| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this change, the argument passed to the CURLOPT_FOLLOWLOCATION
option is treated as a bitmask instead of just a long. If the new
CURLFOLLOW_NO_CUSTOMMETHOD bit is set in the bitmask, it means that
libcurl will NOT allow a custom method override the HTTP request method
after a redirect is followed. As is otherwise the default behavior (that
surprises many users).
This change is forward compatible because CURLOPT_FOLLOWLOCATION has
been documented to accept the exact value of '1' to enable redirect
following and therefore the other bits were left unused and
undefined. We now add value to another bit. Starting in 7.66.0, the
value 1 and the first bit still enables plain redirect following but the
second bit adds more meaning.
This change is backward compatible in the following way: setting the
CURLFOLLOW_NO_CUSTOMMETHOD bit in a program that still uses an older
libcurl installation at run-tim will have no effect. This is because
older libcurl code checked if the value was non-zero and then enabled
redirect following. Of course older libcurl will always let the set
CURLOPT_CUSTOMMETHOD string override the method, disregarding what the
HTTP response code suggests.
Test 1589 added to verify the functionality.
Closes #8130
|
|
|
|
|
|
| |
... to not call libcurl recursively back.
Closes #8286
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Increase the buffer length passed to mbedtls_x509_crt_parse to account
for the null byte appended to the temporary blob.
Follow-up to 867ad1c which uses a null terminated copy of the
certificate blob, because mbedtls_x509_crt_parse requires PEM data
to be null terminated.
Ref: https://github.com/curl/curl/commit/867ad1c#r63439893
Ref: https://github.com/curl/curl/pull/8146
Closes https://github.com/curl/curl/pull/8260
|
|
|
|
|
|
|
|
|
|
|
| |
1. The callback is better described in the option for setting it. Having
it in a single place reduces the risk that one of them is wrong.
2. The "typical usage" is wrong since the functions described in this
man page are both deprecated so they cannot be used in any "typical" way
anymore.
Closes #8262
|
|
|
|
|
|
|
|
|
|
|
| |
As credentials can be quite different depending on the mechanism used,
there are no default mechanisms for LDAP and simple bind with a DN is
then used.
The caller has to provide mechanism(s) using CURLOPT_LOGIN_OPTIONS to
enable SASL authentication and disable simple bind.
Closes #8152
|
|
|
|
|
|
|
|
| |
83cc966 changed documentation from using http to https. However,
CURLOPT_RESOLVE being set to port 80 in the documentation means that it
isn't valid for the new URL. Update to 443.
Closes https://github.com/curl/curl/pull/8258
|
|
|
|
|
|
|
|
|
| |
Mesalink has ceased development. We can no longer encourage use of it.
It seems to be continued under the name TabbySSL, but no attempts have
(yet) been to make curl support it.
Fixes #8188
Closes #8191
|
|
|
|
|
|
|
|
| |
For consistency, use the same return code for URL malformats,
independently of what scheme that is used. Previously this would return
CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned.
Closes #8170
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for `CURLOPT_CAINFO_BLOB` `CURLOPT_PROXY_CAINFO_BLOB` to the
rustls TLS backend. Multiple certificates in a single PEM string are
supported just like OpenSSL does with this option.
This is compatible at least with rustls-ffi 0.8+ which is our new
minimum version anyway.
I was able to build and run this on Windows, pulling trusted certs from
the system and then add them to rustls by setting
`CURLOPT_CAINFO_BLOB`. Handy!
Closes #8255
|
|
|
|
|
|
|
|
| |
Add test 380 and 381 to verify, edited test 133
Reported-by: Manfred Schwarb
Fixes #8241
Closes #8243
|
| |
|
|
|
|
| |
Closes #8228
|
| |
|
| |
|
|
|
|
| |
Since 4a4b63daaa0
|
|
|
|
|
|
| |
Missed three occurrences.
Follow-up to 7a92f86
|
|
|
|
|
|
| |
Consistency is king. Following the lead in everything curl.
Closes #8159
|
|
|
|
|
|
|
| |
The new CURLOPT_PREREQFUNCTION callback is another way to sanitize
addresses.
Using the curl_url API is a way to mitigate against attacks relying on
URL parsing differences.
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Early check proper LDAP URL syntax. Reject URLs with a userinfo part.
- Use dynamic memory for ldap_init_fd() URL rather than a
stack-allocated buffer.
- Never chase referrals: supporting it would require additional parallel
connections and alternate authentication credentials.
- Do not wait 1 microsecond while polling/reading query response data.
- Store last received server code for retrieval with CURLINFO_RESPONSE_CODE.
Closes #8140
|
|
|
|
| |
Closes #8124
|
|
|
|
|
|
| |
Repairs test 1140
Follow-up to 436cdf82041
|
|
|
|
|
|
|
|
| |
An error returned from one of these funtions mean that ALL still ongoing
transfers are to be considered failed.
Ref: #8114
Closes #8120
|
|
|
|
|
|
| |
Follow-up to #8089 (2b3dd01)
Closes #8116
|
|
|
|
|
|
|
|
|
|
| |
Minor rephrasing for some explanations.
Put the format strings in stand-alone lines with .nf/.fi to be easier to spot.
Move "added in" to AVAILABILITY
Closed #8110
|
|
|
|
|
|
|
|
|
|
| |
This is the exact same limitation already documented for
CURLOPT_WRITEDATA but should be clarified here. It also has a different
work-around.
Reported-by: Stephane Pellegrino
Bug: https://github.com/curl/curl/issues/8102
Closes #8103
|
|
|
|
|
|
|
|
|
|
|
|
| |
The callbacks were partially documented to support this. Now the
behavior is documented and returning error from either of these
callbacks will effectively kill all currently ongoing transfers.
Added test 530 to verify
Reported-by: Marcelo Juchem
Fixes #8083
Closes #8089
|
|
|
|
|
|
|
| |
As this introduces use of CURLOPT_USE_SSL option for LDAP, also check
this option in ldap.c as it is not supported by this backend.
Closes #8065
|
|
|
|
| |
Closes #8097
|
|
|
|
| |
Closes #8097
|
|
|
|
| |
Since we say it is a non-repating timer
|
|
|
|
| |
Closes #8071
|
|
|
|
|
|
|
|
|
|
| |
Make all libcurl related options use .nf (no fill) for the SYNOPSIS
section - for consistent look. roffit then renders that section using
<pre> (monospace font) in html for the website.
Extended manpage-syntax (test 1173) with a basic check for it.
Closes #8062
|
|
|
|
|
|
|
|
|
| |
- avoid exclamation marks
- use consistent number of spaces after periods: one
- avoid clichés
- avoid using 'very'
Closes #8060
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the return code CURLUE_MALFORMED_INPUT was used for almost
30 different URL format violations. This made it hard for users to
understand why a particular URL was not acceptable. Since the API cannot
point out a specific position within the URL for the problem, this now
instead introduces a number of additional and more fine-grained error
codes to allow the API to return more exactly in what "part" or section
of the URL a problem was detected.
Also bug-fixes curl_url_get() with CURLUPART_ZONEID, which previously
returned CURLUE_OK even if no zoneid existed.
Test cases in 1560 have been adjusted and extended. Tests 1538 and 1559
have been updated.
Updated libcurl-errors.3 and curl_url_strerror() accordingly.
Closes #8049
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instad of having all callers pass in the maximum length, always use
it. The passed in length is instead used only as the length of the
target buffer for to storing the scheme name in, if used.
Added the scheme max length restriction to the curl_url_set.3 man page.
Follow-up to 45bcb2eaa78c79
Closes #8047
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, form field and file names where escaped using the
backslash-escaping algorithm defined for multipart mails. This commit
replaces this with the percent-escaping method for URLs.
As this may introduce incompatibilities with server-side applications, a
new libcurl option CURLOPT_MIME_OPTIONS with bitmask
CURLMIMEOPT_FORMESCAPE is introduced to revert to legacy use of
backslash-escaping. This is controlled by new cli tool option
--form-escape.
New tests and documentation are provided for this feature.
Reported by: Ryan Sleevi
Fixes #7789
Closes #7805
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CURLSHOPT_LOCKFUNC.3
CURLSHOPT_SHARE.3
CURLSHOPT_UNLOCKFUNC.3
CURLSHOPT_UNSHARE.3
CURLSHOPT_USERDATA.3
Closes #7998
|
|
|
|
|
|
|
|
|
| |
Easy handles that are used by the multi interface should be removed from
the multi handle before they are cleaned up.
Reported-by: Stephen M. Coakley
Ref: #7982
Closes #7983
|
|
|
|
| |
Closes #7975
|
|
|
|
|
|
| |
Reported-by: Godwin Stewart
Fixes #7973
Closes #7974
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
You're => You are
Hasn't => Has not
Doesn't => Does not
Don't => Do not
You'll => You will
etc
Closes #7930
|
|
|
|
|
|
|
|
|
|
|
| |
... to be proper backslash-backslash-n sequences to render nicely in man
and on website.
Follow-up to 24155569d8a
Reported-by: Sergey Markelov
Fixes https://github.com/curl/curl-www/issues/163
Closes #7962
|
|
|
|
|
|
| |
Ref: https://github.com/curl/curl/discussions/7954
Closes #7957
|
|
|
|
|
|
|
| |
"Very" should be avoided in most texts. If intensifiers are needed, try
find better words instead.
Closes #7936
|
|
|
|
|
|
|
|
|
|
|
| |
Bold the example ciphers instead of using single quotes, which then also
avoids the problem of how to use single quotes when first in a line.
Also rephrased the pages a little.
Reported-by: Sergio Durigan Junior
Ref: #7928
Closes #7934
|
|
|
|
| |
Closes #7923
|
|
|
|
| |
Closes #7913
|
|
|
|
| |
Closes #7910
|