#
22652a5a |
| 18-Aug-2024 |
Viktor Szakats |
curl: add options for safe/no CA bundle search (Windows) Add `CURL_CA_SEARCH_SAFE` build-time option to enable CA bundle search in the `curl` tool directory. The lookup method was alread
curl: add options for safe/no CA bundle search (Windows) Add `CURL_CA_SEARCH_SAFE` build-time option to enable CA bundle search in the `curl` tool directory. The lookup method was already used to find `.curlrc` and `_curlrc` (on Windows). On Windows it overrides the unsafe default `SearchPath()` method. Enable with: - cmake: `-DCURL_CA_SEARCH_SAFE=ON` - autotools: `--enable-ca-search-safe` - raw: `CPPFLAGS=-DCURL_CA_SEARCH_SAFE` On Windows, before this patch the whole `PATH` was searched for a CA bundle. `PATH` may contain unwanted or world-writable locations, including the current directory. Searching them all is convenient to pick up any CA bundle, but not secure. The Muldersoft curl distro implements such CA search via a custom patch for Windows: https://github.com/lordmulder/cURL-build-win32/blob/cd652d4792c177c98b08b4309d3cac2b8dbbf9b0/patch/curl_tool_doswin.diff#L50 MSYS2/mingw-w64 distro has also been rolling a patch solving this: https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-curl/0001-Make-cURL-relocatable.patch https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-curl/pathtools.c Also add option to fully disable Windows CA search: - cmake: `-DCURL_DISABLE_CA_SEARCH=ON` - autotools: `--disable-ca-search` - raw: `CPPFLAGS=-DCURL_DISABLE_CA_SEARCH`. Both options are considered EXPERIMENTAL, with possible incompatible changes or even (partial) removal in the future, depending on feedback. An alternative, secure option is to embed the CA bundle into the binary. Safe search can be extended to other platforms if necessary or useful, by using `_NSGetExecutablePath()` (macOS), `/proc/self/exe` (Linux/Cygwin), or `argv[0]`. Closes #14582
show more ...
|
#
f81f351b |
| 02-Aug-2024 |
Viktor Szakats |
tidy-up: OS names Use these words and casing more consistently across text, comments and one curl tool output: AIX, ALPN, ANSI, BSD, Cygwin, Darwin, FreeBSD, GitHub, HP-UX, Linux,
tidy-up: OS names Use these words and casing more consistently across text, comments and one curl tool output: AIX, ALPN, ANSI, BSD, Cygwin, Darwin, FreeBSD, GitHub, HP-UX, Linux, macOS, MS-DOS, MSYS, MinGW, NTLM, POSIX, Solaris, UNIX, Unix, Unicode, WINE, WebDAV, Win32, winbind, WinIDN, Windows, Windows CE, Winsock. Mostly OS names and a few more. Also a couple of other minor text fixups. Closes #14360
show more ...
|
#
2494b8dd |
| 20-Jan-2024 |
Daniel Stenberg |
docs/cmdline: change to .md for cmdline docs - switch all invidual files documenting command line options into .md, as the documentation is now markdown-looking. - made the
docs/cmdline: change to .md for cmdline docs - switch all invidual files documenting command line options into .md, as the documentation is now markdown-looking. - made the parser treat 4-space indents as quotes - switch to building the curl.1 manpage using the "mainpage.idx" file, which lists the files to include to generate it, instead of using the previous page-footer/headers. Also, those files are now also .md ones, using the same format. I gave them underscore prefixes to make them sort separately: _NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md, _VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md, _OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md, _EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md - updated test cases accordingly Closes #12751
show more ...
|