aboutsummaryrefslogtreecommitdiff
path: root/docs/libcurl/curl_easy_setopt.3
AgeCommit message (Collapse)Author
2016-11-25curl_easy_setopt.3: add CURLOPT_PROXY_PINNEDPUBLICKEYDaniel Stenberg
Follow-up to 4f8b17743d7c55a
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-09-22New libcurl option to keep sending on errorMichael Kaufmann
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether sending the request body shall be completed when the server responds early with an error status code. This is suitable for manual NTLM authentication. Reviewed-by: Jay Satiro Closes https://github.com/curl/curl/pull/904
2016-04-19curl_easy_setopt.3: mention CURLOPT_TCP_FASTOPENDaniel Stenberg
2016-04-17news: CURLOPT_CONNECT_TO and --connect-toMichael Kaufmann
Makes curl connect to the given host+port instead of the host+port found in the URL.
2016-04-08docs: Added clarification following commit 9d89a0387Steve Holme
2016-02-23TFTP: add option to suppress TFTP option requests (Part 2)Jay Satiro
- Add tests. - Add an example to CURLOPT_TFTP_NO_OPTIONS.3. - Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS. Bug: https://github.com/curl/curl/issues/481
2016-02-23TFTP: add option to suppress TFTP option requests (Part 1)Michael Koenig
Some TFTP server implementations ignore the "TFTP Option extension" (RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing problems with libcurl. Another switch for curl_easy_setopt "CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from sending TFTP option requests to a server, avoiding many problems caused by faulty implementations. Bug: https://github.com/curl/curl/issues/481
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-10-23http2: add stream options to dist and curl_easy_setopt.3Daniel Stenberg
2015-08-31man-pages: more SEE ALSO linksDaniel Stenberg
2015-08-25curl_easy_{escape,setopt}.3: fix exampleSvyatoslav Mishyn
remove redundant '}'
2015-08-22CURLOPT_DEFAULT_PROTOCOL: addedNathaniel Waisbrot
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default protocol for schemeless URLs. - Add new tool option --proto-default to expose CURLOPT_DEFAULT_PROTOCOL. In the case of schemeless URLs libcurl will behave in this way: When the option is used libcurl will use the supplied default. When the option is not used, libcurl will follow its usual plan of guessing from the hostname and falling back to 'http'.
2015-06-19curl_easy_setopt.3: restore contents removed by mistakeKamil Dudka
... in commit curl-7_43_0-18-g570076e
2015-06-19curl_easy_setopt.3: mention CURLOPT_PIPEWAITDaniel Stenberg
2015-06-18curl_easy_setopt.3: option order doesn't matterDaniel Stenberg
2015-04-28Negotiate: custom service names for SPNEGO.Linus Nielsen
* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME. * Add new curl options, --proxy-service-name and --service-name.
2015-03-24curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS descriptionJay Satiro
2015-03-24curl_easy_setopt.3: Add CURLOPT_PATH_AS_ISDaniel Stenberg
2015-03-20url: add CURLOPT_SSL_FALSESTART optionAlessandro Ghedini
This option can be used to enable/disable TLS False Start defined in the RFC draft-bmoeller-tls-falsestart.
2015-03-18curl_easy_setopt.3: added a few missing optionsDan Fandrich
2015-03-06curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUSDaniel Stenberg
Reported-by: Jonathan Cardoso
2014-12-26code/docs: Use Unix rather than UNIX to avoid use of the trademarkSteve Holme
Use Unix when generically writing about Unix based systems as UNIX is the trademark and should only be used in a particular product's name.
2014-12-04libcurl: add UNIX domain sockets supportPeter Wu
The ability to do HTTP requests over a UNIX domain socket has been requested before, in Apr 2008 [0][1] and Sep 2010 [2]. While a discussion happened, no patch seems to get through. I decided to give it a go since I need to test a nginx HTTP server which listens on a UNIX domain socket. One patch [3] seems to make it possible to use the CURLOPT_OPENSOCKETFUNCTION function to gain a UNIX domain socket. Another person wrote a Go program which can do HTTP over a UNIX socket for Docker[4] which uses a special URL scheme (though the name contains cURL, it has no relation to the cURL library). This patch considers support for UNIX domain sockets at the same level as HTTP proxies / IPv6, it acts as an intermediate socket provider and not as a separate protocol. Since this feature affects network operations, a new feature flag was added ("unix-sockets") with a corresponding CURL_VERSION_UNIX_SOCKETS macro. A new CURLOPT_UNIX_SOCKET_PATH option is added and documented. This option enables UNIX domain sockets support for all requests on the handle (replacing IP sockets and skipping proxies). A new configure option (--enable-unix-sockets) and CMake option (ENABLE_UNIX_SOCKETS) can disable this optional feature. Note that I deliberately did not mark this feature as advanced, this is a feature/component that should easily be available. [0]: http://curl.haxx.se/mail/lib-2008-04/0279.html [1]: http://daniel.haxx.se/blog/2008/04/14/http-over-unix-domain-sockets/ [2]: http://sourceforge.net/p/curl/feature-requests/53/ [3]: http://curl.haxx.se/mail/lib-2008-04/0361.html [4]: https://github.com/Soulou/curl-unix-socket Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-25curl*3: added small examplesDaniel Stenberg
and some minor edits
2014-11-06curl_easy_setopt.3: add CURLOPT_PINNEDPUBLICKEYDaniel Stenberg
Reported-by: Christian Hägele Bug: http://curl.haxx.se/mail/lib-2014-11/0078.html
2014-11-02CURLOPT_MAXCONNECTS.3: Reworked the description to be less confusingSteve Holme
...and corrected a related typo in curl_easy_setopt.3.
2014-10-30curl_easy_setopt.3: Fixed lots of typosSteve Holme
2014-10-30curl_easy_setopt.3: Moved CURLOPT_DIRLISTONLY into PROTOCOL OPTIONSSteve Holme
...as this option affects more that just FTP.
2014-10-21docs: edited lots of libcurl docs for clarityDaniel Stenberg
2014-06-25curl_easy_setopt.3: fixed the error code for an unsupported optionDan Fandrich
2014-06-21curl_easy_setopt.3: fixed some typosDan Fandrich
2014-06-21lib man pages: update easy setopt option referencesDaniel Stenberg
... by using the "\fIopt(3)\fP" syntax they will be linked properly when the web version of the page is generated.
2014-06-21curl_easy_setopt.3: CURLOPT_POSTFIELDS is the exceptionDaniel Stenberg
... to the always-copy-char *-argument. And fix some minor mistakes.
2014-06-21curl_easy_setopt.3: refer to the individual man pagesDaniel Stenberg
With all the new individual option man pages created, this now refers to each separate one instead of duplicaing the info. Also makes this page easier to overview.
2014-06-21curl_easy_setopt.3: shortenDaniel Stenberg
shorten descriptions, mostly refer to the separate descriptions
2014-05-16curl_easy_setopt.3: prefer XFERINFOFUNCTION to PROGRESSFUNCTIONDaniel Stenberg
2014-05-05curl_easy_setopt.3: added the proto for CURLOPT_SSH_KNOWNHOSTSDaniel Stenberg
2014-04-18curl_easy_setopt: Updated CURLOPT_URL to include IMAP PARTIAL FETCH exampleSteve Holme
2014-04-18curl_easy_setopt: Updated CURLOPT_URL to include IMAP query string examplesSteve Holme
2014-04-04curl_easy_setopt: fix wrong version number referencesDaniel Stenberg
2014-04-04PROXYHEADER: send these headers in "normal" proxy requests tooDaniel Stenberg
Updated the docs to clarify and the code accordingly, with test 1528 to verify: When CURLHEADER_SEPARATE is set and libcurl is asked to send a request to a proxy but it isn't CONNECT, then _both_ header lists (CURLOPT_HTTPHEADER and CURLOPT_PROXYHEADER) will be used since the single request is then made for both the proxy and the server.
2014-04-04CURLOPT_HEADEROPT: addedDaniel Stenberg
Modified the logic so that CURLOPT_HEADEROPT now controls if PROXYHEADER is actually used or not.
2014-04-04CURLOPT_PROXYHEADER: set headers for proxy-onlyDaniel Stenberg
Includes docs and new test cases: 1525, 1526 and 1527 Co-written-by: Vijay Panghal
2014-02-16curl_easy_setopt.3: Add another non-matching hostnameColin Hogben
For the avoidance of doubt, show a domain which contains the no-proxy pattern but not at the top level.
2014-02-16url_easy_setopt.3: Add undocumented values of curl_infotypeYehezkel Horowitz
... for debug function
2014-02-14curl_easy_setopt.3: Fix word order of CURLOPT_PROXY sectionColin Hogben
The word CURLOPT_PROXYPORT became detached from its sentence when the note about the default was added.
2014-02-13transfer: make Expect: 100-continue timeout configurable.Tiit Pikma
Replaced the #define CURL_TIMEOUT_EXPECT_100 in transfer.c with the CURLOPT_EXPECT_100_TIMEOUT_MS option to make the timeout configurable.
2014-02-11curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0Fabian Frank
2014-02-11curl_easy_setopt.3: add CURLOPT_SSL_ENABLE_ALPN/NPNDaniel Stenberg