aboutsummaryrefslogtreecommitdiff
path: root/docs
AgeCommit message (Collapse)Author
2016-11-28curl: remove --proxy-ssl* optionsDaniel Stenberg
There's mostly likely no need to allow setting SSLv2/3 version for HTTPS proxy. Those protocols are insecure by design and deprecated.
2016-11-27CURLOPT_PROXY_*.3: polished some proxy option man pagesDaniel Stenberg
2016-11-26curl_version_info: add CURL_VERSION_HTTPS_PROXYOkhin Vasilij
Closes #1142
2016-11-25CURLOPT_PROXY_CAINFO.3: clarify proxy useDaniel Stenberg
2016-11-25CURLOPT_PROXY_CRLFILE.3: clarify https proxy and availabilityDaniel Stenberg
2016-11-25curl_easy_setopt.3: add CURLOPT_PROXY_PINNEDPUBLICKEYDaniel Stenberg
Follow-up to 4f8b17743d7c55a
2016-11-25docs: include all opts man pages in distDaniel Stenberg
Sorted the lists too. ... and include the new ones in the PDF and HTML generation targets
2016-11-25HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEYThomas Glanzmann
2016-11-25url: proxy: Use 443 as default port for https proxiesThomas Glanzmann
2016-11-25TODO: removed "HTTPS proxy"Daniel Stenberg
2016-11-25add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}Frank Gevaerts
Adds access to the effectively used protocol/scheme to both libcurl and curl, both in string and numeric (CURLPROTO_*) form. Note that the string form will be uppercase, as it is just the internal string. As these strings are declared internally as const, and all other strings returned by curl_easy_getinfo() are de-facto const as well, string handling in getinfo.c got const-ified. Closes #1137
2016-11-25curl.1: the new --proxy options ship in 7.52.0Daniel Stenberg
2016-11-24checksrc: move open braces to comply with function declaration styleDaniel Stenberg
2016-11-24checksrc: white space edits to comply to stricter checksrcDaniel Stenberg
2016-11-24checksrc: code style: use 'char *name' styleDaniel Stenberg
2016-11-24HTTPS-proxy: fixed mbedtls and polishingOkhin Vasilij
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-16http2: Use huge HTTP/2 windowsJay Satiro
- Improve performance by using a huge HTTP/2 window size. Bug: https://github.com/curl/curl/issues/1102 Reported-by: afrind@users.noreply.github.com Assisted-by: Tatsuhiro Tsujikawa
2016-11-16cmdline-docs: more conversionDaniel Stenberg
2016-11-16gen: support 'protos'Daniel Stenberg
and warn on unrecognized lines
2016-11-16gen: support 'single' to make an individual page man pageDaniel Stenberg
2016-11-16cmdline-docs: more options converted overDaniel Stenberg
2016-11-16gen: support 'redirect'Daniel Stenberg
... and warn for too long --help lines
2016-11-16cmdline/gen: replace options in texts betterDaniel Stenberg
2016-11-16curl.1: Clarify --dump-header only writes received headersJay Satiro
2016-11-15docs: Spelling fixesAlex Chan
2016-11-15docs: the next release will be 7.52.0Kamil Dudka
2016-11-15cmdline-opts: support generating the --help outputDaniel Stenberg
2016-11-14curl: add --fail-earlyDaniel Stenberg
Exit with an error on the first transfer error instead of continuing to do the rest of the URLs. Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html
2016-11-13cmdline-opts: first test version of a new man page generator kitDaniel Stenberg
See MANPAGE.md for the description of how this works. Each command line option is now described in a separate .d file.
2016-11-11curl: Add --retry-connrefusedDaniel Hwang
to consider ECONNREFUSED as a transient error. Closes #1064
2016-11-09CODE_STYLE.md: link to INTERNALS.md correctlyDaniel Stenberg
2016-11-08examples/fileupload.c: fclose the file as wellDaniel Stenberg
2016-11-08curl_formadd.3: *_FILECONTENT and *_FILE need the file to be keptDaniel Stenberg
Reported-by: Frank Gevaerts
2016-11-07curl: introduce the --tlsv1.3 option to force TLS 1.3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-11-07vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-11-07s/cURL/curlDaniel Stenberg
We're mostly saying just "curl" in lower case these days so here's a big cleanup to adapt to this reality. A few instances are left as the project could still formally be considered called cURL.
2016-11-07curl.1: explain the SMTP data expected for -TDaniel Stenberg
Fixes #1107 Reported-by: Adam Piggott
2016-11-03docs: shorten and simplify the top comment in multi-uv.cDaniel Stenberg
and change URL to use https
2016-11-03docs: handle CURL_POLL_INOUT in multi-uv exampleAndrei Sedoi
2016-11-03docs: multi-uv: don't use CURLMsg after cleanupAndrei Sedoi
2016-11-03docs: remove unused variables in multi-uv exampleAndrei Sedoi
2016-11-02THANKS: synced with 7.51.0Daniel Stenberg
2016-11-02RELEASE-NOTES: 7.51.0Daniel Stenberg
2016-11-01curl.1: typoDaniel Stenberg
2016-11-01curl.1: expand on how multiple uses of -o looksDaniel Stenberg
Suggested-by: Dan Jacobson Issue: https://github.com/curl/curl/issues/1097
2016-10-31unescape: avoid integer overflowDaniel Stenberg
CVE-2016-8622 Bug: https://curl.haxx.se/docs/adv_20161102H.html Reported-by: Cure53
2016-10-31TODO: remove IDNA2008Daniel Stenberg
2016-10-31INTERNALS: better markdown (follow-up)Jay Satiro
- Wrap more words with underscores in backticks. Follow-up to 13f4913.
2016-10-30INTERNALS: better markdownDaniel Stenberg
words with underscore need to be within `these` Bug: https://github.com/curl/curl-www/issues/19 Reported-by : Jay Satiro