aboutsummaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2018-08-21INTERNALS: require GnuTLS >= 2.11.3Daniel Stenberg
Since the public pinning support was brought in e644866caf4. GnuTLS 2.11.3 was released in October 2010. Figured out in #2890
2018-08-20SSLCERTS: improve the openssl command lineDaniel Stenberg
... for extracting certs from a live HTTPS server to make a cacerts.pem from them.
2018-08-20docs/SECURITY-PROCESS: now we name the files after the CVE idDaniel Stenberg
2018-08-15TODO: host name sections in config filesDaniel Stenberg
2018-08-13docs: add disallow-username-in-url.d and haproxy-protocol.d on the listKamil Dudka
... to make make the files appear in distribution tarballs Closes #2856
2018-08-11docs: Improve the manual pages of some callbacksMichael Kaufmann
- CURLOPT_HEADERFUNCTION: add newlines - CURLOPT_INTERLEAVEFUNCTION: fix the description of 'userdata' - CURLOPT_READDATA: mention crashes, same as in CURLOPT_WRITEDATA - CURLOPT_READFUNCTION: rename 'instream' to 'userdata' and explain how to set it Closes https://github.com/curl/curl/pull/2868
2018-08-10Documentation: fix CURLOPT_SSH_COMPRESSION copy/paste bugDaniel Jelinski
Closes #2867
2018-08-10docs: mention NULL is fine input to several functionsDaniel Stenberg
Fixes #2837 Closes #2858 Reported-by: Markus Elfring
2018-08-08ssl: set engine implicitly when a PKCS#11 URI is providedAnderson Toshiyuki Sasaki
This allows the use of PKCS#11 URI for certificates and keys without setting the corresponding type as "ENG" and the engine as "pkcs11" explicitly. If a PKCS#11 URI is provided for certificate, key, proxy_certificate or proxy_key, the corresponding type is set as "ENG" if not provided and the engine is set to "pkcs11" if not provided. Acked-by: Nikos Mavrogiannopoulos Closes #2333
2018-08-04DEPRECATE: remove release date from 7.62.0Daniel Stenberg
Since it will slip and the version is the important part there, not the date.
2018-07-29examples/ephiperfifo: checksrc complianceJay Satiro
2018-07-28TODO: Support Authority Information Access certificate extension (AIA)Daniel Stenberg
Closes #2793
2018-07-28docs/examples: add hiperfifo example using linux epoll/timerfdJosh Bialkowski
Closes #2804
2018-07-26docs/INSTALL.md: minor formatting fixesDarío Hereñú
Closes #2794
2018-07-26docs/CURLOPT_URL: fix indentationChristopher Head
The statement, “The application does not have to keep the string around after setting this option,” appears to be indented under the RTMP paragraph. It actually applies to all protocols, not just RTMP. Eliminate the extra indentation. Closes #2788
2018-07-26docs/CURLOPT_WRITEFUNCTION: size is always 1Christopher Head
For compatibility with `fwrite`, the `CURLOPT_WRITEFUNCTION` callback is passed two `size_t` parameters which, when multiplied, designate the number of bytes of data passed in. In practice, CURL always sets the first parameter (`size`) to 1. This practice is also enshrined in documentation and cannot be changed in future. The documentation states that the default callback is `fwrite`, which means `fwrite` must be a suitable function for this purpose. However, the documentation also states that the callback must return the number of *bytes* it successfully handled, whereas ISO C `fwrite` returns the number of items (each of size `size`) which it wrote. The only way these numbers can be equal is if `size` is 1. Since `size` is 1 and can never be changed in future anyway, document that fact explicitly and let users rely on it. Closes #2787
2018-07-14darwinssl: add support for ALPN negotiationRodger Combs
2018-07-12docs/SECURITY-PROCESS: mention bounty, drop pre-notifyDaniel Stenberg
+ The hackerone bounty and its process - We don't and can't handle pre-notification
2018-07-11examples/crawler.c: move #ifdef to column 0Daniel Stenberg
Apparently the C => HTML converter on the web site doesn't quite like it otherwise. Reported-by: Jeroen Ooms
2018-07-11release: 7.61.0Daniel Stenberg
2018-07-10TODO: Configurable loading of OpenSSL configuration fileDaniel Stenberg
Closes #2724
2018-07-10post303.d: clarify that this is an RFC violationDaniel Stenberg
... and not the other way around, which this previously said. Reported-by: Vasiliy Faronov Fixes #2723 Closes #2726
2018-07-09examples: fix -Wformat warningsMarcel Raad
When size_t is not a typedef for unsigned long (as usually the case on Windows), GCC emits -Wformat warnings when using lu and lx format specifiers with size_t. Silence them with explicit casts to unsigned long. Closes https://github.com/curl/curl/pull/2721
2018-07-06KNOWN_BUGS: Stick to same family over SOCKS proxyDaniel Stenberg
2018-07-05KNOWN_BUGS: Borland support is dropped, AIX problem is too oldDaniel Stenberg
2018-07-05example/crawler.c: simple crawler based on libxml2Jeroen Ooms
Closes #2706
2018-07-02DEPRECATE: include year when specifying dateDaniel Stenberg
2018-07-02DEPRECATE: linkifiedDaniel Stenberg
2018-07-02DEPRECATE: mention the PR that disabled axTLSDaniel Stenberg
2018-07-02docs/DEPRECATE.md: spelling and minor formattingDaniel Stenberg
2018-07-02DEPRECATE: new doc describing planned item removalsDaniel Stenberg
Closes #2704
2018-06-30docs: fix missed option name markupsDaniel Stenberg
2018-06-29openssl: make the requested TLS version the *minimum* wantedDaniel Stenberg
The code treated the set version as the *exact* version to require in the TLS handshake, which is not what other TLS backends do and probably not what most people expect either. Reported-by: Andreas Olsson Assisted-by: Gaurav Malhotra Fixes #2691 Closes #2694
2018-06-29openssl: allow TLS 1.3 by defaultDaniel Stenberg
Reported-by: Andreas Olsson Fixes #2692 Closes #2693
2018-06-28CURLINFO_TLS_SSL_PTR.3: improve the exampleAdrian Peniak
The previous example was a little bit confusing, because SSL* structure (or other "in use" SSL connection pointer) is not accessible after the transfer is completed, therefore working with the raw TLS library specific pointer needs to be done during transfer. Closes #2690
2018-06-27GOVERNANCE: linkify, changed some titlesDaniel Stenberg
2018-06-27GOVERNANCE: add maintainer details/dutiesDaniel Stenberg
2018-06-24CURLOPT_SSL_VERIFYPEER.3: fix syntax mistakeDaniel Stenberg
Follow-up to b6a16afa0aa5
2018-06-23CURLOPT_SSL_VERIFYPEER.3: Add performance notePatrick Schlangen
Closes #2673
2018-06-18CURLOPT_INTERFACE.3: interface names not supported on WindowsDaniel Stenberg
2018-06-15docs/RELEASE-PROCEDURE.md: renamed to use .md extensionDaniel Stenberg
Closes #2663
2018-06-15RELEASE-PROCEDURE: gpg sign the tagsDaniel Stenberg
2018-06-15CURLOPT_HTTPAUTH.3: CURLAUTH_BEARER was added in 7.61.0Daniel Stenberg
2018-06-14GOVERNANCE.md: explains how this project is runDaniel Stenberg
Closes #2657
2018-06-14KNOWN_BUGS: NTLM doen't support password with § characterDaniel Stenberg
Closes #2120
2018-06-14KNOWN_BUGS: slow connect to localhost on WindowsDaniel Stenberg
Closes #2281
2018-06-13TODO: "Option to refuse usernames in URLs" doneDaniel Stenberg
Implemented by Björn in 946ce5b61f
2018-06-12schannel: support selecting ciphersRobert Prag
Given the contstraints of SChannel, I'm exposing these as the algorithms themselves instead; while replicating the ciphersuite as specified by OpenSSL would have been preferable, I found no way in the SChannel API to do so. To use this from the commandline, you need to pass the names of contants defining the desired algorithms. For example, curl --ciphers "CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM" https://github.com The specific names come from wincrypt.h Closes #2630
2018-06-11RELEASE-PROCEDURE: update the release calendar for 2019Daniel Stenberg
2018-06-05cmdline-opts/cert-type.d: mention "p12" as a recognized type as wellDaniel Stenberg