mirror of
https://github.com/moparisthebest/curl
synced 2024-11-16 14:35:03 -05:00
d2bcf1e3e2
- Add new option CURLOPT_SUPPRESS_CONNECT_HEADERS to allow suppressing proxy CONNECT response headers from the user callback functions CURLOPT_HEADERFUNCTION and CURLOPT_WRITEFUNCTION. - Add new tool option --suppress-connect-headers to expose CURLOPT_SUPPRESS_CONNECT_HEADERS and allow suppressing proxy CONNECT response headers from --dump-header and --include. Assisted-by: Jay Satiro Assisted-by: CarloCannas@users.noreply.github.com Closes https://github.com/curl/curl/pull/783
385 lines
18 KiB
C
385 lines
18 KiB
C
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.haxx.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
***************************************************************************/
|
|
#include "tool_setup.h"
|
|
|
|
#include "tool_panykey.h"
|
|
#include "tool_help.h"
|
|
#include "tool_libinfo.h"
|
|
#include "tool_version.h"
|
|
|
|
#include "memdebug.h" /* keep this as LAST include */
|
|
|
|
#ifdef MSDOS
|
|
# define USE_WATT32
|
|
#endif
|
|
|
|
/*
|
|
* A few of these source lines are >80 columns wide, but that's only because
|
|
* breaking the strings narrower makes this chunk look even worse!
|
|
*
|
|
* Starting with 7.18.0, this list of command line options is sorted based
|
|
* on the long option name. It is not done automatically, although a command
|
|
* line like the following can help out:
|
|
*
|
|
* curl --help | cut -c5- | grep "^-" | sort
|
|
*/
|
|
|
|
static const char *const helptext[] = {
|
|
"Usage: curl [options...] <url>",
|
|
"Options: (H) means HTTP/HTTPS only, (F) means FTP only",
|
|
" --anyauth Pick \"any\" authentication method (H)",
|
|
" -a, --append Append to target file when uploading (F/SFTP)",
|
|
" --basic Use HTTP Basic Authentication (H)",
|
|
" --cacert FILE CA certificate to verify peer against (SSL)",
|
|
" --capath DIR CA directory to verify peer against (SSL)",
|
|
" -E, --cert CERT[:PASSWD] Client certificate file and password (SSL)",
|
|
" --cert-status Verify the status of the server certificate (SSL)",
|
|
" --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL)",
|
|
" --ciphers LIST SSL ciphers to use (SSL)",
|
|
" --compressed Request compressed response (using deflate or gzip)",
|
|
" -K, --config FILE Read config from FILE",
|
|
" --connect-timeout SECONDS Maximum time allowed for connection",
|
|
" --connect-to HOST1:PORT1:HOST2:PORT2 Connect to host (network level)",
|
|
" -C, --continue-at OFFSET Resumed transfer OFFSET",
|
|
" -b, --cookie STRING/FILE Read cookies from STRING/FILE (H)",
|
|
" -c, --cookie-jar FILE Write cookies to FILE after operation (H)",
|
|
" --create-dirs Create necessary local directory hierarchy",
|
|
" --crlf Convert LF to CRLF in upload",
|
|
" --crlfile FILE Get a CRL list in PEM format from the given file",
|
|
" -d, --data DATA HTTP POST data (H)",
|
|
" --data-raw DATA HTTP POST data, '@' allowed (H)",
|
|
" --data-ascii DATA HTTP POST ASCII data (H)",
|
|
" --data-binary DATA HTTP POST binary data (H)",
|
|
" --data-urlencode DATA HTTP POST data url encoded (H)",
|
|
" --delegation STRING GSS-API delegation permission",
|
|
" --digest Use HTTP Digest Authentication (H)",
|
|
" --disable-eprt Inhibit using EPRT or LPRT (F)",
|
|
" --disable-epsv Inhibit using EPSV (F)",
|
|
" --dns-servers DNS server addrs to use: 1.1.1.1;2.2.2.2",
|
|
" --dns-interface Interface to use for DNS requests",
|
|
" --dns-ipv4-addr IPv4 address to use for DNS requests, dot notation",
|
|
" --dns-ipv6-addr IPv6 address to use for DNS requests, dot notation",
|
|
" -D, --dump-header FILE Write the received headers to FILE",
|
|
" --egd-file FILE EGD socket path for random data (SSL)",
|
|
" --engine ENGINE Crypto engine (use \"--engine list\" for list) (SSL)",
|
|
#ifdef USE_ENVIRONMENT
|
|
" --environment Write results to environment variables (RISC OS)",
|
|
#endif
|
|
" --expect100-timeout SECONDS How long to wait for 100-continue (H)",
|
|
" -f, --fail Fail silently (no output at all) on HTTP errors (H)",
|
|
" --fail-early Fail on first transfer error, do not continue",
|
|
" --false-start Enable TLS False Start.",
|
|
" -F, --form CONTENT Specify HTTP multipart POST data (H)",
|
|
" --form-string STRING Specify HTTP multipart POST data (H)",
|
|
" --ftp-account DATA Account data string (F)",
|
|
" --ftp-alternative-to-user COMMAND "
|
|
"String to replace \"USER [name]\" (F)",
|
|
" --ftp-create-dirs Create the remote dirs if not present (F)",
|
|
" --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F)",
|
|
" --ftp-pasv Use PASV/EPSV instead of PORT (F)",
|
|
" -P, --ftp-port ADR Use PORT with given address instead of PASV (F)",
|
|
" --ftp-skip-pasv-ip Skip the IP address for PASV (F)\n"
|
|
" --ftp-pret Send PRET before PASV (for drftpd) (F)",
|
|
" --ftp-ssl-ccc Send CCC after authenticating (F)",
|
|
" --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F)",
|
|
" --ftp-ssl-control Require SSL/TLS for FTP login, "
|
|
"clear for transfer (F)",
|
|
" -G, --get Send the -d data with a HTTP GET (H)",
|
|
" -g, --globoff Disable URL sequences and ranges using {} and []",
|
|
" -H, --header LINE Pass custom header LINE to server (H)",
|
|
" -I, --head Show document info only",
|
|
" -h, --help This help text",
|
|
" --hostpubmd5 MD5 "
|
|
"Hex-encoded MD5 string of the host public key. (SSH)",
|
|
" -0, --http1.0 Use HTTP 1.0 (H)",
|
|
" --http1.1 Use HTTP 1.1 (H)",
|
|
" --http2 Use HTTP 2 (H)",
|
|
" --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade (H)",
|
|
" --ignore-content-length Ignore the HTTP Content-Length header",
|
|
" -i, --include Include protocol headers in the output (H/F)",
|
|
" -k, --insecure Allow connections to SSL sites without certs (H)",
|
|
" --interface INTERFACE Use network INTERFACE (or address)",
|
|
" -4, --ipv4 Resolve name to IPv4 address",
|
|
" -6, --ipv6 Resolve name to IPv6 address",
|
|
" -j, --junk-session-cookies Ignore session cookies read from file (H)",
|
|
" --keepalive-time SECONDS Wait SECONDS between keepalive probes",
|
|
" --key KEY Private key file name (SSL/SSH)",
|
|
" --key-type TYPE Private key file type (DER/PEM/ENG) (SSL)",
|
|
" --krb LEVEL Enable Kerberos with security LEVEL (F)",
|
|
#ifndef CURL_DISABLE_LIBCURL_OPTION
|
|
" --libcurl FILE Dump libcurl equivalent code of this command line",
|
|
#endif
|
|
" --limit-rate RATE Limit transfer speed to RATE",
|
|
" -l, --list-only List only mode (F/POP3)",
|
|
" --local-port RANGE Force use of RANGE for local port numbers",
|
|
" -L, --location Follow redirects (H)",
|
|
" --location-trusted "
|
|
"Like '--location', and send auth to other hosts (H)",
|
|
" --login-options OPTIONS Server login options (IMAP, POP3, SMTP)",
|
|
" -M, --manual Display the full manual",
|
|
" --mail-from FROM Mail from this address (SMTP)",
|
|
" --mail-rcpt TO Mail to this/these addresses (SMTP)",
|
|
" --mail-auth AUTH Originator address of the original email (SMTP)",
|
|
" --max-filesize BYTES Maximum file size to download (H/F)",
|
|
" --max-redirs NUM Maximum number of redirects allowed (H)",
|
|
" -m, --max-time SECONDS Maximum time allowed for the transfer",
|
|
" --metalink Process given URLs as metalink XML file",
|
|
" --negotiate Use HTTP Negotiate (SPNEGO) authentication (H)",
|
|
" -n, --netrc Must read .netrc for user name and password",
|
|
" --netrc-optional Use either .netrc or URL; overrides -n",
|
|
" --netrc-file FILE Specify FILE for netrc",
|
|
" -:, --next "
|
|
"Allows the following URL to use a separate set of options",
|
|
" --no-alpn Disable the ALPN TLS extension (H)",
|
|
" -N, --no-buffer Disable buffering of the output stream",
|
|
" --no-keepalive Disable keepalive use on the connection",
|
|
" --no-npn Disable the NPN TLS extension (H)",
|
|
" --no-sessionid Disable SSL session-ID reusing (SSL)",
|
|
" --noproxy List of hosts which do not use proxy",
|
|
" --ntlm Use HTTP NTLM authentication (H)",
|
|
" --ntlm-wb Use HTTP NTLM authentication with winbind (H)",
|
|
" --oauth2-bearer TOKEN OAuth 2 Bearer Token (IMAP, POP3, SMTP)",
|
|
" -o, --output FILE Write to FILE instead of stdout",
|
|
" --pass PASS Pass phrase for the private key (SSL/SSH)",
|
|
" --path-as-is Do not squash .. sequences in URL path",
|
|
" --pinnedpubkey FILE/HASHES Public key to verify peer against (SSL)",
|
|
" --post301 "
|
|
"Do not switch to GET after following a 301 redirect (H)",
|
|
" --post302 "
|
|
"Do not switch to GET after following a 302 redirect (H)",
|
|
" --post303 "
|
|
"Do not switch to GET after following a 303 redirect (H)",
|
|
" --preproxy [PROTOCOL://]HOST[:PORT] Proxy before HTTP(S) proxy",
|
|
" -#, --progress-bar Display transfer progress as a progress bar",
|
|
" --proto PROTOCOLS Enable/disable PROTOCOLS",
|
|
" --proto-default PROTOCOL Use PROTOCOL for any URL missing a scheme",
|
|
" --proto-redir PROTOCOLS Enable/disable PROTOCOLS on redirect",
|
|
" -x, --proxy [PROTOCOL://]HOST[:PORT] Use proxy on given port",
|
|
" --proxy-anyauth Pick \"any\" proxy authentication method (H)",
|
|
" --proxy-basic Use Basic authentication on the proxy (H)",
|
|
" --proxy-digest Use Digest authentication on the proxy (H)",
|
|
" --proxy-cacert FILE "
|
|
"CA certificate to verify peer against for proxy (SSL)",
|
|
" --proxy-capath DIR "
|
|
"CA directory to verify peer against for proxy (SSL)",
|
|
" --proxy-cert CERT[:PASSWD] "
|
|
"Client certificate file and password for proxy (SSL)",
|
|
" --proxy-cert-type TYPE "
|
|
"Certificate file type (DER/PEM/ENG) for proxy (SSL)",
|
|
" --proxy-ciphers LIST SSL ciphers to use for proxy (SSL)",
|
|
" --proxy-crlfile FILE "
|
|
"Get a CRL list in PEM format from the given file for proxy",
|
|
" --proxy-insecure "
|
|
"Allow connections to SSL sites without certs for proxy (H)",
|
|
" --proxy-key KEY Private key file name for proxy (SSL)",
|
|
" --proxy-key-type TYPE "
|
|
"Private key file type for proxy (DER/PEM/ENG) (SSL)",
|
|
" --proxy-negotiate "
|
|
"Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)",
|
|
" --proxy-ntlm Use NTLM authentication on the proxy (H)",
|
|
" --proxy-header LINE Pass custom header LINE to proxy (H)",
|
|
" --proxy-pass PASS Pass phrase for the private key for proxy (SSL)",
|
|
" --proxy-ssl-allow-beast "
|
|
"Allow security flaw to improve interop for proxy (SSL)",
|
|
" --proxy-tlsv1 Use TLSv1 for proxy (SSL)",
|
|
" --proxy-tlsuser USER TLS username for proxy",
|
|
" --proxy-tlspassword STRING TLS password for proxy",
|
|
" --proxy-tlsauthtype STRING "
|
|
"TLS authentication type for proxy (default SRP)",
|
|
" --proxy-service-name NAME SPNEGO proxy service name",
|
|
" --service-name NAME SPNEGO service name",
|
|
" -U, --proxy-user USER[:PASSWORD] Proxy user and password",
|
|
" --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port",
|
|
" -p, --proxytunnel Operate through a HTTP proxy tunnel (using CONNECT)",
|
|
" --pubkey KEY Public key file name (SSH)",
|
|
" -Q, --quote CMD Send command(s) to server before transfer (F/SFTP)",
|
|
" --random-file FILE File for reading random data from (SSL)",
|
|
" -r, --range RANGE Retrieve only the bytes within RANGE",
|
|
" --raw Do HTTP \"raw\"; no transfer decoding (H)",
|
|
" -e, --referer Referer URL (H)",
|
|
" -J, --remote-header-name Use the header-provided filename (H)",
|
|
" -O, --remote-name Write output to a file named as the remote file",
|
|
" --remote-name-all Use the remote file name for all URLs",
|
|
" -R, --remote-time Set the remote file's time on the local output",
|
|
" -X, --request COMMAND Specify request command to use",
|
|
" --resolve HOST:PORT:ADDRESS Force resolve of HOST:PORT to ADDRESS",
|
|
" --retry NUM "
|
|
"Retry request NUM times if transient problems occur",
|
|
" --retry-connrefused Retry on connection refused (use with --retry)",
|
|
" --retry-delay SECONDS Wait SECONDS between retries",
|
|
" --retry-max-time SECONDS Retry only within this period",
|
|
" --sasl-ir Enable initial response in SASL authentication",
|
|
" -S, --show-error "
|
|
"Show error. With -s, make curl show errors when they occur",
|
|
" -s, --silent Silent mode (don't output anything)",
|
|
" --socks4 HOST[:PORT] SOCKS4 proxy on given host + port",
|
|
" --socks4a HOST[:PORT] SOCKS4a proxy on given host + port",
|
|
" --socks5 HOST[:PORT] SOCKS5 proxy on given host + port",
|
|
" --socks5-hostname HOST[:PORT] "
|
|
"SOCKS5 proxy, pass host name to proxy",
|
|
" --socks5-gssapi-service NAME SOCKS5 proxy service name for GSS-API",
|
|
" --socks5-gssapi-nec Compatibility with NEC SOCKS5 server",
|
|
" -Y, --speed-limit RATE "
|
|
"Stop transfers below RATE for 'speed-time' secs",
|
|
" -y, --speed-time SECONDS "
|
|
"Trigger 'speed-limit' abort after SECONDS (default: 30)",
|
|
" --ssl Try SSL/TLS (FTP, IMAP, POP3, SMTP)",
|
|
" --ssl-reqd Require SSL/TLS (FTP, IMAP, POP3, SMTP)",
|
|
" -2, --sslv2 Use SSLv2 (SSL)",
|
|
" -3, --sslv3 Use SSLv3 (SSL)",
|
|
" --ssl-allow-beast Allow security flaw to improve interop (SSL)",
|
|
" --ssl-no-revoke Disable cert revocation checks (WinSSL)",
|
|
" --stderr FILE Where to redirect stderr (use \"-\" for stdout)",
|
|
" --suppress-connect-headers Suppress proxy CONNECT response headers",
|
|
" --tcp-nodelay Use the TCP_NODELAY option",
|
|
" --tcp-fastopen Use TCP Fast Open",
|
|
" -t, --telnet-option OPT=VAL Set telnet option",
|
|
" --tftp-blksize VALUE Set TFTP BLKSIZE option (must be >512)",
|
|
" --tftp-no-options Do not send TFTP options requests",
|
|
" -z, --time-cond TIME Transfer based on a time condition",
|
|
" -1, --tlsv1 Use >= TLSv1 (SSL)",
|
|
" --tlsv1.0 Use TLSv1.0 (SSL)",
|
|
" --tlsv1.1 Use TLSv1.1 (SSL)",
|
|
" --tlsv1.2 Use TLSv1.2 (SSL)",
|
|
" --tlsv1.3 Use TLSv1.3 (SSL)",
|
|
" --tls-max VERSION Use TLS up to VERSION (SSL)",
|
|
" --trace FILE Write a debug trace to FILE",
|
|
" --trace-ascii FILE Like --trace, but without hex output",
|
|
" --trace-time Add time stamps to trace/verbose output",
|
|
" --tr-encoding Request compressed transfer encoding (H)",
|
|
" -T, --upload-file FILE Transfer FILE to destination",
|
|
" --url URL URL to work with",
|
|
" -B, --use-ascii Use ASCII/text transfer",
|
|
" -u, --user USER[:PASSWORD] Server user and password",
|
|
" --tlsuser USER TLS username",
|
|
" --tlspassword STRING TLS password",
|
|
" --tlsauthtype STRING TLS authentication type (default: SRP)",
|
|
" --unix-socket PATH Connect through this Unix domain socket",
|
|
" --abstract-unix-socket PATH Connect to an abstract Unix domain socket",
|
|
" -A, --user-agent STRING Send User-Agent STRING to server (H)",
|
|
" -v, --verbose Make the operation more talkative",
|
|
" -V, --version Show version number and quit",
|
|
#ifdef USE_WATT32
|
|
" --wdebug Turn on Watt-32 debugging",
|
|
#endif
|
|
" -w, --write-out FORMAT Use output FORMAT after completion",
|
|
" --xattr Store metadata in extended file attributes",
|
|
" -q, --disable Disable .curlrc (must be first parameter)",
|
|
NULL
|
|
};
|
|
|
|
#ifdef NETWARE
|
|
# define PRINT_LINES_PAUSE 23
|
|
#endif
|
|
|
|
#ifdef __SYMBIAN32__
|
|
# define PRINT_LINES_PAUSE 16
|
|
#endif
|
|
|
|
struct feat {
|
|
const char *name;
|
|
int bitmask;
|
|
};
|
|
|
|
static const struct feat feats[] = {
|
|
{"AsynchDNS", CURL_VERSION_ASYNCHDNS},
|
|
{"Debug", CURL_VERSION_DEBUG},
|
|
{"TrackMemory", CURL_VERSION_CURLDEBUG},
|
|
{"IDN", CURL_VERSION_IDN},
|
|
{"IPv6", CURL_VERSION_IPV6},
|
|
{"Largefile", CURL_VERSION_LARGEFILE},
|
|
{"SSPI", CURL_VERSION_SSPI},
|
|
{"GSS-API", CURL_VERSION_GSSAPI},
|
|
{"Kerberos", CURL_VERSION_KERBEROS5},
|
|
{"SPNEGO", CURL_VERSION_SPNEGO},
|
|
{"NTLM", CURL_VERSION_NTLM},
|
|
{"NTLM_WB", CURL_VERSION_NTLM_WB},
|
|
{"SSL", CURL_VERSION_SSL},
|
|
{"libz", CURL_VERSION_LIBZ},
|
|
{"CharConv", CURL_VERSION_CONV},
|
|
{"TLS-SRP", CURL_VERSION_TLSAUTH_SRP},
|
|
{"HTTP2", CURL_VERSION_HTTP2},
|
|
{"UnixSockets", CURL_VERSION_UNIX_SOCKETS},
|
|
{"HTTPS-proxy", CURL_VERSION_HTTPS_PROXY}
|
|
};
|
|
|
|
void tool_help(void)
|
|
{
|
|
int i;
|
|
for(i = 0; helptext[i]; i++) {
|
|
puts(helptext[i]);
|
|
#ifdef PRINT_LINES_PAUSE
|
|
if(i && ((i % PRINT_LINES_PAUSE) == 0))
|
|
tool_pressanykey();
|
|
#endif
|
|
}
|
|
}
|
|
|
|
void tool_version_info(void)
|
|
{
|
|
const char *const *proto;
|
|
|
|
printf(CURL_ID "%s\n", curl_version());
|
|
if(curlinfo->protocols) {
|
|
printf("Protocols: ");
|
|
for(proto = curlinfo->protocols; *proto; ++proto) {
|
|
printf("%s ", *proto);
|
|
}
|
|
puts(""); /* newline */
|
|
}
|
|
if(curlinfo->features) {
|
|
unsigned int i;
|
|
printf("Features: ");
|
|
for(i = 0; i < sizeof(feats)/sizeof(feats[0]); i++) {
|
|
if(curlinfo->features & feats[i].bitmask)
|
|
printf("%s ", feats[i].name);
|
|
}
|
|
#ifdef USE_METALINK
|
|
printf("Metalink ");
|
|
#endif
|
|
#ifdef USE_LIBPSL
|
|
printf("PSL ");
|
|
#endif
|
|
puts(""); /* newline */
|
|
}
|
|
}
|
|
|
|
void tool_list_engines(CURL *curl)
|
|
{
|
|
struct curl_slist *engines = NULL;
|
|
|
|
/* Get the list of engines */
|
|
curl_easy_getinfo(curl, CURLINFO_SSL_ENGINES, &engines);
|
|
|
|
puts("Build-time engines:");
|
|
if(engines) {
|
|
for(; engines; engines = engines->next)
|
|
printf(" %s\n", engines->data);
|
|
}
|
|
else {
|
|
puts(" <none>");
|
|
}
|
|
|
|
/* Cleanup the list of engines */
|
|
curl_slist_free_all(engines);
|
|
}
|