landed and is a continuous work

make menuconfig - basically no interest from users, not pushing there
2020-05-11 10:12:04 +02:00
Marc Hoersken
8329775abb
TODO: update regarding missing Schannel features
Some aspects have already been implemented over the years.

15.1 Client certificates are now supported:

- System stores via e35b0256eb
- PKCS#12 files via 0fdf965126

15.2 Ciphers can now be specified through:

- Algorithms via 9aefbff30d

Reviewed-by: Daniel Stenberg and Marcel Raad
Closes #5358
2020-05-09 12:23:59 +02:00
Gilles Vollant
148534db57
CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl)
Closes #4346
2020-05-08 15:55:04 +02:00
Daniel Stenberg
76b9e8de7b
TODO: native IDN support on macOS 2020-05-08 11:46:05 +02:00
Daniel Stenberg
11e4ac8291
THANKS-filter: Peter Wang 2020-05-08 08:39:17 +02:00
Daniel Stenberg
ace6ae4d0e
docs/HTTP3: add qlog to the quiche build instruction 2020-05-07 17:40:01 +02:00
Daniel Stenberg
18815aa670
ngtcp2: convert to dynbuf
Closes #5335
2020-05-04 14:57:57 +02:00
Daniel Stenberg
ed35d6590e
dynbuf: introduce internal generic dynamic buffer functions
A common set of functions instead of many separate implementations for
creating buffers that can grow when appending data to them. Existing
functionality has been ported over.

In my early basic testing, the total number of allocations seem at
roughly the same amount as before, possibly a few less.

See docs/DYNBUF.md for a description of the API.

Closes #5300
2020-05-04 10:40:39 +02:00
Emil Engler
f7ab488570
doc: Rename VERSIONS to VERSIONS.md as it already has Markdown syntax
Closes #5325
2020-05-02 23:45:09 +02:00
Daniel Stenberg
9d47ff5323
examples: remove asiohiper.cpp
This example has repeatedly been reported to contain bugs, and as users
copy and paste code from this into production, I now deem it better to
not provide the example at all.

Closes #5090
Closes #5322
2020-05-02 12:29:58 +02:00
Emil Engler
6540cbbc75
doc: add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3
Closes #5320
2020-05-02 12:03:20 +02:00
Emil Engler
8cf8b293a1
KNOWN_BUGS: Remove "curl --upload-file . hang if delay in STDIN"
It was fixed in 9a2cbf3

Closes #5319
2020-05-02 12:02:13 +02:00
Emil Engler
42d8d9a7e8
GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
Closes #5287
2020-04-30 14:40:54 +02:00
Daniel Stenberg
c5d8629553
THANKS: synced with the 7.70.0 release 2020-04-29 08:02:29 +02:00
Daniel Stenberg
b7135f58f5
copyright updates: adjust year ranges 2020-04-26 23:59:22 +02:00
Yuri Slobodyanyuk
4298b97020
docs: fix two typos
Closes #5292
2020-04-25 00:50:00 +02:00
i-ky
b1b9692614
libcurl-multi.3: added missing full stop
Closes #5285
2020-04-23 13:57:53 +02:00
Emil Engler
2d137dedb3
GnuTLS: Don't skip really long certificate fields
Closes #5271
2020-04-21 08:10:55 +02:00
Daniel Stenberg
0891fe7ade
gnutls: bump lowest supported version to 3.1.10
GnuTLS 3.1.10 added new functions we want to use. That version was
released on Mar 22, 2013. Removing support for older versions also
greatly simplifies the code.

Ref: #5271
Closes #5276
2020-04-21 08:09:41 +02:00
Tom
207a6cbb90 src: Remove C99 constructs to ensure C89 compliance
This fixes the error: 'for' loop initial declaration used outside C99
mode by declaring the loop increment variable in the beginning of the
block instead of inside the for loop.

Fixes #5254
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
2020-04-19 21:56:52 +02:00
JP Mens
19ec94d944
docs/MQTT: replace confusing 80 by 75
I was a bit surprised by the `80`: first thought: what's HTTP doing
here? ;)

Closes #5236
2020-04-14 23:08:43 +02:00
Jay Satiro
42e18528f6 KNOWN_BUGS: Add entry 'Blocking socket operations'
- Add threaded resolver cleanup and GSSAPI for FTP to the TODO list of
  known blocking operations.

- New known bugs entry 'Blocking socket operations in non-blocking API'
  that directs to the TODO's list of known blocking operations.

Ref: https://github.com/curl/curl/pull/5214#issuecomment-612488021

Reported-by: Marc Hoersken

Closes https://github.com/curl/curl/pull/5216
2020-04-14 14:46:13 -04:00
Bjorn Stenberg
2522903b79
mqtt: add new experimental protocol
Closes #5173
2020-04-14 13:03:40 +02:00
Daniel Stenberg
8909865191
TODO: Consider convenience options for JSON and XML?
Closes #5203
2020-04-14 08:58:38 +02:00
Daniel Stenberg
b9a0804ad1
compressed.d: stress that the headers are not modified
Suggested-by: Michael Osipov
Assisted-by: Jay Satiro
Bug: https://github.com/curl/curl/issues/5182#issuecomment-611638008
Closes #5217
2020-04-12 11:02:24 +02:00
Daniel Stenberg
946a71a14f
CURLOPT_WRITEFUNCTION.3: add inline example and new see-also
Closes #5192
2020-04-07 00:07:49 +02:00
Daniel Stenberg
fef4334091
cleanup: correct copyright year range on a few files 2020-04-06 23:21:52 +02:00
Daniel Stenberg
920dfacbf4
TODO: Option to make -Z merge lined based outputs on stdout
Closes #5175
2020-04-06 00:05:42 +02:00
Daniel Stenberg
62f5e3887d
KNOWN_BUGS: fixed "USE_UNIX_SOCKETS on Windows"
Fixed with #5170 (commit 23a870f2fd)
2020-04-05 11:24:01 +02:00
Kwon-Young Choi
54ecc11cc4
CURLINFO_CONDITION_UNMET: return true for 304 http status code
In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the
output file if the server did not transfered a file based on time
condition. In the same manner, getting a 304 HTTP response back from the
server, for example after passing a custom If-Match-* header, also
fulfill this condition.

Fixes #5181
Closes #5183
2020-04-05 11:13:49 +02:00
Daniel Stenberg
0c511b44ff
KNOWN_BUGS: Store TLS context per transfer instead of per connection
Closes #5102
2020-04-04 00:02:05 +02:00
Daniel Stenberg
a67b7bdda0
RELEASE-PROCEDURE.md: run the copyright.pl script! 2020-03-31 14:50:15 +02:00
Daiki Ueno
0736ee73d3
vquic: add support for GnuTLS backend of ngtcp2
Currently, the TLS backend used by vquic/ngtcp2.c is selected at compile
time. Therefore OpenSSL support needs to be explicitly disabled.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
Closes #5148
2020-03-31 14:39:00 +02:00
Gisle Vanem
e37dc71eae
examples/sessioninfo.c: add include to fix compiler warning
Fixes #5171
2020-03-31 14:32:29 +02:00
Daniel Stenberg
c79e428940
output.d: quote the URL when globbing
Some shells do globbing of their own unless the URL is quoted, so maybe
encourage this.

Co-authored-by: Jay Satiro
Closes #5160
2020-03-30 08:46:08 +02:00
Daniel Stenberg
93fafb93db
curl.h: remnove CURL_VERSION_ESNI. Never supported nor documented
Considered experimental and therefore we can do this.

Closes #5157
2020-03-29 23:28:49 +02:00
Daniel Stenberg
96a617b140
KNOWN_BUGS: DoH doesn't inherit all transfer options
Closes #4578
Closes #4579
2020-03-28 23:09:45 +01:00
Daniel Stenberg
34696ab5a5
KNOWN_BUGS: DoH leaks memory after followlocation
Closes #4592
2020-03-28 23:08:41 +01:00
Daniel Stenberg
6be2804cdc
KNOWN_BUGS: "FTPS needs session reuse"
Closes #4654
2020-03-28 23:04:14 +01:00
Daniel Stenberg
bbe476d58c
KNOWN_BUGS: "stick to same family over SOCKS pro" is presumed fixed 2020-03-28 23:02:03 +01:00
Daniel Stenberg
37b6cc2fe1
TODO: Set custom client ip when using haproxy protocol
Closes #5125
2020-03-28 22:58:50 +01:00
Daniel Stenberg
6de756c9b1
version: add 'cainfo' and 'capath' to version info struct
Suggested-by: Timothe Litt
URL: https://curl.haxx.se/mail/lib-2020-03/0090.html
Reviewed-by: Jay Satiro

Closes #5150
2020-03-27 09:04:27 +01:00
Jay Satiro
0d0537aeae SSLCERTS.md: Fix example code for setting CA cert file
Prior to this change the documentation erroneously said use
CURLOPT_CAPATH to set a CA cert file.

Bug: https://curl.haxx.se/mail/lib-2020-03/0121.html
Reported-by: Timothe Litt

Closes https://github.com/curl/curl/pull/5151
2020-03-26 18:46:15 -04:00
Daniel Stenberg
361d4f3fdc
docs/make: generate curl.1 from listed files only
Previously it rendered the page from files matching "*.d" in the correct
directory, which worked fine in git builds when the files were added but
made it easy to forget adding the files to the dist.

Now, only man page sections listed in DPAGES in Makefile.inc will be
used, thus "forcing" us to update this to get the man page right and get
it included in the dist at the same time.

Ref: #5146
Closes #5149
2020-03-26 13:25:59 +01:00
Daniel Stenberg
35318218b8
dist: add mail-rcpt-allowfails.d to the tarball
Reported-by: Maksim Stsepanenka
Reviewed-by: Jat Satiro

Closes #5146
2020-03-25 23:20:04 +01:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Clément Notin
12144fdda8
nghttp2: 1.12.0 required
since nghttp2_session_set_local_window_size is needed

Closes #5140
2020-03-23 22:22:22 +01:00
Daniel Stenberg
4b355dd13b
TODO: Use "random" ports for the test servers 2020-03-22 23:30:09 +01:00
Johannes Schindelin
5450428491 schannel: add "best effort" revocation check option
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
2020-03-18 03:23:39 -04:00
Jay Satiro
a268ad5d7e multi: Improve parameter check for curl_multi_remove_handle
- If an easy handle is owned by a multi different from the one specified
  then return CURLM_BAD_EASY_HANDLE.

Prior to this change I assume user error could cause corruption.

Closes https://github.com/curl/curl/pull/5116
2020-03-18 02:58:42 -04:00
Mathias Gumz
04c03416e6
writeout: support to generate JSON output
This commit adds support to generate JSON via the writeout feature:

    -w "%{json}"

It leverages the existing infrastructure as much as possible. Thus,
generating the JSON on STDERR is possible by:

    -w "%{stderr}%{json}"

This implements a variant of
https://github.com/curl/curl/wiki/JSON#--write-out-json.

Closes #4870
2020-03-17 15:01:28 +01:00
Daniel Stenberg
51fde33747
TODO: TLS-PSK with OpenSSL
Closes #5081
2020-03-15 11:34:14 +01:00
Jay Satiro
67f3f6cff1 Makefile.m32: Improve windres parameter compatibility
- s/COFF/coff/

Some versions of windres do not recognize uppercase COFF as a valid
way to specify the COFF output format.

Reported-by: Steven Penny

Fixes https://github.com/curl/curl/issues/5099
Closes https://github.com/curl/curl/pull/5101
2020-03-14 19:08:17 -04:00
Daniel Stenberg
0845ecbb6d
docs: add warnings about FILE: URLs on Windows
- --url man page section
 - libcurl-security.3 gets the full text
 - CURLOPT_URL.3

Reported-by: Tim Sedlmeyer
2020-03-13 16:56:41 +01:00
Daniel Stenberg
2d47224e1c
THANKS: from the 7.69.1 release 2020-03-11 00:36:17 +01:00
Jay Satiro
485d4470d3 curl_share_setopt.3: Note sharing cookies doesn't enable the engine
Follow-up to d0a7ee3 which fixed a bug in 7.66.0 that caused
CURL_LOCK_DATA_COOKIE to enable the easy handle's cookie engine.

Bug: https://curl.haxx.se/mail/lib-2020-03/0019.html
Reported-by: Felipe Gasper

Closes https://github.com/curl/curl/pull/5048
2020-03-06 02:57:17 -05:00
Daniel Stenberg
a52a1a05fb
MANUAL: update a dict-using command line
The 'web1913' database is now invalid, use 'gcide' instead.
2020-03-05 14:30:13 +01:00
Daniel Stenberg
beea6f8bed
KNOWN_BUGS: configure --with-gssapi with Heimdal is ignored on macOS
Closes #3841
2020-03-05 14:27:14 +01:00
Daniel Stenberg
52d302ed64
polarssl: remove more references and mentions
Assisted-by: Jay Satiro
Follow-up to 6357a19ff2
Closes #5036
2020-03-05 07:57:45 +01:00
Daniel Stenberg
b44f18f1f1
THANKS: from 7.69.0
Now sorted case insensitive
2020-03-04 07:31:59 +01:00
Jay Satiro
256a29361f curl_escape.3: Add a link to curl_free
Ref: https://github.com/curl/curl/pull/5016#issuecomment-593628582
2020-03-02 18:16:24 -05:00
Jay Satiro
1722eb83b4 curl_getenv.3: Fix the memory handling description
- Tell the user to call curl_free() to free the pointer returned by
  curl_getenv().

Prior to this change the user was directed to call free(), but that
would not work in cases where the library and application use separate C
runtimes and therefore have separate heap memory management.

Closes https://github.com/curl/curl/pull/5016
2020-03-02 18:16:23 -05:00
Daniel Stenberg
ff3b1f4860
altsvc: both h3 backends now speak h3-27
... also updated the HTTP3 build description for ngtcp2 accordingly.
2020-03-02 00:07:37 +01:00
Jonathan Cardoso Machado
5b46790f11
docs: fix typo on CURLINFO_RETRY_AFTER - alwaus -> always
Reviewed-by: Steve Holme
Closes #5005
2020-02-29 21:14:26 +00:00
Daniel Stenberg
0e06c1637b
TODO: curl --proxycommand
Suggested-by: Kristian Mide
Closes #4941
2020-02-29 00:11:03 +01:00
Daniel Stenberg
5808a0d0f5
http2: now require nghttp2 >= 1.12.0
To simplify our code and since earlier versions lack important function
calls libcurl needs to function correctly.

nghttp2 1.12.0 was relased on June 26, 2016.

Closes #4961
2020-02-21 16:54:47 +01:00
Daniel Stenberg
67d26a361a
HTTP-COOKIES: mention that a trailing newline is required
... so that we know we got the whole and not a partial line.

Also, changed the formatting of the fields away from a table again since
the table format requires a github-markdown tool version that we don't
run on the web server atm.

Reported-by: Sunny Bean
Fixes #4946
Closes #4947
2020-02-19 08:04:35 +01:00
Daniel Stenberg
d79ee4ae32
CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
to be in sync with the description above

Reported-by: Joonas Kuorilehto
Fixes #4943
Closes #4945
2020-02-18 09:19:39 +01:00
Daniel Stenberg
0ae578ac92
docs/GOVERNANCE: refreshed + added "donations" and "commercial support" 2020-02-18 09:18:28 +01:00
Daniel Stenberg
4a4b63daaa
socks: make the connect phase non-blocking
Removes two entries from KNOWN_BUGS.

Closes #4907
2020-02-17 00:08:48 +01:00
Jay Satiro
03564deba2 CURLINFO_COOKIELIST.3: Fix example
Prior to this change the example would try to import cookies from stdin,
which wasn't what was intended.

Reported-by: 3dyd@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4930
2020-02-15 18:17:31 -05:00
Daniel Stenberg
b26c92fbf0
TODO: Paged searches on LDAP server
Closes #4452
2020-02-14 23:05:38 +01:00
Daniel Stenberg
95d628e13e
TODO: CURLOPT_SSL_CTX_FUNCTION for LDAPS
Closes #4108
2020-02-14 23:03:21 +01:00
Daniel Stenberg
d78672b5b4
create-dirs.d: mention the mode
Reported-by: Dan Jacobson
Fixes #4766
Closes #4916
2020-02-12 22:30:45 +01:00
Daniel Stenberg
8957e6e4ed
CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
Assisted-by: Jay Satiro
Reported-by: Craig Andrews
Fixes #4909
Closes #4910
2020-02-11 22:37:02 +01:00
Daniel Stenberg
02f8de6516
altsvc: keep a copy of the file name to survive handle reset
The alt-svc cache survives a call to curl_easy_reset fine, but the file
name to use for saving the cache was cleared. Now the alt-svc cache has
a copy of the file name to survive handle resets.

Added test 1908 to verify.

Reported-by: Craig Andrews
Fixes #4898
Closes #4902
2020-02-09 22:41:49 +01:00
Daniel Stenberg
faaa63f323
docs/HTTP3: add --enable-alt-svc to curl's configure 2020-02-05 00:25:12 +01:00
Daniel Stenberg
1fa83b2680
RELEASE-PROCEDURE: feature win is closed post-release a few days
We've tried to uphold this already but let's make it official by
publicly stating this is the way we do it.

Closes #4877
2020-02-04 22:29:56 +01:00
Daniel Stenberg
9c27386ef0
docs/HTTP3: update the OpenSSL branch to use for ngtcp2
Reported-by: James Fuller
2020-02-04 15:05:57 +01:00
Pedro Monreal
4b6fd29f1a cleanup: fix typos and wording in docs and comments
Closes #4869
Reviewed-by: Emil Engler and Daniel Gustafsson
2020-02-02 18:43:01 +01:00
Daniel Stenberg
0a7b7a9d40
KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header 2020-01-29 07:57:42 +01:00
Daniel Stenberg
d3e5311f6c
oauth2-bearer.d: works for HTTP too
Reported-by: Mischa Salle
Bug: https://curl.haxx.se/mail/lib-2020-01/0070.html
Closes #4862
2020-01-29 07:50:44 +01:00
Daniel Stenberg
8b7fff3311
location.d: the method change is from POST to GET only
Not from generic non-GET to GET.

Reported-by: Andrius Merkys
Ref: #4859
Closes #4861
2020-01-28 12:58:33 +01:00
Daniel Stenberg
8bd863f97b
curl.h: define CURL_WIN32 on windows
... so that the subsequent logic below can use a single known define to know
when built on Windows (as we don't define WIN32 anymore).

Follow-up to 1adebe7886

Reported-by: crazydef on github
Assisted-by: Marcel Raad
Fixes #4854
Closes #4855
2020-01-27 13:02:28 +01:00
Daniel Stenberg
1ad49feb71
global_init: assume the EINTR bit by default
- Removed from global_init since it isn't thread-safe. The symbol will
  still remain to not break compiles, it just won't have any effect going
  forward.

- make the internals NOT loop on EINTR (the opposite from previously).
  It only risks returning from the select/poll/wait functions early, and that
  should be risk-free.

Closes #4840
2020-01-26 18:27:18 +01:00
Aron Rotteveel
1c532870ed
form.d: fix two minor typos
Closes #4843
2020-01-23 09:28:05 +01:00
Jay Satiro
5e2ad2d015 CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3.

Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the
CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-23 02:51:52 -05:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
Daniel Stenberg
81e1b1ec23
data.d: remove "Multiple files can also be specified"
It is superfluous and could even be misleading.

Bug: https://curl.haxx.se/mail/archive-2020-01/0016.html
Reported-by: Mike Norton
Closes #4832
2020-01-21 08:39:48 +01:00
加藤郁之
7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00