| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
USE_TLS_SRP will be true if *any* selected TLS backend can use SRP
HAVE_OPENSSL_SRP is defined when OpenSSL can use it
HAVE_GNUTLS_SRP is defined when GnuTLS can use it
Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
set if at least one of the supported backends offers SRP.
Reported-by: Stefan Strogin
Fixes #5865
Closes #5870
|
|
|
|
|
|
|
|
| |
As reported by man(1) when invoked as:
man --warnings -E UTF-8 -l -Tutf8 -Z <file> >/dev/null
Closes #5846
|
|
|
|
| |
Follow-up to 6ebe63fac23f38
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
const struct curl_easyoption *curl_easy_option_by_name(const char *name);
const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);
const struct curl_easyoption *
curl_easy_option_next(const struct curl_easyoption *prev);
The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.
Assisted-by: Jeroen Ooms
Closes #5365
|
|
|
|
|
|
| |
Replace the old fingerprint of the host with a new.
Closes #5685
|
|
|
|
| |
Closes #5810
|
|
|
|
|
|
|
|
|
|
|
|
| |
Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.
In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.
Closes #5770
|
|
|
|
|
|
|
|
|
| |
Also: the current behavior is now documented in the curl.1 and
CURLOPT_NOPROXY.3 man pages.
Reported-by: Andrew Barnes
Closes #5745
Closes #5841
|
|
|
|
|
|
|
|
|
| |
... in particular what happens if the maximum speed limit is set to a
value that's smaller than the transfer buffer size in use.
Reported-by: Tomas Berger
Fixes #5788
Closes #5813
|
| |
|
|
|
|
|
| |
Closes #4915
Closes #5802
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The CMake option is now called CMAKE_USE_SCHANNEL
The winbuild flag is USE_SCHANNEL
The CI jobs and build scripts only use the new names and the new name
options
Tests now require 'Schannel' (when necessary)
Closes #5795
|
|
|
|
|
|
|
|
| |
it helps make it obvious that most developers don't have to care about
the CURLM_CALL_MULTI_PERFORM value (last release using it is nearly 11
years old, November 4 2009)
Closes #5744
|
|
|
|
|
|
| |
As test 1140 fails otherwise!
Follow-up to e1bac81cc815
|
|
|
|
|
|
|
| |
... and mention that HTTP with other methods than HEAD might get a body and
there's no option available to stop that.
Closes #5729
|
|
|
|
|
|
|
|
|
| |
Commit 76a9c3c4be10b3d4d379d5b23ca76806bbae536a renamed DarwinSSL to the
more correct/common name Secure Transport, but a few mentions in the docs
remained.
Closes #5688
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
|
|
|
| |
... by adding support for a new dedicated return code.
Suggested-by: Jonathan Cardoso
Assisted-by: Erik Johansson
URL: https://curl.haxx.se/mail/lib-2020-06/0099.html
Closes #5636
|
|
|
|
|
|
|
| |
Provide the HTTP method that was used on the latest request, which might
be relevant for users when there was one or more redirects involved.
Closes #5511
|
|
|
|
|
|
|
| |
Reviewed-by: Marcel Raad
Reviewed-by: Marc Hörsken
Closes #5491
|
|
|
|
|
|
|
|
|
| |
include zstd curl patch for Makefile.m32 from vszakats
and include Add CMake support for zstd from Peter Wu
Helped-by: Viktor Szakats
Helped-by: Peter Wu
Closes #5453
|
|
|
|
| |
Closes https://github.com/curl/curl/pull/5655
|
|
|
|
|
|
|
| |
This came up in #5640. It make sense to clarify this in the docs!
Reminded-by: Kamil Dudka
Closes #5642
|
|
|
|
|
|
|
|
|
|
|
| |
Updated terminology in docs, comments and phrases to refer to C strings
as "null-terminated". Done to unify with how most other C oriented docs
refer of them and what users in general seem to prefer (based on a
single highly unscientific poll on twitter).
Reported-by: coinhubs on github
Fixes #5598
Closes #5608
|
|
|
|
|
| |
Assisted-by: Jay Satiro
Closes #5607
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the behavior of CURLSSLOPT_NATIVE_CA so that it does
not override CURLOPT_CAINFO / CURLOPT_CAPATH, or the hardcoded default
locations. Instead the CA store can now be used at the same time.
The change is due to the impending release. The issue is still being
discussed. The behavior of CURLSSLOPT_NATIVE_CA is subject to change and
is now documented as experimental.
Ref: bc052cc (parent commit)
Ref: https://github.com/curl/curl/issues/5585
|
|
|
|
| |
Closes #5562
|
|
|
|
|
|
|
|
| |
Instead of discussing if there's value or meaning (implied or not) in
the colors, let's use words without the same possibly negative
associations.
Closes #5546
|
|
|
|
|
|
| |
Reported-by: Jay Satiro
Fixes #5299
Closes #5520
|
|
|
|
| |
Closes #5431
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces a generic way to provide binary data in setopt
options, called BLOBs.
This change introduces these new setopts:
CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.
Reviewed-by: Daniel Stenberg
Closes #5357
|
|
|
|
|
|
|
|
| |
... to avoid an OpenSSL bug that otherwise makes the CRL check to fail.
Reported-by: Michael Kaufmann
Fixes #5374
Closes #5376
|
|
|
|
| |
Closes #4346
|
|
|
|
| |
Closes #5320
|
|
|
|
| |
Closes #5287
|
| |
|
|
|
|
| |
Closes #5285
|
|
|
|
| |
Closes #5173
|
|
|
|
| |
Closes #5192
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In libcurl, CURLINFO_CONDITION_UNMET is used to avoid writing to the
output file if the server did not transfered a file based on time
condition. In the same manner, getting a 304 HTTP response back from the
server, for example after passing a custom If-Match-* header, also
fulfill this condition.
Fixes #5181
Closes #5183
|
|
|
|
|
|
| |
Considered experimental and therefore we can do this.
Closes #5157
|
|
|
|
|
|
|
|
| |
Suggested-by: Timothe Litt
URL: https://curl.haxx.se/mail/lib-2020-03/0090.html
Reviewed-by: Jay Satiro
Closes #5150
|
|
|
|
|
|
|
|
|
| |
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.
Removed three (mostly usesless) README files from docs/
Closes #5141
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
--ssl-revoke-best-effort to allow a "best effort" revocation check.
A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.
---
When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:
Unknown error (0x80092012) - The revocation function was unable
to check revocation for the certificate.
Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.
This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.
In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.
Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).
To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.
Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.
The test 2070 was added to verify this behavior, adapted from 310.
Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes https://github.com/curl/curl/pull/4981
|
|
|
|
|
|
|
|
|
| |
- If an easy handle is owned by a multi different from the one specified
then return CURLM_BAD_EASY_HANDLE.
Prior to this change I assume user error could cause corruption.
Closes https://github.com/curl/curl/pull/5116
|
|
|
|
|
|
|
|
| |
- --url man page section
- libcurl-security.3 gets the full text
- CURLOPT_URL.3
Reported-by: Tim Sedlmeyer
|
|
|
|
|
|
|
|
|
|
| |
Follow-up to d0a7ee3 which fixed a bug in 7.66.0 that caused
CURL_LOCK_DATA_COOKIE to enable the easy handle's cookie engine.
Bug: https://curl.haxx.se/mail/lib-2020-03/0019.html
Reported-by: Felipe Gasper
Closes https://github.com/curl/curl/pull/5048
|
|
|
|
|
|
| |
Assisted-by: Jay Satiro
Follow-up to 6357a19ff29dac04
Closes #5036
|
|
|
|
| |
Ref: https://github.com/curl/curl/pull/5016#issuecomment-593628582
|
|
|
|
|
|
|
|
|
|
|
| |
- Tell the user to call curl_free() to free the pointer returned by
curl_getenv().
Prior to this change the user was directed to call free(), but that
would not work in cases where the library and application use separate C
runtimes and therefore have separate heap memory management.
Closes https://github.com/curl/curl/pull/5016
|