aboutsummaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2014-08-16docs: Escaped single backslashSteve Holme
2014-08-16TODO: Updated following GSSAPI (Kerberos V5) additionsSteve Holme
Updated "FTP 4.6 GSSAPI via Windows SSPI" and "SASL 14.1 Other authentication mechanisms" following recent additions. Added SASL 14.2 GSSAPI via GSS-API libraries.
2014-08-16CURLOPT_USERNAME.3: Added Kerberos V5 and NTLM domain informationSteve Holme
This repeats what has already been documented in both the curl manpage and CURLOPT_USERPWD documentation but is provided here for completeness as someone may not especially read the latter when using libcurl.
2014-08-16CURLOPT_USERPWD.3: Updated following Kerberos V5 SSPI changesSteve Holme
Added information about Kerberos V5 requiring the domain part in the user name. Mentioned that the user name can be specified in UPN format, and not just in Down-Level Logon Name format, following the information added in commit 7679cb3fa8 reworking the exisitng information in the process.
2014-08-16docs: Added Kerberos V5 and NTLM domain information to --userSteve Holme
2014-08-16docs: Added Kerberos V5 to the --user SSPI current credentials usageSteve Holme
2014-08-11docs/SSLCERTS: update the section about NSS databaseKamil Dudka
Bug: http://curl.haxx.se/mail/lib-2014-07/0335.html Reported-by: David Shaw
2014-08-09docs: Update SPNEGO and GSS-API related doc sectionsMichael Osipov
Reflect recent changes in SPNEGO and GSS-API code in the docs. Update them with appropriate namings and remove visible spots for GSS-Negotiate.
2014-08-07docs: Added Negotiate to the SSPI current credentials usage descriptionSteve Holme
2014-08-06TODO: HTTP Digest via Windows SSPISteve Holme
2014-08-06TODO: FTP GSSAPI via Windows SSPISteve Holme
2014-08-02CURLOPT_SSL_VERIFYPEER.3. add a warning about disabling itDaniel Stenberg
2014-08-01FEATURES: minor updateDaniel Stenberg
2014-07-31CURLOPT_HEADEROPT.3: typo: do -> toMichael Wallner
2014-07-31curl_version_info.3: 'ssl_version_num' is always 0Daniel Stenberg
... and has been so since 2005
2014-07-31ssl: generalize how the ssl backend identifier is setDaniel Stenberg
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS one which was missing previously.
2014-07-30opts: fixed some typosDan Fandrich
2014-07-30curl_tlsinfo -> curl_tlssessioninfoMichael Wallner
2014-07-29libcurl.m4: include the standard source headerDaniel Stenberg
... with permission from David Shaw
2014-07-24symbols: CURL_VERSION_GSSNEGOTIATE is deprecatedDaniel Stenberg
2014-07-23http2: more and better error checkingDaniel Stenberg
1 - fixes the warnings when built without http2 support 2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2 basically when they are about http2 specific things.
2014-07-23symbols-in-versions: new SPNEGO/GSS-API symbols in 7.38.0Daniel Stenberg
2014-07-19CURLOPT_CHUNK_BGN_FUNCTION: fix typoAlessandro Ghedini
2014-07-17THANKS: added new contributors from 7.37.1 announcementDaniel Stenberg
2014-07-16Remove all traces of FBOpenSSL SPNEGO supportDavid Woodhouse
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which allows client and server to negotiate the underlying mechanism which will actually be used to authenticate. This is *often* Kerberos, and can also be NTLM and other things. And to complicate matters, there are various different OIDs which can be used to specify the Kerberos mechanism too. A SPNEGO exchange will identify *which* GSSAPI mechanism is being used, and will exchange GSSAPI tokens which are appropriate for that mechanism. But this SPNEGO implementation just strips the incoming SPNEGO packet and extracts the token, if any. And completely discards the information about *which* mechanism is being used. Then we *assume* it was Kerberos, and feed the token into gss_init_sec_context() with the default mechanism (GSS_S_NO_OID for the mech_type argument). Furthermore... broken as this code is, it was never even *used* for input tokens anyway, because higher layers of curl would just bail out if the server actually said anything *back* to us in the negotiation. We assume that we send a single token to the server, and it accepts it. If the server wants to continue the exchange (as is required for NTLM and for SPNEGO to do anything useful), then curl was broken anyway. So the only bit which actually did anything was the bit in Curl_output_negotiate(), which always generates an *initial* SPNEGO token saying "Hey, I support only the Kerberos mechanism and this is its token". You could have done that by manually just prefixing the Kerberos token with the appropriate bytes, if you weren't going to do any proper SPNEGO handling. There's no need for the FBOpenSSL library at all. The sane way to do SPNEGO is just to *ask* the GSSAPI library to do SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context() is for. And then it should all Just Work™. That 'sane way' will be added in a subsequent patch, as will bug fixes for our failure to handle any exchange other than a single outbound token to the server which results in immediate success.
2014-07-10CURLOPT_UPLOAD: Corrected argument typeSteve Holme
2014-07-09FAQ: expand the thread-safe sectionDaniel Stenberg
... with a mention of *NOSIGNAL, based on talk in bug #1386
2014-07-05Update instances of some obsolete CURLOPTs to their new namesDan Fandrich
2014-07-03example: use correct type (long) for CURLOPT_FOLLOWLOCATIONDimitrios Siganos
2014-07-03Document type of argument for CURLOPT_FOLLOWLOCATION.Dimitrios Siganos
2014-07-03Document type of argument for CURLOPT_ERRORBUFFER.Dimitrios Siganos
2014-07-03Document type of argument for CURLOPT_COPYPOSTFIELDS.Dimitrios Siganos
2014-07-03Document type of argument for CURLOPT_ADDRESS_SCOPE.Dimitrios Siganos
2014-07-03curl.1: minor language fixDaniel Stenberg
Bug: http://curl.haxx.se/mail/archive-2014-07/0006.html
2014-07-02opts: fixed some CURLOPT references so they get turned into linksDan Fandrich
2014-07-01opts: Document the socket callback function parametersDan Fandrich
2014-06-28opts: Fixed some typosSteve Holme
2014-06-25curl_easy_setopt.3: fixed the error code for an unsupported optionDan Fandrich
2014-06-24opts: added some DEFAULT and RETURN VALUE sectionsDan Fandrich
2014-06-21libcurl docs: man page editsDaniel Stenberg
mainly to improve how the web versions render
2014-06-21curl_easy_setopt.3: fixed some typosDan Fandrich
2014-06-21lib man pages: update easy setopt option referencesDaniel Stenberg
... by using the "\fIopt(3)\fP" syntax they will be linked properly when the web version of the page is generated.
2014-06-21opts: the CURLOPT_SSL_ENABLE_*PN options are enabled by defaultDaniel Stenberg
2014-06-21curl_easy_setopt.3: CURLOPT_POSTFIELDS is the exceptionDaniel Stenberg
... to the always-copy-char *-argument. And fix some minor mistakes.
2014-06-21curl_easy_setopt.3: refer to the individual man pagesDaniel Stenberg
With all the new individual option man pages created, this now refers to each separate one instead of duplicaing the info. Also makes this page easier to overview.
2014-06-21opts: fixed mancheck for out-of-tree buildsDan Fandrich
2014-06-21curl_easy_setopt.3: shortenDaniel Stenberg
shorten descriptions, mostly refer to the separate descriptions
2014-06-21CURLOPT_DNS_LOCAL_IP4.3: better short descDaniel Stenberg
2014-06-20opts: document CURLE_OUT_OF_MEMORY among other return valuesDan Fandrich
2014-06-20opts: fixed some typosDan Fandrich