aboutsummaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2020-03-22TODO: Use "random" ports for the test serversDaniel Stenberg
2020-03-18schannel: add "best effort" revocation check optionJohannes Schindelin
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and --ssl-revoke-best-effort to allow a "best effort" revocation check. A best effort revocation check ignores errors that the revocation check was unable to take place. The reasoning is described in detail below and discussed further in the PR. --- When running e.g. with Fiddler, the schannel backend fails with an unhelpful error message: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. Sadly, many enterprise users who are stuck behind MITM proxies suffer the very same problem. This has been discussed in plenty of issues: https://github.com/curl/curl/issues/3727, https://github.com/curl/curl/issues/264, for example. In the latter, a Microsoft Edge developer even made the case that the common behavior is to ignore issues when a certificate has no recorded distribution point for revocation lists, or when the server is offline. This is also known as "best effort" strategy and addresses the Fiddler issue. Unfortunately, this strategy was not chosen as the default for schannel (and is therefore a backend-specific behavior: OpenSSL seems to happily ignore the offline servers and missing distribution points). To maintain backward-compatibility, we therefore add a new flag (`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option (`--ssl-revoke-best-effort`) to select the new behavior. Due to the many related issues Git for Windows and GitHub Desktop, the plan is to make this behavior the default in these software packages. The test 2070 was added to verify this behavior, adapted from 310. Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com> Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Closes https://github.com/curl/curl/pull/4981
2020-03-18multi: Improve parameter check for curl_multi_remove_handleJay Satiro
- If an easy handle is owned by a multi different from the one specified then return CURLM_BAD_EASY_HANDLE. Prior to this change I assume user error could cause corruption. Closes https://github.com/curl/curl/pull/5116
2020-03-17writeout: support to generate JSON outputMathias Gumz
This commit adds support to generate JSON via the writeout feature: -w "%{json}" It leverages the existing infrastructure as much as possible. Thus, generating the JSON on STDERR is possible by: -w "%{stderr}%{json}" This implements a variant of https://github.com/curl/curl/wiki/JSON#--write-out-json. Closes #4870
2020-03-15TODO: TLS-PSK with OpenSSLDaniel Stenberg
Closes #5081
2020-03-14Makefile.m32: Improve windres parameter compatibilityJay Satiro
- s/COFF/coff/ Some versions of windres do not recognize uppercase COFF as a valid way to specify the COFF output format. Reported-by: Steven Penny Fixes https://github.com/curl/curl/issues/5099 Closes https://github.com/curl/curl/pull/5101
2020-03-13docs: add warnings about FILE: URLs on WindowsDaniel Stenberg
- --url man page section - libcurl-security.3 gets the full text - CURLOPT_URL.3 Reported-by: Tim Sedlmeyer
2020-03-11THANKS: from the 7.69.1 releaseDaniel Stenberg
2020-03-06curl_share_setopt.3: Note sharing cookies doesn't enable the engineJay Satiro
Follow-up to d0a7ee3 which fixed a bug in 7.66.0 that caused CURL_LOCK_DATA_COOKIE to enable the easy handle's cookie engine. Bug: https://curl.haxx.se/mail/lib-2020-03/0019.html Reported-by: Felipe Gasper Closes https://github.com/curl/curl/pull/5048
2020-03-05MANUAL: update a dict-using command lineDaniel Stenberg
The 'web1913' database is now invalid, use 'gcide' instead.
2020-03-05KNOWN_BUGS: configure --with-gssapi with Heimdal is ignored on macOSDaniel Stenberg
Closes #3841
2020-03-05polarssl: remove more references and mentionsDaniel Stenberg
Assisted-by: Jay Satiro Follow-up to 6357a19ff29dac04 Closes #5036
2020-03-04THANKS: from 7.69.0Daniel Stenberg
Now sorted case insensitive
2020-03-02curl_escape.3: Add a link to curl_freeJay Satiro
Ref: https://github.com/curl/curl/pull/5016#issuecomment-593628582
2020-03-02curl_getenv.3: Fix the memory handling descriptionJay Satiro
- Tell the user to call curl_free() to free the pointer returned by curl_getenv(). Prior to this change the user was directed to call free(), but that would not work in cases where the library and application use separate C runtimes and therefore have separate heap memory management. Closes https://github.com/curl/curl/pull/5016
2020-03-02altsvc: both h3 backends now speak h3-27Daniel Stenberg
... also updated the HTTP3 build description for ngtcp2 accordingly.
2020-02-29docs: fix typo on CURLINFO_RETRY_AFTER - alwaus -> alwaysJonathan Cardoso Machado
Reviewed-by: Steve Holme Closes #5005
2020-02-29TODO: curl --proxycommandDaniel Stenberg
Suggested-by: Kristian Mide Closes #4941
2020-02-21http2: now require nghttp2 >= 1.12.0Daniel Stenberg
To simplify our code and since earlier versions lack important function calls libcurl needs to function correctly. nghttp2 1.12.0 was relased on June 26, 2016. Closes #4961
2020-02-19HTTP-COOKIES: mention that a trailing newline is requiredDaniel Stenberg
... so that we know we got the whole and not a partial line. Also, changed the formatting of the fields away from a table again since the table format requires a github-markdown tool version that we don't run on the web server atm. Reported-by: Sunny Bean Fixes #4946 Closes #4947
2020-02-18CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT sectionDaniel Stenberg
to be in sync with the description above Reported-by: Joonas Kuorilehto Fixes #4943 Closes #4945
2020-02-18docs/GOVERNANCE: refreshed + added "donations" and "commercial support"Daniel Stenberg
2020-02-17socks: make the connect phase non-blockingDaniel Stenberg
Removes two entries from KNOWN_BUGS. Closes #4907
2020-02-15CURLINFO_COOKIELIST.3: Fix exampleJay Satiro
Prior to this change the example would try to import cookies from stdin, which wasn't what was intended. Reported-by: 3dyd@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4930
2020-02-14TODO: Paged searches on LDAP serverDaniel Stenberg
Closes #4452
2020-02-14TODO: CURLOPT_SSL_CTX_FUNCTION for LDAPSDaniel Stenberg
Closes #4108
2020-02-12create-dirs.d: mention the modeDaniel Stenberg
Reported-by: Dan Jacobson Fixes #4766 Closes #4916
2020-02-11CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wordingDaniel Stenberg
Assisted-by: Jay Satiro Reported-by: Craig Andrews Fixes #4909 Closes #4910
2020-02-09altsvc: keep a copy of the file name to survive handle resetDaniel Stenberg
The alt-svc cache survives a call to curl_easy_reset fine, but the file name to use for saving the cache was cleared. Now the alt-svc cache has a copy of the file name to survive handle resets. Added test 1908 to verify. Reported-by: Craig Andrews Fixes #4898 Closes #4902
2020-02-05docs/HTTP3: add --enable-alt-svc to curl's configureDaniel Stenberg
2020-02-04RELEASE-PROCEDURE: feature win is closed post-release a few daysDaniel Stenberg
We've tried to uphold this already but let's make it official by publicly stating this is the way we do it. Closes #4877
2020-02-04docs/HTTP3: update the OpenSSL branch to use for ngtcp2Daniel Stenberg
Reported-by: James Fuller
2020-02-02cleanup: fix typos and wording in docs and commentsPedro Monreal
Closes #4869 Reviewed-by: Emil Engler and Daniel Gustafsson
2020-01-29KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: headerDaniel Stenberg
2020-01-29oauth2-bearer.d: works for HTTP tooDaniel Stenberg
Reported-by: Mischa Salle Bug: https://curl.haxx.se/mail/lib-2020-01/0070.html Closes #4862
2020-01-28location.d: the method change is from POST to GET onlyDaniel Stenberg
Not from generic non-GET to GET. Reported-by: Andrius Merkys Ref: #4859 Closes #4861
2020-01-27curl.h: define CURL_WIN32 on windowsDaniel Stenberg
... so that the subsequent logic below can use a single known define to know when built on Windows (as we don't define WIN32 anymore). Follow-up to 1adebe7886ddf20b Reported-by: crazydef on github Assisted-by: Marcel Raad Fixes #4854 Closes #4855
2020-01-26global_init: assume the EINTR bit by defaultDaniel Stenberg
- Removed from global_init since it isn't thread-safe. The symbol will still remain to not break compiles, it just won't have any effect going forward. - make the internals NOT loop on EINTR (the opposite from previously). It only risks returning from the select/poll/wait functions early, and that should be risk-free. Closes #4840
2020-01-23form.d: fix two minor typosAron Rotteveel
Closes #4843
2020-01-23CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3Jay Satiro
- Copy CURLOPT_SSL_OPTIONS.3 description to CURLOPT_PROXY_SSL_OPTIONS.3. Prior to this change CURLSSLOPT_NO_PARTIALCHAIN was missing from the CURLOPT_PROXY_SSL_OPTIONS description.
2020-01-21smtp: Allow RCPT TO command to fail for some recipientsPavel Volgarev
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS. Verified with the new tests 3002-3007 Closes #4816
2020-01-21data.d: remove "Multiple files can also be specified"Daniel Stenberg
It is superfluous and could even be misleading. Bug: https://curl.haxx.se/mail/archive-2020-01/0016.html Reported-by: Mike Norton Closes #4832
2020-01-20HTTP: increase EXPECT_100_THRESHOLD to 1Mb加藤郁之
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html Closes #4814
2020-01-17ROADMAP: thread-safe `curl_global_init()`Daniel Stenberg
I'd like to see this happen.
2020-01-16polarssl: removedDaniel Stenberg
As detailed in DEPRECATE.md, the polarssl support is now removed after having been disabled for 6 months and nobody has missed it. The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix instead of the former 'polarssl' and the common functions that previously were shared between mbedtls and polarssl and contained the name 'polarssl' have now all been renamed to instead say 'mbedtls'. Closes #4825
2020-01-13HTTP-COOKIES.md: describe the cookie file formatDaniel Stenberg
... and refer to that file from from CURLOPT_COOKIEFILE.3 and CURLOPT_COOKIELIST.3 Assisted-by: Jay Satiro Reported-by: bsammon on github Fixes #4805 Closes #4806
2020-01-11ngtcp2: Add an error code for QUIC connection errorsEmil Engler
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection errors. Prior to this change CURLE_FAILED_INIT was used, but that was not correct. Closes https://github.com/curl/curl/pull/4754
2020-01-11multi: Change curl_multi_wait/poll to error on negative timeoutJay Satiro
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when curl_multi_wait/poll is passed timeout param < 0. Prior to this change passing a negative value to curl_multi_wait/poll such as -1 could cause the function to wait forever. Reported-by: hamstergene@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4763 Closes https://github.com/curl/curl/pull/4765
2020-01-09include: remove non-curl prefixed definesDaniel Stenberg
...requires some rearranging of the setup of CURLOPT_ and CURLMOPT_ enums.
2020-01-09KNOWN_BUGS: AUTH PLAIN for SMTP is not working on all serversDaniel Stenberg
Closes #4080