diff options
author | Daniel Stenberg <daniel@haxx.se> | 2003-06-26 11:40:44 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2003-06-26 11:40:44 +0000 |
commit | 3130b44535232b1bfa87ac9a834bbabdb61e2d04 (patch) | |
tree | e7349b181078e90b287972e14bf542d1eaedc6e1 /docs | |
parent | a2bd73334f1ebaed7c6d94c90990a604be496d69 (diff) |
added lots, mostly the new auth-related option(s)
Diffstat (limited to 'docs')
-rw-r--r-- | docs/libcurl/curl_easy_setopt.3 | 49 |
1 files changed, 35 insertions, 14 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 8aefb4ae8..2566ea0f5 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -334,27 +334,47 @@ prompted for it. \fICURLOPT_PASSWDFUNCTION\fP can be used to set your own prompt function. .TP .B CURLOPT_HTTPAUTH -Pass a long set to one of the curl_httpauth values, to tell libcurl what -authentication method you want it to use. Set the actual name and password -with the \fICURLOPT_USERPWD\fP option. (Added in 7.10.6) +Pass a long as parameter, which is set to a bitmask, to tell libcurl what +authentication method(s) you want it to use. The available bits are listed +below. If more than one bit is set, libcurl will first query the site to see +what authentication methods it supports and then pick the best one you allow +it to use. Note that for some methods, this will induce an extra network +round-trip. Set the actual name and password with the \fICURLOPT_USERPWD\fP +option. (Added in 7.10.6) .RS .TP 5 .B CURLHTTP_BASIC -enables HTTP Basic authentication. This is the default choice, and the only -method that is in wide-spread use and supported everywhere. +HTTP Basic authentication. This is the default choice, and the only method +that is in wide-spread use and supported virtually everywhere. This is sending +the user name and password over the network in plain text, easily captured by +others. .TP .B CURLHTTP_DIGEST -enables HTTP Digest authentication. Digest authentication is defined in -RFC2617 and is a somewhat more secure way to do user+password checking over -public networks than the regular old-fashioned Basic authentication. By -default, libcurl uses Basic. +HTTP Digest authentication. Digest authentication is defined in RFC2617 and +is a more secure way to do authentication over public networks than the +regular old-fashioned Basic method. .TP -.B CURLHTTP_NEGOTIATE -enables HTTP Negotiate authentication. The Negotiate method was designed by +.B CURLHTTP_GSSNEGOTIATE +HTTP GSS-Negotiate authentication. The GSS-Negotiate method was designed by Microsoft and is used in their web aplications. It is primarily meant as a support for Kerberos5 authentication but may be also used along with another authentication methods. For more information see IETF draft draft-brezak-spnego-http-04.txt. +.TP +.B CURLHTTP_NTLM +HTTP NTLM authentication. A proprietary protocol invented and used by +Microsoft. It uses a challenge-response and hash concept similar to Digest to +prevent the password from being evesdropped. +.TP +.B CURLHTTP_ANY +This is a convenience macro that sets all bits and thus makes libcurl pick any +it finds suitable. libcurl will automaticly select the one it finds most +secure. +.TP +.B CURLHTTP_ANYSAFE +This is a convenience macro that sets all bits except Basic and thus makes +libcurl pick any it finds suitable. libcurl will automaticly select the one it +finds most secure. .RE .PP .SH HTTP OPTIONS @@ -644,9 +664,10 @@ want the transfer to start from. .TP .B CURLOPT_CUSTOMREQUEST Pass a pointer to a zero terminated string as parameter. It will be user -instead of GET or HEAD when doing the HTTP request. This is useful for doing -DELETE or other more or less obscure HTTP requests. Don't do this at will, -make sure your server supports the command first. +instead of GET or HEAD when doing a HTTP request, or instead of LIST or NLST +when doing an ftp directory listing. This is useful for doing DELETE or other +more or less obscure HTTP requests. Don't do this at will, make sure your +server supports the command first. NOTE: many people have wrongly used this option to replace the entire request with their own, including multiple headers and POST contents. While that might |