1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 12:05:06 -05:00
Commit Graph

552 Commits

Author SHA1 Message Date
Daniel Stenberg
eab2f95c0d
wording: avoid blacklist/whitelist stereotypes
Instead of discussing if there's value or meaning (implied or not) in
the colors, let's use words without the same possibly negative
associations.

Closes #5546
2020-06-10 08:49:17 +02:00
Daniel Stenberg
a00668d296
CURLINFO_ACTIVESOCKET.3: clarify the description
Reported-by: Jay Satiro
Fixes #5299
Closes #5520
2020-06-05 08:50:48 +02:00
Gilles Vollant
7f40633422
setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency
Closes #5431
2020-05-23 23:19:13 +02:00
Gilles Vollant
cac5374298
setopt: support certificate options in memory with struct curl_blob
This change introduces a generic way to provide binary data in setopt
options, called BLOBs.

This change introduces these new setopts:

CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.

Reviewed-by: Daniel Stenberg
Closes #5357
2020-05-15 13:03:59 +02:00
Daniel Stenberg
81a54b12c6
OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN
... to avoid an OpenSSL bug that otherwise makes the CRL check to fail.

Reported-by: Michael Kaufmann
Fixes #5374
Closes #5376
2020-05-13 16:39:36 +02:00
Gilles Vollant
148534db57
CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl)
Closes #4346
2020-05-08 15:55:04 +02:00
Emil Engler
6540cbbc75
doc: add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3
Closes #5320
2020-05-02 12:03:20 +02:00
Emil Engler
42d8d9a7e8
GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
Closes #5287
2020-04-30 14:40:54 +02:00
Bjorn Stenberg
2522903b79
mqtt: add new experimental protocol
Closes #5173
2020-04-14 13:03:40 +02:00
Daniel Stenberg
946a71a14f
CURLOPT_WRITEFUNCTION.3: add inline example and new see-also
Closes #5192
2020-04-07 00:07:49 +02:00
Kwon-Young Choi
54ecc11cc4
CURLINFO_CONDITION_UNMET: return true for 304 http status code
In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the
output file if the server did not transfered a file based on time
condition. In the same manner, getting a 304 HTTP response back from the
server, for example after passing a custom If-Match-* header, also
fulfill this condition.

Fixes #5181
Closes #5183
2020-04-05 11:13:49 +02:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Johannes Schindelin
5450428491 schannel: add "best effort" revocation check option
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
2020-03-18 03:23:39 -04:00
Daniel Stenberg
0845ecbb6d
docs: add warnings about FILE: URLs on Windows
- --url man page section
 - libcurl-security.3 gets the full text
 - CURLOPT_URL.3

Reported-by: Tim Sedlmeyer
2020-03-13 16:56:41 +01:00
Daniel Stenberg
52d302ed64
polarssl: remove more references and mentions
Assisted-by: Jay Satiro
Follow-up to 6357a19ff2
Closes #5036
2020-03-05 07:57:45 +01:00
Jonathan Cardoso Machado
5b46790f11
docs: fix typo on CURLINFO_RETRY_AFTER - alwaus -> always
Reviewed-by: Steve Holme
Closes #5005
2020-02-29 21:14:26 +00:00
Daniel Stenberg
d79ee4ae32
CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
to be in sync with the description above

Reported-by: Joonas Kuorilehto
Fixes #4943
Closes #4945
2020-02-18 09:19:39 +01:00
Jay Satiro
03564deba2 CURLINFO_COOKIELIST.3: Fix example
Prior to this change the example would try to import cookies from stdin,
which wasn't what was intended.

Reported-by: 3dyd@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4930
2020-02-15 18:17:31 -05:00
Daniel Stenberg
8957e6e4ed
CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
Assisted-by: Jay Satiro
Reported-by: Craig Andrews
Fixes #4909
Closes #4910
2020-02-11 22:37:02 +01:00
Daniel Stenberg
8b7fff3311
location.d: the method change is from POST to GET only
Not from generic non-GET to GET.

Reported-by: Andrius Merkys
Ref: #4859
Closes #4861
2020-01-28 12:58:33 +01:00
Jay Satiro
5e2ad2d015 CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3.

Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the
CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-23 02:51:52 -05:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
加藤郁之
7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00
Daniel Stenberg
9d1a0922b7
HTTP-COOKIES.md: describe the cookie file format
... and refer to that file from from CURLOPT_COOKIEFILE.3 and
CURLOPT_COOKIELIST.3

Assisted-by: Jay Satiro
Reported-by: bsammon on github
Fixes #4805
Closes #4806
2020-01-13 23:18:32 +01:00
Jay Satiro
aeb32d059b CURLOPT_READFUNCTION.3: fix fopen params in example 2020-01-06 03:09:53 -05:00
Jay Satiro
e9dd17b754 CURLOPT_READFUNCTION.3: fix variable name in example
Reported-by: Paul Joyce

Fixes https://github.com/curl/curl/issues/4787
2020-01-06 03:01:33 -05:00
Jay Satiro
97934a2f71 CURLOPT_HEADERFUNCTION.3: Document that size is always 1
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback
is passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Reported-by: Frank Gevaerts
Commit-message-by: Christopher Head

Ref: https://github.com/curl/curl/pull/2787

Fixes https://github.com/curl/curl/issues/4758
2019-12-26 02:26:08 -05:00
Jay Satiro
c1592cc92b CURLOPT_QUOTE.3: fix typos
Prior to this change the EXAMPLE in the QUOTE/PREQUOTE/POSTQUOTE man
pages would not compile because a variable name was incorrect.

Reported-by: Bylon2@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4736
2019-12-18 15:21:58 -05:00
Daniel Stenberg
14f8b6e69e
CURLOPT_URL.3: "curl supports SMB version 1 (only)"
[skip ci]
2019-12-18 10:14:18 +01:00
Daniel Stenberg
4147d58aee
docs: TLS SRP doesn't work with TLS 1.3
Reported-by: sayrer on github
Closes #4262
[skip ci]
2019-12-16 16:03:22 +01:00
Daniel Stenberg
2ebce6b060
CURLOPT_VERBOSE.3: see also ERRORBUFFER 2019-12-04 09:30:57 +01:00
Daniel Stenberg
564d88a8bd
openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains
Closes #4655
2019-12-03 16:28:50 +01:00
Daniel Stenberg
0092b6bf8a
OPENSOCKETFUNCTION.3: correct the purpose description
Reported-by: Jeff Mears
Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html

Closes #4667
2019-12-03 16:24:40 +01:00
John Schroeder
7cf18b05e0
XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE
(also for PROGRESSFUNCTION)

By returning this value from the callback, the internal progress
function call is still called afterward.

Closes #4599
2019-11-26 09:16:01 +01:00
Vilhelm Prytz
d0319adb0c
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
2019-11-02 23:15:56 +01:00
Jay Satiro
ce07f0b8a1 CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
Prior to this change some users did not understand that the "request"
starts when the handle is added to the multi handle, or probably they
did not understand that some of those transfers may be queued and that
time is included in timeout.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/4486
Closes https://github.com/curl/curl/pull/4489
2019-10-16 14:20:16 -04:00
Daniel Stenberg
6379163877
CURLOPT_TIMEOUT.3: remove the mention of "minutes"
... just say that limiting operations risk aborting otherwise fine
working transfers. If that means seconds, minutes or hours, we leave to
the user.

Reported-by: Martin Gartner
Closes #4469
2019-10-07 18:02:57 +02:00
Daniel Stenberg
683102e0a0
CURLMOPT_MAX_CONCURRENT_STREAMS.3: fix SEE ALSO typo 2019-10-03 14:16:10 +02:00
Kunal Ekawde
c124e6b3c0
CURLMOPT_MAX_CONCURRENT_STREAMS: new setopt
Closes #4410
2019-10-02 07:47:48 +02:00
Alessandro Ghedini
5eb75d4186 docs: remove trailing ':' from section names in CURLOPT_TRAILER* man 2019-09-15 12:25:02 +01:00
Alessandro Ghedini
4a2d47e0b7 docs: fix typo in CURLOPT_HTTP_VERSION man 2019-09-15 12:25:02 +01:00
Christopher Head
ff2bbfb637
CURLOPT_HEADERFUNCTION.3: clarify
Closes #4273
2019-08-28 08:52:29 +02:00
Daniel Stenberg
44c9884552
CURLINFO docs: mention that in redirects times are added
Suggested-by: Brandon Dong
Fixes #4250
Closes #4269
2019-08-28 00:03:12 +02:00
Daniel Stenberg
6a90c9e0c4
CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
For a long time (since 7.28.1) we've returned error when setting the
value to 1 to make applications notice that we stopped supported the old
behavior for 1. Starting now, we treat 1 and 2 exactly the same.

Closes #4241
2019-08-20 14:57:59 +02:00
Daniel Stenberg
db80de0528
CURLOPT_ALTSVC.3: use a "" file name to not load from a file 2019-08-14 14:42:11 +02:00
Daniel Stenberg
b867ecf0c5
CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
Follow-up to 98c3f148 that removed it from the header file
2019-08-13 11:19:35 +02:00
Daniel Stenberg
f88d865bf4
CURLOPT_READFUNCTION.3: provide inline example
... instead of mentioning one in another place
2019-08-12 09:20:52 +02:00
Daniel Stenberg
084404b8ab
CURLOPT_H3: removed
There's no use for this anymore and it was never in a release.

Closes #4206
2019-08-09 12:26:02 +02:00
Daniel Stenberg
026840e35c
CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197
2019-08-08 08:17:24 +02:00
Daniel Stenberg
f933449d3b
CURLINFO_RETRY_AFTER: parse the Retry-After header value
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794
2019-08-07 14:45:39 +02:00