1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-15 22:15:13 -05:00
Commit Graph

903 Commits

Author SHA1 Message Date
Richy Kim
6b7616690e CURLOPT_BUFFERSIZE: support enlarging receive buffer
Replace use of fixed macro BUFSIZE to define the size of the receive
buffer.  Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive
buffer size.  Upon setting, resize buffer if larger than the current
default size up to a MAX_BUFSIZE (512KB). This can benefit protocols
like SFTP.

Closes #1222
2017-01-19 23:38:04 +01:00
Daniel Stenberg
8f8ba61224 bump: next release will be 7.53.0 2017-01-16 08:34:15 +01:00
Isaac Boukris
1d786faee1 unix_socket: add support for abstract unix domain socket
In addition to unix domain sockets, Linux also supports an
abstract namespace which is independent of the filesystem.

In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET
option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH
internally, along with a flag to specify abstract socket.

On non-supporting platforms, the abstract address will be
interpreted as an empty string and fail gracefully.

Also add new --abstract-unix-socket tool parameter.

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: Chungtsun Li (typeless)
Reviewed-by: Daniel Stenberg
Reviewed-by: Peter Wu
Closes #1197
Fixes #1061
2017-01-13 16:25:20 +01:00
Daniel Stenberg
9b3fbf6b83 curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use
This error code was once introduced when some library was dynamically
loaded and a funciton within said library couldn't be found.
2016-12-29 11:31:01 +01:00
Daniel Stenberg
ad4b348c48 bump: toward next release 2016-12-23 23:47:33 +01:00
Daniel Stenberg
462650e455 bump: toward next release 2016-12-21 12:44:09 +01:00
Daniel Stenberg
845522cadb preproxy: renamed what was added as SOCKS_PROXY
CURLOPT_SOCKS_PROXY -> CURLOPT_PRE_PROXY

Added the corresponding --preroxy command line option. Sets a SOCKS
proxy to connect to _before_ connecting to a HTTP(S) proxy.
2016-12-16 16:04:23 +01:00
Daniel Stenberg
7907a2bec9 CURLOPT_SOCKS_PROXYTYPE: removed
This was added as part of the SOCKS+HTTPS proxy merge but there's no
need to support this as we prefer to have the protocol specified as a
prefix instead.
2016-12-16 15:10:19 +01:00
Daniel Stenberg
b228d2952b checksrc: stricter no-space-before-paren enforcement
In order to make the code style more uniform everywhere
2016-12-13 23:39:11 +01:00
Okhin Vasilij
a4b2f7aafd curl_version_info: add CURL_VERSION_HTTPS_PROXY
Closes #1142
2016-11-26 17:28:53 +01:00
Thomas Glanzmann
4f8b17743d HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY 2016-11-25 10:49:38 +01:00
Frank Gevaerts
ba410f6c64 add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
Adds access to the effectively used protocol/scheme to both libcurl and
curl, both in string and numeric (CURLPROTO_*) form.

Note that the string form will be uppercase, as it is just the internal
string.

As these strings are declared internally as const, and all other strings
returned by curl_easy_getinfo() are de-facto const as well, string
handling in getinfo.c got const-ified.

Closes #1137
2016-11-25 00:45:18 +01:00
Daniel Stenberg
8657c268e1 checksrc: white space edits to comply to stricter checksrc 2016-11-24 23:58:22 +01:00
Daniel Stenberg
dbadaebfc4 checksrc: code style: use 'char *name' style 2016-11-24 23:58:22 +01:00
Alex Rousskov
cb4e2be7c6 proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.

With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.

A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):

  --proxy-cacert FILE        CA certificate to verify peer against
  --proxy-capath DIR         CA directory to verify peer against
  --proxy-cert CERT[:PASSWD] Client certificate file and password
  --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
  --proxy-ciphers LIST       SSL ciphers to use
  --proxy-crlfile FILE       Get a CRL list in PEM format from the file
  --proxy-insecure           Allow connections to proxies with bad certs
  --proxy-key KEY            Private key file name
  --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
  --proxy-pass PASS          Pass phrase for the private key
  --proxy-ssl-allow-beast    Allow security flaw to improve interop
  --proxy-sslv2              Use SSLv2
  --proxy-sslv3              Use SSLv3
  --proxy-tlsv1              Use TLSv1
  --proxy-tlsuser USER       TLS username
  --proxy-tlspassword STRING TLS password
  --proxy-tlsauthtype STRING TLS authentication type (default SRP)

All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.

Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.

Supported backends: OpenSSL, GnuTLS, and NSS.

* A SOCKS proxy + HTTP/HTTPS proxy combination:

If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.

TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.
2016-11-24 23:41:44 +01:00
Daniel Stenberg
397abc8b44 bump: next version will be 7.52.0 2016-11-09 09:15:58 +01:00
Kamil Dudka
6ad3add606 vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
Fully implemented with the NSS backend only for now.

Reviewed-by: Ray Satiro
2016-11-07 11:52:07 +01:00
Daniel Stenberg
27302abb94 s/cURL/curl
We're mostly saying just "curl" in lower case these days so here's a big
cleanup to adapt to this reality. A few instances are left as the
project could still formally be considered called cURL.
2016-11-07 10:36:23 +01:00
Daniel Stenberg
71cfce9ce7 bump: start working on 7.51.1 2016-11-03 10:08:26 +01:00
Michael Kaufmann
e9e5366193 New libcurl option to keep sending on error
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether
sending the request body shall be completed when the server responds
early with an error status code.

This is suitable for manual NTLM authentication.

Reviewed-by: Jay Satiro

Closes https://github.com/curl/curl/pull/904
2016-09-22 22:22:31 +02:00
Jay Satiro
af2d679e14 errors: new alias CURLE_WEIRD_SERVER_REPLY (8)
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as
more of a generic "failed to parse" introduce an alias without FTP in
the name.

Closes https://github.com/curl/curl/pull/975
2016-09-07 21:24:27 -04:00
Daniel Stenberg
add8ee7d57 bump: toward 7.51.0 2016-09-07 15:45:24 +02:00
Daniel Stenberg
5fce88aa8c curl.h: make CURL_NO_OLDIES define CURL_STRICTER 2016-08-09 14:46:51 +02:00
Daniel Stenberg
73878278d8 bump: start working toward 7.50.2 2016-08-03 09:36:27 +02:00
Daniel Stenberg
d6604524ad include: revert 9adf3c4 and make public types void * again
Many applications assume the actual contents of the public types and use
that do for example forward declarations (saving them from including our
public header) which then breaks when we switch from void * to a struct
*.

I'm not convinced we were wrong, but since this practise seems
widespread enough I'm willing to (partly) step down.

Now libcurl uses the struct itself when it is built and it allows
applications to use the struct type if CURL_STRICTER is defined at the
time of the #include.

Reported-by: Peter Frühberger
Fixes #926
2016-07-31 22:59:22 +02:00
Daniel Stenberg
001f8d06fe bump: start working on 7.50.1 2016-07-21 11:16:08 +02:00
Daniel Stenberg
434f8d0389 internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
Daniel Stenberg
9adf3c473a headers: forward declare CURL, CURLM and CURLSH as structs
Instead of typedef'ing to void, typedef to their corresponding actual
struct names to allow compilers to type-check.

Assisted-by: Reinhard Max
2016-06-22 10:28:36 +02:00
Frank Gevaerts
071c561394 http: add CURLINFO_HTTP_VERSION and %{http_version}
Adds access to the effectively used http version to both libcurl and
curl.

Closes #799
2016-05-30 22:58:51 +02:00
Daniel Stenberg
4bffaad85f bump: start the journey toward 7.50.0 2016-05-30 22:55:54 +02:00
Steve Holme
1c86f14030 bump: Start work on 7.49.1 2016-05-18 17:47:38 +01:00
Daniel Stenberg
63e1f060a2 curlbuild.h.dist: check __LP64__ as well to fix MIPS build
The preprocessor check that sets up the 32bit defines for non-configure
builds didn't work properly for MIPS systems as __mips__ is defined for
both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit.

Reported-by: Tomas Jakobsson
Fixes #813
2016-05-18 14:10:36 +02:00
Daniel Stenberg
56fb8a1f11 curl.h: clarify curl_sslbackend for openssl clones and renames 2016-04-25 11:37:40 +02:00
Patrick Monnerat
3cd082be83 curl.h: CURLOPT_CONNECT_TO sets a struct slist *, not a string 2016-04-22 16:49:02 +02:00
Alessandro Ghedini
dc68f2dab9 url: add CURLOPT_TCP_FASTOPEN option 2016-04-18 23:17:19 +02:00
Daniel Stenberg
a9a1d303f5 includes: avoid duplicate memory callback typdefs even harder 2016-04-18 15:04:17 +02:00
Michael Kaufmann
cd8d236245 news: CURLOPT_CONNECT_TO and --connect-to
Makes curl connect to the given host+port instead of the host+port found
in the URL.
2016-04-17 23:50:59 +02:00
Tatsuhiro Tsujikawa
92c2a4c053 http2: Add handling stream level error
Previously, when a stream was closed with other than NGHTTP2_NO_ERROR
by RST_STREAM, underlying TCP connection was dropped.  This is
undesirable since there may be other streams multiplexed and they are
very much fine.  This change introduce new error code
CURLE_HTTP2_STREAM, which indicates stream error that only affects the
relevant stream, and connection should be kept open.  The existing
CURLE_HTTP2 means connection error in general.

Ref: https://github.com/curl/curl/issues/659
Ref: https://github.com/curl/curl/pull/663
2016-04-11 21:43:24 -04:00
Steve Holme
ccf7a82605 CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME
As these two options provide identical functionality, the former for
SOCK5 proxies and the latter for HTTP proxies, merged the two options
together.

As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of
7.49.0.
2016-04-09 20:47:05 +01:00
Daniel Stenberg
a71012c03e code: style updates 2016-04-03 22:38:36 +02:00
Daniel Stenberg
c40e85334d 7.49.0: next release version 2016-04-02 17:26:54 +02:00
Daniel Stenberg
7db9782dd6 curl.h: define CURL_DID_MEMORY_FUNC_TYPEDEFS
So that we only do the extra typedefs in curl_memory.h when we really
need to and avoid double typedefs.

follow-up commit to 7218b52c49

Thanks-to: Steve Holme
2016-04-01 13:14:57 +02:00
Daniel Stenberg
55452ebdff curl/mprintf.h: remove support for _MPRINTF_REPLACE
The define is not in our name space and is therefore not protected by
our API promises.

It was only really used by libcurl internals but was mostly erased from
there already in 8aabbf5 (March 2015). This is supposedly the final
death blow to that define from everywhere.

As a side-effect, making sure _MPRINTF_REPLACE is gone and not used, I
made the lib tests in tests/libtest/ use curl_printf.h for its redefine
magic and then subsequently the use of sprintf() got banned in the tests
as well (as it is in libcurl internals) and I then replaced them all
with snprintf().

In the unlikely event that any users is actually using this define and
gets sad by this change, it is very easily copied to the user's own
code.
2016-04-01 10:46:36 +02:00
Diego Bes
324a97ecf8 http2: support "prior knowledge", no upgrade from HTTP/1.1
Supports HTTP/2 over clear TCP

- Optimize switching to HTTP/2 by removing calls to init and setup
before switching. Switching will eventually call setup and setup calls
init.

- Supports new version to “force” the use of HTTP/2 over clean TCP

- Add common line parameter “--http2-prior-knowledge” to the Curl
  command line tool.
2016-03-31 22:23:11 +02:00
Daniel Stenberg
5173c499c1 bump: work on 7.48.1 2016-03-23 09:35:23 +01:00
Daniel Stenberg
997a95bbc8 bump: the coming release is 7.48.0 2016-03-18 21:59:53 +01:00
Jay Satiro
332414a30e getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION
The two options are almost the same, except in the case of OpenSSL:

CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *.

CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *.

For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to
return an SSL pointer for OpenSSL.

Also, add support for the 'internals' member to point to SSL object for
the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and
wolfSSL.

Bug: https://github.com/curl/curl/issues/234
Reported-by: dkjjr89@users.noreply.github.com

Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html
Reported-by: Michael König
2016-02-23 19:03:03 -05:00
Michael Koenig
9dc3eaee29 TFTP: add option to suppress TFTP option requests (Part 1)
Some TFTP server implementations ignore the "TFTP Option extension"
(RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing
problems with libcurl. Another switch for curl_easy_setopt
"CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from
sending TFTP option requests to a server, avoiding many problems caused
by faulty implementations.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:00:58 -05:00
Daniel Stenberg
7f97fd5a83 bump: work toward the next release 2016-02-08 10:47:44 +01:00
Dan Fandrich
093f9cd38d URLs: Change more haxx.se URLs from http: to https: 2016-02-03 01:45:21 +01:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
300718382f bump: towards the next (7.47.1 ?) 2016-01-28 16:36:29 +01:00
Daniel Stenberg
18ecdd0430 curlver: the pending release will become 7.47.0 2015-12-15 00:02:20 +01:00
Daniel Stenberg
4bcc532de5 http: add libcurl option to allow HTTP/2 for HTTPS only
... and stick to 1.1 for HTTP. This is in line with what browsers do and
should have very little risk.
2015-12-13 09:24:51 +01:00
Gisle Vanem
e1b6b2219d lwip: Fix compatibility issues with later versions
The name of the header guard in lwIP's <lwip/opt.h> has changed from
'__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015).

Other fixes:

- In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is
used.

- In memdebug.h, the 'socket' should be undefined first due to lwIP's
lwip_socket() macro.

- In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need
special handling because they were undef'ed in memdebug.h.

- In select.c we can't use preprocessor conditionals inside select if
MSVC and select is a macro, as it is with lwIP.

http://curl.haxx.se/mail/lib-2015-12/0023.html
http://curl.haxx.se/mail/lib-2015-12/0024.html
2015-12-07 14:27:55 -05:00
Gisle Vanem
b1f9424fa7 version: Add flag CURL_VERSION_PSL for libpsl 2015-12-07 02:59:54 -05:00
Daniel Stenberg
e7d8d8e257 bump: towards next release
for all we know now, it might be called 7.46.1
2015-12-02 23:24:47 +01:00
Patrick Monnerat
ff8d352ae9 curl.h: s/#defien/#define/ 2015-11-19 13:53:47 +01:00
Daniel Stenberg
796c6ef02b typecheck-gcc.h: add missing slist-using options
CURLOPT_RESOLVE and CURLOPT_PROXYHEADER were missing

Also sorted the list.
2015-11-13 23:19:19 +01:00
Daniel Stenberg
60cf8157c7 typecheck-gcc.h: added CURLOPT_CLOSESOCKETDATA
... and sorted curl_is_cb_data_option alphabetically
2015-11-13 23:12:48 +01:00
Daniel Stenberg
fd0c678e21 typecheck-gcc.h: add some missing string types
Also sorted that list alphabetically
2015-11-13 16:53:17 +01:00
Daniel Stenberg
aba281e762 curl.h: introducing the STRINGPOINT alias
As an alias for OBJECTPOINT. Provided to allow us to grep for all string
options easier.
2015-11-13 16:50:10 +01:00
Daniel Stenberg
ca5f9341ef formadd: support >2GB files on windows
Closes #425
2015-11-02 08:41:46 +01:00
Daniel Stenberg
49a991346e curl.h: s/HTTPPOST_/CURL_HTTPOST_
Fixes a name space pollution at the cost of programs using one of these
defines will no longer compile. However, the vast majority of libcurl
programs that do multipart formposts use curl_formadd() to build this
list.

Closes #506
2015-10-31 22:51:20 +01:00
Daniel Stenberg
d31ed6ac71 http2: s/priority/weight 2015-10-23 08:22:38 +02:00
Daniel Stenberg
3042cb5043 http2: added three stream prio/deps options
CURLOPT_STREAM_DEPENDS

CURLOPT_STREAM_DEPENDS_E

CURLOPT_STREAM_PRIORITY
2015-10-23 08:22:38 +02:00
Jonas Minnberg
fe7590f729 vtls: added support for mbedTLS
closes #496
2015-10-20 07:57:24 +02:00
Richard Hosking
684816cd9b curlbuild.h: Fix non-configure compiling to mips and sh4 targets 2015-10-16 23:57:44 +02:00
Daniel Stenberg
8bb43ecd05 bump: start climbing toward 7.46.0 2015-10-07 14:52:32 +02:00
Kamil Dudka
0e91737615 Revert "has: generate the curl/has.h header"
This reverts commit a60bde79f9 I have
pushed by mistake.  Apologies for my incompetent use of the git repo!
2015-09-04 16:12:26 +02:00
Daniel Stenberg
a60bde79f9 has: generate the curl/has.h header
changed macro name, moved and renamed script to become docs/libcurl/has.pl,
generate code that is checksrc compliant
2015-09-04 10:41:43 +02:00
Razvan Cojocaru
62f306ff34 getinfo: added CURLINFO_ACTIVESOCKET
This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64
bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable.

Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
2015-08-24 12:34:17 +02:00
Nathaniel Waisbrot
9756d1da76 CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
2015-08-22 21:57:14 -04:00
Jay Satiro
9518139c73 gitignore: Sort for readability
find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}'
2015-08-18 01:03:05 -04:00
Daniel Stenberg
052a9dfdad bump: start working toward 7.45.0 2015-08-12 09:07:37 +02:00
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
Jay Satiro
66a5f76583 multi: Move http2 push function declarations to header end
This change necessary for binary compatibility.

Prior to this change test 1135 failed due to the order of functions.
2015-06-30 17:19:21 -04:00
Daniel Stenberg
a384f28ca6 http2: curl_pushheader_byname now takes a const char * 2015-06-24 23:44:42 +02:00
Daniel Stenberg
f65ab8864e http2: fixed the header accessor functions for the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
ea7134ac87 http2: initial implementation of the push callback 2015-06-24 23:44:42 +02:00
Daniel Stenberg
70191958b5 http2: initial HTTP/2 server push types/docs 2015-06-24 23:44:42 +02:00
Daniel Stenberg
85739723ba bump: start the journey toward 7.44.0 2015-06-17 13:59:33 +02:00
Daniel Stenberg
3587da9e7c curl.h: add CURL_HTTP_VERSION_2
The protocol is named "HTTP/2" after all. It is an alias for the
existing CURL_HTTP_VERSION_2_0 enum.
2015-06-05 08:26:47 +02:00
Daniel Stenberg
0b26b94bdc curlver: restore LIBCURL_VERSION_NUM defined as a full number
As it breaks configure, curl-config and test 1023 if not.
2015-05-18 11:29:06 +02:00
Daniel Stenberg
39b9bf60d1 curlver: introducing new version number (checking) macros 2015-05-18 11:09:13 +02:00
Daniel Stenberg
811443754a CURLOPT_PIPEWAIT: added
By setting this option to 1 libcurl will wait for a connection to reveal
if it is possible to pipeline/multiplex on before it continues.
2015-05-18 09:33:47 +02:00
Daniel Stenberg
02ec1ced9b CURLMOPT_PIPELINE: bit 1 is for multiplexing 2015-05-18 08:57:18 +02:00
Linus Nielsen
97c272e5d1 Negotiate: custom service names for SPNEGO.
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
2015-04-28 08:29:56 +02:00
Daniel Stenberg
d409f094a5 bump: start working toward 7.43.0 2015-04-22 13:32:45 +02:00
Daniel Stenberg
5d23279299 CURLOPT_PATH_AS_IS: added
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
2015-03-24 10:31:58 +01:00
Alessandro Ghedini
4dcd25e138 url: add CURLOPT_SSL_FALSESTART option
This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.
2015-03-20 20:14:33 +01:00
Daniel Stenberg
df5578a7a3 mprintf.h: remove #ifdef CURLDEBUG
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
2015-03-03 12:36:18 +01:00
Daniel Stenberg
4aa9bb6b13 bump: start working toward 7.42.0 2015-02-25 09:08:13 +01:00
Daniel Stenberg
c807ce73ed curlver.h: next release is 7.41.0 due to the changes 2015-01-16 23:36:50 +01:00
Alessandro Ghedini
3af90a6e19 url: add CURLOPT_SSL_VERIFYSTATUS option
This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.

This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.
2015-01-16 23:23:29 +01:00
Yun SangHo
bcf07f8a4b curl.h: remove extra space 2015-01-15 23:41:32 +01:00
Daniel Stenberg
34636fa47e bump: start working towards 7.40.1 2015-01-08 10:00:28 +01:00
Steve Holme
6e3af5424b version: Bump copyright year to 2015 2015-01-01 05:02:38 +00:00
Steve Holme
151ae59436 code/docs: Use correct case for IPv4 and IPv6
For consistency, as we seem to have a bit of a mixed bag, changed all
instances of ipv4 and ipv6 in comments and documentations to use the
correct case.
2014-12-27 11:31:55 +00:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Anthon Pang
1b3a398ec1 docs: Fix FAILONERROR typos
It returns error for >= 400 HTTP responses.

Bug: https://github.com/bagder/curl/pull/129
2014-12-04 12:14:59 -08:00
Peter Wu
970c22f970 libcurl: add UNIX domain sockets support
The ability to do HTTP requests over a UNIX domain socket has been
requested before, in Apr 2008 [0][1] and Sep 2010 [2]. While a
discussion happened, no patch seems to get through. I decided to give it
a go since I need to test a nginx HTTP server which listens on a UNIX
domain socket.

One patch [3] seems to make it possible to use the
CURLOPT_OPENSOCKETFUNCTION function to gain a UNIX domain socket.
Another person wrote a Go program which can do HTTP over a UNIX socket
for Docker[4] which uses a special URL scheme (though the name contains
cURL, it has no relation to the cURL library).

This patch considers support for UNIX domain sockets at the same level
as HTTP proxies / IPv6, it acts as an intermediate socket provider and
not as a separate protocol. Since this feature affects network
operations, a new feature flag was added ("unix-sockets") with a
corresponding CURL_VERSION_UNIX_SOCKETS macro.

A new CURLOPT_UNIX_SOCKET_PATH option is added and documented. This
option enables UNIX domain sockets support for all requests on the
handle (replacing IP sockets and skipping proxies).

A new configure option (--enable-unix-sockets) and CMake option
(ENABLE_UNIX_SOCKETS) can disable this optional feature. Note that I
deliberately did not mark this feature as advanced, this is a
feature/component that should easily be available.

 [0]: http://curl.haxx.se/mail/lib-2008-04/0279.html
 [1]: http://daniel.haxx.se/blog/2008/04/14/http-over-unix-domain-sockets/
 [2]: http://sourceforge.net/p/curl/feature-requests/53/
 [3]: http://curl.haxx.se/mail/lib-2008-04/0361.html
 [4]: https://github.com/Soulou/curl-unix-socket

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 02:52:19 +01:00
Steve Holme
b14ebbcb17 version: The next release will become 7.40.0 2014-11-30 22:07:36 +00:00
Bill Nagel
557658776f smb: Added SMB protocol and port definitions
Added the necessary protocol and port definitions in order to support
SMB/CIFS.
2014-11-29 21:26:40 +00:00
Steve Holme
66e60c6553 curl.h: Tidy up of CURL_VERSION_* flags
As the list has gotten a little messy and hard to read, especially with
the introduction of deprecated items, aligned the values and comments
into clean columns and reworked some of the comments in the process.
2014-11-07 11:29:08 +00:00
Steve Holme
7599143dcc version info: Added Kerberos V5 to the supported features 2014-11-07 10:55:14 +00:00
Daniel Stenberg
f4781fc3cb bump: towards next release 2014-11-05 09:43:07 +01:00
Steve Holme
569288b3bf CURL_VERSION_KERBEROS4: Mark as deprecated
Support for Kerberos V4 was removed in v7.33.0.
2014-11-02 00:50:16 +00:00
Patrick Monnerat
265b9a2e49 vtls: remove QsoSSL 2014-10-13 16:33:47 +02:00
93e450793c SSL: implement public key pinning
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).

Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().

Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Daniel Stenberg
9c89133a1f bump: on the 7.38.1-DEV train now! 2014-09-10 10:15:30 +02:00
Daniel Stenberg
a439e438f3 ssl: generalize how the ssl backend identifier is set
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS
one which was missing previously.
2014-07-31 12:19:51 +02:00
Anthon Pang
f3bd3deddd curl.h: bring back CURLE_OBSOLETE16
Removing defines, even obsolete ones that haven't been used for a very
long time, still break a lot of applications.

Bug: https://github.com/bagder/curl/pull/106
2014-07-28 10:51:50 +02:00
Daniel Stenberg
81cd24adb8 http2: more and better error checking
1 - fixes the warnings when built without http2 support

2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2
basically when they are about http2 specific things.
2014-07-23 09:23:56 +02:00
Michael Osipov
e38ba43014 curl.h/features: Deprecate GSS-Negotiate macros due to bad naming
- Replace CURLAUTH_GSSNEGOTIATE with CURLAUTH_NEGOTIATE
- CURL_VERSION_GSSNEGOTIATE is deprecated which
  is served by CURL_VERSION_SSPI, CURL_VERSION_GSSAPI and
  CURUL_VERSION_SPNEGO now.
- Remove display of feature 'GSS-Negotiate'
2014-07-23 00:01:39 +02:00
Michael Osipov
46750c39bd configure/features: Add feature and version info for GSS-API and SPNEGO 2014-07-23 00:01:39 +02:00
Dan Fandrich
ade380a7aa curl.h: renamed CURLOPT_DEPRECATEDx to CURLOPT_OBSOLETEx
This is consistent with the existing obsolete error code naming
convention.
2014-06-18 15:10:02 +02:00
Daniel Stenberg
b46f295900 curl.h: moved two really old deprecated symbols
... from the CINIT() enum
2014-06-17 23:36:29 +02:00
Daniel Stenberg
5fcef972b2 curl.h: reverse the enum/define setup for old symbols
We now provide the "real" names in the CINIT() macro setup for CURLOPT_*
symbols, and we provide backwards compatibility defines for the old
symbols as defines instead of vice versa.

This allows us to better use the CINIT() list to check for existing and
current option names.
2014-06-17 10:02:41 +02:00
MAN-AT-ARMS
93ec89042e curlbuild: fix GCC build on SPARC systems without configure script 2014-06-16 21:44:28 +02:00
Steve Holme
ddf4719694 bump: Start working on the next release 2014-05-21 23:05:45 +01:00
Daniel Stenberg
ef6be35bae CURLOPT_HEADEROPT: added
Modified the logic so that CURLOPT_HEADEROPT now controls if PROXYHEADER
is actually used or not.
2014-04-04 17:03:43 +02:00
Daniel Stenberg
ac887eedbc CURLOPT_PROXYHEADER: set headers for proxy-only
Includes docs and new test cases: 1525, 1526 and 1527

Co-written-by: Vijay Panghal
2014-04-04 17:03:43 +02:00
Daniel Stenberg
5a327f39d5 bump: start the 7.37.0 race 2014-03-26 08:29:29 +01:00
Tiit Pikma
c021a60bcc transfer: make Expect: 100-continue timeout configurable.
Replaced the #define CURL_TIMEOUT_EXPECT_100 in transfer.c with the
CURLOPT_EXPECT_100_TIMEOUT_MS option to make the timeout configurable.
2014-02-13 16:05:17 +01:00
Daniel Stenberg
87e873c6d0 version: next release will become 7.36.0 2014-02-11 11:30:15 +01:00
Fabian Frank
909a68c121 NPN/ALPN: allow disabling via command line
when using --http2 one can now selectively disable NPN or ALPN with
--no-alpn and --no-npn. for now honored with NSS only.

TODO: honor this option with GnuTLS and OpenSSL
2014-02-10 13:06:17 +01:00
Daniel Stenberg
5e7fe58698 bump: start working on 7.35.1 2014-01-29 08:35:58 +01:00
Steve Holme
d237828ebc Bumped copyright year to 2014 2014-01-02 23:53:49 +00:00
Daniel Stenberg
13c696f37f bump: start working on the next release 2013-12-17 16:38:51 +01:00
Daniel Stenberg
169fedbdce login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 22:40:37 +01:00
Christian Weisgerber
92e607abfa curl.h: <sys/select.h> for OpenBSD
curl.h should also include <sys/select.h> on OpenBSD to reliably
pull in select().  Typically, including <sys/time.h> will be enough,
but not if strict standards-compliance is requested (e.g. by defining
_XOPEN_SOURCE).
2013-12-06 13:28:27 +01:00
Steve Holme
dc68120e63 curl_easy_getinfo: Post CURLINFO_TLS_SESSION tidy up
1) Renamed curl_tlsinfo to curl_tlssessioninfo as discussed on the
mailing list.
2) Renamed curl_ssl_backend to curl_sslbackend so it doesn't follow our
function naming convention.
3) Updated sessioninfo.c example accordingly.
2013-11-30 11:08:56 +00:00
Christian Grothoff
2c04e8d80c curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
Added new API for returning a SSL backend type and pointer, in order to
allow access to the TLS internals, that may then be used to obtain X509
certificate information for example.
2013-11-21 20:40:04 +00:00
Steve Holme
f2584627c8 curl_easy_setopt: Added the ability to set the login options separately
Rather than set the authentication options as part of the login details
specified in the URL, or via the older CURLOPT_USERPWD option, added a
new libcurl option to allow the login options to be set separately.
2013-11-12 19:08:55 +00:00
Daniel Stenberg
f833f54979 bump: next release will be 7.34.0
Due to all the news and changes.
2013-11-11 08:46:27 +01:00
Daniel Stenberg
0fdfe82c6a cmake: unbreak for non-Windows platforms
Patch-by: Oliver Kuckertz
Bug: http://curl.haxx.se/bug/view.cgi?id=1292
2013-10-20 17:12:56 +02:00
Gergely Nagy
ad34a2d5c8 SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).

axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.

darwinssl:
Added support for the new enum values.

SChannel:
Added support for the new enum values.

CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.

GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.

NSS:
TLS minor version cannot be set, so we don't allow the new enum values.

QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.

OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.

Command-line tool:
Added command line options for the new values.
2013-10-15 20:26:47 +02:00
Daniel Stenberg
1dcc433661 bump: start working on 7.33.1 2013-10-14 23:11:20 +02:00
Kim Vandry
df69440d05 libcurl: New options to bind DNS to local interfaces or IP addresses 2013-09-12 21:11:47 +02:00
Daniel Stenberg
b77997e6da curl.h: add CURL_VERSION_HTTP2 as a feature
It isn't added as a separate protocol as HTTP2 will be done over HTTP://
URLs that can be upgraded to HTTP2 if the server supports it as well.
2013-09-04 22:29:38 +02:00
Daniel Stenberg
698e3bdf82 curl.h: added CURL_HTTP_VERSION_2_0
Initial library considerations documented in lib/README.http2
2013-09-04 10:05:00 +02:00
Daniel Stenberg
c3b513e75c bump: next release is 7.33.0 due to added features 2013-08-28 09:32:48 +02:00
Kyle L. Huff
06c1bea72f options: added basic SASL XOAUTH2 support
Added the ability to specify an XOAUTH2 bearer token [RFC6750] via the
option CURLOPT_XOAUTH2_BEARER for authentication using RFC6749 "OAuth
2.0 Authorization Framework".
2013-08-25 22:03:57 +01:00
Daniel Stenberg
fc99eaa5ae curl.h: name space pollution by "enum type"
Renamed to "enum curl_khtype" now. Will break compilation for programs
that rely on the enum name.

Bug: https://github.com/bagder/curl/pull/76
Reported-by: Shawn Landden
2013-08-22 22:45:51 +02:00
Daniel Stenberg
19122c0768 CURLM_ADDED_ALREADY: new error code
Doing curl_multi_add_handle() on an easy handle that is already added to
a multi handle now returns this error code. It previously returned
CURLM_BAD_EASY_HANDLE for this condition.
2013-08-20 23:13:19 +02:00
Daniel Stenberg
e3ee73b70c version number: bump to 7.32.1 for now
Start working on the next version and up some counters.
2013-08-12 13:16:44 +02:00
Daniel Stenberg
12d01cb6fa CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function
and CURLOPT_PROGRESSFUNCTION is considered deprecated.

This new callback uses pure 'curl_off_t' arguments to pass on full
resolution sizes. It otherwise retains the same characteristics: the
same call rate, the same meanings for the arguments and the return code
is used the same way.

The progressfunc.c example is updated to show how to use the new
callback for newer libcurls while supporting the older one if built with
an older libcurl or even built with a newer libcurl while running with
an older.
2013-07-18 23:44:06 +02:00
Daniel Stenberg
ec248b590d bump: start working towards what most likely will become 7.32.0 2013-06-22 14:13:28 +02:00
Daniel Stenberg
219358b93d bump version
Since we're adding new stuff, the next release will bump the minor
version and we're looking forward to 7.31.0
2013-04-27 23:15:35 +02:00