1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Commit Graph

473 Commits

Author SHA1 Message Date
Anthony Avina
6a7261359b tool: New option --data-raw to HTTP POST data, '@' allowed.
Add new option --data-raw which is almost the same as --data but does
not have a special interpretation of the @ character.

Prior to this change there was no (easy) way to pass the @ character as
the first character in POST data without it being interpreted as a
special character.

Bug: https://github.com/bagder/curl/issues/198
Reported-by: Jens Rantil
2015-04-25 14:51:14 -04:00
Jay Satiro
0675abbc75 cyassl: Implement public key pinning
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-22 17:07:19 -04:00
Alessandro Ghedini
26cbd7a1d9 curl.1: fix typo 2015-04-22 21:47:32 +02:00
Kamil Dudka
b47c17d67c nss: implement public key pinning for NSS backend
Bug: https://bugzilla.redhat.com/1195771
2015-04-22 13:21:31 +02:00
Daniel Stenberg
5d23279299 CURLOPT_PATH_AS_IS: added
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
2015-03-24 10:31:58 +01:00
Nick Zitzmann
7f5a170442 darwinsssl: add support for TLS False Start
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2015-03-21 12:22:56 -05:00
Alessandro Ghedini
1f651d1d4d curl: add --false-start option 2015-03-20 20:14:35 +01:00
Daniel Stenberg
6bba85d500 curl.1: fix "The the" typo
Reported-by: Jon Seymour
2015-03-04 07:29:06 +01:00
Alessandro Ghedini
49655a6822 curl.1: --cert-status is also supported by OpenSSL now 2015-02-14 20:30:32 +00:00
Daniel Stenberg
0daf1ef729 curl.1: clarify that -X is used for all requests
Reported-by: Jon Seymour
2015-02-09 10:33:54 +01:00
Daniel Stenberg
499024d208 curl.1: add warning when using -H and redirects 2015-02-08 00:05:55 +01:00
Daniel Stenberg
a4065ebf1c copyright years: after OCSP stapling changes 2015-01-16 23:23:29 +01:00
Alessandro Ghedini
bd0c3b3c66 curl: add --cert-status option
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16 23:23:29 +01:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Daniel Stenberg
7853c1cfe6 curl.1: added --unix-socket 2014-12-04 02:52:19 +01:00
Dave Reisner
8ef77547d0 curl.1: fix trivial typo 2014-12-03 22:38:46 +01:00
Bill Nagel
96c3b1a1bb docs: Updated for the SMB protocol
This patch updates the documentation for the SMB/CIFS protocol.
2014-11-30 21:53:30 +00:00
Steve Holme
982a649aa5 docs: Updated for commit 4bd860a001 and SMTP Unix line ending conversion 2014-11-26 23:32:38 +00:00
be1a505189 SSL: Add PEM format support for public key pinning 2014-11-24 19:30:09 +01:00
Steve Holme
338b641370 docs: Updated following the addition of SSPI based HTTP digest auth 2014-11-06 23:44:11 +00:00
Daniel Stenberg
9f59fb6d33 curl.1: show zone index use in a URL 2014-11-06 17:35:22 +01:00
Steve Holme
f7e24683c4 sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
Fixed the ability to use the current log-in credentials with DIGEST-MD5.
I had previously disabled this functionality in commit 607883f13c as I
couldn't get this to work under Windows 8, however, from testing HTTP
Digest authentication through Windows SSPI and then further testing of
this code I have found it works in Windows 7.

Some further investigation is required to see what the differences are
between Windows 7 and 8, but for now enable this functionality as the
code will return an error when AcquireCredentialsHandle() fails.
2014-10-29 14:24:38 +00:00
Daniel Stenberg
50313059fc curl.1: edited for clarity 2014-10-21 11:57:13 +02:00
93e450793c SSL: implement public key pinning
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).

Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().

Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Jeremy Lin
fa7d04fed4 ssh: improve key file search
For private keys, use the first match from: user-specified key file
(if provided), ~/.ssh/id_rsa, ~/.ssh/id_dsa, ./id_rsa, ./id_dsa

Note that the previous code only looked for id_dsa files. id_rsa is
now generally preferred, as it supports larger key sizes.

For public keys, use the user-specified key file, if provided.
Otherwise, try to extract the public key from the private key file.
This means that passing --pubkey is typically no longer required,
and makes the key-handling behavior more like OpenSSH.
2014-10-03 16:20:54 +02:00
Daniel Stenberg
69ce8a72f5 curl.1: mention quoting in the URL section
and separate the example URLs with newlines
2014-10-01 08:29:43 +02:00
Daniel Stenberg
7bff23b166 curl.1: add an example for -H 2014-08-29 08:07:47 +02:00
Daniel Stenberg
a20da5523e curl.1: clarify --limit-rate's effect on both directions
Bug: http://curl.haxx.se/bug/view.cgi?id=1414
Reported-by: teo8976
2014-08-23 00:40:52 +02:00
Daniel Stenberg
5be48639b1 curl.1: mention the --post30x options within the --location desc 2014-08-23 00:00:00 +02:00
Steve Holme
75be5a6681 docs: Escaped single backslash 2014-08-16 11:52:11 +01:00
Steve Holme
7679cb3fa8 docs: Added Kerberos V5 and NTLM domain information to --user 2014-08-16 10:37:16 +01:00
Steve Holme
0574196acb docs: Added Kerberos V5 to the --user SSPI current credentials usage 2014-08-16 10:16:05 +01:00
Michael Osipov
37f0e8a32c docs: Update SPNEGO and GSS-API related doc sections
Reflect recent changes in SPNEGO and GSS-API code in the docs.
Update them with appropriate namings and remove visible spots for
GSS-Negotiate.
2014-08-09 00:08:51 +01:00
Steve Holme
f719a97e12 docs: Added Negotiate to the SSPI current credentials usage description 2014-08-07 08:04:40 +01:00
Daniel Stenberg
97db9fb653 curl.1: minor language fix
Bug: http://curl.haxx.se/mail/archive-2014-07/0006.html
2014-07-03 22:37:43 +02:00
Daniel Stenberg
3b65aeda52 curl.1: clarify that -u can't specify a user with colon 2014-05-23 14:34:03 +02:00
Steve Holme
fa083980c5 curl.1: Added missing --login-options option
...and removed ;OPTIONS from --user as that functionality was removed
in 7.34.0.
2014-05-07 19:47:22 +01:00
Daniel Stenberg
109e94c51c docs: this is for 7.37.0
And clarify for curl that --proxy-header now must be used for headers
that are meant for a proxy, and they will not be included if the request
is not for a proxy.
2014-04-04 17:10:47 +02:00
Daniel Stenberg
20f61cd12c curl.1: documented --proxy-header 2014-04-04 17:03:43 +02:00
Dan Fandrich
ca7d1de69c docs: fixed a bunch of typos 2014-03-14 23:38:00 +01:00
Steve Holme
1a9b58fcb2 tool_getparam: Added initial support for --next/-:
Added initial support for --next/-: which will be used to replace the
rather confusing : command line operation what was used for the URL
specific options prototype.
2014-02-26 20:42:30 +00:00
Kamil Dudka
03c288202e curl.1: update the description of --tlsv1
... and mention the --tlsv1.[0-2] options in the --tslv1 entry

Reported-by: Hubert Kario
2014-02-18 10:35:41 +01:00
Fabian Frank
909a68c121 NPN/ALPN: allow disabling via command line
when using --http2 one can now selectively disable NPN or ALPN with
--no-alpn and --no-npn. for now honored with NSS only.

TODO: honor this option with GnuTLS and OpenSSL
2014-02-10 13:06:17 +01:00
Daniel Stenberg
0952c9abcc http2: call it "HTTP 2" and not 2.0
The minor version will be dropped for HTTP 2 so it will make sense to
avoid using it in option names etc.
2014-01-30 16:59:35 +01:00
Daniel Stenberg
0a898655e8 curl.1: remove URL encoding phrase from --data description
... it could be misleading a reader into thinking it _has_ to be encoded.
2013-12-18 22:46:38 +01:00
Daniel Stenberg
8a8f9a5d57 curl.1 document -J doesn't %-decode
...also added as KNOWN_BUG #87 with reference to bug #1294
2013-12-15 23:38:37 +01:00
Daniel Stenberg
0db811b69b parseconfig: dash options can't specified with colon or equals
Bug: http://curl.haxx.se/bug/view.cgi?id=1297
Reported-by: Michael Osipov
2013-11-29 15:17:08 +01:00
Daniel Stenberg
d81cbbcc2c curl.1: -G also takes --data-urlencode data 2013-11-29 15:10:53 +01:00
Steve Holme
3c8c9b2779 smtp: Changed the default command to HELP when no options are specified
Otherwise a NOOP operation would be performed which a) only returns a
single line response and not a multiline response where -I needs to be
used, and b) provides an inconsistent user experience compared to that
of the POP3 and IMAP protocols.
2013-11-17 10:09:07 +00:00
Steve Holme
d630e1f389 DOCS: Updated manpage following recent SMTP modifications
* Added SMTP section to --request
* Expanded --mail-rcpt to describe the usage when using the verify and
  expand commands.
2013-11-15 21:23:56 +00:00
Daniel Stenberg
6901861fc9 curl.1: mention that -O does no URL decoding 2013-11-12 09:28:07 -08:00
Steve Holme
0177f28c51 DOCS: Expanded --request description to include POP3 and IMAP details 2013-11-03 14:39:10 +00:00
Steve Holme
526a1c3b45 DOCS: Updated --list-only description to include POP3
Additionally corrected typos in --oauth2-bearer protocol list.
2013-11-03 13:54:49 +00:00
Gisle Vanem
ae495ffcc3 curl.1: add missing exit-code
I noted a missing text for exit-code 89 in docs/curl.1
2013-10-20 23:57:24 +02:00
Alessandro Ghedini
69c0d3fbc8 curl.1: fix typo conjuction -> conjunction 2013-10-15 20:37:13 +02:00
Daniel Stenberg
076726f141 curl: document the new --tlsv1.[012] options 2013-10-15 20:31:04 +02:00
Daniel Stenberg
5df04bfafd curl: rename --bearer to --oauth2-bearer
The option '--bearer' might be slightly ambiguous in name. It doesn't
create any conflict that I am aware of at the moment, however, OAUTH v2
is not the only authentication mechanism which uses "bearer" tokens.

Reported-by: Kyle L. Huff
URL: http://curl.haxx.se/mail/lib-2013-10/0064.html
2013-10-12 23:26:38 +02:00
Heinrich Schaefer
9b33ecfd01 minor fix in doc 2013-10-11 11:57:26 +02:00
Steve Holme
6dd8bd8d2f curl.1: Added information about optional login options to --user in manpage
Added missing information, from curl 7.31.0, regarding the use of the
optional login options that may be specified as part of --user.

For example:

--user 'user:password;auth=NTLM' in IMAP, POP3 and SMTP protocols.
2013-09-21 22:05:12 +01:00
Kim Vandry
fcfa26a7ee Documented --dns-* options in curl manpage 2013-09-20 23:09:39 +02:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Daniel Stenberg
0a691f8935 curl.1: detail how short/long options work
URL: http://curl.haxx.se/bug/view.cgi?id=1279
Suggested-by: Jerry Krinock
2013-09-13 23:14:41 +02:00
Daniel Stenberg
01d7bbbebe --data: mention CRLF treatment when reading from file 2013-09-06 13:52:56 +02:00
Nick Zitzmann
d2fe616e7e darwinssl: add support for PKCS#12 files for client authentication
I also documented the fact that the OpenSSL engine also supports them.
2013-09-05 18:57:06 -05:00
Daniel Stenberg
2eabb7d590 curl: add --http1.1 and --http2.0 options 2013-09-04 22:29:38 +02:00
Daniel Stenberg
f19efd07e7 -x: rephrased the --proxy section somewhat 2013-08-31 22:55:53 +02:00
Kyle L. Huff
7e489c42f7 curl.1: Add usage of '--bearer' option 2013-08-30 21:34:20 +01:00
Dave Reisner
d8c04909fa src/tool: allow timeouts to accept decimal values
Implement wrappers around strtod to convert the user argument to a
double with sane error checking. Use this to allow --max-time and
--connect-timeout to accept decimal values instead of strictly integers.

The manpage is updated to make mention of this feature and,
additionally, forewarn that the actual timeout of the operation can
vary in its precision (particularly as the value increases in its
decimal precision).
2013-07-14 23:04:05 +02:00
Dave Reisner
c0a7a98aee curl.1: fix long line, found by checksrc.pl 2013-07-14 22:50:29 +02:00
Kamil Dudka
45339625bc Revert "curl.1: document the --time-cond option in the man page"
This reverts commit 3a0e931fc7 because
the documentation of --time-cond was duplicated by mistake.

Reported by: Dave Reisner
2013-07-09 15:46:49 +02:00
Kamil Dudka
20ff820ef2 curl.1: document the --sasl-ir option in the man page 2013-07-09 15:18:39 +02:00
Kamil Dudka
39e85d99fe curl.1: document the --post303 option in the man page 2013-07-09 15:18:39 +02:00
Kamil Dudka
3a0e931fc7 curl.1: document the --time-cond option in the man page 2013-07-09 15:18:39 +02:00
Daniel Stenberg
9c2853f2ae curl.1: fix typo in --xattr description
Bug: http://curl.haxx.se/bug/view.cgi?id=1252
Reported-by: Jean-Noël Rouvignac
2013-06-25 10:41:16 +02:00
Daniel Stenberg
ba9a66663a curl.1: clarify that --silent still outputs data 2013-05-28 11:37:58 +02:00
Kamil Dudka
42e01cff9a curl.1: document escape sequences recognized by -E 2013-05-06 14:32:26 +02:00
Nick Zitzmann
a5c0e20939 darwinssl: add TLS crypto authentication
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
2013-04-27 23:15:07 -06:00
Kamil Dudka
11dde6ac72 docs: update the comments about loading CA certs with NSS
Bug: https://bugzilla.redhat.com/696783
2013-01-28 14:12:57 +01:00
Ulion
2698520aef formpost: support quotes, commas and semicolon in file names
- document the double-quote and backslash need be escaped if quoting.
- libcurl formdata escape double-quote in filename by backslash.
- curl formparse can parse filename both contains '"' and ',' or ';'.
- curl now can uploading file with ',' or ';' in filename.

Bug: http://curl.haxx.se/bug/view.cgi?id=1171
2013-01-22 15:43:29 +01:00
Daniel Stenberg
65e8ba8e1d writeout: -w now supports remote_ip/port and local_ip/port
Added mention to the curl.1 man page.

Test case 1223 verifies remote_ip/port.
2013-01-03 23:16:38 +01:00
Daniel Stenberg
2ee2693a47 curl.1: extend the -X, --request description 2012-12-27 23:33:14 +01:00
Daniel Stenberg
d4af0bb8f6 curl.1: list the -w variables sorted alphabetically 2012-08-28 10:43:12 +02:00
Daniel Stenberg
b8983aa309 curl.1: shorten lines, avoid referring to libcurl instead of curl 2012-08-10 10:54:38 +02:00
Ant Bryan
4dcde5aa3d curl.1: fix more consistent wording
"If this option is used several times, the last one will be used."
uniformity
2012-08-10 10:49:22 +02:00
Kamil Dudka
f208bf5a2d docs: update the links to cipher-suites supported by NSS
... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09 16:24:53 +02:00
Daniel Stenberg
672f24b1dc curl.1: minor format fix for --data-ascii
... and removal of trailing whitespace on a single line
2012-08-08 00:03:30 +02:00
Ant Bryan
2f02d825f1 curl man page cleanup 2012-08-07 23:49:34 +02:00
Ant Bryan
7b5c411f5c Update man page info on --metalink and typo. 2012-07-27 01:01:45 +02:00
Tatsuhiro Tsujikawa
92c40ce190 curl.1: Updated Metalink description in man page
Documented that --include will be ignored if both --metalink
and --include are specified.
Also documented that a Metalink file in the local file system
cannot be used if FILE protocol is disabled.
2012-06-25 19:22:17 +02:00
Yang Tse
508dbb99aa curl.1: 7.27.0 seems next release 2012-06-14 18:10:29 +02:00
ant
462f10f824 Add Metalink information and --metalink option to man page 2012-05-26 23:10:25 +02:00
ant
8834448cc1 Add Metalink information and --metalink option to man page 2012-05-26 23:10:15 +02:00
Daniel Stenberg
03c1bcf4bd curl.1: clarify -x usage
1 - fix the syntax in the .IP line

2 - Provided user names and passwords are URL decoded by libcurl

Bug: http://curl.haxx.se/bug/view.cgi?id=3525935
2012-05-12 23:35:16 +02:00
Dave Reisner
ddfe821bcf curl tool: add filename_effective token for --write-out
By modifying the parameter list for ourWriteOut() and passing the
OutStruct that collects data in tool_operate, we get access to the
remote name that we're writing to. Shell scripters should find this
useful when used in conjuntion with the --remote-header-name option.
2012-04-01 23:52:05 +02:00
Rodrigo Silva (MestreLion)
c4a8446c70 docs: clarify -z/--time-cond with filename (mention mtime)
Original wording could lead users in thinking it tries to
somehow parse the filename for a date expression (like
news_2012_03_05.html). It never mentions that it actually
reads the mtime of the file in filesystem.
2012-03-23 23:13:27 +01:00
Daniel Stenberg
779fa13ef9 curl.1: updated --libcurl
With Colin Hogben's recent work, --libcurl now also works with -F and
more. Remove the previous caveat.
2012-02-23 23:25:58 +01:00
Daniel Stenberg
4bf3131979 --mail-auth documented 2012-02-16 13:24:48 +01:00
Daniel Stenberg
62d15f159e --ssl-allow-beast added
This new option tells curl to not work around a security flaw in the
SSL3 and TLS1.0 protocols. It uses the new libcurl option
CURLOPT_SSL_OPTIONS with the CURLSSLOPT_ALLOW_BEAST bit set.
2012-02-09 22:28:58 +01:00
Dave Reisner
2a266c1c7c curl: use new library-side TCP_KEEPALIVE options
Use the new library CURLOPT_TCP_KEEPALIVE rather than disabling this via
the sockopt callback. If --keepalive-time is used, apply the value to
CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL.
2012-02-09 19:05:40 +01:00
Daniel Stenberg
b2aaf3c2ad curl.1: improve --stderr wording
As is pointed out in this bug report, there can indeed be situation
where --stderr has a point even when the "real" stderr can be
redirected. Remove the superfluous and wrong comment.

bug: http://curl.haxx.se/bug/view.cgi?id=3476020
2012-01-19 13:42:56 +01:00