aboutsummaryrefslogtreecommitdiff
path: root/docs/libcurl
AgeCommit message (Collapse)Author
2020-03-24copyright: fix out-of-date copyright ranges and missing headersDaniel Stenberg
Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyright headers. Removed three (mostly usesless) README files from docs/ Closes #5141
2020-03-18schannel: add "best effort" revocation check optionJohannes Schindelin
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and --ssl-revoke-best-effort to allow a "best effort" revocation check. A best effort revocation check ignores errors that the revocation check was unable to take place. The reasoning is described in detail below and discussed further in the PR. --- When running e.g. with Fiddler, the schannel backend fails with an unhelpful error message: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. Sadly, many enterprise users who are stuck behind MITM proxies suffer the very same problem. This has been discussed in plenty of issues: https://github.com/curl/curl/issues/3727, https://github.com/curl/curl/issues/264, for example. In the latter, a Microsoft Edge developer even made the case that the common behavior is to ignore issues when a certificate has no recorded distribution point for revocation lists, or when the server is offline. This is also known as "best effort" strategy and addresses the Fiddler issue. Unfortunately, this strategy was not chosen as the default for schannel (and is therefore a backend-specific behavior: OpenSSL seems to happily ignore the offline servers and missing distribution points). To maintain backward-compatibility, we therefore add a new flag (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option (`--ssl-revoke-best-effort`) to select the new behavior. Due to the many related issues Git for Windows and GitHub Desktop, the plan is to make this behavior the default in these software packages. The test 2070 was added to verify this behavior, adapted from 310. Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com> Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Closes https://github.com/curl/curl/pull/4981
2020-03-18multi: Improve parameter check for curl_multi_remove_handleJay Satiro
- If an easy handle is owned by a multi different from the one specified then return CURLM_BAD_EASY_HANDLE. Prior to this change I assume user error could cause corruption. Closes https://github.com/curl/curl/pull/5116
2020-03-13docs: add warnings about FILE: URLs on WindowsDaniel Stenberg
- --url man page section - libcurl-security.3 gets the full text - CURLOPT_URL.3 Reported-by: Tim Sedlmeyer
2020-03-06curl_share_setopt.3: Note sharing cookies doesn't enable the engineJay Satiro
Follow-up to d0a7ee3 which fixed a bug in 7.66.0 that caused CURL_LOCK_DATA_COOKIE to enable the easy handle's cookie engine. Bug: https://curl.haxx.se/mail/lib-2020-03/0019.html Reported-by: Felipe Gasper Closes https://github.com/curl/curl/pull/5048
2020-03-05polarssl: remove more references and mentionsDaniel Stenberg
Assisted-by: Jay Satiro Follow-up to 6357a19ff29dac04 Closes #5036
2020-03-02curl_escape.3: Add a link to curl_freeJay Satiro
Ref: https://github.com/curl/curl/pull/5016#issuecomment-593628582
2020-03-02curl_getenv.3: Fix the memory handling descriptionJay Satiro
- Tell the user to call curl_free() to free the pointer returned by curl_getenv(). Prior to this change the user was directed to call free(), but that would not work in cases where the library and application use separate C runtimes and therefore have separate heap memory management. Closes https://github.com/curl/curl/pull/5016
2020-02-29docs: fix typo on CURLINFO_RETRY_AFTER - alwaus -> alwaysJonathan Cardoso Machado
Reviewed-by: Steve Holme Closes #5005
2020-02-18CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT sectionDaniel Stenberg
to be in sync with the description above Reported-by: Joonas Kuorilehto Fixes #4943 Closes #4945
2020-02-15CURLINFO_COOKIELIST.3: Fix exampleJay Satiro
Prior to this change the example would try to import cookies from stdin, which wasn't what was intended. Reported-by: 3dyd@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4930
2020-02-11CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wordingDaniel Stenberg
Assisted-by: Jay Satiro Reported-by: Craig Andrews Fixes #4909 Closes #4910
2020-02-09altsvc: keep a copy of the file name to survive handle resetDaniel Stenberg
The alt-svc cache survives a call to curl_easy_reset fine, but the file name to use for saving the cache was cleared. Now the alt-svc cache has a copy of the file name to survive handle resets. Added test 1908 to verify. Reported-by: Craig Andrews Fixes #4898 Closes #4902
2020-01-28location.d: the method change is from POST to GET onlyDaniel Stenberg
Not from generic non-GET to GET. Reported-by: Andrius Merkys Ref: #4859 Closes #4861
2020-01-27curl.h: define CURL_WIN32 on windowsDaniel Stenberg
... so that the subsequent logic below can use a single known define to know when built on Windows (as we don't define WIN32 anymore). Follow-up to 1adebe7886ddf20b Reported-by: crazydef on github Assisted-by: Marcel Raad Fixes #4854 Closes #4855
2020-01-26global_init: assume the EINTR bit by defaultDaniel Stenberg
- Removed from global_init since it isn't thread-safe. The symbol will still remain to not break compiles, it just won't have any effect going forward. - make the internals NOT loop on EINTR (the opposite from previously). It only risks returning from the select/poll/wait functions early, and that should be risk-free. Closes #4840
2020-01-23CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3Jay Satiro
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3. Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-21smtp: Allow RCPT TO command to fail for some recipientsPavel Volgarev
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS. Verified with the new tests 3002-3007 Closes #4816
2020-01-20HTTP: increase EXPECT_100_THRESHOLD to 1Mb加藤郁之
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html Closes #4814
2020-01-13HTTP-COOKIES.md: describe the cookie file formatDaniel Stenberg
... and refer to that file from from CURLOPT_COOKIEFILE.3 and CURLOPT_COOKIELIST.3 Assisted-by: Jay Satiro Reported-by: bsammon on github Fixes #4805 Closes #4806
2020-01-11ngtcp2: Add an error code for QUIC connection errorsEmil Engler
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754
2020-01-11multi: Change curl_multi_wait/poll to error on negative timeoutJay Satiro
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765
2020-01-09include: remove non-curl prefixed definesDaniel Stenberg
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_ enums.
2020-01-06CURLOPT_READFUNCTION.3: fix fopen params in exampleJay Satiro
2020-01-06CURLOPT_READFUNCTION.3: fix variable name in exampleJay Satiro
Reported-by: Paul Joyce Fixes https://github.com/curl/curl/issues/4787
2020-01-05docs: mention CURL_MAX_INPUT_LENGTH restrictionsDaniel Stenberg
... for curl_easy_setopt() and curl_url_set(). [skip ci] Closes #4783
2019-12-26CURLOPT_HEADERFUNCTION.3: Document that size is always 1Jay Satiro
For compatibility with `fwrite`, the `CURLOPT_HEADERFUNCTION` callback is passed two `size_t` parameters which, when multiplied, designate the number of bytes of data passed in. In practice, CURL always sets the first parameter (`size`) to 1. This practice is also enshrined in documentation and cannot be changed in future. The documentation states that the default callback is `fwrite`, which means `fwrite` must be a suitable function for this purpose. However, the documentation also states that the callback must return the number of *bytes* it successfully handled, whereas ISO C `fwrite` returns the number of items (each of size `size`) which it wrote. The only way these numbers can be equal is if `size` is 1. Since `size` is 1 and can never be changed in future anyway, document that fact explicitly and let users rely on it. Reported-by: Frank Gevaerts Commit-message-by: Christopher Head Ref: https://github.com/curl/curl/pull/2787 Fixes https://github.com/curl/curl/issues/4758
2019-12-18CURLOPT_QUOTE.3: fix typosJay Satiro
Prior to this change the EXAMPLE in the QUOTE/PREQUOTE/POSTQUOTE man pages would not compile because a variable name was incorrect. Reported-by: Bylon2@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4736
2019-12-18CURLOPT_URL.3: "curl supports SMB version 1 (only)"Daniel Stenberg
[skip ci]
2019-12-16docs: TLS SRP doesn't work with TLS 1.3Daniel Stenberg
Reported-by: sayrer on github Closes #4262 [skip ci]
2019-12-04CURLOPT_VERBOSE.3: see also ERRORBUFFERDaniel Stenberg
2019-12-03openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chainsDaniel Stenberg
Closes #4655
2019-12-03OPENSOCKETFUNCTION.3: correct the purpose descriptionDaniel Stenberg
Reported-by: Jeff Mears Bug: https://curl.haxx.se/mail/lib-2019-12/0007.html Closes #4667
2019-11-28docs: add more references to curl_multi_pollDaniel Stenberg
Fixes #4643 Closes #4652
2019-11-26XFERINFOFUNCTION: support CURL_PROGRESSFUNC_CONTINUEJohn Schroeder
(also for PROGRESSFUNCTION) By returning this value from the callback, the internal progress function call is still called afterward. Closes #4599
2019-11-26TLS: add BearSSL vtls implementationMichael Forney
Closes #4597
2019-11-26curl_multi_wakeup.3: add example and AVAILABILITYDaniel Stenberg
Reviewed-by: Gergely Nagy Closes #4635
2019-11-25multi: add curl_multi_wakeup()Gergely Nagy
This commit adds curl_multi_wakeup() which was previously in the TODO list under the curl_multi_unblock name. On some platforms and with some configurations this feature might not be available or can fail, in these cases a new error code (CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup(). Fixes #4418 Closes #4608
2019-11-22test1175: verify symbols-in-versions and libcurl-errors.3 in syncDaniel Stenberg
Closes #4628
2019-11-21include: make CURLE_HTTP3 use a new error codeDaniel Stenberg
To avoid potential issues with error code reuse. Reported-by: Christoph M. Becker Assisted-by: Dan Fandrich Fixes #4601 Closes #4627
2019-11-12quiche: reject headers in the wrong orderDaniel Stenberg
Pseudo header MUST come before regular headers or cause an error. Reported-by: Cynthia Coan Fixes #4571 Closes #4584
2019-11-02copyrights: update all copyright notices to 2019 on files changed this yearVilhelm Prytz
Closes #4547
2019-10-16CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue timeJay Satiro
Prior to this change some users did not understand that the "request" starts when the handle is added to the multi handle, or probably they did not understand that some of those transfers may be queued and that time is included in timeout. Reported-by: Jeroen Ooms Fixes https://github.com/curl/curl/issues/4486 Closes https://github.com/curl/curl/pull/4489
2019-10-07CURLOPT_TIMEOUT.3: remove the mention of "minutes"Daniel Stenberg
... just say that limiting operations risk aborting otherwise fine working transfers. If that means seconds, minutes or hours, we leave to the user. Reported-by: Martin Gartner Closes #4469
2019-10-03docs: add note on failed handles not being counted by curl_multi_performDenis Chaplygin
Closes #4446
2019-10-03CURLMOPT_MAX_CONCURRENT_STREAMS.3: fix SEE ALSO typoDaniel Stenberg
2019-10-02ESNI: initial build/setupNiall
Closes #4011
2019-10-02CURLMOPT_MAX_CONCURRENT_STREAMS: new setoptKunal Ekawde
Closes #4410
2019-09-28docs: disambiguate CURLUPART_HOST is for host name (ie no port)Jay Satiro
Closes #4424
2019-09-19urlapi: CURLU_NO_AUTHORITY allows empty authority/host partJens Finkhaeuser
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not "file:///") to override cURL's default demand that an authority exists. Closes #4349