#
40948189 |
| 14-Mar-2024 |
Daniel Stenberg |
curl: make --libcurl output better CURLOPT_*SSLVERSION The option is really two enums ORed together, so it needs special attention to make the code output nice. Added test 1481
curl: make --libcurl output better CURLOPT_*SSLVERSION The option is really two enums ORed together, so it needs special attention to make the code output nice. Added test 1481 to verify. Both the server and the proxy versions. Reported-by: Boris Verkhovskiy Fixes #13127 Closes #13129
show more ...
|
#
f0f421b4 |
| 25-Sep-2023 |
Dan Fandrich |
tool_setopt: remove unused function tool_setopt_flags This function is identical to tool_setopt_bitmask except that it treats the argument as unsigned. Closes #11943
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
dd2a0243 |
| 15-Sep-2022 |
Patrick Monnerat |
cli tool: do not use disabled protocols As they are now rejected by the library, take care of not passing disabled protocol names to CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS
cli tool: do not use disabled protocols As they are now rejected by the library, take care of not passing disabled protocol names to CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR. Rather than using the CURLPROTO_* constants, dynamically assign protocol numbers based on the order they are listed by curl_version_info(). New type proto_set_t implements prototype bit masks: it should therefore be large enough to accomodate all library-enabled protocols. If not, protocol numbers beyond the bit count of proto_set_t are recognized but "inaccessible": when used, a warning is displayed and the value is ignored. Should proto_set_t overflows, enabled protocols are reordered to force those having a public CURLPROTO_* representation to be accessible. Code has been added to subordinate RTMP?* protocols to the presence of RTMP in the enabled protocol list, being returned by curl_version_info() or not.
show more ...
|
#
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
show more ...
|
#
95e8515c |
| 09-Mar-2022 |
Daniel Stenberg |
curl: error out when options need features not present in libcurl Trying to use a proxy when libcurl was built with proxy support disabled should make curl error out properly. R
curl: error out when options need features not present in libcurl Trying to use a proxy when libcurl was built with proxy support disabled should make curl error out properly. Remove knowledge of disabled features from the tool code and instead make it properly respond to what libcurl returns. Update all tests to properly require the necessary features to be present/absent so that the test suite can still be run even with libcurl builds with disabled features. Ref: https://curl.se/mail/archive-2022-03/0013.html Closes #8565
show more ...
|
#
82d33400 |
| 20-May-2021 |
Daniel Stenberg |
copyright: update copyright year ranges to 2021
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
#
54e74750 |
| 27-Feb-2021 |
Jay Satiro |
schannel: Disable auto credentials; add an option to enable it - Disable auto credentials by default. This is a breaking change for clients that are using it, wittingly or not.
schannel: Disable auto credentials; add an option to enable it - Disable auto credentials by default. This is a breaking change for clients that are using it, wittingly or not. - New libcurl ssl option value CURLSSLOPT_AUTO_CLIENT_CERT tells libcurl to automatically locate and use a client certificate for authentication, when requested by the server. - New curl tool options --ssl-auto-client-cert and --proxy-ssl-auto-client-cert map to CURLSSLOPT_AUTO_CLIENT_CERT. This option is only supported for Schannel (the native Windows SSL library). Prior to this change Schannel would, with no notification to the client, attempt to locate a client certificate and send it to the server, when requested by the server. Since the server can request any certificate that supports client authentication in the OS certificate store it could be a privacy violation and unexpected. Fixes https://github.com/curl/curl/issues/2262 Reported-by: Jeroen Ooms Assisted-by: Wes Hinsley Assisted-by: Rich FitzJohn Ref: https://curl.se/mail/lib-2021-02/0066.html Reported-by: Morten Minde Neergaard Closes https://github.com/curl/curl/pull/6673
show more ...
|
Revision tags: curl-7_75_0, curl-7_74_0 |
|
#
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home Closes #6172
|
#
7385610d |
| 02-Nov-2020 |
Daniel Stenberg |
hsts: add support for Strict-Transport-Security - enable in the build (configure) - header parsing - host name lookup - unit tests for the above - CI build - CURL_VERSION
hsts: add support for Strict-Transport-Security - enable in the build (configure) - header parsing - host name lookup - unit tests for the above - CI build - CURL_VERSION_HSTS bit - curl_version_info support - curl -V output - curl-config --features - CURLOPT_HSTS_CTRL - man page for CURLOPT_HSTS_CTRL - curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl) - man page for --hsts - save cache to disk - load cache from disk - CURLOPT_HSTS - man page for CURLOPT_HSTS - added docs/HSTS.md - fixed --version docs - adjusted curl_easy_duphandle Closes #5896
show more ...
|
Revision tags: curl-7_73_0 |
|
#
3997b3e2 |
| 01-Oct-2020 |
Daniel Stenberg |
curl: make --libcurl show binary posts correctly Reported-by: Stephan Mühlstrasser Fixes #6031 Closes #6032
|
Revision tags: tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0 |
|
#
8df45547 |
| 13-May-2020 |
Daniel Stenberg |
source cleanup: remove all custom typedef structs - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public heade
source cleanup: remove all custom typedef structs - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
show more ...
|
Revision tags: curl-7_70_0, curl-7_69_1, curl-7_69_0, curl-7_68_0 |
|
#
9c1806ae |
| 30-Nov-2019 |
Jay Satiro |
build: Disable Visual Studio warning "conditional expression is constant" - Disable warning C4127 "conditional expression is constant" globally in curl_setup.h for when building with M
build: Disable Visual Studio warning "conditional expression is constant" - Disable warning C4127 "conditional expression is constant" globally in curl_setup.h for when building with Microsoft's compiler. This mainly affects building with the Visual Studio project files found in the projects dir. Prior to this change the cmake and winbuild build systems already disabled 4127 globally for when building with Microsoft's compiler. Also, 4127 was already disabled for all build systems in the limited circumstance of the WHILE_FALSE macro which disabled the warning specifically for while(0). This commit removes the WHILE_FALSE macro and all other cruft in favor of disabling globally in curl_setup. Background: We have various macros that cause 0 or 1 to be evaluated, which would cause warning C4127 in Visual Studio. For example this causes it: #define Curl_resolver_asynch() 1 Full behavior is not clearly defined and inconsistent across versions. However it is documented that since VS 2015 Update 3 Microsoft has addressed this somewhat but not entirely, not warning on while(true) for example. Prior to this change some C4127 warnings occurred when I built with Visual Studio using the generated projects in the projects dir. Closes https://github.com/curl/curl/pull/4658
show more ...
|
Revision tags: curl-7_67_0 |
|
#
e59371a4 |
| 23-Sep-2019 |
Daniel Stenberg |
curl: create easy handles on-demand and not ahead of time This should again enable crazy-large download ranges of the style [1-10000000] that otherwise easily ran out of memory starting
curl: create easy handles on-demand and not ahead of time This should again enable crazy-large download ranges of the style [1-10000000] that otherwise easily ran out of memory starting in 7.66.0 when this new handle allocating scheme was introduced. Reported-by: Peter Sumatra Fixes #4393 Closes #4438
show more ...
|
Revision tags: curl-7_66_0, curl-7_65_3, curl-7_65_2 |
|
#
b9e0c6d2 |
| 18-Jun-2019 |
Daniel Stenberg |
curl: improved skip-setopt-options when built with disabled features Reduces #ifdefs in src/tool_operate.c Follow-up from 4e86f2fc4e6 Closes #3936
|
Revision tags: curl-7_65_1 |
|
#
4e86f2fc |
| 22-May-2019 |
Daniel Stenberg |
tool_setopt: for builds with disabled-proxy, skip all proxy setopts() Reported-by: Marcel Raad Fixes #3926 Closes #3929
|
Revision tags: curl-7_65_0, curl-7_64_1 |
|
#
e49e5eaa |
| 19-Feb-2019 |
Patrick Monnerat |
cli tool: fix mime post with --disable-libcurl-option configure option Reported-by: Marcel Raad Fixes #3576 Closes #3583
|
#
cac0e4a6 |
| 11-Feb-2019 |
Patrick Monnerat |
cli tool: do not use mime.h private structures. Option -F generates an intermediate representation of the mime structure that is used later to create the libcurl mime structure and gener
cli tool: do not use mime.h private structures. Option -F generates an intermediate representation of the mime structure that is used later to create the libcurl mime structure and generate the --libcurl statements. Reported-by: Daniel Stenberg Fixes #3532 Closes #3546
show more ...
|
Revision tags: curl-7_64_0, curl-7_63_0, curl-7_62_0, curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0 |
|
#
fec7a858 |
| 02-Sep-2017 |
Patrick Monnerat |
mime: use in curl cli tool instead of form API. Extended -F option syntax to support multipart mail messages. -F keyword headers= added to include custom headers in parts. Documentat
mime: use in curl cli tool instead of form API. Extended -F option syntax to support multipart mail messages. -F keyword headers= added to include custom headers in parts. Documentation upgraded.
show more ...
|
Revision tags: curl-7_55_1, curl-7_55_0, curl-7_54_1 |
|
#
ce2c3ebd |
| 19-May-2017 |
Kamil Dudka |
curl --socks5-{basic,gssapi}: control socks5 auth Closes https://github.com/curl/curl/pull/1454
|
Revision tags: curl-7_54_0, curl-7_53_1, curl-7_53_0 |
|
#
a49d2d0e |
| 01-Feb-2017 |
Jay Satiro |
OS400: Fix symbols - s/CURLOPT_SOCKS_PROXY/CURLOPT_PRE_PROXY Follow-up to 7907a2b and 845522c. - Fix incorrect id for CURLOPT_PROXY_PINNEDPUBLICKEY. - Add id for CURL
OS400: Fix symbols - s/CURLOPT_SOCKS_PROXY/CURLOPT_PRE_PROXY Follow-up to 7907a2b and 845522c. - Fix incorrect id for CURLOPT_PROXY_PINNEDPUBLICKEY. - Add id for CURLOPT_ABSTRACT_UNIX_SOCKET. Bug: https://github.com/curl/curl/issues/1237 Reported-by: jonrumsey@users.noreply.github.com
show more ...
|
Revision tags: curl-7_52_1, curl-7_52_0 |
|
#
cb4e2be7 |
| 16-Nov-2016 |
Alex Rousskov |
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is est
proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
show more ...
|
Revision tags: curl-7_51_0, curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0, curl-7_49_1, curl-7_49_0, curl-7_48_0, curl-7_47_1 |
|
#
4af40b36 |
| 02-Feb-2016 |
Daniel Stenberg |
URLs: change all http:// URLs to https://
|
Revision tags: curl-7_47_0, curl-7_46_0, curl-7_45_0, curl-7_44_0 |
|
#
172b2beb |
| 17-Jul-2015 |
Jay Satiro |
SSL: Add an option to disable certificate revocation checks New tool option --ssl-no-revoke. New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. Currently this option applie
SSL: Add an option to disable certificate revocation checks New tool option --ssl-no-revoke. New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. Currently this option applies only to WinSSL where we have automatic certificate revocation checking by default. According to the ssl-compared chart there are other backends that have automatic checking (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at some later point. Bug: https://github.com/bagder/curl/issues/264 Reported-by: zenden2k <zenden2k@gmail.com>
show more ...
|
Revision tags: curl-7_43_0, curl-7_42_1, curl-7_42_0, curl-7_41_0, curl-7_40_0 |
|
#
088b9b2a |
| 16-Dec-2014 |
Daniel Stenberg |
tool_operate: we prefer 'CURLcode result'
|