summaryrefslogtreecommitdiff
path: root/src/tool_help.c
Commit message (Collapse)AuthorAgeFilesLines
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* curl --expect100-timeout: addedDaniel Stenberg2015-12-151-0/+1
| | | | | This is the new command line option to set the value for the existing libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS
* cookies: Add support for Mozilla's Publix Suffix ListTim Rühsen2015-10-171-0/+3
| | | | | | | | | | | | Use libpsl to check the domain value of Set-Cookie headers (and cookie jar entries) for not being a Publix Suffix. The configure script checks for "libpsl" by default. Disable the check with --without-libpsl. Ref: https://publicsuffix.org/ Ref: https://github.com/publicsuffix/list Ref: https://github.com/rockdaboot/libpsl
* CURLOPT_DEFAULT_PROTOCOL: addedNathaniel Waisbrot2015-08-221-1/+2
| | | | | | | | | | | | | | | - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default protocol for schemeless URLs. - Add new tool option --proto-default to expose CURLOPT_DEFAULT_PROTOCOL. In the case of schemeless URLs libcurl will behave in this way: When the option is used libcurl will use the supplied default. When the option is not used, libcurl will follow its usual plan of guessing from the hostname and falling back to 'http'.
* SSL: Add an option to disable certificate revocation checksJay Satiro2015-07-171-0/+1
| | | | | | | | | | | | | | New tool option --ssl-no-revoke. New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. Currently this option applies only to WinSSL where we have automatic certificate revocation checking by default. According to the ssl-compared chart there are other backends that have automatic checking (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at some later point. Bug: https://github.com/bagder/curl/issues/264 Reported-by: zenden2k <zenden2k@gmail.com>
* SSL: Pinned public key hash supportmoparisthebest2015-07-011-2/+1
|
* tool_help: fix --tlsv1 help text to use >= for TLSv1Lior Kaplan2015-06-211-1/+1
|
* tool: always provide negotiate/kerberos optionsDaniel Stenberg2015-06-181-4/+0
| | | | | libcurl can still be built with it, even if the tool is not. Maintain independence!
* help: Add --proxy-service-name and --service-name to the --help outputLinus Nielsen2015-06-081-0/+4
|
* tool_help: fix formatting for --next optionAlessandro Ghedini2015-05-081-1/+1
|
* tool: New option --data-raw to HTTP POST data, '@' allowed.Anthony Avina2015-04-251-0/+1
| | | | | | | | | | | | Add new option --data-raw which is almost the same as --data but does not have a special interpretation of the @ character. Prior to this change there was no (easy) way to pass the @ character as the first character in POST data without it being interpreted as a special character. Bug: https://github.com/bagder/curl/issues/198 Reported-by: Jens Rantil
* cyassl: Implement public key pinningJay Satiro2015-04-221-1/+1
| | | | Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
* nss: implement public key pinning for NSS backendKamil Dudka2015-04-221-1/+1
| | | | Bug: https://bugzilla.redhat.com/1195771
* CURLOPT_PATH_AS_IS: addedDaniel Stenberg2015-03-241-0/+1
| | | | | | | | --path-as-is is the command line option Added docs in curl.1 and CURLOPT_PATH_AS_IS.3 Added test in test 1241
* curl: add --false-start optionAlessandro Ghedini2015-03-201-0/+1
|
* help: add --cert-status to --help outputDaniel Stenberg2015-01-161-1/+2
|
* code/docs: Use Unix rather than UNIX to avoid use of the trademarkSteve Holme2014-12-261-2/+2
| | | | | Use Unix when generically writing about Unix based systems as UNIX is the trademark and should only be used in a particular product's name.
* tool_help: Use camel case for UNIX sockets feature outputSteve Holme2014-12-251-1/+1
| | | | | In line with the other features listed in the --version output, capitalise the UNIX socket feature.
* tool: add --unix-socket optionPeter Wu2014-12-041-0/+1
| | | | Signed-off-by: Peter Wu <peter@lekensteyn.nl>
* libcurl: add UNIX domain sockets supportPeter Wu2014-12-041-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ability to do HTTP requests over a UNIX domain socket has been requested before, in Apr 2008 [0][1] and Sep 2010 [2]. While a discussion happened, no patch seems to get through. I decided to give it a go since I need to test a nginx HTTP server which listens on a UNIX domain socket. One patch [3] seems to make it possible to use the CURLOPT_OPENSOCKETFUNCTION function to gain a UNIX domain socket. Another person wrote a Go program which can do HTTP over a UNIX socket for Docker[4] which uses a special URL scheme (though the name contains cURL, it has no relation to the cURL library). This patch considers support for UNIX domain sockets at the same level as HTTP proxies / IPv6, it acts as an intermediate socket provider and not as a separate protocol. Since this feature affects network operations, a new feature flag was added ("unix-sockets") with a corresponding CURL_VERSION_UNIX_SOCKETS macro. A new CURLOPT_UNIX_SOCKET_PATH option is added and documented. This option enables UNIX domain sockets support for all requests on the handle (replacing IP sockets and skipping proxies). A new configure option (--enable-unix-sockets) and CMake option (ENABLE_UNIX_SOCKETS) can disable this optional feature. Note that I deliberately did not mark this feature as advanced, this is a feature/component that should easily be available. [0]: http://curl.haxx.se/mail/lib-2008-04/0279.html [1]: http://daniel.haxx.se/blog/2008/04/14/http-over-unix-domain-sockets/ [2]: http://sourceforge.net/p/curl/feature-requests/53/ [3]: http://curl.haxx.se/mail/lib-2008-04/0361.html [4]: https://github.com/Soulou/curl-unix-socket Signed-off-by: Peter Wu <peter@lekensteyn.nl>
* SSL: Add PEM format support for public key pinningmoparisthebest2014-11-241-1/+2
|
* tool: Removed krb4 from the supported featuresSteve Holme2014-11-151-1/+0
| | | | | | Although libcurl would never return CURL_VERSION_KERBEROS4 after 7.33, so would not be output with --version, removed krb4 from the supported features output.
* tool: Use Kerberos for supported featuresMichael Osipov2014-11-151-1/+1
|
* curl_tool: Added krb5 to the supported featuresSteve Holme2014-11-071-0/+1
|
* SSL: implement public key pinningmoparisthebest2014-10-071-0/+1
| | | | | | | | | | | | Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
* help output: minor whitespace editsDaniel Stenberg2014-08-191-4/+5
| | | | | Should've been amended in the previous commit but wasn't due to a mistake.
* help output: use ≥2 spaces between option and descriptionZearin2014-08-191-50/+48
| | | | ... and some other cleanups
* docs: Improve inline GSS-API naming in code documentationMichael Osipov2014-07-231-1/+1
|
* curl.h/features: Deprecate GSS-Negotiate macros due to bad namingMichael Osipov2014-07-231-3/+3
| | | | | | | | - Replace CURLAUTH_GSSNEGOTIATE with CURLAUTH_NEGOTIATE - CURL_VERSION_GSSNEGOTIATE is deprecated which is served by CURL_VERSION_SSPI, CURL_VERSION_GSSAPI and CURUL_VERSION_SPNEGO now. - Remove display of feature 'GSS-Negotiate'
* configure/features: Add feature and version info for GSS-API and SPNEGOMichael Osipov2014-07-231-1/+3
|
* Remove all traces of FBOpenSSL SPNEGO supportDavid Woodhouse2014-07-161-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which allows client and server to negotiate the underlying mechanism which will actually be used to authenticate. This is *often* Kerberos, and can also be NTLM and other things. And to complicate matters, there are various different OIDs which can be used to specify the Kerberos mechanism too. A SPNEGO exchange will identify *which* GSSAPI mechanism is being used, and will exchange GSSAPI tokens which are appropriate for that mechanism. But this SPNEGO implementation just strips the incoming SPNEGO packet and extracts the token, if any. And completely discards the information about *which* mechanism is being used. Then we *assume* it was Kerberos, and feed the token into gss_init_sec_context() with the default mechanism (GSS_S_NO_OID for the mech_type argument). Furthermore... broken as this code is, it was never even *used* for input tokens anyway, because higher layers of curl would just bail out if the server actually said anything *back* to us in the negotiation. We assume that we send a single token to the server, and it accepts it. If the server wants to continue the exchange (as is required for NTLM and for SPNEGO to do anything useful), then curl was broken anyway. So the only bit which actually did anything was the bit in Curl_output_negotiate(), which always generates an *initial* SPNEGO token saying "Hey, I support only the Kerberos mechanism and this is its token". You could have done that by manually just prefixing the Kerberos token with the appropriate bytes, if you weren't going to do any proper SPNEGO handling. There's no need for the FBOpenSSL library at all. The sane way to do SPNEGO is just to *ask* the GSSAPI library to do SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context() is for. And then it should all Just Work™. That 'sane way' will be added in a subsequent patch, as will bug fixes for our failure to handle any exchange other than a single outbound token to the server which results in immediate success.
* tool_help: Fixed missing --login-options optionSteve Holme2014-05-071-2/+2
| | | | | ...and removed ;OPTIONS from --user as that functionality was removed in 7.34.0.
* tool_getparam: Added initial support for --next/-:Steve Holme2014-02-261-0/+2
| | | | | | Added initial support for --next/-: which will be used to replace the rather confusing : command line operation what was used for the URL specific options prototype.
* tool_help: Moved --no-alpn and --no-npn to be listed alphabeticallySteve Holme2014-02-251-2/+2
| | | | | ...and added the HTTP suffix as these options are only used for HTTP2 based connections.
* tool_getparam: Moved version information into separate function in tool_helpSteve Holme2014-02-221-0/+53
|
* tool_operhlp: Consolidated engine output code into tool_helpSteve Holme2014-02-221-2/+12
|
* tool_operate: Moved list engines into separate function in tool_helpSteve Holme2014-02-221-0/+10
|
* NPN/ALPN: allow disabling via command lineFabian Frank2014-02-101-0/+2
| | | | | | | when using --http2 one can now selectively disable NPN or ALPN with --no-alpn and --no-npn. for now honored with NSS only. TODO: honor this option with GnuTLS and OpenSSL
* --help: add missing --tlsv1.x optionsDaniel Stenberg2014-02-071-1/+4
|
* http2: call it "HTTP 2" and not 2.0Daniel Stenberg2014-01-301-2/+2
| | | | | The minor version will be dropped for HTTP 2 so it will make sense to avoid using it in option names etc.
* tool_help: Updated --list-only description to include POP3Steve Holme2013-11-031-1/+1
|
* tool_help: Added login options to --user descriptionSteve Holme2013-10-261-1/+2
|
* tool_help: Added clarity to the --oauth2-bearer optionSteve Holme2013-10-261-1/+1
| | | | | ...as XOAUTH2 is the extended (or non-standard) SASL identifier and OAuth 2 is the protocol name (and version).
* curl: fix --oauth2-bearer in the --help outputDaniel Stenberg2013-10-131-1/+1
| | | | After the option rename in 5df04bfafd1
* pop3: Added basic SASL XOAUTH2 supportSteve Holme2013-09-201-1/+1
| | | | | | | | | | | Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for authentication using RFC6749 "OAuth 2.0 Authorization Framework". The bearer token is expected to be valid for the user specified in conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has an advertised auth mechanism of "XOAUTH2", the user and access token are formatted as a base64 encoded string and sent to the server as "AUTH XOAUTH2 <bearer token>".
* curl: Added clarification to the --mail options in the --help outputSteve Holme2013-09-201-3/+3
| | | | ... that these options apply to SMTP only.
* curl: Add support for various DNS binding options.Ben Greear2013-09-121-1/+4
| | | | | | | | | | | (Passed on to c-ares.) Allows something like this: curl --dns-interface sta8 --dns-ipv4-addr 8.8.1.111 --interface sta8 \ --localaddr 8.8.1.111 --dns-servers 8.8.8.1 www.google.com Signed-off-by: Ben Greear <greearb@candelatech.com>
* curl: add --http1.1 and --http2.0 optionsDaniel Stenberg2013-09-041-0/+2
|
* curl: added --bearer option to helpKyle L. Huff2013-08-261-0/+1
| | | | Added the --bearer option to the help output
* --help: fix the --sasl-ir in the help outputDaniel Stenberg2013-08-141-1/+1
|