1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 17:48:48 -05:00
Commit Graph

1715 Commits

Author SHA1 Message Date
Daniel Stenberg
44c9884552
CURLINFO docs: mention that in redirects times are added
Suggested-by: Brandon Dong
Fixes #4250
Closes #4269
2019-08-28 00:03:12 +02:00
Daniel Stenberg
6a90c9e0c4
CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
For a long time (since 7.28.1) we've returned error when setting the
value to 1 to make applications notice that we stopped supported the old
behavior for 1. Starting now, we treat 1 and 2 exactly the same.

Closes #4241
2019-08-20 14:57:59 +02:00
Daniel Stenberg
db80de0528
CURLOPT_ALTSVC.3: use a "" file name to not load from a file 2019-08-14 14:42:11 +02:00
Jay Satiro
dca6f73613 vauth: Use CURLE_AUTH_ERROR for auth function errors
- Add new error code CURLE_AUTH_ERROR.

Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.

Ref: https://github.com/curl/curl/pull/3848

Co-authored-by: Dominik Hölzl

Closes https://github.com/curl/curl/pull/3864
2019-08-14 03:14:01 -04:00
Daniel Stenberg
aae490229b
curl_version_info: make the quic_version a const
Follow-up from 1a2df1518a

Closes #4222
2019-08-13 23:15:49 +02:00
Daniel Stenberg
125884e466
curl_version_info.3: mentioned ALTSVC and HTTP3
... and sorted the list alphabetically
2019-08-13 14:10:20 +02:00
Daniel Stenberg
b867ecf0c5
CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
Follow-up to 98c3f148 that removed it from the header file
2019-08-13 11:19:35 +02:00
Daniel Stenberg
1a2df1518a
curl_version_info: offer quic (and h3) library info
Closes #4216
2019-08-12 13:37:08 +02:00
Daniel Stenberg
f88d865bf4
CURLOPT_READFUNCTION.3: provide inline example
... instead of mentioning one in another place
2019-08-12 09:20:52 +02:00
Daniel Stenberg
42a06118c8
curl_global_init_mem.3: mention it was added in 7.12.0 2019-08-11 00:19:45 +02:00
Daniel Stenberg
084404b8ab
CURLOPT_H3: removed
There's no use for this anymore and it was never in a release.

Closes #4206
2019-08-09 12:26:02 +02:00
Daniel Stenberg
98c3f14871
alt-svc: send Alt-Used: in redirected requests
RFC 7838 section 5:

   When using an alternative service, clients SHOULD include an Alt-Used
   header field in all requests.

Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus
this is deemed ok).

You can disable sending this header just like you disable any other HTTP
header in libcurl.

Closes #4199
2019-08-08 08:24:37 +02:00
Daniel Stenberg
026840e35c
CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197
2019-08-08 08:17:24 +02:00
Daniel Stenberg
f933449d3b
CURLINFO_RETRY_AFTER: parse the Retry-After header value
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794
2019-08-07 14:45:39 +02:00
Daniel Stenberg
fd00e14adb
curl.h: add CURL_HTTP_VERSION_3 to the version enum
It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with
CURLINFO_HTTP_VERSION.
2019-08-07 12:51:52 +02:00
Steve Holme
7c469fa537 sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:20 -04:00
Daniel Stenberg
02346abc32
curl_multi_poll: a sister to curl_multi_wait() that waits more
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163
2019-08-06 09:33:29 +02:00
Daniel Stenberg
a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Balazs Kovacsics
802aa5ae27
HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME.  Update
test 1514 according to the new behaviour.

Closes #4138
2019-07-29 13:18:53 +02:00
Daniel Stenberg
3af0e76d1e
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500
2019-07-21 23:49:03 +02:00
Daniel Stenberg
828392ae10
curl_version_info: provide nghttp2 details
Introducing CURLVERSION_SIXTH with nghttp2 info.

Closes #4121
2019-07-20 00:06:42 +02:00
Jay Satiro
28f6fda8dc CURLOPT_RANGE.3: Caution against using it for HTTP PUT
AFAICT CURLOPT_RANGE does not support ranged HTTP PUT uploads so I've
cautioned against using it for that purpose and included a workaround.

Bug: https://curl.haxx.se/mail/lib-2019-04/0075.html
Reported-by: Christopher Head

Closes https://github.com/curl/curl/issues/3814
2019-07-17 01:45:26 -04:00
Stefano Simonelli
fdcb0f40c3 CURLOPT_SEEKDATA.3: fix variable name
Closes https://github.com/curl/curl/pull/4118
2019-07-17 01:16:35 -04:00
Jay Satiro
c7f3c073f4 docs: Explain behavior change in --tlsv1. options since 7.54
Since 7.54 --tlsv1. options use the specified version or later, however
older versions of curl documented it as using just the specified version
which may or may not have happened depending on the TLS library.
Document this discrepancy to allay confusion for users familiar with the
old documentation that expect just the specified version.

Fixes https://github.com/curl/curl/issues/4097
Closes https://github.com/curl/curl/pull/4119
2019-07-17 00:48:41 -04:00
Jay Satiro
e8442e4ffc libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.

- Update default allowed redirect protocols in documentation.

Follow-up to 6080ea0.

Ref: https://github.com/curl/curl/pull/4094

Closes https://github.com/curl/curl/pull/4115
2019-07-17 00:48:40 -04:00
Daniel Stenberg
647e726d78
test1173: make it also check all libcurl option man pages
... and adjust those that cause errors

Closes #4116
2019-07-16 12:38:42 +02:00
Daniel Stenberg
02a62074c7
libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults
follow-up to 6080ea098
2019-07-14 16:32:50 +02:00
Caleb Raitto
21e2df8015 CURLOPT_HEADEROPT.3: Fix example
Fix an issue where example builds a curl_slist, but fails to actually
use it, or free it.

Closes https://github.com/curl/curl/pull/4090
2019-07-06 23:21:39 -04:00
Jay Satiro
3609ab3147 docs: Fix links to OpenSSL docs
OpenSSL changed their manual locations and does not redirect to the new
locations.

Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html
Reported-by: Daniel Stenberg
2019-06-30 17:16:28 -04:00
Gaël PORTAY
44b5468e8e
curl_multi_wait.3: escape backslash in example
The backslash in the character Line Feed must be escaped.

The current man-page outputs the code as following:

	fprintf(stderr, "curl_multi failed, code %d.0, mc);

The commit fixes it as follow:

	fprintf(stderr, "curl_multi failed, code %d\n", mc);

Closes #4079
2019-06-26 15:02:26 +02:00
Niklas Hambüchen
8dd041bf0a
docs: fix string suggesting HTTP/2 is not the default
Commit 25fd1057c9 made HTTP2 the default, and further down in the
man page that new default is mentioned, but the section at the top
contradicted it until now.

Also remove claim that setting the HTTP version is not sensible.

Closes #4075
2019-06-25 17:40:21 +02:00
Daniel Gustafsson
1862cacd03 CURLMOPT_SOCKETFUNCTION.3: fix typo 2019-06-24 14:19:13 +02:00
Daniel Stenberg
ae99b4de1c
typecheck: CURLOPT_CONNECT_TO takes an slist too
Additionally, add an alias in curl.h for slist-using options so that
we can grep/parse those out at will.

Closes #4042
2019-06-20 08:47:42 +02:00
Daniel Stenberg
f0b7b106ff
CURLMOPT_SOCKETFUNCTION.3: clarified
Moved away the callback explanation from curl_multi_socket_action.3 and
expanded it somewhat.

Closes #4006
2019-06-10 13:07:32 +02:00
Daniel Stenberg
027c065f3c
CURLOPT_CAINFO.3: polished wording
Clarify the functionality when built to use Schannel and Secure
Transport and stop calling it the "recommended" or "preferred" way and
instead rather call it the default.

Removed the reference to the ssl comparison table as it isn't necessary.

Reported-by: Richard Alcock
Bug: https://curl.haxx.se/mail/lib-2019-06/0019.html
Closes #4005
2019-06-10 12:43:46 +02:00
Daniel Stenberg
deb9462ff2
wolfssl: refer to it as wolfSSL only
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
references to ancient history.

Assisted-by: Daniel Gustafsson

Closes #3903
2019-06-10 09:18:16 +02:00
Sorcus
fb2839db24
libcurl-tutorial.3: Fix small typo (mutipart -> multipart)
Fixed-by: MrSorcus on github
Closes #4000
2019-06-09 18:36:16 +02:00
Daniel Stenberg
be527afad0
curl_share_setopt.3: improve wording [ci ship]
Reported-by: Carlos ORyan
2019-06-04 20:25:39 +02:00
Daniel Stenberg
7e590b3ecd
tls13-docs: mention it is only for OpenSSL >= 1.1.1
Reported-by: Jay Satiro
Co-authored-by: Jay Satiro
Fixes #3938
Closes #3946
2019-06-02 16:15:45 +02:00
Jay Satiro
db8ec1fa38
Revert all SASL authzid (new feature) commits
- Revert all commits related to the SASL authzid feature since the next
  release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID  / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a13.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2f.
2019-05-25 23:36:11 +02:00
Steve Holme
a14d72ca2f
sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixed #3653
Closes #3790
2019-05-22 22:55:05 +01:00
Daniel Stenberg
269f7df0ae
PolarSSL: deprecate support step 1. Removed from configure.
Also removed mentions from most docs.

Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html

Closes #3888
2019-05-22 10:00:56 +02:00
Daniel Stenberg
f778c356a8
CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE [ci skip]
Reported-by: Roy Bellingan
Bug: #3885
2019-05-15 12:05:49 +02:00
Daniel Stenberg
6123d718aa
CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later [ci skip]
Clues-provided-by: Jay Satiro
Clues-provided-by: Jeroen Ooms
Fixes #3711
Closes #3874
2019-05-14 08:19:58 +02:00
Daniel Stenberg
2d0e9b40d3
urlapi: add CURLUPART_ZONEID to set and get
The zoneid can be used with IPv6 numerical addresses.

Updated test 1560 to verify.

Closes #3834
2019-05-05 15:52:46 +02:00
Daniel Stenberg
139202bb68
CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk [ci skip]
Reported-by: Ricardo Gomes

Bug: #3537
Closes #3836
2019-05-03 23:21:07 +02:00
Daniel Stenberg
28f38da506
CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value
The time field in the curl_fileinfo struct will always be zero. No code
was ever implemented to actually convert the date string to a time_t.

Fixes #3829
Closes #3835
2019-05-03 23:19:56 +02:00
Daniel Stenberg
e649432e72
CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse
... and disconnect too old ones instead of trying to reuse.

Default max age is set to 118 seconds.

Ref: #3722
Closes #3782
2019-04-21 23:06:23 +02:00
tmilburn
c3e38a4250
CURLOPT_ADDRESS_SCOPE: fix range check and more
Commit 9081014 fixed most of the confusing issues between scope id and
scope however 844896d added bad limits checking assuming that the scope
is being set and not the scope id.

I have fixed the documentation so it all refers to scope ids.

In addition Curl_if2ip refered to the scope id as remote_scope_id which
is incorrect, so I renamed it to local_scope_id.

Adjusted-by: Daniel Stenberg

Closes #3655
Closes #3765
Fixes #3713
2019-04-13 11:18:55 +02:00
Daniel Stenberg
d715d2ac89
urlapi: stricter CURLUPART_PORT parsing
Only allow well formed decimal numbers in the input.

Document that the number MUST be between 1 and 65535.

Add tests to test 1560 to verify the above.

Ref: https://github.com/curl/curl/issues/3753
Closes #3762
2019-04-13 11:17:30 +02:00
Daniel Stenberg
f73de32d46
CURLOPT_DNS_USE_GLOBAL_CACHE: remove
Remove the code too. The functionality has been disabled in code since
7.62.0. Setting this option will from now on simply be ignored and have
no function.

Closes #3654
2019-04-11 22:22:39 +02:00
Daniel Stenberg
20b8df1096
curl_easy_getinfo.3: fix minor formatting mistake 2019-04-11 16:06:40 +02:00
Daniel Stenberg
2f44e94efb
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651
2019-04-06 22:49:50 +02:00
Tim Rühsen
7b758e9835 documentation: Fix several typos
Closes #3724
Reviewed-by: Jakub Zakrzewski
Reviewed-by: Daniel Gustafsson
2019-04-03 22:06:06 +02:00
Jay Satiro
2bcdf722b8 CURLMOPT_PIPELINING.3: fix typo 2019-03-25 17:12:19 -04:00
Daniel Stenberg
7c46691178
curl_url.3: this is not experimental anymore 2019-03-22 18:33:06 +01:00
Daniel Stenberg
e1be825453
alt-svc: the libcurl bits 2019-03-03 11:17:52 +01:00
Daniel Stenberg
8754ddb85d
curl_easy_duphandle.3: clarify that a duped handle has no shares
Reported-by: Sara Golemon

Fixes #3592
Closes #3634
2019-03-01 21:47:30 +01:00
Daniel Stenberg
76a9c3c4be
Secure Transport: no more "darwinssl"
Everyone calls it Secure Transport, now we do too.

Reviewed-by: Nick Zitzmann

Closes #3619
2019-02-28 08:42:59 +01:00
Daniel Stenberg
47e540df8f
examples: remove recursive calls to curl_multi_socket_action
From within the timer callbacks. Recursive is problematic for several
reasons. They should still work, but this way the examples and the
documentation becomes simpler. I don't think we need to encourage
recursive calls.

Discussed in #3537
Closes #3601
2019-02-23 23:08:38 +01:00
Daniel Stenberg
b08898fb29
connection: never reuse CONNECT_ONLY conections
and make CONNECT_ONLY conections never reuse any existing ones either.

Reported-by: Pavel Löbl
Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
Closes #3586
2019-02-19 22:50:02 +01:00
Daniel Stenberg
5e1b5e6936
curl_multi_remove_handle.3: use at any time, just not from within callbacks
[ci skip]
2019-02-19 11:22:29 +01:00
Daniel Stenberg
180501cb02
schannel: stop calling it "winssl"
Stick to "Schannel" everywhere. The configure option --with-winssl is
kept to allow existing builds to work but --with-schannel is added as an
alias.

Closes #3504
2019-02-01 08:20:38 +01:00
John Marshall
427fa512be
doc: use meaningless port number in CURLOPT_LOCALPORT example
Use an ephemeral port number here; previously the example had 8080
which could be confusing as the common web server port number might
be misinterpreted as suggesting this option affects the remote port.

URL: https://curl.haxx.se/mail/lib-2019-01/0084.html
Closes #3513
2019-01-31 13:54:59 +01:00
Gisle Vanem
06f744d447
Escape the '\'
A backslash should be escaped in Roff / Troff.
2019-01-29 16:42:22 +01:00
Alessandro Ghedini
7c16871d0b Fix typo in manpage 2019-01-16 19:05:12 +00:00
Katsuhiko YOSHIDA
1f30dc886d
cookies: skip custom cookies when redirecting cross-site
Closes #3417
2019-01-09 15:18:08 +01:00
Daniel Gustafsson
5cc3285574 docs: mention potential leak in curl_slist_append
When a non-empty list is appended to, and used as the returnvalue,
the list pointer can leak in case of an allocation failure in the
curl_slist_append() call. This is correctly handled in curl code
usage but we weren't explicitly pointing it out in the API call
documentation. Fix by extending the RETURNVALUE manpage section
and example code.

Closes #3424
Reported-by: dnivras on github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-01-02 12:49:49 +01:00
Daniel Stenberg
006ff62d8c
http: added options for allowing HTTP/0.9 responses
Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.

For now, both the tool and library allow HTTP/0.9 by default.
docs/DEPRECATE.md lays out the plan for when to reverse that default: 6
months after the 7.64.0 release. The options are added already now so
that applications/scripts can start using them already now.

Fixes #2873
Closes #3383
2018-12-21 10:49:30 +01:00
Daniel Stenberg
04b69c744c
http: minor whitespace cleanup from f464535b 2018-12-14 10:20:06 +01:00
Ayoub Boudhar
f464535bfd
http: Implement trailing headers for chunked transfers
This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing headers
with chunked transfers.

The test server (sws) was updated to take into account the detection of the
end of transfer in the case of trailing headers presence.

Test 1591 checks that trailing headers can be sent using libcurl.

Closes #3350
2018-12-14 10:10:48 +01:00
Patrick Monnerat
37093a21a6 documentation: curl_formadd field and file names are now escaped
Prior to 7.56.0, fieldnames and filenames were set in Content-Disposition
header without special processing: this may lead to invalid RFC 822
quoted-strings.
7.56.0 introduces escaping of backslashes and double quotes in these names:
mention it in the documentation.

Reported-by: daboul on github
Closes #3361
2018-12-11 15:31:23 +01:00
Daniel Stenberg
ae7a09db20
CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times 2018-11-23 16:55:33 +01:00
UnknownShadow200
2366697806
CURLOPT_HEADERFUNCTION.3: match 'nitems' name in synopsis and description
Closes #3295
2018-11-22 00:05:05 +01:00
Han Han
89d2e95f78 docs: add more description to unified ssl error codes 2018-11-19 15:57:44 -08:00
Daniel Stenberg
f7fa04d7f3
docs: expanded on some CURLU details 2018-11-11 00:10:56 +01:00
Jim Fuller
5c4fe0d826
setopt: add CURLOPT_CURLU
Allows an application to pass in a pre-parsed URL via a URL handle.

Closes #3227
2018-11-09 15:47:28 +01:00
Gisle Vanem
073332b525
docs: ESCape "\n" codes
Groff / Troff will display a:
 printaf("Errno: %ld\n", error);
as:
  printf("Errno: %ld0, error);

when a "\n" is not escaped. Use "\\n" instead.

Closes #3246
2018-11-09 15:38:52 +01:00
Gisle Vanem
08b1a851cc
More "\n" ESCaping 2018-11-07 13:32:17 +01:00
Daniel Gustafsson
8a49b291cb winssl: be consistent in Schannel capitalization
The productname from Microsoft is "Schannel", but in infof/failf
reporting we use "schannel". This removes different versions.

Closes #3243
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-11-07 10:11:13 +01:00
Daniel Stenberg
9aa8ff2895
urlapi: only skip encoding the first '=' with APPENDQUERY set
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip
encoding the first to better allow "name=content" for any content.

Reported-by: Alexey Melnichuk
Fixes #3231
Closes #3231
2018-11-07 08:28:48 +01:00
Michael Kaufmann
53db15ba55 netrc: don't ignore the login name specified with "--user"
- for "--netrc", don't ignore the login/password specified with "--user",
  only ignore the login/password in the URL.
  This restores the netrc behaviour of curl 7.61.1 and earlier.
- fix the documentation of CURL_NETRC_REQUIRED
- improve the detection of login/password changes when reading .netrc
- don't read .netrc if both login and password are already set

Fixes #3213
Closes #3224
2018-11-05 20:34:01 +01:00
Daniel Stenberg
66dc1570db
symbols-in-versions: add missing CURLU_ symbols
...and fix symbol-scan.pl to also scan urlapi.h

Reported-by: Alexey Melnichuk
Fixes #3226
Closes #3230
2018-11-04 23:15:12 +01:00
Daniel Stenberg
302d125b42
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.

Use a better supported TLS library!

Assisted-by: Daniel Gustafsson
Closes #3194
2018-11-01 10:29:53 +01:00
marcosdiazr
7f4c358541
schannel: make CURLOPT_CERTINFO support using Issuer chain
Closes #3197
2018-11-01 10:21:51 +01:00
Daniel Gustafsson
1460e89e01 vtls: add MesaLink to curl_sslbackend enum
MesaLink support was added in commit 57348eb97d but the
backend was never added to the curl_sslbackend enum in curl/curl.h.
This adds the new backend to the enum and updates the relevant docs.

Closes #3195
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-30 16:56:51 +01:00
Michael Kaufmann
d275c18c2a docs: add "see also" links for SSL options
- link TLS 1.2 and TLS 1.3 options
- link proxy and non-proxy options

Closes #3121
2018-10-10 22:23:11 +02:00
Daniel Gustafsson
4bc86270e1 CURLOPT_SSL_VERIFYSTATUS: Fix typo
Changes s/OSCP/OCSP/ and bumps the copyright year due to the change.
2018-10-09 09:47:40 +02:00
Viktor Szakats
ff9d7f4447 spelling fixes [ci skip]
as detected by codespell 1.14.0

Closes https://github.com/curl/curl/pull/3114
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-08 19:37:40 +00:00
Daniel Gustafsson
af99662688 CURLOPT_SSLVERSION.3: fix typos and consistent spelling
Use TLS vX.Y throughout the document, instead of TLS X.Y, as that was
already done in all but a few cases. Also fix a few typos.

Closes #3076
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:22:10 +02:00
Jay Satiro
35ac49d4ed CURLOPT_HEADER.3: fix typo 2018-10-03 02:30:32 -04:00
Viktor Szakats
b801b453af whitespace fixes
- replace tabs with spaces where possible
- remove line ending spaces
- remove double/triple newlines at EOF
- fix a non-UTF-8 character
- cleanup a few indentations/line continuations
  in manual examples

Closes https://github.com/curl/curl/pull/3037
2018-09-23 22:24:02 +00:00
Daniel Stenberg
5c73093edb
urlapi: document the error codes, remove two unused ones
Assisted-by: Daniel Gustafsson
Closes #3019
2018-09-19 23:25:11 +02:00
Daniel Stenberg
9307c219ad
urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptance
In order for this API to fully work for libcurl itself, it now offers a
CURLU_GUESS_SCHEME flag that makes it "guess" scheme based on the host
name prefix just like libcurl always did. If there's no known prefix, it
will guess "http://".

Separately, it relaxes the check of the host name so that IDN host names
can be passed in as well.

Both these changes are necessary for libcurl itself to use this API.

Assisted-by: Daniel Gustafsson
Closes #3018
2018-09-19 23:21:52 +02:00
Dave Reisner
c1e5980f66
curl_url_set.3: properly escape \n in example code
This yields

  "the scheme is %s\n"

instead of

  "the scheme is %s0

Closes #2970
2018-09-13 08:07:36 +02:00
Dave Reisner
0411057380
curl_url_set.3: fix typo in reference to CURLU_APPENDQUERY 2018-09-13 08:07:15 +02:00
Daniel Stenberg
11e8a43f85
libcurl-url.3: overview man page for the URL API
Closes #2967
2018-09-10 23:29:37 +02:00
Daniel Stenberg
8b85a3cac5
curl_url_set.3: correct description 2018-09-08 19:39:57 +02:00
Daniel Stenberg
890eea5aad
curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0 2018-09-08 16:02:25 +02:00
Daniel Stenberg
fb30ac5a2d
URL-API
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.

Closes #2842
2018-09-08 15:36:11 +02:00
Daniel Stenberg
17ca0ccff4
curl_easy_upkeep: removed 'conn' from the name
... including the associated option.

Fixes #2951
Closes #2952
2018-09-07 13:43:26 +02:00
Max Dymond
7b655fcbad
upkeep: add a connection upkeep API: curl_easy_conn_upkeep()
Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641
2018-09-07 09:45:29 +02:00
Nicklas Avén
6987fcef65
imap: change from "FETCH" to "UID FETCH"
... and add "MAILINDEX".

As described in #2789, this is a suggested solution.  Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior).  So MAILINDEX=1 gives the
first non deleted mail in the mail box.

Fixes #2789
Closes #2815
2018-09-06 10:57:48 +02:00
Daniel Stenberg
2825f46d95
CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
This is step 3 of #2888.

Fixes #2888
Closes #2896
2018-09-06 10:53:39 +02:00
Daniel Stenberg
abff183387
setopt: add CURLOPT_DOH_URL
Closes #2668
2018-09-06 09:17:17 +02:00
Han Han
3f3b26d6fe
ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
Long live CURLE_PEER_FAILED_VERIFICATION
2018-09-06 08:27:15 +02:00
Daniel Stenberg
25fd1057c9
url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
Closes #2709
2018-09-05 14:36:19 +02:00
Daniel Stenberg
d7c4213bd0
multiplex: enable by default
Starting 7.62.0, multiplexing is enabled by default in multi handles.
2018-09-05 14:35:57 +02:00
Daniel Stenberg
f7208df7d9
pipelining: deprecated
Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.

To re-enable the support, the single line change in lib/multi.c needs to
be reverted.

See docs/DEPRECATE.md

Closes #2705
2018-09-05 11:34:03 +02:00
Jay Satiro
c10f5b02a8 CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning
Reported-by: Daniel Stenberg

Closes https://github.com/curl/curl/issues/2916
2018-08-29 10:08:16 -04:00
Daniel Stenberg
cc67b0a2ee
CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip] 2018-08-27 11:16:23 +02:00
Daniel Stenberg
0e7e5e1ad1
CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]
Added a warning!

Closes #2915
2018-08-27 10:49:58 +02:00
Daniel Stenberg
a7ba60bb72
docs: clarify NO_PROXY env variable functionality
Reported-by: Kirill Marchuk
Fixes #2773
Closes #2911
2018-08-24 23:22:46 +02:00
Daniel Stenberg
1b8ed4ad23
libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Either way, a multi-threaded application that uses libcurl/openssl needs
to have a signhandler for or ignore SIGPIPE on its own.

Based on discussions in #2800
Closes #2904
2018-08-23 08:29:55 +02:00
Michael Kaufmann
b676b66f4d docs: Improve the manual pages of some callbacks
- CURLOPT_HEADERFUNCTION: add newlines
- CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata'
- CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA
- CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain
  how to set it

Closes https://github.com/curl/curl/pull/2868
2018-08-11 14:33:28 -04:00
Daniel Jelinski
53d211bfd1
Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bug
Closes #2867
2018-08-10 23:45:08 +02:00
Daniel Stenberg
6fac5a3e65
docs: mention NULL is fine input to several functions
Fixes #2837
Closes #2858
Reported-by: Markus Elfring
2018-08-10 00:24:12 +02:00
Christopher Head
812d05daff
docs/CURLOPT_URL: fix indentation
The statement, “The application does not have to keep the string around
after setting this option,” appears to be indented under the RTMP
paragraph. It actually applies to all protocols, not just RTMP.
Eliminate the extra indentation.

Closes #2788
2018-07-26 16:26:49 +02:00
Christopher Head
9526cbe6bc
docs/CURLOPT_WRITEFUNCTION: size is always 1
For compatibility with `fwrite`, the `CURLOPT_WRITEFUNCTION` callback is
passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Closes #2787
2018-07-26 16:24:43 +02:00
Daniel Stenberg
9679790b23 docs: fix missed option name markups 2018-06-30 18:33:07 +02:00
Daniel Stenberg
6015cefb1b
openssl: make the requested TLS version the *minimum* wanted
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
2018-06-29 22:53:02 +02:00
Adrian Peniak
24cb114c53
CURLINFO_TLS_SSL_PTR.3: improve the example
The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.

Closes #2690
2018-06-28 09:43:23 +02:00
Daniel Stenberg
810ce31886
CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake
Follow-up to b6a16afa0a
2018-06-24 23:18:52 +02:00
Patrick Schlangen
b6a16afa0a
CURLOPT_SSL_VERIFYPEER.3: Add performance note
Closes #2673
2018-06-23 22:35:12 +02:00
Daniel Stenberg
dfb873e308
CURLOPT_INTERFACE.3: interface names not supported on Windows 2018-06-18 23:14:28 +02:00
Daniel Stenberg
a78c5c7aae
CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0 2018-06-15 11:17:02 +02:00
Alibek.Jorajev
f66d97b677
CURLOPT_RESOLVE: always purge old entry first
If there's an existing entry using the selected name.

Closes #2622
2018-06-01 12:47:52 +02:00
Björn Stenberg
946ce5b61f
option: disallow username in URL
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
libcurl reject URLs with a username in them.

Closes #2340
2018-05-31 11:27:16 +02:00
Daniel Stenberg
71d35e4a1d
libcurl-security.3: improved layout for two rememdy lists 2018-05-31 11:19:05 +02:00
Daniel Stenberg
5f07fca8f7
libcurl-security.3: refer to URL instead of in-source markdown file 2018-05-31 11:11:38 +02:00
Daniel Stenberg
050c93c46f
setopt: add TLS 1.3 ciphersuites
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.

curl: added --tls13-ciphers and --proxy-tls13-ciphers

Fixes #2435
Reported-by: zzq1015 on github
Closes #2607
2018-05-29 16:12:52 +02:00
Patrick Monnerat
8541d02c96 psl: use latest psl and refresh it periodically
The latest psl is cached in the multi or share handle. It is refreshed
before use after 72 hours.
New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing.
If the latest psl is not available, the builtin psl is used.

Reported-by: Yaakov Selkowitz
Fixes #2553
Closes #2601
2018-05-28 20:37:14 +02:00
Linus Lewandowski
239a7061f8
httpauth: add support for Bearer tokens
Closes #2102
2018-05-24 20:39:49 +02:00
Daniel Stenberg
2ceab09451
CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit 2018-05-22 08:23:30 +02:00
Daniel Stenberg
d5a2df5f1d
docs: clarify CURLOPT_HTTPGET somewhat
Reported-by: bsammon on github
Fixes #2590
2018-05-21 10:29:28 +02:00
Daniel Stenberg
404c8850da
curl_fnmatch: only allow two asterisks for matching
The previous limit of 5 can still end up in situation that takes a very
long time and consumes a lot of CPU.

If there is still a rare use case for this, a user can provide their own
fnmatch callback for a version that allows a larger set of wildcards.

This commit was triggered by yet another OSS-Fuzz timeout due to this.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369

Closes #2587
2018-05-18 23:33:44 +02:00
Aleks
e05ad5dd99
docs: mention HAproxy protocol "version 1"
...as there's also a version 2.

Closes #2579
2018-05-18 17:48:40 +02:00
Philip Prindeville
ce2140a8c1
getinfo: add microsecond precise timers for various intervals
Provide a set of new timers that return the time intervals using integer
number of microseconds instead of floats.

The new info names are as following:

CURLINFO_APPCONNECT_TIME_T
CURLINFO_CONNECT_TIME_T
CURLINFO_NAMELOOKUP_TIME_T
CURLINFO_PRETRANSFER_TIME_T
CURLINFO_REDIRECT_TIME_T
CURLINFO_STARTTRANSFER_TIME_T
CURLINFO_TOTAL_TIME_T

Closes #2495
2018-05-17 13:41:04 +02:00
Daniel Stenberg
f38220259c
docs/libcurl/index.html: removed
The HTML files are long gone from the dist, now remove the last HTML
file pointing to those missing files.

d
2018-05-15 16:41:55 +02:00
Daniel Gustafsson
e953475de5
URLs: fix one more http url
This file wasn't included in commit 4af40b3646 which updated all
haxx.se http urls to https. The file was committed prior to that update,
but may have been merged after it and hence didn't get updated.

Closes #2550
2018-05-05 23:02:40 +02:00
Denis Ollier
0be4679ba9
docs: remove extraneous commas in man pages
Closes #2544
2018-05-03 15:17:33 +02:00
Daniel Stenberg
97f63f512d
CURLOPT_URL.3: add ENCODING section [ci skip]
Feedback-by: Michael Kilburn
2018-04-30 14:31:04 +02:00
Daniel Stenberg
f84139fd08
CURLINFO_PROTOCOL.3: mention the existing defined names 2018-04-27 11:50:16 +02:00
Christian Schmitz
d0394de152
curl_global_sslset: always provide available backends
Closes #2499
2018-04-23 14:18:55 +02:00
Archangel_SDY
f0819f99ae CURLOPT_SSLCERT.3: improve WinSSL-specific usage info
Ref: https://github.com/curl/curl/pull/2376#issuecomment-381858780

Closes https://github.com/curl/curl/pull/2504
2018-04-23 03:16:52 -04:00
Dan McNulty
8996300211 schannel: add support for CURLOPT_CAINFO
- Move verify_certificate functionality in schannel.c into a new
  file called schannel_verify.c. Additionally, some structure defintions
  from schannel.c have been moved to schannel.h to allow them to be
  used in schannel_verify.c.

- Make verify_certificate functionality for Schannel available on
  all versions of Windows instead of just Windows CE. verify_certificate
  will be invoked on Windows CE or when the user specifies
  CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER.

- In verify_certificate, create a custom certificate chain engine that
  exclusively trusts the certificate store backed by the CURLOPT_CAINFO
  file.

- doc updates of --cacert/CAINFO support for schannel

- Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString
  when available. This implements a TODO in schannel.c to improve
  handling of multiple SANs in a certificate. In particular, all SANs
  will now be searched instead of just the first name.

- Update tool_operate.c to not search for the curl-ca-bundle.crt file
  when using Schannel to maintain backward compatibility. Previously,
  any curl-ca-bundle.crt file found in that search would have been
  ignored by Schannel. But, with CAINFO support, the file found by
  that search would have been used as the certificate store and
  could cause issues for any users that have curl-ca-bundle.crt in
  the search path.

- Update url.c to not set the build time CURL_CA_BUNDLE if the selected
  SSL backend is Schannel. We allow setting CA location for schannel
  only when explicitly specified by the user via CURLOPT_CAINFO /
  --cacert.

- Add new test cases 3000 and 3001. These test cases check that the first
  and last SAN, respectively, matches the connection hostname. New test
  certificates have been added for these cases. For 3000, the certificate
  prefix is Server-localhost-firstSAN and for 3001, the certificate
  prefix is Server-localhost-secondSAN.

- Remove TODO 15.2 (Add support for custom server certificate
  validation), this commit addresses it.

Closes https://github.com/curl/curl/pull/1325
2018-04-18 03:59:47 -04:00
Jakub Wilk
24e8355877 docs: fix typos
Closes https://github.com/curl/curl/pull/2503
2018-04-17 15:32:51 -04:00
Archangel_SDY
e35b0256eb
schannel: add client certificate authentication
Users can now specify a client certificate in system certificates store
explicitly using expression like `--cert "CurrentUser\MY\<thumbprint>"`

Closes #2376
2018-04-17 00:23:01 +02:00
Jay Satiro
cbc0f131c2 docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
- Put a percent sign before each CURL_FORMAT_CURL_OFF_T in printf.

For example "%" CURL_FORMAT_CURL_OFF_T becomes %lld or similar.

Bug: https://curl.haxx.se/mail/lib-2018-03/0140.html
Reported-by: David L.
2018-03-31 14:52:55 -04:00
Daniel Stenberg
3ff09ce777
CURLINFO_SSL_VERIFYRESULT.3: fix the example, add some text
Reported-by: Michal Trybus

Fixes #2400
2018-03-21 01:04:41 +01:00