1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

547 Commits

Author SHA1 Message Date
Gilles Vollant
148534db57
CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl)
Closes #4346
2020-05-08 15:55:04 +02:00
Emil Engler
6540cbbc75
doc: add missing closing parenthesis in CURLINFO_SSL_VERIFYRESULT.3
Closes #5320
2020-05-02 12:03:20 +02:00
Emil Engler
42d8d9a7e8
GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT
Closes #5287
2020-04-30 14:40:54 +02:00
Bjorn Stenberg
2522903b79
mqtt: add new experimental protocol
Closes #5173
2020-04-14 13:03:40 +02:00
Daniel Stenberg
946a71a14f
CURLOPT_WRITEFUNCTION.3: add inline example and new see-also
Closes #5192
2020-04-07 00:07:49 +02:00
Kwon-Young Choi
54ecc11cc4
CURLINFO_CONDITION_UNMET: return true for 304 http status code
In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the
output file if the server did not transfered a file based on time
condition. In the same manner, getting a 304 HTTP response back from the
server, for example after passing a custom If-Match-* header, also
fulfill this condition.

Fixes #5181
Closes #5183
2020-04-05 11:13:49 +02:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Johannes Schindelin
5450428491 schannel: add "best effort" revocation check option
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
2020-03-18 03:23:39 -04:00
Daniel Stenberg
0845ecbb6d
docs: add warnings about FILE: URLs on Windows
- --url man page section
 - libcurl-security.3 gets the full text
 - CURLOPT_URL.3

Reported-by: Tim Sedlmeyer
2020-03-13 16:56:41 +01:00
Daniel Stenberg
52d302ed64
polarssl: remove more references and mentions
Assisted-by: Jay Satiro
Follow-up to 6357a19ff2
Closes #5036
2020-03-05 07:57:45 +01:00
Jonathan Cardoso Machado
5b46790f11
docs: fix typo on CURLINFO_RETRY_AFTER - alwaus -> always
Reviewed-by: Steve Holme
Closes #5005
2020-02-29 21:14:26 +00:00
Daniel Stenberg
d79ee4ae32
CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
to be in sync with the description above

Reported-by: Joonas Kuorilehto
Fixes #4943
Closes #4945
2020-02-18 09:19:39 +01:00
Jay Satiro
03564deba2 CURLINFO_COOKIELIST.3: Fix example
Prior to this change the example would try to import cookies from stdin,
which wasn't what was intended.

Reported-by: 3dyd@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4930
2020-02-15 18:17:31 -05:00
Daniel Stenberg
8957e6e4ed
CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
Assisted-by: Jay Satiro
Reported-by: Craig Andrews
Fixes #4909
Closes #4910
2020-02-11 22:37:02 +01:00
Daniel Stenberg
8b7fff3311
location.d: the method change is from POST to GET only
Not from generic non-GET to GET.

Reported-by: Andrius Merkys
Ref: #4859
Closes #4861
2020-01-28 12:58:33 +01:00
Jay Satiro
5e2ad2d015 CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3.

Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the
CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-23 02:51:52 -05:00
Pavel Volgarev
4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
加藤郁之
7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00
Daniel Stenberg
9d1a0922b7
HTTP-COOKIES.md: describe the cookie file format
... and refer to that file from from CURLOPT_COOKIEFILE.3 and
CURLOPT_COOKIELIST.3

Assisted-by: Jay Satiro
Reported-by: bsammon on github
Fixes #4805
Closes #4806
2020-01-13 23:18:32 +01:00
Jay Satiro
aeb32d059b CURLOPT_READFUNCTION.3: fix fopen params in example 2020-01-06 03:09:53 -05:00
Jay Satiro
e9dd17b754 CURLOPT_READFUNCTION.3: fix variable name in example
Reported-by: Paul Joyce

Fixes https://github.com/curl/curl/issues/4787
2020-01-06 03:01:33 -05:00
Jay Satiro
97934a2f71 CURLOPT_HEADERFUNCTION.3: Document that size is always 1
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback
is passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Reported-by: Frank Gevaerts
Commit-message-by: Christopher Head

Ref: https://github.com/curl/curl/pull/2787

Fixes https://github.com/curl/curl/issues/4758
2019-12-26 02:26:08 -05:00
Jay Satiro
c1592cc92b CURLOPT_QUOTE.3: fix typos
Prior to this change the EXAMPLE in the QUOTE/PREQUOTE/POSTQUOTE man
pages would not compile because a variable name was incorrect.

Reported-by: Bylon2@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4736
2019-12-18 15:21:58 -05:00
Daniel Stenberg
14f8b6e69e
CURLOPT_URL.3: "curl supports SMB version 1 (only)"
[skip ci]
2019-12-18 10:14:18 +01:00
Daniel Stenberg
4147d58aee
docs: TLS SRP doesn't work with TLS 1.3
Reported-by: sayrer on github
Closes #4262
[skip ci]
2019-12-16 16:03:22 +01:00
Daniel Stenberg
2ebce6b060
CURLOPT_VERBOSE.3: see also ERRORBUFFER 2019-12-04 09:30:57 +01:00
Daniel Stenberg
564d88a8bd
openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains
Closes #4655
2019-12-03 16:28:50 +01:00
Daniel Stenberg
0092b6bf8a
OPENSOCKETFUNCTION.3: correct the purpose description
Reported-by: Jeff Mears
Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html

Closes #4667
2019-12-03 16:24:40 +01:00
John Schroeder
7cf18b05e0
XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUE
(also for PROGRESSFUNCTION)

By returning this value from the callback, the internal progress
function call is still called afterward.

Closes #4599
2019-11-26 09:16:01 +01:00
Vilhelm Prytz
d0319adb0c
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
2019-11-02 23:15:56 +01:00
Jay Satiro
ce07f0b8a1 CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
Prior to this change some users did not understand that the "request"
starts when the handle is added to the multi handle, or probably they
did not understand that some of those transfers may be queued and that
time is included in timeout.

Reported-by: Jeroen Ooms

Fixes https://github.com/curl/curl/issues/4486
Closes https://github.com/curl/curl/pull/4489
2019-10-16 14:20:16 -04:00
Daniel Stenberg
6379163877
CURLOPT_TIMEOUT.3: remove the mention of "minutes"
... just say that limiting operations risk aborting otherwise fine
working transfers. If that means seconds, minutes or hours, we leave to
the user.

Reported-by: Martin Gartner
Closes #4469
2019-10-07 18:02:57 +02:00
Daniel Stenberg
683102e0a0
CURLMOPT_MAX_CONCURRENT_STREAMS.3: fix SEE ALSO typo 2019-10-03 14:16:10 +02:00
Kunal Ekawde
c124e6b3c0
CURLMOPT_MAX_CONCURRENT_STREAMS: new setopt
Closes #4410
2019-10-02 07:47:48 +02:00
Alessandro Ghedini
5eb75d4186 docs: remove trailing ':' from section names in CURLOPT_TRAILER* man 2019-09-15 12:25:02 +01:00
Alessandro Ghedini
4a2d47e0b7 docs: fix typo in CURLOPT_HTTP_VERSION man 2019-09-15 12:25:02 +01:00
Christopher Head
ff2bbfb637
CURLOPT_HEADERFUNCTION.3: clarify
Closes #4273
2019-08-28 08:52:29 +02:00
Daniel Stenberg
44c9884552
CURLINFO docs: mention that in redirects times are added
Suggested-by: Brandon Dong
Fixes #4250
Closes #4269
2019-08-28 00:03:12 +02:00
Daniel Stenberg
6a90c9e0c4
CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
For a long time (since 7.28.1) we've returned error when setting the
value to 1 to make applications notice that we stopped supported the old
behavior for 1. Starting now, we treat 1 and 2 exactly the same.

Closes #4241
2019-08-20 14:57:59 +02:00
Daniel Stenberg
db80de0528
CURLOPT_ALTSVC.3: use a "" file name to not load from a file 2019-08-14 14:42:11 +02:00
Daniel Stenberg
b867ecf0c5
CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
Follow-up to 98c3f148 that removed it from the header file
2019-08-13 11:19:35 +02:00
Daniel Stenberg
f88d865bf4
CURLOPT_READFUNCTION.3: provide inline example
... instead of mentioning one in another place
2019-08-12 09:20:52 +02:00
Daniel Stenberg
084404b8ab
CURLOPT_H3: removed
There's no use for this anymore and it was never in a release.

Closes #4206
2019-08-09 12:26:02 +02:00
Daniel Stenberg
026840e35c
CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197
2019-08-08 08:17:24 +02:00
Daniel Stenberg
f933449d3b
CURLINFO_RETRY_AFTER: parse the Retry-After header value
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794
2019-08-07 14:45:39 +02:00
Steve Holme
7c469fa537 sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:20 -04:00
Daniel Stenberg
a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Balazs Kovacsics
802aa5ae27
HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME.  Update
test 1514 according to the new behaviour.

Closes #4138
2019-07-29 13:18:53 +02:00
Daniel Stenberg
3af0e76d1e
HTTP3: initial (experimental) support
USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500
2019-07-21 23:49:03 +02:00
Jay Satiro
28f6fda8dc CURLOPT_RANGE.3: Caution against using it for HTTP PUT
AFAICT CURLOPT_RANGE does not support ranged HTTP PUT uploads so I've
cautioned against using it for that purpose and included a workaround.

Bug: https://curl.haxx.se/mail/lib-2019-04/0075.html
Reported-by: Christopher Head

Closes https://github.com/curl/curl/issues/3814
2019-07-17 01:45:26 -04:00