From ae7fe3b7f45564569324e07ffeb1be4eabfef713 Mon Sep 17 00:00:00 2001 From: Quinn Slack Date: Wed, 9 Feb 2011 23:33:06 +0100 Subject: [PATCH] TLS-SRP: new options documented --- docs/curl.1 | 15 +++++++++++++++ docs/libcurl/curl_easy_setopt.3 | 25 ++++++++++++++++++++++++- 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/docs/curl.1 b/docs/curl.1 index a1027004a..f1fe1b9a9 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -1270,6 +1270,19 @@ default 512 bytes will be used. If this option is used several times, the last one will be used. (Added in 7.20.0) +.IP "--tlsauthtype " +Set TLS authentication type. Currently, the only supported option is "SRP", +for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are +specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP". +(Added in 7.21.4) +.IP "--tlsuser " +Set username for use with the TLS authentication method specified with +\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set. (Added in +7.21.4) +.IP "--tlspassword " +Set password for use with the TLS authentication method specified with +\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set. (Added in +7.21.4) .IP "-T/--upload-file " This transfers the specified local file to the remote URL. If there is no file part in the specified URL, Curl will append the local file name. NOTE that you @@ -1396,6 +1409,8 @@ This curl supports IDN - international domain names. .IP "SSPI" SSPI is supported. If you use NTLM and set a blank user name, curl will authenticate with your current user and password. +.IP "TLS-SRP" +SRP (Secure Remote Password) authentication is supported for TLS. .RE .IP "-w/--write-out " Defines what to display on stdout after a completed and successful diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 8c772c6e5..7f3e27dd1 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2010, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -870,6 +870,29 @@ This is a meta symbol. Or this value together with a single specific auth value to force libcurl to probe for un-restricted auth and if not, only that single auth algorithm is acceptable. (Added in 7.21.3) .RE +.IP CURLOPT_TLSAUTH_TYPE +Pass a long as parameter, which is set to a bitmask, to tell libcurl which +authentication method(s) you want it to use for TLS authentication. +.RS +.IP CURLOPT_TLSAUTH_SRP +TLS-SRP authentication. Secure Remote Password authentication for TLS is +defined in RFC 5054 and provides mutual authentication if both sides have a +shared secret. To use TLS-SRP, you must also set the +\fICURLOPT_TLSAUTH_USERNAME\fP and \fICURLOPT_TLSAUTH_PASSWORD\fP options. + +You need to build libcurl with GnuTLS and with TLS-SRP support for this to +work. (Added in 7.21.4) +.RE +.IP CURLOPT_TLSAUTH_USERNAME +Pass a char * as parameter, which should point to the zero-terminated username +to use for the TLS authentication method specified with the +\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the +\fICURLOPT_TLS_PASSWORD\fP option also be set. (Added in 7.21.4) +.IP CURLOPT_TLSAUTH_PASSWORD +Pass a char * as parameter, which should point to the zero-terminated password +to use for the TLS authentication method specified with the +\fICURLOPT_TLSAUTH_TYPE\fP option. Requires that the +\fICURLOPT_TLS_USERNAME\fP option also be set. (Added in 7.21.4) .IP CURLOPT_PROXYAUTH Pass a long as parameter, which is set to a bitmask, to tell libcurl which authentication method(s) you want it to use for your proxy authentication. If