Daniel Stenberg
9c05701bed
SECURITY.md: call it the security process
2018-03-11 23:40:24 +01:00
Daniel Stenberg
8b754c430b
SECURITY: distros' max embargo time is 14 days now
2018-03-09 21:42:36 +01:00
Daniel Stenberg
b2afc36da1
THANKS + mailmap: remove duplicates, fixup full names
2018-03-05 11:57:44 +01:00
Daniel Stenberg
cb281f9df0
RELEASE-NOTES/THANKS: synced with cc1d4c505
2018-03-04 23:20:12 +01:00
Daniel Stenberg
c74521628b
curl.1: mention how to add numerical IP addresses in NO_PROXY
2018-03-04 19:57:43 +01:00
Daniel Stenberg
4d0b1e6887
CURLOPT_NOPROXY.3: mention how to list numerical IPv6 addresses
2018-03-04 19:51:37 +01:00
Daniel Stenberg
8b0b1a3088
build: get CFLAGS (including -werror) used for examples and tests
...
... so that the CI and more detects compiler warnings/errors properly!
Closes #2337
2018-03-04 19:46:26 +01:00
Daniel Stenberg
ee84085924
docs/MANUAL: formfind.pl is not accessible on the site anymore
...
Fixes #2342
2018-02-26 20:12:23 +01:00
Viktor Szakats
7e35eb7729
spelling fixes
...
Detected using the `codespell` tool.
Also contains one URL protocol upgrade.
Closes https://github.com/curl/curl/pull/2334
2018-02-23 23:29:01 +00:00
Daniel Stenberg
1be96a2952
TODO: remove "sha-256 digest", added in 2b5b37cb91
2018-02-23 14:40:10 +01:00
Daniel Stenberg
1a99ecdf50
curl_share_setopt.3: connection cache is shared within multi handles
2018-02-23 12:52:22 +01:00
Daniel Stenberg
93e7a6ffd1
form.d: rephrased somewhat, added two example command lines
2018-02-22 08:28:05 +01:00
Francisco Sedano
23713645d4
url: Add option CURLOPT_RESOLVER_START_FUNCTION
...
- Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that
will be called every time before a new resolve request is started
(ie before a host is resolved) with a pointer to backend-specific
resolver data. Currently this is only useful for ares.
- Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to
pass to the resolver start callback.
Closes https://github.com/curl/curl/pull/2311
2018-02-21 21:29:10 -05:00
Jay Satiro
dd027c80fe
lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
...
- In keeping with the naming of our other connect timeout options rename
CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.
This change adds the _MS suffix since the option expects milliseconds.
This is more intuitive for our users since other connect timeout options
that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS,
CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS.
The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms.
Follow-up to 2427d94
which added the lib and tool option yesterday.
Ref: https://github.com/curl/curl/pull/2260
2018-02-21 15:16:50 -05:00
Daniel Stenberg
7b71b5150b
RELEASE-NOTES: synced with 2427d94c6
2018-02-21 00:18:54 +01:00
Anders Bakken
2427d94c6d
url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT
...
- Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy
eyeball timeout value.
- Add new optval macro CURL_HET_DEFAULT to represent the default happy
eyeballs timeout value (currently 200 ms).
- Add new tool option --happy-eyeballs-timeout-ms to expose
CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the
other -timeout options in the tool expect seconds not milliseconds.
Closes https://github.com/curl/curl/pull/2260
2018-02-20 17:51:43 -05:00
Daniel Stenberg
9b4c2165f1
TODO: warning if curl version is not in sync with libcurl version
2018-02-20 11:17:52 +01:00
Anders Bakken
50d1b3379a
CURLOPT_RESOLVE: Add support for multiple IP addresses per entry
...
This enables users to preresolve but still take advantage of happy
eyeballs and trying multiple addresses if some are not connecting.
Ref: https://github.com/curl/curl/pull/2260
2018-02-20 04:24:28 -05:00
Sergio Borghese
e77f0e5a5a
examples/sftpuploadresume: resume upload via CURLOPT_APPEND
...
URL: https://curl.haxx.se/mail/lib-2018-02/0072.html
2018-02-20 09:31:06 +01:00
Daniel Stenberg
a3e52a7b2d
TODO: "Support in-memory certs/ca certs/keys"
...
removed SSLKEYLOGFILE support (fixed)
removed "consider SSL patches" (outdated)
Closes #2310
2018-02-18 22:45:17 +01:00
Daniel Stenberg
174212972c
CURLOPT_HEADER.3: clarify problems with different data sizes
2018-02-16 22:54:51 +01:00
Daniel Stenberg
5a44c9fa8b
CURLOPT_HEADERFUNCTION.3: fix typo from d939226813
...
Reported-by: Erik Johansson
Bug: d939226813 (commitcomment-27607495)
2018-02-16 16:25:52 +01:00
Daniel Stenberg
d939226813
CURLOPT_HEADERFUNCTION.3: mention folded headers
2018-02-16 12:11:23 +01:00
Daniel Stenberg
f549b2cefe
TODO: 1.1 Option to refuse usernames in URLs
...
Also expanded the CURL_REFUSE_CLEARTEXT section with more ideas.
2018-02-16 09:39:20 +01:00
Daniel Stenberg
74b1f89b1a
TODO: 1.7 Support HTTP/2 for HTTP(S) proxies
2018-02-16 09:24:28 +01:00
Daniel Stenberg
16d1f36940
Revert "KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy"
...
This reverts commit de9fac00c4
.
Reported-by: Jay Satiro
2018-02-15 22:47:49 +01:00
Daniel Stenberg
ccd1ec7aa8
TODO: 18.18 retry on network is unreachable
...
Closes #1603
2018-02-15 13:52:13 +01:00
Daniel Stenberg
de9fac00c4
KNOWN_BUGS: 2.5 curl should not offer "ALPN: h2" when using https-proxy
...
Closes #1254
2018-02-15 13:31:39 +01:00
Björn Stenberg
b46cfbc068
TODO fixed: Detect when called from within callbacks
...
Closes #2302
2018-02-15 09:36:03 +01:00
Daniel Stenberg
43a50a2580
BINDINGS: fix curb link (and remove ruby-curl-multi)
...
Reported-by: Klaus Stein
2018-02-14 14:57:00 +01:00
Daniel Stenberg
63f6b3b220
libcurl-security.3: separate file:// section
...
... just to make it more apparent. Even if it repeats
some pieces of information.
2018-02-13 14:04:04 +01:00
Daniel Stenberg
1e720400aa
libcurl-security.3: the http://192.168.0.1/my_router_config case
...
Mentioned-By: Rich Moore
2018-02-13 13:54:11 +01:00
Daniel Stenberg
03b7b2e8fc
libcurl-security.3: mention the URL standards problems too
2018-02-13 12:05:43 +01:00
Daniel Stenberg
3901842055
libcurl-security.3: split out from libcurl-tutorial.3
...
To make more accessible.
Merged in some new language from "URLs are dangerous things" as discussed on
the mailing list a few days ago:
Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html
2018-02-13 12:02:09 +01:00
Kamil Dudka
08029a7e73
tlsauthtype.d: works only if libcurl is built with TLS-SRP support
...
Bug: https://bugzilla.redhat.com/1542256
Closes #2306
2018-02-12 18:09:54 +01:00
Daniel Stenberg
34ecdffe90
progress-bar.d: update to match implementation
...
... since commit 993dd5651a
Reported-by: Martin Dreher
Bug: https://github.com/curl/curl/pull/2242#issuecomment-361059228
Closes #2271
2018-01-30 23:46:58 +01:00
Daniel Stenberg
8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
...
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.
Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Daniel Stenberg
fecec1d8ae
curl: add --proxy-pinnedpubkey
...
To verify a proxy's public key. For when using HTTPS proxies.
Fixes #2192
Closes #2268
2018-01-30 08:00:31 +01:00
Daniel Stenberg
094647fcac
TODO: UTF-8 filenames in Content-Disposition
...
Closes #1888
2018-01-28 14:53:10 +01:00
Daniel Stenberg
d76709080b
KNOWN_BUGS: DICT responses show the underlying protocol
...
Closes #1809
2018-01-28 14:38:38 +01:00
Alessandro Ghedini
4021bac4cd
docs: fix typos in man pages
...
Closes https://github.com/curl/curl/pull/2266
2018-01-27 14:50:40 -05:00
5c497343d9
GSKit: restore pinnedpubkey functionality
...
inadvertently removed in 283babfaf8
Closes #2263
2018-01-25 23:16:14 +01:00
Daniel Stenberg
1c39128d97
parsedate: fix date parsing for systems with 32 bit long
...
Make curl_getdate() handle dates before 1970 as well (returning negative
values).
Make test 517 test dates for 64 bit time_t.
This fixes bug (3) mentioned in #2238
Closes #2250
2018-01-25 22:20:52 +01:00
e178fbd40a
SChannel/WinSSL: Implement public key pinning
...
Closes #1429
2018-01-25 22:14:39 +01:00
Daniel Stenberg
03ae81097e
TODO: hardcode the "localhost" addresses
2018-01-25 17:23:06 +01:00
Daniel Stenberg
fd9f20737e
TODO: CURL_REFUSE_CLEARTEXT
...
An idea that popped up in discussions on twitter.
2018-01-25 08:17:09 +01:00
Daniel Stenberg
d6c21c8eec
RELEASE: 7.58.0
2018-01-23 22:49:00 +01:00
Daniel Stenberg
96186de1f7
docs: fix man page syntax to make test 1140 OK again
2018-01-23 01:28:18 +01:00
Daniel Stenberg
af32cd3859
http: prevent custom Authorization headers in redirects
...
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how
curl already handles Authorization headers created internally.
Note: this changes behavior slightly, for the sake of reducing mistakes.
Added test 317 and 318 to verify.
Reported-by: Craig de Stigter
Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
2018-01-22 10:00:00 +01:00
Daniel Stenberg
bb0ffcc36f
libcurl-env.3: first take
2018-01-20 14:32:46 +01:00