Commit Graph

508 Commits

Author SHA1 Message Date
Daniel Stenberg
042cc1f69e - David Kierznowski notified us about a security flaw
(http://curl.haxx.se/docs/adv_20090303.html also known as CVE-2009-0037) in
  which previous libcurl versions (by design) can be tricked to access an
  arbitrary local/different file instead of a remote one when
  CURLOPT_FOLLOWLOCATION is enabled. This flaw is now fixed in this release
  together this the addition of two new setopt options for controlling this
  new behavior:

  o CURLOPT_REDIR_PROTOCOLS controls what protocols libcurl is allowed to
  follow to when CURLOPT_FOLLOWLOCATION is enabled. By default, this option
  excludes the FILE and SCP protocols and thus you nee to explicitly allow
  them in your app if you really want that behavior.

  o CURLOPT_PROTOCOLS controls what protocol(s) libcurl is allowed to fetch
  using the primary URL option. This is useful if you want to allow a user or
  other outsiders control what URL to pass to libcurl and yet not allow all
  protocols libcurl may have been built to support.
2009-03-02 23:05:31 +00:00
Daniel Stenberg
6c9f37d263 - After a bug reported by James Cheng I've made curl_easy_getinfo() for
CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD return
  -1 if the sizes aren't know. Previously these returned 0, make it impossible
  to detect the difference between actually zero and unknown.
2009-02-23 18:45:00 +00:00
Daniel Stenberg
07dc741e18 mention default port number 2009-02-23 10:40:36 +00:00
Daniel Stenberg
0517fa153c three new CURLFTP_CREATE_DIR* symbols 2009-02-17 09:43:27 +00:00
Daniel Stenberg
8f81fd6be5 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 in addition to 1 for
plain FTP connections, and it will then allow MKD to fail once and retry the
  CWD afterwards. This is especially useful if you're doing many simultanoes
  connections against the same server and they all have this option enabled,
  as then CWD may first fail but then another connection does MKD before this
  connection and thus MKD fails but trying CWD works! The numbers can
  (should?) now be set with the convenience enums now called
  CURLFTP_CREATE_DIR and CURLFTP_CREATE_DIR_RETRY.

  Tests has proven that if you're making an application that uploads a set of
  files to an ftp server, you will get a noticable gain in speed if you're
  using multiple connections and this option will be then be very useful.
2009-02-17 09:07:25 +00:00
Daniel Stenberg
002cf105c6 - CURLINFO_CONDITION_UNMET was added to allow an application to get to know if
the condition in the previous request was unmet. This is typically a time
  condition set with CURLOPT_TIMECONDITION and was previously not possible to
  reliably figure out. From bug report #2565128
  (http://curl.haxx.se/bug/view.cgi?id=2565128)
2009-02-11 21:47:14 +00:00
Daniel Stenberg
517b8ed057 completed the CURLPROXY_ collection 2009-02-10 12:52:09 +00:00
Daniel Stenberg
d3d7ed1766 include the symbols-in-versions file in the release archive 2009-02-10 12:39:26 +00:00
Daniel Stenberg
c65f9acdc7 introducing the symbols-in-versions file, in an effort to help app authors
to better know and track symbols in earlier libcurl versions
2009-02-10 12:33:10 +00:00
Daniel Stenberg
5c4cdcb2d5 mention when CURLOPT_ADDRESS_SCOPE was added 2009-02-10 12:32:12 +00:00
Dan Fandrich
44c02227e9 Mention the first release of CURLOPT_FTP_FILEMETHOD 2009-02-06 19:25:32 +00:00
Daniel Stenberg
bdd4294e79 - Craig A West brought us: libcurl now defaults to do CONNECT with HTTP
version 1.1 instead of 1.0 like before. This change also introduces the new
  proxy type for libcurl called 'CURLPROXY_HTTP_1_0' that then allows apps to
  switch (back) to CONNECT 1.0 requests. The curl tool also got a --proxy1.0
  option that works exactly like --proxy but sets CURLPROXY_HTTP_1_0.

  I updated all test cases cases that use CONNECT and I tried to do some using
  --proxy1.0 and some updated to do CONNECT 1.1 to get both versions run.
2009-02-02 16:19:23 +00:00
Daniel Stenberg
de4610a55f - Markus Moeller introduced two new options to libcurl:
CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC to allow libcurl
  to do GSS-style authentication with SOCKS5 proxies. The curl tool got the
  options called --socks5-gssapi-service and --socks5-gssapi-nec to enable
  these.
2009-01-28 21:33:58 +00:00
Daniel Stenberg
0516ce7786 - Chad Monroe provided the new CURLOPT_TFTP_BLKSIZE option that allows an app
to set desired block size to use for TFTP transfers instead of the default
  512 bytes.
2009-01-26 22:43:06 +00:00
Daniel Stenberg
5aeef9c1c8 - Craig A West brought CURLOPT_NOPROXY and the corresponding --noproxy option.
They basically offer the same thing the NO_PROXY environment variable only
  offered previously: list a set of host names that shall not use the proxy
  even if one is specified.
2009-01-25 23:26:25 +00:00
Daniel Stenberg
2f9038bf62 Mohun Biswas clarified 2009-01-12 21:22:51 +00:00
Daniel Stenberg
9aea3e265d further clarifcation based on input from Anthony Bryan 2008-12-29 21:26:11 +00:00
Daniel Stenberg
f61cfc5931 Anthony Bryan's man page cleanup in language and spelling 2008-12-28 21:56:56 +00:00
Daniel Stenberg
27b8a5fd84 Anthony Bryan reported quirks, I updated 2008-12-28 21:43:34 +00:00
Daniel Stenberg
60ff74140e Anthony Bryan reported and I corrected two typos. 2008-12-28 21:35:53 +00:00
Daniel Stenberg
4f0a7170af The CURLOPT_KRBLEVEL description wasn't properly formatted and thus was
corrupted in ouputs. Another report from Anthony Bryan.
2008-12-28 21:31:55 +00:00
Daniel Stenberg
6d2ff9d2a7 Anthony Bryan reported this outputs wrong in the PDF and I've now tried to
escape these letters what I think is the correct way.
2008-12-28 21:29:13 +00:00
Daniel Stenberg
d5bfec70af - Anthony Bryan provided a set of patches that cleaned up manual language,
corrected spellings and more.
2008-12-22 13:07:13 +00:00
Daniel Stenberg
000a13e21a expand the CURLOPT_POSTREDIR explanation 2008-12-19 19:03:55 +00:00
Daniel Stenberg
6e376532b0 - Internet Explorer had a broken HTTP digest authentication before v7 and
there are servers "out there" that relies on the client doing this broken
  Digest authentication. Apache even comes with an option to work with such
  broken clients.

  The difference is only for URLs that contain a query-part (a '?'-letter and
  text to the right of it).

  libcurl now supports this quirk, and you enable it by setting the
  CURLAUTH_DIGEST_IE bit in the bitmask you pass to the CURLOPT_HTTPAUTH or
  CURLOPT_PROXYAUTH options. They are thus individually controlled to server
  and proxy.
2008-12-10 23:13:31 +00:00
Dan Fandrich
32f78136b2 Documented CURLOPT_CONNECT_ONLY as being useful only on HTTP URLs. 2008-12-09 22:00:18 +00:00
Dan Fandrich
acc29ff1d9 Fixed an outdated mention of having keep strings around in curl_easy_setopt
calls. Added a paragraph explaining that libcurl takes care of low-level
protocol details. Made a few minor edits.
2008-11-17 08:16:25 +00:00
Daniel Stenberg
5d791838d2 mention the speed unit for the _SPEED_LARGE options from bug #2226722 2008-11-05 21:48:00 +00:00
Dan Fandrich
9c86097286 Mention more restrictions on timeouts when using signals 2008-10-28 23:48:05 +00:00
Daniel Stenberg
6e0739931d Philippe Vaucher pointed out this use of an outdated option name... 2008-10-28 10:21:19 +00:00
Yang Tse
98b13037e7 remove some spurious line-endings 2008-10-17 03:59:02 +00:00
Dan Fandrich
1d12b1fa1e CURLOPT_POST301 => CURLOPT_POSTREDIR 2008-10-16 21:02:38 +00:00
Daniel Stenberg
a9a4300a36 - Igor Novoseltsev added CURLOPT_PROXYUSER and CURLOPT_PROXYPASSWORD that then
make CURLOPT_PROXYUSERPWD sort of deprecated. The primary motive for adding
  these new options is that they have no problems with the colon separator
  that the CURLOPT_PROXYUSERPWD option does.
2008-10-16 20:21:22 +00:00
Daniel Stenberg
a8245df745 mention the openssl requirement for the certinfo data 2008-10-16 12:35:47 +00:00
Daniel Stenberg
86c5d02a5e correct version number for the certinfo addition 2008-10-16 12:29:32 +00:00
Daniel Stenberg
5af597c2fb Added CURLINFO_CERTINFO 2008-10-16 11:35:19 +00:00
Dan Fandrich
6887106ff7 Fixed a leftover reference to CURLOPT_FTP_SSL (thanks to Carlos Alloatti
for spotting it).
2008-10-09 20:03:04 +00:00
Daniel Stenberg
08cf6780ba - Igor Novoseltsev brought a patch that introduced two new options to
curl_easy_setopt: CURLOPT_USERNAME and CURLOPT_PASSWORD that sort of
  deprecates the good old CURLOPT_USERPWD since they allow applications to set
  the user name and password independently and perhaps more importantly allow
  both to contain colon(s) which CURLOPT_USERPWD doesn't fully support.
2008-10-08 10:39:43 +00:00
Dan Fandrich
152cf6325d Checked in some grammatical and minor other fixes in the documentation and
examples that I found in the FreeBSD ports system.
2008-09-10 07:11:45 +00:00
Dan Fandrich
ac1ab03cb0 Hammer home the fact that "multi interface" != "multi-threaded" 2008-09-09 05:39:59 +00:00
Daniel Stenberg
bc90fefb5b SOCKS5_RESOLVE_LOCAL was just never added as an option! 2008-09-07 21:33:50 +00:00
Daniel Stenberg
4c9768565e - Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By
enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS
  or FTPS), libcurl will gather lots of server certificate info and that info
  can then get extracted by a client after the request has completed with
  curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing
  helped me test and smoothen out this feature.

  Unfortunately, this feature currently only works with libcurl built to use
  OpenSSL.

  This feature was sponsored by networking4all.com - thanks!
2008-09-05 14:29:21 +00:00
Dan Fandrich
e082d2403c Fixed a couple of typos 2008-08-28 02:32:41 +00:00
Dan Fandrich
6768e81d5d Added an edited version of Vincent Le Normand's documentation of SFTP quote
commands to the man pages.
2008-08-20 19:45:43 +00:00
Daniel Stenberg
a3045b4e49 - mention curl_multi_socket_action() rather than the deprecated
curl_multi_socket()
- don't claim that it has an argument named 'easy' because it doesn't!
2008-08-06 21:22:07 +00:00
Daniel Stenberg
5aed78e183 - Phil Blundell added the CURLOPT_SCOPE option, as well as adjusted the URL
parser to allow numerical IPv6-addresses to be specified with the scope
  given, as per RFC4007 - with a percent letter that itself needs to be URL
  escaped. For example, for an address of fe80::1234%1 the HTTP URL is:
  "http://[fe80::1234%251]/"
2008-07-30 21:55:26 +00:00
Dan Fandrich
5373289574 Eliminated references to TRUE and FALSE since those identifiers aren't
defined by the libcurl API. Also changed curl_easy_setopt examples to
pass longs where appropriate.
2008-07-23 22:02:03 +00:00
Daniel Stenberg
7d0eabaa80 - I went over the curl_easy_setopt man page and replaced most references to
non-zero with the fixed value of 1. We should strive at making options
  support '1' for enabling them mentioned explicitly, as that then will allow
  us for to extend them in the future without breaking older programs.
2008-07-23 20:53:04 +00:00
Daniel Stenberg
6b7ccde156 (Added in the section for CURLOPT_DNS_CACHE_TIMEOUT, pointed out on the
curl-library list on July 9th 2008 by Mathew Hounsell)

NOTE: the name resolve functions of various libc implementations don't re-read
name server information unless explicitly told so (by for example calling
Ires_init(3). This may cause libcurl to keep using the older server even
if DHCP has updated the server info, and this may look like a DNS cache issue
to the casual libcurl-app user.
2008-07-10 22:24:11 +00:00
Daniel Stenberg
a17fadea3a updated to match current reality 2008-07-10 13:40:59 +00:00