| Age | Commit message (Collapse) | Author |
|---|
|
Describes our security process from a project and curl developer's
perspective.
|
|
"Dan Fandrich" <dan@coneharvesters.com> wrote:
>> But I'm not sure <unistd.h> is needed at all.
>
> It's needed for close(2). But the only reason that's needed is because fstat
> is used instead of stat(2); if you fix that, then you could remove that
> include altogether.
Okay. I've tested the following with MSVC and MingW. htttput.c now
simply uses stat():
|
|
... as it was just merged in commit 7d7df
|
|
Clarify in the documentation that DNS entries added with CURLOPT_RESOLVE
won't time-out.
Bug: http://curl.haxx.se/mail/lib-2013-10/0062.html
Reported-by: Romulo Ceccon
|
|
I noted a missing text for exit-code 89 in docs/curl.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).
axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.
darwinssl:
Added support for the new enum values.
SChannel:
Added support for the new enum values.
CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.
GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.
NSS:
TLS minor version cannot be set, so we don't allow the new enum values.
QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.
OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.
Command-line tool:
Added command line options for the new values.
|
|
|
|
The option '--bearer' might be slightly ambiguous in name. It doesn't
create any conflict that I am aware of at the moment, however, OAUTH v2
is not the only authentication mechanism which uses "bearer" tokens.
Reported-by: Kyle L. Huff
URL: http://curl.haxx.se/mail/lib-2013-10/0064.html
|
|
|
|
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends and not for any other!
|
|
|
|
The comment mentioned the need to free the data, but the example already
does that free
|
|
This is similar to getinmemory.c but with an initial POST.
Combined-by: Ulf Samuelsson
|
|
Added missing information, from curl 7.31.0, regarding the use of the
optional login options that may be specified as part of --user.
For example:
--user 'user:password;auth=NTLM' in IMAP, POP3 and SMTP protocols.
|
|
|
|
|
|
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".
The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
|
|
URL: http://curl.haxx.se/bug/view.cgi?id=1279
Suggested-by: Jerry Krinock
|
|
URL: http://curl.haxx.se/bug/view.cgi?id=1278
Reported-by: Gorilla Maguila
|
|
|
|
... and a few more cleanups/clarifications
|
|
|
|
|
|
I also documented the fact that the OpenSSL engine also supports them.
|
|
CURL_HTTP_VERSION_2_0 and CURL_VERSION_HTTP2 are new
|
|
|
|
|
|
|
|
|
|
|
|
The old numbers would still redirect but who knows for how long...
|
|
Several language fixes. Several reformats that should make the HTML
generation of this document look better.
Reported-by: Dave Thompson
|
|
Doing curl_multi_add_handle() on an easy handle that is already added to
a multi handle now returns this error code. It previously returned
CURLM_BAD_EASY_HANDLE for this condition.
|
|
|
|
|
|
|
|
|
|
Since the mk-ca-bundle tool itself isn't installed with make install,
there's no point in installing its documentation.
Bug: http://curl.haxx.se/mail/lib-2013-08/0057.html
Reported-by: Guenter Knauf
|
|
This is the first version of this new document, detailing the seven
perhaps most important internal structs in libcurl source code:
1.1 SessionHandle
1.2 connectdata
1.3 Curl_multi
1.4 Curl_handler
1.5 conncache
1.6 Curl_share
1.7 CookieInfo
|
|
|
|
This reverts commit 82ab5f1b0c7c3f as this was the wrong place to
document the complexity of IMAP URLs and Custom Requests.
|
|
In addition to listing the folder contents, in the URL examples, added
an example to list the new messages waiting in the user's inbox.
|
|
When the multi-socket API is used, we need the handle to be checked
again when it gets unpaused.
Bug: http://curl.haxx.se/mail/lib-2013-07/0239.html
Reported-by: Justin Karneges
|
|
CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function
and CURLOPT_PROGRESSFUNCTION is considered deprecated.
This new callback uses pure 'curl_off_t' arguments to pass on full
resolution sizes. It otherwise retains the same characteristics: the
same call rate, the same meanings for the arguments and the return code
is used the same way.
The progressfunc.c example is updated to show how to use the new
callback for newer libcurls while supporting the older one if built with
an older libcurl or even built with a newer libcurl while running with
an older.
|
