Daniel Stenberg
54c8728cd7
contributors.sh: filter common alternative name spellings
...
docs/THANKS-filter is a new filter file for converting contributor names
we get or have recorded in alternative formats to the one we already use
in THANKS. To help us show individual contributors using a single
presentation of their names.
2014-11-05 13:01:37 +01:00
Daniel Stenberg
08f10fcd02
THANKS: added missing contributor from 2012
2014-11-05 13:01:37 +01:00
Frank Gevaerts
5babaf7491
Remove duplicate names.
...
The removed names also appear as:
Andrés García, François Charlier, Gökhan Şengün, Michał Górny, Sébastien
Willemijns, Christopher Conroy, John E. Malmberg, Luca Altea, Peter Su,
S. Moonesamy, Samuel Listopad, Yasuharu Yamada, Karl Moerder
2014-11-05 13:01:37 +01:00
Daniel Stenberg
ad63f8a53c
THANKS: added two missing names and removed a duplicate
...
./contributors.sh found these extra ones that somehow had fallen
through the cracks and never gotten added here.
Reported-by: Frank Gevaerts
2014-11-05 11:28:59 +01:00
Daniel Stenberg
f222778489
THANKS: added names from 7.39.0 release notes
2014-11-05 09:42:55 +01:00
Steve Holme
5e873952b0
INSTALL: Consistent spacing in section headings, paragraphs and examples
2014-11-04 14:07:55 +00:00
Steve Holme
34f7a3a229
INSTALL: Corrected MIT Kerberos and Heimdal package names
2014-11-04 12:44:54 +00:00
Steve Holme
777c6e3c94
INSTALL: Use GSS-API rather than GSSAPI
...
As implementations are refereed to GSS-API libraries as per the RFC and
GSSAPI typically refers to the SASL authentication mechanism.
...and minor rewording on the same paragraph.
2014-11-04 11:51:19 +00:00
Daniel Stenberg
fb24990211
opts-Makefile: put more man pages into dist and make hmtl+pdf
2014-11-04 10:40:07 +01:00
Daniel Stenberg
0320f6930d
curl_multi_setopt.3: refer to stand-alone pages
...
... instead of duplicating info.
2014-11-04 10:37:09 +01:00
Daniel Stenberg
1b8977ff7c
opts: more multi options as stand-alone man pages
2014-11-04 10:37:09 +01:00
Daniel Stenberg
a14ccfffb8
opts: made stand-alone man-pages for several multi options
2014-11-03 23:50:31 +01:00
Steve Holme
e7497c0c99
CURLOPT_XOAUTH2_BEARER.3: Corrected the OAuth version number
2014-11-02 11:03:13 +00:00
Steve Holme
a419802c71
CURLOPT_SASL_IR.3: Added supported mechanism information
...
...and removed duplication of what protocols are supported from the
description text.
2014-11-02 11:03:11 +00:00
Steve Holme
2b535b3947
opts: Use common wording for MAIL related names
2014-11-02 11:03:09 +00:00
Steve Holme
7ba8e0bd01
opts: Use common wording for TLS user/password option names
...
...and revised the proxy wording a little as well.
2014-11-02 11:03:06 +00:00
Steve Holme
49ae8f8144
CURLOPT_MAXCONNECTS.3: Reworked the description to be less confusing
...
...and corrected a related typo in curl_easy_setopt.3.
2014-11-02 11:03:04 +00:00
Steve Holme
e7da67f5d3
docs: Added mention of Kerberos for CURL_VERSION_SSPI
...
As this has been present for SOCKSv5 proxy since v7.19.4 and for IMAP,
POP3 and SMTP authentication since v7.38.0.
2014-11-02 01:00:29 +00:00
Steve Holme
569288b3bf
CURL_VERSION_KERBEROS4: Mark as deprecated
...
Support for Kerberos V4 was removed in v7.33.0.
2014-11-02 00:50:16 +00:00
Steve Holme
795885f454
opts: Use common wording for user/password option names
2014-10-31 22:22:19 +00:00
Steve Holme
7d9c1ebd66
CURLOPT_CONNECT_ONLY.3: Removed "This option is implemented for..." text
...
As this is covered by the PROTOCOLS section and saves having to update
two parts of the document with the same information in future.
2014-10-31 13:14:14 +00:00
Steve Holme
3af962a993
CURLOPT_GSSAPI_DELEGATION.3: Use GSS-API rather than GSSAPI
...
As implementations are refereed to GSS-API libraries as per the RFC and
GSSAPI typically refers to an authentication mechanism.
2014-10-31 12:48:48 +00:00
Steve Holme
211ca5ff77
CURLOPT_CONNECT_ONLY.3: Fixed incomplete protocol list
...
Added missing IMAP to the protocol list.
2014-10-31 12:44:43 +00:00
Steve Holme
a9db36d1fd
curl_easy_setopt.3: Fixed lots of typos
2014-10-30 22:40:05 +00:00
Steve Holme
acd90fcdc6
curl_easy_setopt.3: Moved CURLOPT_DIRLISTONLY into PROTOCOL OPTIONS
...
...as this option affects more that just FTP.
2014-10-30 18:22:25 +00:00
Daniel Stenberg
006556713e
CURLOPT_PINNEDPUBLICKEY.3: added details
2014-10-30 14:57:07 +01:00
Steve Holme
b274dedf1b
CURLOPT_CUSTOMREQUEST.3: Fixed incomplete protocol list
...
Whilst the description included information about SMTP, the protocol
list only showed "TTP, FTP, IMAP, POP3".
2014-10-30 12:42:06 +00:00
Steve Holme
89cc9988c9
CURLOPT_DIRLISTONLY.3: Added information about the usage in POP3
2014-10-30 12:42:05 +00:00
Daniel Stenberg
e102478b3d
opts: added some "SEE ALSO" references
2014-10-29 22:38:39 +01:00
Steve Holme
f7e24683c4
sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
...
Fixed the ability to use the current log-in credentials with DIGEST-MD5.
I had previously disabled this functionality in commit 607883f13c
as I
couldn't get this to work under Windows 8, however, from testing HTTP
Digest authentication through Windows SSPI and then further testing of
this code I have found it works in Windows 7.
Some further investigation is required to see what the differences are
between Windows 7 and 8, but for now enable this functionality as the
code will return an error when AcquireCredentialsHandle() fails.
2014-10-29 14:24:38 +00:00
Daniel Stenberg
b790bdf46b
TODO: consider supporting STAT
2014-10-28 22:31:48 +01:00
Jay Satiro
ec783dc142
SSL: Remove SSLv3 from SSL default due to POODLE attack
...
- Remove SSLv3 from SSL default in darwinssl, schannel, cyassl, nss,
openssl effectively making the default TLS 1.x. axTLS is not affected
since it supports only TLS, and gnutls is not affected since it already
defaults to TLS 1.x.
- Update CURLOPT_SSLVERSION doc
2014-10-24 13:41:56 +02:00
Daniel Stenberg
e9bbe425d4
*.3: add/extend "SEE ALSO" sections
2014-10-24 09:22:38 +02:00
Daniel Stenberg
019c95f566
curl_easy_pause.3: minor wording edit
2014-10-24 09:16:06 +02:00
Daniel Stenberg
40be9a1c1d
curl_getdate.3: provide a "SEE ALSO" section
2014-10-24 09:12:17 +02:00
Daniel Stenberg
bf769d09ec
curl_global_init.3: minor formatting fix, add version info
2014-10-24 09:08:22 +02:00
Daniel Stenberg
e116d0a625
CURLOPT_RESOLVE.3: add an example
2014-10-23 14:34:41 +02:00
Daniel Stenberg
4cb7aa067c
opts: provide more and updated examples
2014-10-21 13:40:38 +02:00
Daniel Stenberg
4111032511
CURLOPT_RANGE.3: works for SFTP as well
...
... and added a small example
2014-10-21 13:06:22 +02:00
Daniel Stenberg
50313059fc
curl.1: edited for clarity
2014-10-21 11:57:13 +02:00
Daniel Stenberg
1de0823953
CURLOPT_SSLVERSION.3: provide an example
2014-10-21 11:10:03 +02:00
Daniel Stenberg
9069794e5e
docs/libcurl/ABI: more markdown friendly
2014-10-21 10:43:12 +02:00
Daniel Stenberg
7b82b07fba
docs: edited lots of libcurl docs for clarity
2014-10-21 10:26:40 +02:00
Daniel Stenberg
c857bb68ec
opts: added examples
2014-10-21 08:58:24 +02:00
Daniel Stenberg
005f2adaaa
HISTORY: two glimpses in 2014
2014-10-21 08:58:24 +02:00
Daniel Stenberg
c927c92086
httpcustomheader.c: make use of more CURLOPT_HTTPHEADER features
...
... and only do a single request for clarity.
2014-10-16 11:38:32 +02:00
Bruno Thomsen
3621045631
mk-ca-bundle: added SHA-384 signature algorithm
...
Certificates based on SHA-1 are being phased out[1].
So we should expect a rise in certificates based on SHA-2.
Adding SHA-384 as a valid signature algorithm.
[1] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/
Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
2014-10-15 13:23:22 +02:00
Daniel Stenberg
89e543f383
CURLOPT_TLSAUTH_*.3: fix reference typos
2014-10-14 10:23:27 +02:00
Patrick Monnerat
265b9a2e49
vtls: remove QsoSSL
2014-10-13 16:33:47 +02:00
Peter Wu
aec7c5a87c
cmake: enable IPv6 by default if available
...
ENABLE_IPV6 depends on HAVE_GETADDRINFO or you will get a
Curl_getaddrinfo_ex error. Enable IPv6 by default, disabling it if
struct sockaddr_in6 is not found in netinet/in.h.
Note that HAVE_GETADDRINFO_THREADSAFE is still not set as it needs more
platform checks even though POSIX requires a thread-safe getaddrinfo.
Verified on Arch Linux x86_64 with glibc 2.20-2 and Linux 3.16-rc7.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-10-13 11:21:03 +02:00
Peter Wu
b55502cdae
cmake: build tool_hugehelp (ENABLE_MANUAL)
...
Rather than always outputting an empty manual page for the '-M' option,
generate a full manual page as done by autotools. For simplicity in
CMake, always generate the gzipped page as it will not be used anyway
when zlib is not available.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-10-12 14:11:42 +02:00
Daniel Stenberg
c6c22aeb44
SECURITY: slightly nicer markdown format
2014-10-10 10:50:23 +02:00
Daniel Stenberg
4f3ba55ed1
RELEASE-PROCEDURE: better markdown, more content
2014-10-10 10:39:01 +02:00
Daniel Stenberg
51f6702fe1
curl_multi_fdset.3: improved the formatting slightly
2014-10-09 13:41:13 +02:00
Daniel Stenberg
93b268ade0
curl_multi_fdset: explain the fd_set arguments
2014-10-09 13:17:27 +02:00
Daniel Stenberg
e0d269c0d8
curl_easy_getinfo.3: spell-fix
...
Reported-By: Luan Cestari
2014-10-07 15:48:37 +02:00
93e450793c
SSL: implement public key pinning
...
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).
Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().
Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Waldek Kozba
b7d3338df2
multi-uv.c: call curl_multi_info_read() better
...
Improves it for low-latency cases (like the communication with
localhost)
2014-10-07 10:20:41 +02:00
Jeremy Lin
fa7d04fed4
ssh: improve key file search
...
For private keys, use the first match from: user-specified key file
(if provided), ~/.ssh/id_rsa, ~/.ssh/id_dsa, ./id_rsa, ./id_dsa
Note that the previous code only looked for id_dsa files. id_rsa is
now generally preferred, as it supports larger key sizes.
For public keys, use the user-specified key file, if provided.
Otherwise, try to extract the public key from the private key file.
This means that passing --pubkey is typically no longer required,
and makes the key-handling behavior more like OpenSSH.
2014-10-03 16:20:54 +02:00
Daniel Stenberg
b1c4c39c58
CURLOPT_HTTPHEADER.3: libcurl doesn't copy the whole list
2014-10-03 13:35:40 +02:00
Daniel Stenberg
69ce8a72f5
curl.1: mention quoting in the URL section
...
and separate the example URLs with newlines
2014-10-01 08:29:43 +02:00
Yousuke Kimoto
b10a838a7a
CURLOPT_COOKIELIST: Added "RELOAD" command
2014-09-25 16:28:17 +02:00
Michael Wallner
9ee8efc63b
CURLOPT_POSTREDIR.3: Added availability for CURL_REDIR_POST_303
2014-09-25 15:14:16 +02:00
Daniel Stenberg
3ef73d9a88
libcurl docs: improvements all over
2014-09-19 15:08:26 +02:00
Daniel Stenberg
9d49e4706e
tutorial: signals aren't used for the threaded resolver
2014-09-19 12:54:19 +02:00
Daniel Stenberg
17932a8f7b
FAQ: update the pronunciation section
...
As we weren't using the correct phonetic description and doing it correctly
involves funny letters that I'm sure will cause problems for people in a text
document so I instead rephrased it and link to a WAV file with a person
actually saying 'curl'.
Reported-By: Dimitar Boevski
2014-09-19 10:01:45 +02:00
Daniel Stenberg
841c9884b2
CURLOPT_COOKIE*: added more cross-references
2014-09-18 22:58:12 +02:00
Daniel Stenberg
30fc601e6c
BINDINGS: add node-libcurl
...
Reported-By: Jonathan Cardoso Machado
URL: http://curl.haxx.se/mail/lib-2014-09/0102.html
2014-09-18 09:05:29 +02:00
Daniel Stenberg
06b27ea24c
libcurl-tutorial.3: fix GnuTLS link to thread-safety guidelines
...
The former link was turned into a 404 at some point.
Reported-By: Askar Safin
2014-09-12 21:02:12 +02:00
Daniel Stenberg
748644b72d
ROADMAP: markdown eats underscores
...
It interprets them as italic indictors unless we backtick the word.
2014-09-11 10:56:20 +02:00
Daniel Stenberg
110cf8bc9e
ROADMAP: tiny formatting edit for nicer web output
2014-09-11 00:15:12 +02:00
Steve Holme
376f3c10de
ROADMAP.md: Updated GSSAPI authentication following 7.38.0 additions
2014-09-10 22:51:07 +01:00
Steve Holme
ae975713c2
INTERNALS: Added email and updated Kerberos details
2014-09-10 22:11:49 +01:00
Steve Holme
ca2c12d353
FEATURES: Updated Kerberos details
...
Added support for Kerberos 5 to the email protocols following the recent
additions in 7.38.0.
Removed Kerberos 4 as this has been gone for a while now.
2014-09-10 22:11:46 +01:00
Daniel Stenberg
e3be3e69c0
LICENSE-MIXING: removed krb4 info
...
krb4 has been dropped since a while now
2014-09-10 10:38:31 +02:00
Daniel Stenberg
f213c0db09
SSLCERTS: minor updates
...
Edited format to look better on the web, added a "it is about trust"
section.
2014-09-10 10:13:04 +02:00
Daniel Stenberg
1ccfabb66d
HISTORY: fix the 1998 title position
2014-09-10 00:40:11 +02:00
Daniel Stenberg
40bcd5447c
HISTORY: extended and now markdown
2014-09-10 00:34:32 +02:00
Daniel Stenberg
4455f1f599
SSLCERTS: converted to markdown
...
Only minor edits to make it generate nice HTML output using markdown, as
this document serves both in source release tarballs as on the web site.
URL: http://curl.haxx.se/docs/sslcerts.html
2014-09-09 23:46:58 +02:00
Daniel Stenberg
9e6c3638e6
ftp-wildcard.c: spell fix
...
Reported-By: Frank Gevaerts
2014-09-09 11:10:18 +02:00
Daniel Stenberg
38ced24ad1
THANKS: synced with RELEASE-NOTES for 921a0c22a6
2014-09-08 10:26:32 +02:00
Daniel Stenberg
55f8b03948
SECURITY: eh, make more sense!
2014-09-08 10:00:18 +02:00
Daniel Stenberg
55d6cba5e1
SECURITY: how to join the curl-security list
2014-09-08 09:39:14 +02:00
Daniel Stenberg
4989695ec3
MAIL-ETIQUETTE: "1.8 I posted, now what?"
2014-09-04 08:57:28 +02:00
Daniel Stenberg
0b48d1c821
CURLOPT_CA*: better refering between *CAINFO and *CAPATH
...
... and a minor wording edit
2014-09-03 23:04:52 +02:00
Daniel Stenberg
9e50d8f8bc
THANKS: added Dennis Clarke
...
Dennis Clarke from Blastwave.org for ensuring that nightly builds run
smooth on Solaris!
2014-09-03 22:08:25 +02:00
Askar Safin
2434a4e88d
getinfo-times: Typo fixed
2014-08-29 16:41:17 +02:00
Askar Safin
c9a981778d
libcurl.3: Typo fixed
2014-08-29 16:41:11 +02:00
Daniel Stenberg
367b784738
curl_formadd.3: setting CURLFORM_CONTENTSLENGTH 0 zero means strlen
2014-08-29 08:10:38 +02:00
Daniel Stenberg
7bff23b166
curl.1: add an example for -H
2014-08-29 08:07:47 +02:00
Daniel Stenberg
accbbd7dc3
FAQ: mention -w in the 4.20 answer as well
2014-08-28 11:42:00 +02:00
Daniel Stenberg
889de6b285
FAQ: 4.20 curl doesn't return error for HTTP non-200 responses
2014-08-28 11:39:39 +02:00
Daniel Stenberg
1d30f40950
CURLOPT_NOBODY.3: clarify this option is for downloads
...
When enabling CURLOPT_NOBODY, libcurl effectively switches off upload
mode and will do a download (without a body). This is now better
explained in this man page.
Bug: http://curl.haxx.se/mail/lib-2014-08/0236.html
Reported-by: John Coffey
2014-08-28 00:11:09 +02:00
Daniel Stenberg
1cd5008bba
INTERNALS: nghttp2 must be 0.6.0 or later
2014-08-26 23:05:26 +02:00
Dan Fandrich
d4a4a42cb3
THANKS: removed a few more duplicates
2014-08-26 00:38:17 +02:00
Daniel Stenberg
0072422576
THANKS: added 52 missing contributors
...
I re-ran contributors.sh on all changes since 7.10 and I found these
contributors who are mentioned in the commits but never were added to
THANKS before!
I also removed a couple of duplicates (mostly due to different
spellings).
2014-08-25 23:22:40 +02:00
Daniel Stenberg
a20da5523e
curl.1: clarify --limit-rate's effect on both directions
...
Bug: http://curl.haxx.se/bug/view.cgi?id=1414
Reported-by: teo8976
2014-08-23 00:40:52 +02:00
Daniel Stenberg
5be48639b1
curl.1: mention the --post30x options within the --location desc
2014-08-23 00:00:00 +02:00
Frank Meier
63a0bd4270
NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
...
Problem: if CURLOPT_FORBID_REUSE is set, requests using NTLM failed
since NTLM requires multiple requests that re-use the same connection
for the authentication to work
Solution: Ignore the forbid reuse flag in case the NTLM authentication
handshake is in progress, according to the NTLM state flag.
Fixed known bug #77 .
2014-08-22 16:05:31 +02:00
Daniel Stenberg
b1341b3068
FAQ: some actually sometimes get paid...
2014-08-18 08:38:34 +02:00
Steve Holme
75be5a6681
docs: Escaped single backslash
2014-08-16 11:52:11 +01:00
Steve Holme
c4410c85ab
TODO: Updated following GSSAPI (Kerberos V5) additions
...
Updated "FTP 4.6 GSSAPI via Windows SSPI" and "SASL 14.1 Other
authentication mechanisms" following recent additions.
Added SASL 14.2 GSSAPI via GSS-API libraries.
2014-08-16 11:42:04 +01:00
Steve Holme
97f6049bc2
CURLOPT_USERNAME.3: Added Kerberos V5 and NTLM domain information
...
This repeats what has already been documented in both the curl manpage
and CURLOPT_USERPWD documentation but is provided here for completeness
as someone may not especially read the latter when using libcurl.
2014-08-16 10:46:57 +01:00
Steve Holme
29240cb5c1
CURLOPT_USERPWD.3: Updated following Kerberos V5 SSPI changes
...
Added information about Kerberos V5 requiring the domain part in the
user name.
Mentioned that the user name can be specified in UPN format, and not
just in Down-Level Logon Name format, following the information
added in commit 7679cb3fa8
reworking the exisitng information in the
process.
2014-08-16 10:42:31 +01:00
Steve Holme
7679cb3fa8
docs: Added Kerberos V5 and NTLM domain information to --user
2014-08-16 10:37:16 +01:00
Steve Holme
0574196acb
docs: Added Kerberos V5 to the --user SSPI current credentials usage
2014-08-16 10:16:05 +01:00
Kamil Dudka
cb1f18661a
docs/SSLCERTS: update the section about NSS database
...
Bug: http://curl.haxx.se/mail/lib-2014-07/0335.html
Reported-by: David Shaw
2014-08-11 16:49:54 +02:00
Michael Osipov
37f0e8a32c
docs: Update SPNEGO and GSS-API related doc sections
...
Reflect recent changes in SPNEGO and GSS-API code in the docs.
Update them with appropriate namings and remove visible spots for
GSS-Negotiate.
2014-08-09 00:08:51 +01:00
Steve Holme
f719a97e12
docs: Added Negotiate to the SSPI current credentials usage description
2014-08-07 08:04:40 +01:00
Steve Holme
6c6983f477
TODO: HTTP Digest via Windows SSPI
2014-08-06 22:58:42 +01:00
Steve Holme
c399f6eeb2
TODO: FTP GSSAPI via Windows SSPI
2014-08-06 21:54:27 +01:00
Daniel Stenberg
e4f6adb023
CURLOPT_SSL_VERIFYPEER.3. add a warning about disabling it
2014-08-02 23:09:22 +02:00
Daniel Stenberg
8da2124060
FEATURES: minor update
2014-08-01 09:00:06 +02:00
Michael Wallner
7bb4c8cadb
CURLOPT_HEADEROPT.3: typo: do -> to
2014-07-31 17:52:08 +02:00
Daniel Stenberg
0c23ec232b
curl_version_info.3: 'ssl_version_num' is always 0
...
... and has been so since 2005
2014-07-31 12:27:15 +02:00
Daniel Stenberg
a439e438f3
ssl: generalize how the ssl backend identifier is set
...
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS
one which was missing previously.
2014-07-31 12:19:51 +02:00
Dan Fandrich
524bb823c9
opts: fixed some typos
2014-07-30 23:37:24 +02:00
Michael Wallner
df52f3500c
curl_tlsinfo -> curl_tlssessioninfo
2014-07-30 11:11:29 +02:00
Daniel Stenberg
37faf55e17
libcurl.m4: include the standard source header
...
... with permission from David Shaw
2014-07-29 00:06:36 +02:00
Daniel Stenberg
821d4a1e55
symbols: CURL_VERSION_GSSNEGOTIATE is deprecated
2014-07-24 23:47:32 +02:00
Daniel Stenberg
81cd24adb8
http2: more and better error checking
...
1 - fixes the warnings when built without http2 support
2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2
basically when they are about http2 specific things.
2014-07-23 09:23:56 +02:00
Daniel Stenberg
cc52d776dd
symbols-in-versions: new SPNEGO/GSS-API symbols in 7.38.0
2014-07-23 00:01:39 +02:00
Alessandro Ghedini
6f8046f7a4
CURLOPT_CHUNK_BGN_FUNCTION: fix typo
2014-07-19 21:27:38 +02:00
Daniel Stenberg
da172b0dde
THANKS: added new contributors from 7.37.1 announcement
2014-07-17 13:18:46 +02:00
David Woodhouse
9ad282b1ae
Remove all traces of FBOpenSSL SPNEGO support
...
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.
A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.
But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).
Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.
So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".
You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.
The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.
That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
2014-07-16 17:26:08 +02:00
Steve Holme
f9b80cded7
CURLOPT_UPLOAD: Corrected argument type
2014-07-10 22:30:43 +01:00
Daniel Stenberg
6273b23a05
FAQ: expand the thread-safe section
...
... with a mention of *NOSIGNAL, based on talk in bug #1386
2014-07-09 22:07:36 -05:00
Dan Fandrich
3ae2b6cd7f
Update instances of some obsolete CURLOPTs to their new names
2014-07-05 22:47:13 +02:00
Dimitrios Siganos
22eb00f937
example: use correct type (long) for CURLOPT_FOLLOWLOCATION
2014-07-03 22:47:28 +02:00
Dimitrios Siganos
afbd5f978e
Document type of argument for CURLOPT_FOLLOWLOCATION.
2014-07-03 22:44:45 +02:00
Dimitrios Siganos
7441c6d7af
Document type of argument for CURLOPT_ERRORBUFFER.
2014-07-03 22:44:45 +02:00
Dimitrios Siganos
3e0443239a
Document type of argument for CURLOPT_COPYPOSTFIELDS.
2014-07-03 22:44:45 +02:00
Dimitrios Siganos
8b8cc85d8d
Document type of argument for CURLOPT_ADDRESS_SCOPE.
2014-07-03 22:44:45 +02:00
Daniel Stenberg
97db9fb653
curl.1: minor language fix
...
Bug: http://curl.haxx.se/mail/archive-2014-07/0006.html
2014-07-03 22:37:43 +02:00
Dan Fandrich
1c1d9a3a86
opts: fixed some CURLOPT references so they get turned into links
2014-07-02 21:40:39 +02:00
Dan Fandrich
46a886cd48
opts: Document the socket callback function parameters
2014-07-01 08:12:11 +02:00
Steve Holme
1b6bc02fb9
opts: Fixed some typos
2014-06-28 12:40:06 +01:00
Dan Fandrich
057cc2e915
curl_easy_setopt.3: fixed the error code for an unsupported option
2014-06-25 22:33:32 +02:00
Dan Fandrich
d8287ca8bc
opts: added some DEFAULT and RETURN VALUE sections
2014-06-24 00:00:34 +02:00
Daniel Stenberg
cf1f8d4528
libcurl docs: man page edits
...
mainly to improve how the web versions render
2014-06-21 23:52:06 +02:00
Dan Fandrich
c66c2dd755
curl_easy_setopt.3: fixed some typos
2014-06-21 20:43:04 +02:00
Daniel Stenberg
c7e491f9c2
lib man pages: update easy setopt option references
...
... by using the "\fIopt(3)\fP" syntax they will be linked properly when
the web version of the page is generated.
2014-06-21 20:21:47 +02:00
Daniel Stenberg
7d618c477f
opts: the CURLOPT_SSL_ENABLE_*PN options are enabled by default
2014-06-21 20:03:35 +02:00
Daniel Stenberg
ac5b6f8082
curl_easy_setopt.3: CURLOPT_POSTFIELDS is the exception
...
... to the always-copy-char *-argument.
And fix some minor mistakes.
2014-06-21 19:46:45 +02:00
Daniel Stenberg
ecacdb3430
curl_easy_setopt.3: refer to the individual man pages
...
With all the new individual option man pages created, this now refers to
each separate one instead of duplicaing the info. Also makes this page
easier to overview.
2014-06-21 15:45:50 +02:00
Dan Fandrich
d4cc9db64d
opts: fixed mancheck for out-of-tree builds
2014-06-21 11:22:04 +02:00
Daniel Stenberg
31b28a0942
curl_easy_setopt.3: shorten
...
shorten descriptions, mostly refer to the separate descriptions
2014-06-21 00:04:13 +02:00
Daniel Stenberg
25a975408e
CURLOPT_DNS_LOCAL_IP4.3: better short desc
2014-06-21 00:04:13 +02:00
Dan Fandrich
c088f29b98
opts: document CURLE_OUT_OF_MEMORY among other return values
2014-06-20 23:43:46 +02:00
Dan Fandrich
59d5b4ce06
opts: fixed some typos
2014-06-20 23:31:06 +02:00
Daniel Stenberg
68d1bea5fc
opts: various corrections
2014-06-20 01:10:34 +02:00
Daniel Stenberg
662f749cec
opts: add the rest of the options
...
... and fixed mancheck to ignore obsolete options
2014-06-20 01:02:49 +02:00
Daniel Stenberg
290e1bbe0d
opts: the final bunch of options as man pages
...
Now all current options have their own man pages.
2014-06-20 00:58:18 +02:00
Daniel Stenberg
a6cd174b2e
opts: 37 additional man pages
2014-06-19 17:59:13 +02:00
Daniel Stenberg
fede49532d
CURLOPT_URL: move up the text from "Notes"
2014-06-19 15:11:49 +02:00
Daniel Stenberg
49078ae363
ROADMAP: removed, now ROADMAP.md
2014-06-19 15:11:28 +02:00
Daniel Stenberg
42d199b1f1
ROADMAP.md: make it markdown formatted
2014-06-19 14:16:14 +02:00
Daniel Stenberg
00d84a2f3e
ROADMAP: initial commit of "curl the next few years"
...
To be further discussed, debated and edited
2014-06-19 14:08:12 +02:00
Daniel Stenberg
c31e6d223a
opts: more man pages
2014-06-19 13:53:13 +02:00
Daniel Stenberg
47311e4c7e
CURLOPT_UNRESTRICTED_AUTH.3: added missing 'T'
2014-06-19 08:40:51 +02:00
Daniel Stenberg
ba1d831cf1
opts: makefile now includes all current man pages
2014-06-19 00:08:18 +02:00
Daniel Stenberg
ae353b0b20
opts: 11 more man pages
2014-06-19 00:03:17 +02:00
Dan Fandrich
efbffa2fb7
opts: document CURLE_OUT_OF_MEMORY as RETURN VALUE
2014-06-18 23:28:13 +02:00
Dan Fandrich
479675f23e
opts: fixed a couple of typos
2014-06-18 23:07:08 +02:00
Daniel Stenberg
8fab76e8f3
opts: 16 more man pages
2014-06-18 14:40:26 +02:00
Daniel Stenberg
c3954ffb25
opts: more man pages
2014-06-18 13:18:58 +02:00
Daniel Stenberg
38bf85fd61
CURLOPT_READFUNCTION.3: add short desc
2014-06-18 11:55:13 +02:00
Daniel Stenberg
de6b89262e
CURLOPT_LOW_SPEED_LIMIT.3: language
2014-06-18 11:54:42 +02:00
Daniel Stenberg
e34bdc3187
opts: 4 more man pages
2014-06-18 11:45:22 +02:00
Daniel Stenberg
1a876a37cf
opts: add all existing man pages to the dist
2014-06-18 10:18:00 +02:00
Daniel Stenberg
082d5300db
libcurl build: use correct dir when cd'ing to opts for pdf building
2014-06-18 10:15:07 +02:00
Dan Fandrich
455bfedc84
opts: fixed a few typos
2014-06-18 00:54:30 +02:00
Daniel Stenberg
38d517fcd4
opts: 29 more options as man pages
2014-06-18 00:30:02 +02:00
Daniel Stenberg
0890bb6a51
opts: 9 more options as separate man pages
2014-06-17 18:04:40 +02:00
Daniel Stenberg
0042557598
opts: 3 more options as man pages
2014-06-17 16:48:16 +02:00
Daniel Stenberg
d865376c1d
opts: 7 more setopt options as individual man pages
2014-06-17 11:39:26 +02:00
Daniel Stenberg
0219d4e04e
opts template: provide a filled in error code phrase
2014-06-17 11:38:51 +02:00
Daniel Stenberg
c522c7ba88
CURLOPT_SOCKOPTFUNCTION.3: clarify return code
2014-06-17 10:10:13 +02:00
Daniel Stenberg
89a2178bc9
CURLOPT_WRITEDATA.3: move version info to AVAILABILITY
2014-06-17 10:02:14 +02:00
Daniel Stenberg
5d746fc98c
opts: 4 more options with stand-alone man pages
2014-06-17 09:54:58 +02:00
Daniel Stenberg
d8aa360058
CURLOPT_READFUNCTION.3: see also the seekfunction
2014-06-17 09:54:40 +02:00
Daniel Stenberg
a6882a3a49
CURLOPT_IOCTLFUNCTION.3: fill in short desc
2014-06-17 08:12:14 +02:00
Dan Fandrich
4a2da38bed
CURLOPT_READDATA.3: fixed typo
2014-06-17 00:47:25 +02:00
Daniel Stenberg
b56dff79ad
opts: initial makefile
...
with a bonus first rough 'mancheck' target to see which man pages that
are still missing
2014-06-17 00:29:02 +02:00
Daniel Stenberg
e029243727
CURLOPT_IOCTLFUNCTION.3: initial man page
2014-06-17 00:15:41 +02:00
Daniel Stenberg
bb71f1aa25
CURLOPT_WRITEFUNCTION: changed the order of some sentences
...
First explain the data then describe what the callback should return.
2014-06-17 00:02:22 +02:00
Daniel Stenberg
b203377df7
CURLOPT_WRITEFUNCTION.3: improved language
...
Suggestions-by: Jeff Pohlmeyer
2014-06-16 23:55:30 +02:00
Daniel Stenberg
28b698858c
opts docs: 3 more options in their own man pages
2014-06-16 23:01:12 +02:00
Daniel Stenberg
7ad9cb12b2
template: a template for adding new option man pages
...
Inludes all the sections to consider.
2014-06-16 22:16:13 +02:00
Daniel Stenberg
a5e498b543
CURLOPT_WRITEFUNCTION: add RETURN VALUE and DEFAULT sections
2014-06-16 22:01:08 +02:00
Daniel Stenberg
e810ddbb70
CURLOPT_WRITEFUNCTION: initial man page
2014-06-16 20:27:37 +02:00
Daniel Stenberg
0761f17560
CURLOPT_WILDCARDMATCH: initial man page
2014-06-16 20:27:28 +02:00
Daniel Stenberg
0795e5c8b9
CURLOPT_VERBOSE: initial man page
2014-06-16 20:27:18 +02:00
Daniel Stenberg
49b3c145ee
CURLOPT_NOSIGNAL: initial man page
2014-06-16 20:27:07 +02:00
Daniel Stenberg
801a683007
CURLOPT_NOPROGRESS: initial man page
2014-06-16 20:26:53 +02:00
Daniel Stenberg
7e109995fd
CURLOPT_HEADER: initial man page
2014-06-16 20:26:32 +02:00
Daniel Stenberg
5468a2122c
KNOWN_BUGS: #83 was addressed with commit c50ce85918
2014-06-04 18:21:33 +00:00
Daniel Stenberg
c50ce85918
Curl_ossl_init: call OPENSSL_config for initing engines
...
Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html
Reported-by: Дмитрий Фалько
2014-06-03 22:15:38 +02:00
Daniel Stenberg
d603ed6753
KNOWN_BUGS: #30 was fixed in 0bc4938eec
, 7.37.0
2014-06-01 19:59:17 +02:00
Daniel Stenberg
9d85d4746b
curl_version_info.3: returns a pointer to a static struct
...
And clarify that age 3 means 7.16.1 or later.
2014-05-26 11:53:49 +02:00