Граф коммитов

1582 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg 302d125b42
axtls: removed
As has been outlined in the DEPRECATE.md document, the axTLS code has
been disabled for 6 months and is hereby removed.

Use a better supported TLS library!

Assisted-by: Daniel Gustafsson
Closes #3194
2018-11-01 10:29:53 +01:00
marcosdiazr 7f4c358541
schannel: make CURLOPT_CERTINFO support using Issuer chain
Closes #3197
2018-11-01 10:21:51 +01:00
Daniel Gustafsson 1460e89e01 vtls: add MesaLink to curl_sslbackend enum
MesaLink support was added in commit 57348eb97d but the
backend was never added to the curl_sslbackend enum in curl/curl.h.
This adds the new backend to the enum and updates the relevant docs.

Closes #3195
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-30 16:56:51 +01:00
Michael Kaufmann d275c18c2a docs: add "see also" links for SSL options
- link TLS 1.2 and TLS 1.3 options
- link proxy and non-proxy options

Closes #3121
2018-10-10 22:23:11 +02:00
Daniel Gustafsson 4bc86270e1 CURLOPT_SSL_VERIFYSTATUS: Fix typo
Changes s/OSCP/OCSP/ and bumps the copyright year due to the change.
2018-10-09 09:47:40 +02:00
Viktor Szakats ff9d7f4447 spelling fixes [ci skip]
as detected by codespell 1.14.0

Closes https://github.com/curl/curl/pull/3114
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-10-08 19:37:40 +00:00
Daniel Gustafsson af99662688 CURLOPT_SSLVERSION.3: fix typos and consistent spelling
Use TLS vX.Y throughout the document, instead of TLS X.Y, as that was
already done in all but a few cases. Also fix a few typos.

Closes #3076
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:22:10 +02:00
Jay Satiro 35ac49d4ed CURLOPT_HEADER.3: fix typo 2018-10-03 02:30:32 -04:00
Viktor Szakats b801b453af whitespace fixes
- replace tabs with spaces where possible
- remove line ending spaces
- remove double/triple newlines at EOF
- fix a non-UTF-8 character
- cleanup a few indentations/line continuations
  in manual examples

Closes https://github.com/curl/curl/pull/3037
2018-09-23 22:24:02 +00:00
Daniel Stenberg 5c73093edb
urlapi: document the error codes, remove two unused ones
Assisted-by: Daniel Gustafsson
Closes #3019
2018-09-19 23:25:11 +02:00
Daniel Stenberg 9307c219ad
urlapi: add CURLU_GUESS_SCHEME and fix hostname acceptance
In order for this API to fully work for libcurl itself, it now offers a
CURLU_GUESS_SCHEME flag that makes it "guess" scheme based on the host
name prefix just like libcurl always did. If there's no known prefix, it
will guess "http://".

Separately, it relaxes the check of the host name so that IDN host names
can be passed in as well.

Both these changes are necessary for libcurl itself to use this API.

Assisted-by: Daniel Gustafsson
Closes #3018
2018-09-19 23:21:52 +02:00
Dave Reisner c1e5980f66
curl_url_set.3: properly escape \n in example code
This yields

  "the scheme is %s\n"

instead of

  "the scheme is %s0

Closes #2970
2018-09-13 08:07:36 +02:00
Dave Reisner 0411057380
curl_url_set.3: fix typo in reference to CURLU_APPENDQUERY 2018-09-13 08:07:15 +02:00
Daniel Stenberg 11e8a43f85
libcurl-url.3: overview man page for the URL API
Closes #2967
2018-09-10 23:29:37 +02:00
Daniel Stenberg 8b85a3cac5
curl_url_set.3: correct description 2018-09-08 19:39:57 +02:00
Daniel Stenberg 890eea5aad
curl_url-docs: fix AVAILABILITY as Added in curl 7.62.0 2018-09-08 16:02:25 +02:00
Daniel Stenberg fb30ac5a2d
URL-API
See header file and man pages for API. All documented API details work
and are tested in the 1560 test case.

Closes #2842
2018-09-08 15:36:11 +02:00
Daniel Stenberg 17ca0ccff4
curl_easy_upkeep: removed 'conn' from the name
... including the associated option.

Fixes #2951
Closes #2952
2018-09-07 13:43:26 +02:00
Max Dymond 7b655fcbad
upkeep: add a connection upkeep API: curl_easy_conn_upkeep()
Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641
2018-09-07 09:45:29 +02:00
Nicklas Avén 6987fcef65
imap: change from "FETCH" to "UID FETCH"
... and add "MAILINDEX".

As described in #2789, this is a suggested solution.  Changing UID=xx to
actually get mail with UID xx and add "MAILINDEX" to get a mail with a
special index in the mail box (old behavior).  So MAILINDEX=1 gives the
first non deleted mail in the mail box.

Fixes #2789
Closes #2815
2018-09-06 10:57:48 +02:00
Daniel Stenberg 2825f46d95
CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
This is step 3 of #2888.

Fixes #2888
Closes #2896
2018-09-06 10:53:39 +02:00
Daniel Stenberg abff183387
setopt: add CURLOPT_DOH_URL
Closes #2668
2018-09-06 09:17:17 +02:00
Han Han 3f3b26d6fe
ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
Long live CURLE_PEER_FAILED_VERIFICATION
2018-09-06 08:27:15 +02:00
Daniel Stenberg 25fd1057c9
url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
Closes #2709
2018-09-05 14:36:19 +02:00
Daniel Stenberg d7c4213bd0
multiplex: enable by default
Starting 7.62.0, multiplexing is enabled by default in multi handles.
2018-09-05 14:35:57 +02:00
Daniel Stenberg f7208df7d9
pipelining: deprecated
Transparently. The related curl_multi_setopt() options all still returns
OK when pipelining is selected.

To re-enable the support, the single line change in lib/multi.c needs to
be reverted.

See docs/DEPRECATE.md

Closes #2705
2018-09-05 11:34:03 +02:00
Jay Satiro c10f5b02a8 CURLOPT_SSL_CTX_FUNCTION.3: clarify connection reuse warning
Reported-by: Daniel Stenberg

Closes https://github.com/curl/curl/issues/2916
2018-08-29 10:08:16 -04:00
Daniel Stenberg cc67b0a2ee
CURLOPT_ACCEPT_ENCODING.3: list them comma-separated [ci skip] 2018-08-27 11:16:23 +02:00
Daniel Stenberg 0e7e5e1ad1
CURLOPT_SSL_CTX_FUNCTION.3: might cause unintended connection reuse [ci skip]
Added a warning!

Closes #2915
2018-08-27 10:49:58 +02:00
Daniel Stenberg a7ba60bb72
docs: clarify NO_PROXY env variable functionality
Reported-by: Kirill Marchuk
Fixes #2773
Closes #2911
2018-08-24 23:22:46 +02:00
Daniel Stenberg 1b8ed4ad23
libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation
Multi-threaded applictions basically MUST set CURLOPT_NO_SIGNAL to 1L to
avoid the risk of getting a SIGPIPE.

Either way, a multi-threaded application that uses libcurl/openssl needs
to have a signhandler for or ignore SIGPIPE on its own.

Based on discussions in #2800
Closes #2904
2018-08-23 08:29:55 +02:00
Michael Kaufmann b676b66f4d docs: Improve the manual pages of some callbacks
- CURLOPT_HEADERFUNCTION: add newlines
- CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata'
- CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA
- CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain
  how to set it

Closes https://github.com/curl/curl/pull/2868
2018-08-11 14:33:28 -04:00
Daniel Jelinski 53d211bfd1
Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bug
Closes #2867
2018-08-10 23:45:08 +02:00
Daniel Stenberg 6fac5a3e65
docs: mention NULL is fine input to several functions
Fixes #2837
Closes #2858
Reported-by: Markus Elfring
2018-08-10 00:24:12 +02:00
Christopher Head 812d05daff
docs/CURLOPT_URL: fix indentation
The statement, “The application does not have to keep the string around
after setting this option,” appears to be indented under the RTMP
paragraph. It actually applies to all protocols, not just RTMP.
Eliminate the extra indentation.

Closes #2788
2018-07-26 16:26:49 +02:00
Christopher Head 9526cbe6bc
docs/CURLOPT_WRITEFUNCTION: size is always 1
For compatibility with `fwrite`, the `CURLOPT_WRITEFUNCTION` callback is
passed two `size_t` parameters which, when multiplied, designate the
number of bytes of data passed in. In practice, CURL always sets the
first parameter (`size`) to 1.

This practice is also enshrined in documentation and cannot be changed
in future. The documentation states that the default callback is
`fwrite`, which means `fwrite` must be a suitable function for this
purpose. However, the documentation also states that the callback must
return the number of *bytes* it successfully handled, whereas ISO C
`fwrite` returns the number of items (each of size `size`) which it
wrote. The only way these numbers can be equal is if `size` is 1.

Since `size` is 1 and can never be changed in future anyway, document
that fact explicitly and let users rely on it.

Closes #2787
2018-07-26 16:24:43 +02:00
Daniel Stenberg 9679790b23 docs: fix missed option name markups 2018-06-30 18:33:07 +02:00
Daniel Stenberg 6015cefb1b
openssl: make the requested TLS version the *minimum* wanted
The code treated the set version as the *exact* version to require in
the TLS handshake, which is not what other TLS backends do and probably
not what most people expect either.

Reported-by: Andreas Olsson
Assisted-by: Gaurav Malhotra
Fixes #2691
Closes #2694
2018-06-29 22:53:02 +02:00
Adrian Peniak 24cb114c53
CURLINFO_TLS_SSL_PTR.3: improve the example
The previous example was a little bit confusing, because SSL* structure
(or other "in use" SSL connection pointer) is not accessible after the
transfer is completed, therefore working with the raw TLS library
specific pointer needs to be done during transfer.

Closes #2690
2018-06-28 09:43:23 +02:00
Daniel Stenberg 810ce31886
CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake
Follow-up to b6a16afa0a
2018-06-24 23:18:52 +02:00
Patrick Schlangen b6a16afa0a
CURLOPT_SSL_VERIFYPEER.3: Add performance note
Closes #2673
2018-06-23 22:35:12 +02:00
Daniel Stenberg dfb873e308
CURLOPT_INTERFACE.3: interface names not supported on Windows 2018-06-18 23:14:28 +02:00
Daniel Stenberg a78c5c7aae
CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0 2018-06-15 11:17:02 +02:00
Alibek.Jorajev f66d97b677
CURLOPT_RESOLVE: always purge old entry first
If there's an existing entry using the selected name.

Closes #2622
2018-06-01 12:47:52 +02:00
Björn Stenberg 946ce5b61f
option: disallow username in URL
Adds CURLOPT_DISALLOW_USERNAME_IN_URL and --disallow-username-in-url. Makes
libcurl reject URLs with a username in them.

Closes #2340
2018-05-31 11:27:16 +02:00
Daniel Stenberg 71d35e4a1d
libcurl-security.3: improved layout for two rememdy lists 2018-05-31 11:19:05 +02:00
Daniel Stenberg 5f07fca8f7
libcurl-security.3: refer to URL instead of in-source markdown file 2018-05-31 11:11:38 +02:00
Daniel Stenberg 050c93c46f
setopt: add TLS 1.3 ciphersuites
Adds CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS.

curl: added --tls13-ciphers and --proxy-tls13-ciphers

Fixes #2435
Reported-by: zzq1015 on github
Closes #2607
2018-05-29 16:12:52 +02:00
Patrick Monnerat 8541d02c96 psl: use latest psl and refresh it periodically
The latest psl is cached in the multi or share handle. It is refreshed
before use after 72 hours.
New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing.
If the latest psl is not available, the builtin psl is used.

Reported-by: Yaakov Selkowitz
Fixes #2553
Closes #2601
2018-05-28 20:37:14 +02:00
Linus Lewandowski 239a7061f8
httpauth: add support for Bearer tokens
Closes #2102
2018-05-24 20:39:49 +02:00
Daniel Stenberg 2ceab09451
CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit 2018-05-22 08:23:30 +02:00
Daniel Stenberg d5a2df5f1d
docs: clarify CURLOPT_HTTPGET somewhat
Reported-by: bsammon on github
Fixes #2590
2018-05-21 10:29:28 +02:00
Daniel Stenberg 404c8850da
curl_fnmatch: only allow two asterisks for matching
The previous limit of 5 can still end up in situation that takes a very
long time and consumes a lot of CPU.

If there is still a rare use case for this, a user can provide their own
fnmatch callback for a version that allows a larger set of wildcards.

This commit was triggered by yet another OSS-Fuzz timeout due to this.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369

Closes #2587
2018-05-18 23:33:44 +02:00
Aleks e05ad5dd99
docs: mention HAproxy protocol "version 1"
...as there's also a version 2.

Closes #2579
2018-05-18 17:48:40 +02:00
Philip Prindeville ce2140a8c1
getinfo: add microsecond precise timers for various intervals
Provide a set of new timers that return the time intervals using integer
number of microseconds instead of floats.

The new info names are as following:

CURLINFO_APPCONNECT_TIME_T
CURLINFO_CONNECT_TIME_T
CURLINFO_NAMELOOKUP_TIME_T
CURLINFO_PRETRANSFER_TIME_T
CURLINFO_REDIRECT_TIME_T
CURLINFO_STARTTRANSFER_TIME_T
CURLINFO_TOTAL_TIME_T

Closes #2495
2018-05-17 13:41:04 +02:00
Daniel Stenberg f38220259c
docs/libcurl/index.html: removed
The HTML files are long gone from the dist, now remove the last HTML
file pointing to those missing files.

d
2018-05-15 16:41:55 +02:00
Daniel Gustafsson e953475de5
URLs: fix one more http url
This file wasn't included in commit 4af40b3646 which updated all
haxx.se http urls to https. The file was committed prior to that update,
but may have been merged after it and hence didn't get updated.

Closes #2550
2018-05-05 23:02:40 +02:00
Denis Ollier 0be4679ba9
docs: remove extraneous commas in man pages
Closes #2544
2018-05-03 15:17:33 +02:00
Daniel Stenberg 97f63f512d
CURLOPT_URL.3: add ENCODING section [ci skip]
Feedback-by: Michael Kilburn
2018-04-30 14:31:04 +02:00
Daniel Stenberg f84139fd08
CURLINFO_PROTOCOL.3: mention the existing defined names 2018-04-27 11:50:16 +02:00
Christian Schmitz d0394de152
curl_global_sslset: always provide available backends
Closes #2499
2018-04-23 14:18:55 +02:00
Archangel_SDY f0819f99ae CURLOPT_SSLCERT.3: improve WinSSL-specific usage info
Ref: https://github.com/curl/curl/pull/2376#issuecomment-381858780

Closes https://github.com/curl/curl/pull/2504
2018-04-23 03:16:52 -04:00
Dan McNulty 8996300211 schannel: add support for CURLOPT_CAINFO
- Move verify_certificate functionality in schannel.c into a new
  file called schannel_verify.c. Additionally, some structure defintions
  from schannel.c have been moved to schannel.h to allow them to be
  used in schannel_verify.c.

- Make verify_certificate functionality for Schannel available on
  all versions of Windows instead of just Windows CE. verify_certificate
  will be invoked on Windows CE or when the user specifies
  CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER.

- In verify_certificate, create a custom certificate chain engine that
  exclusively trusts the certificate store backed by the CURLOPT_CAINFO
  file.

- doc updates of --cacert/CAINFO support for schannel

- Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString
  when available. This implements a TODO in schannel.c to improve
  handling of multiple SANs in a certificate. In particular, all SANs
  will now be searched instead of just the first name.

- Update tool_operate.c to not search for the curl-ca-bundle.crt file
  when using Schannel to maintain backward compatibility. Previously,
  any curl-ca-bundle.crt file found in that search would have been
  ignored by Schannel. But, with CAINFO support, the file found by
  that search would have been used as the certificate store and
  could cause issues for any users that have curl-ca-bundle.crt in
  the search path.

- Update url.c to not set the build time CURL_CA_BUNDLE if the selected
  SSL backend is Schannel. We allow setting CA location for schannel
  only when explicitly specified by the user via CURLOPT_CAINFO /
  --cacert.

- Add new test cases 3000 and 3001. These test cases check that the first
  and last SAN, respectively, matches the connection hostname. New test
  certificates have been added for these cases. For 3000, the certificate
  prefix is Server-localhost-firstSAN and for 3001, the certificate
  prefix is Server-localhost-secondSAN.

- Remove TODO 15.2 (Add support for custom server certificate
  validation), this commit addresses it.

Closes https://github.com/curl/curl/pull/1325
2018-04-18 03:59:47 -04:00
Jakub Wilk 24e8355877 docs: fix typos
Closes https://github.com/curl/curl/pull/2503
2018-04-17 15:32:51 -04:00
Archangel_SDY e35b0256eb
schannel: add client certificate authentication
Users can now specify a client certificate in system certificates store
explicitly using expression like `--cert "CurrentUser\MY\<thumbprint>"`

Closes #2376
2018-04-17 00:23:01 +02:00
Jay Satiro cbc0f131c2 docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
- Put a percent sign before each CURL_FORMAT_CURL_OFF_T in printf.

For example "%" CURL_FORMAT_CURL_OFF_T becomes %lld or similar.

Bug: https://curl.haxx.se/mail/lib-2018-03/0140.html
Reported-by: David L.
2018-03-31 14:52:55 -04:00
Daniel Stenberg 3ff09ce777
CURLINFO_SSL_VERIFYRESULT.3: fix the example, add some text
Reported-by: Michal Trybus

Fixes #2400
2018-03-21 01:04:41 +01:00
Daniel Stenberg 27d7e511d5
CURLINFO_COOKIELIST.3: made the example not leak memory
Reported-by: Muz Dima
2018-03-20 23:18:23 +01:00
Rick Deist d95f3dc0b1
resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSES
This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request
shuffling of IP addresses returned for a hostname when there is more
than one. This is useful when the application knows that a round robin
approach is appropriate and is willing to accept the consequences of
potentially discarding some preference order returned by the system's
implementation.

Closes #1694
2018-03-17 20:44:14 +01:00
Daniel Stenberg fb4f568b1e
add_handle/easy_perform: clear errorbuffer on start if set
To offer applications a more defined behavior, we clear the buffer as
early as possible.

Assisted-by: Jay Satiro

Fixes #2190
Closes #2377
2018-03-17 12:07:37 +01:00
Lawrence Matthews 6baeb6df35
CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocol
Add --haproxy-protocol for the command line tool

Closes #2162
2018-03-17 11:50:06 +01:00
Daniel Stenberg 9572831b04
curl_version_info.3: fix ssl_version description
Reported-by: Vincas Razma
Fixes #2364
2018-03-17 11:18:00 +01:00
Daniel Stenberg d974b39a9e
CURLOPT_COOKIEFILE.3: "-" as file name means stdin
Reported-by: Aron Bergman
Bug: https://curl.haxx.se/mail/lib-2018-03/0049.html

[ci skip]
2018-03-13 13:04:12 +01:00
Daniel Stenberg 4d0b1e6887
CURLOPT_NOPROXY.3: mention how to list numerical IPv6 addresses 2018-03-04 19:51:37 +01:00
Viktor Szakats 7e35eb7729 spelling fixes
Detected using the `codespell` tool.

Also contains one URL protocol upgrade.

Closes https://github.com/curl/curl/pull/2334
2018-02-23 23:29:01 +00:00
Daniel Stenberg 1a99ecdf50
curl_share_setopt.3: connection cache is shared within multi handles 2018-02-23 12:52:22 +01:00
Francisco Sedano 23713645d4 url: Add option CURLOPT_RESOLVER_START_FUNCTION
- Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that
  will be called every time before a new resolve request is started
  (ie before a host is resolved) with a pointer to backend-specific
  resolver data. Currently this is only useful for ares.

- Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to
  pass to the resolver start callback.

Closes https://github.com/curl/curl/pull/2311
2018-02-21 21:29:10 -05:00
Jay Satiro dd027c80fe lib: CURLOPT_HAPPY_EYEBALLS_TIMEOUT => CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
- In keeping with the naming of our other connect timeout options rename
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT to CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS.

This change adds the _MS suffix since the option expects milliseconds.
This is more intuitive for our users since other connect timeout options
that expect milliseconds use _MS such as CURLOPT_TIMEOUT_MS,
CURLOPT_CONNECTTIMEOUT_MS, CURLOPT_ACCEPTTIMEOUT_MS.

The tool option already uses an -ms suffix, --happy-eyeballs-timeout-ms.

Follow-up to 2427d94 which added the lib and tool option yesterday.

Ref: https://github.com/curl/curl/pull/2260
2018-02-21 15:16:50 -05:00
Anders Bakken 2427d94c6d url: Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT
- Add new option CURLOPT_HAPPY_EYEBALLS_TIMEOUT to set libcurl's happy
  eyeball timeout value.

- Add new optval macro CURL_HET_DEFAULT to represent the default happy
  eyeballs timeout value (currently 200 ms).

- Add new tool option --happy-eyeballs-timeout-ms to expose
  CURLOPT_HAPPY_EYEBALLS_TIMEOUT. The -ms suffix is used because the
  other -timeout options in the tool expect seconds not milliseconds.

Closes https://github.com/curl/curl/pull/2260
2018-02-20 17:51:43 -05:00
Anders Bakken 50d1b3379a CURLOPT_RESOLVE: Add support for multiple IP addresses per entry
This enables users to preresolve but still take advantage of happy
eyeballs and trying multiple addresses if some are not connecting.

Ref: https://github.com/curl/curl/pull/2260
2018-02-20 04:24:28 -05:00
Daniel Stenberg 174212972c
CURLOPT_HEADER.3: clarify problems with different data sizes 2018-02-16 22:54:51 +01:00
Daniel Stenberg 5a44c9fa8b
CURLOPT_HEADERFUNCTION.3: fix typo from d939226813
Reported-by: Erik Johansson
Bug: d939226813 (commitcomment-27607495)
2018-02-16 16:25:52 +01:00
Daniel Stenberg d939226813
CURLOPT_HEADERFUNCTION.3: mention folded headers 2018-02-16 12:11:23 +01:00
Björn Stenberg b46cfbc068
TODO fixed: Detect when called from within callbacks
Closes #2302
2018-02-15 09:36:03 +01:00
Daniel Stenberg 63f6b3b220
libcurl-security.3: separate file:// section
... just to make it more apparent. Even if it repeats
some pieces of information.
2018-02-13 14:04:04 +01:00
Daniel Stenberg 1e720400aa
libcurl-security.3: the http://192.168.0.1/my_router_config case
Mentioned-By: Rich Moore
2018-02-13 13:54:11 +01:00
Daniel Stenberg 03b7b2e8fc
libcurl-security.3: mention the URL standards problems too 2018-02-13 12:05:43 +01:00
Daniel Stenberg 3901842055
libcurl-security.3: split out from libcurl-tutorial.3
To make more accessible.

Merged in some new language from "URLs are dangerous things" as discussed on
the mailing list a few days ago:

Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html
2018-02-13 12:02:09 +01:00
Daniel Stenberg 8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Alessandro Ghedini 4021bac4cd docs: fix typos in man pages
Closes https://github.com/curl/curl/pull/2266
2018-01-27 14:50:40 -05:00
moparisthebest 5c497343d9
GSKit: restore pinnedpubkey functionality
inadvertently removed in 283babfaf8

Closes #2263
2018-01-25 23:16:14 +01:00
Daniel Stenberg 1c39128d97
parsedate: fix date parsing for systems with 32 bit long
Make curl_getdate() handle dates before 1970 as well (returning negative
values).

Make test 517 test dates for 64 bit time_t.

This fixes bug (3) mentioned in #2238

Closes #2250
2018-01-25 22:20:52 +01:00
moparisthebest e178fbd40a
SChannel/WinSSL: Implement public key pinning
Closes #1429
2018-01-25 22:14:39 +01:00
Daniel Stenberg 96186de1f7
docs: fix man page syntax to make test 1140 OK again 2018-01-23 01:28:18 +01:00
Daniel Stenberg af32cd3859
http: prevent custom Authorization headers in redirects
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how
curl already handles Authorization headers created internally.

Note: this changes behavior slightly, for the sake of reducing mistakes.

Added test 317 and 318 to verify.

Reported-by: Craig de Stigter
Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
2018-01-22 10:00:00 +01:00
Daniel Stenberg bb0ffcc36f libcurl-env.3: first take 2018-01-20 14:32:46 +01:00
rouzier 945df74101
CURLOPT_TCP_NODELAY.3: fix typo
Closes #2239
2018-01-15 23:06:58 +01:00
Patrick Monnerat e44ddfd477 mime: clone mime tree upon easy handle duplication.
A mime tree attached to an easy handle using CURLOPT_MIMEPOST is
strongly bound to the handle: there is a pointer to the easy handle in
each item of the mime tree and following the parent pointer list
of mime items ends in a dummy part stored within the handle.

Because of this binding, a mime tree cannot be shared between different
easy handles, thus it needs to be cloned upon easy handle duplication.

There is no way for the caller to get the duplicated mime tree
handle: it is then set to be automatically destroyed upon freeing the
new easy handle.

New test 654 checks proper mime structure duplication/release.

Add a warning note in curl_mime_data_cb() documentation about sharing
user data between duplicated handles.

Closes #2235
2018-01-14 19:43:12 +01:00
Patrick Monnerat 2c821bba85 docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata 2018-01-14 16:08:43 +01:00
Jay Satiro 6fa10c8fa2 setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
Broken since f121575 (precedes 7.56.1).

Bug: https://github.com/curl/curl/issues/2225
Reported-by: cmfrolick@users.noreply.github.com

Closes https://github.com/curl/curl/pull/2227
2018-01-13 02:57:30 -05:00