aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2003-06-26 11:40:44 +0000
committerDaniel Stenberg <daniel@haxx.se>2003-06-26 11:40:44 +0000
commit3130b44535232b1bfa87ac9a834bbabdb61e2d04 (patch)
treee7349b181078e90b287972e14bf542d1eaedc6e1 /docs
parenta2bd73334f1ebaed7c6d94c90990a604be496d69 (diff)
added lots, mostly the new auth-related option(s)
Diffstat (limited to 'docs')
-rw-r--r--docs/libcurl/curl_easy_setopt.349
1 files changed, 35 insertions, 14 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 8aefb4ae8..2566ea0f5 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -334,27 +334,47 @@ prompted for it. \fICURLOPT_PASSWDFUNCTION\fP can be used to set your own
prompt function.
.TP
.B CURLOPT_HTTPAUTH
-Pass a long set to one of the curl_httpauth values, to tell libcurl what
-authentication method you want it to use. Set the actual name and password
-with the \fICURLOPT_USERPWD\fP option. (Added in 7.10.6)
+Pass a long as parameter, which is set to a bitmask, to tell libcurl what
+authentication method(s) you want it to use. The available bits are listed
+below. If more than one bit is set, libcurl will first query the site to see
+what authentication methods it supports and then pick the best one you allow
+it to use. Note that for some methods, this will induce an extra network
+round-trip. Set the actual name and password with the \fICURLOPT_USERPWD\fP
+option. (Added in 7.10.6)
.RS
.TP 5
.B CURLHTTP_BASIC
-enables HTTP Basic authentication. This is the default choice, and the only
-method that is in wide-spread use and supported everywhere.
+HTTP Basic authentication. This is the default choice, and the only method
+that is in wide-spread use and supported virtually everywhere. This is sending
+the user name and password over the network in plain text, easily captured by
+others.
.TP
.B CURLHTTP_DIGEST
-enables HTTP Digest authentication. Digest authentication is defined in
-RFC2617 and is a somewhat more secure way to do user+password checking over
-public networks than the regular old-fashioned Basic authentication. By
-default, libcurl uses Basic.
+HTTP Digest authentication. Digest authentication is defined in RFC2617 and
+is a more secure way to do authentication over public networks than the
+regular old-fashioned Basic method.
.TP
-.B CURLHTTP_NEGOTIATE
-enables HTTP Negotiate authentication. The Negotiate method was designed by
+.B CURLHTTP_GSSNEGOTIATE
+HTTP GSS-Negotiate authentication. The GSS-Negotiate method was designed by
Microsoft and is used in their web aplications. It is primarily meant as a
support for Kerberos5 authentication but may be also used along with another
authentication methods. For more information see IETF draft
draft-brezak-spnego-http-04.txt.
+.TP
+.B CURLHTTP_NTLM
+HTTP NTLM authentication. A proprietary protocol invented and used by
+Microsoft. It uses a challenge-response and hash concept similar to Digest to
+prevent the password from being evesdropped.
+.TP
+.B CURLHTTP_ANY
+This is a convenience macro that sets all bits and thus makes libcurl pick any
+it finds suitable. libcurl will automaticly select the one it finds most
+secure.
+.TP
+.B CURLHTTP_ANYSAFE
+This is a convenience macro that sets all bits except Basic and thus makes
+libcurl pick any it finds suitable. libcurl will automaticly select the one it
+finds most secure.
.RE
.PP
.SH HTTP OPTIONS
@@ -644,9 +664,10 @@ want the transfer to start from.
.TP
.B CURLOPT_CUSTOMREQUEST
Pass a pointer to a zero terminated string as parameter. It will be user
-instead of GET or HEAD when doing the HTTP request. This is useful for doing
-DELETE or other more or less obscure HTTP requests. Don't do this at will,
-make sure your server supports the command first.
+instead of GET or HEAD when doing a HTTP request, or instead of LIST or NLST
+when doing an ftp directory listing. This is useful for doing DELETE or other
+more or less obscure HTTP requests. Don't do this at will, make sure your
+server supports the command first.
NOTE: many people have wrongly used this option to replace the entire request
with their own, including multiple headers and POST contents. While that might