delta/curl.git/src/tool_cfgable.h, branch bagder/https-proxyu-req-http github.com: bagder/curl.git tool: update --help with categories 2020-09-04T13:38:20+00:00 Emil Engler me@emilengler.com 2020-09-02T18:11:20+00:00 aa8777f63febca6a13f6b86e141a832232560037 This commit is a part of "--help me if you can" Closes #5680 
This commit is a part of "--help me if you can"

Closes #5680
tls: add CURLOPT_SSL_EC_CURVES and --curves 2020-08-30T15:24:04+00:00 Michael Baentsch 57787676+baentsch@users.noreply.github.com 2020-08-29T12:09:24+00:00 ede125b7b7ca8fc5a1fe3d7c1aee6bff2ea0bf24 Closes #5892 
Closes #5892
curl: add --output-dir 2020-08-24T20:41:37+00:00 Daniel Stenberg daniel@haxx.se 2020-08-24T06:31:36+00:00 5620d2cc78c018f6ae15ba9aab371aa388146df0 Works with --create-dirs and with -J Add test 3008, 3009, 3011, 3012 and 3013 to verify. Closes #5637 
Works with --create-dirs and with -J

Add test 3008, 3009, 3011, 3012 and 3013 to verify.

Closes #5637
source cleanup: remove all custom typedef structs 2020-05-15T06:54:42+00:00 Daniel Stenberg daniel@haxx.se 2020-05-13T22:05:04+00:00 8df455479f8801bbebad8839fc96abbffa711603 - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338 
 - Stick to a single unified way to use structs
 - Make checksrc complain on 'typedef struct {'
 - Allow them in tests, public headers and examples

 - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
   typedef different types/structs depending on build conditions.

Closes #5338
tool: Add option --retry-all-errors to retry on any error 2020-05-12T07:00:15+00:00 Jay Satiro raysatiro@yahoo.com 2020-04-04T20:16:18+00:00 b995bb58cbd976280b132ee2148376fadd071063 The "sledgehammer" of retrying. Closes https://github.com/curl/curl/pull/5185 
The "sledgehammer" of retrying.

Closes https://github.com/curl/curl/pull/5185
CURLOPT_SSL_OPTIONS: add *_NATIVE_CA to use Windows CA store (with openssl) 2020-05-08T13:55:04+00:00 Gilles Vollant info@winimage.com 2019-09-13T09:24:00+00:00 148534db57dda611cf8516e92e4d6e35fc1e5074 Closes #4346 
Closes #4346
schannel: add "best effort" revocation check option 2020-03-18T07:23:39+00:00 Johannes Schindelin johannes.schindelin@gmx.de 2020-02-26T10:24:26+00:00 54504284918a4ba19bc7b1efb486a64629d376aa - Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and --ssl-revoke-best-effort to allow a "best effort" revocation check. A best effort revocation check ignores errors that the revocation check was unable to take place. The reasoning is described in detail below and discussed further in the PR. --- When running e.g. with Fiddler, the schannel backend fails with an unhelpful error message: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. Sadly, many enterprise users who are stuck behind MITM proxies suffer the very same problem. This has been discussed in plenty of issues: https://github.com/curl/curl/issues/3727, https://github.com/curl/curl/issues/264, for example. In the latter, a Microsoft Edge developer even made the case that the common behavior is to ignore issues when a certificate has no recorded distribution point for revocation lists, or when the server is offline. This is also known as "best effort" strategy and addresses the Fiddler issue. Unfortunately, this strategy was not chosen as the default for schannel (and is therefore a backend-specific behavior: OpenSSL seems to happily ignore the offline servers and missing distribution points). To maintain backward-compatibility, we therefore add a new flag (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option (`--ssl-revoke-best-effort`) to select the new behavior. Due to the many related issues Git for Windows and GitHub Desktop, the plan is to make this behavior the default in these software packages. The test 2070 was added to verify this behavior, adapted from 310. Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com> Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Closes https://github.com/curl/curl/pull/4981 
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
  --ssl-revoke-best-effort to allow a "best effort" revocation check.

A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.

---

When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:

	Unknown error (0x80092012) - The revocation function was unable
	to check revocation for the certificate.

Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.

This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.

In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.

Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).

To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.

Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.

The test 2070 was added to verify this behavior, adapted from 310.

Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Closes https://github.com/curl/curl/pull/4981
smtp: Allow RCPT TO command to fail for some recipients 2020-01-21T09:40:19+00:00 Pavel Volgarev pvolgarev@google.com 2020-01-14T22:22:38+00:00 4a4609bf3c812afc65f700b4b7e673cc76ade1bf Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS. Verified with the new tests 3002-3007 Closes #4816 
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
curl: two new command line options for etags 2019-11-28T12:05:20+00:00 Maros Priputen maros.priputen@student.tuke.sk 2019-10-30T08:43:14+00:00 18e5cb77e986911063da8ab6bf254d632b2de6ea --etag-compare and --etag-save Suggested-by: Paul Hoffman Fixes #4277 Closes #4543 
--etag-compare and --etag-save

Suggested-by: Paul Hoffman
Fixes #4277
Closes #4543
curl: add --parallel-immediate 2019-11-21T15:36:10+00:00 Daniel Stenberg daniel@haxx.se 2019-10-17T08:05:53+00:00 215baa74f709cd5026ea037eb9204cee93baa1bb Starting with this change when doing parallel transfers, without this option set, curl will prefer to create new transfers multiplexed on an existing connection rather than creating a brand new one. --parallel-immediate can be set to tell curl to prefer to use new connections rather than to wait and try to multiplex. libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default on parallel transfers. Suggested-by: Tom van der Woerdt Closes #4500 
Starting with this change when doing parallel transfers, without this
option set, curl will prefer to create new transfers multiplexed on an
existing connection rather than creating a brand new one.

--parallel-immediate can be set to tell curl to prefer to use new
connections rather than to wait and try to multiplex.

libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default
on parallel transfers.

Suggested-by: Tom van der Woerdt
Closes #4500