Commit Graph

2891 Commits

Author SHA1 Message Date
Steve Holme
29240cb5c1 CURLOPT_USERPWD.3: Updated following Kerberos V5 SSPI changes
Added information about Kerberos V5 requiring the domain part in the
user name.

Mentioned that the user name can be specified in UPN format, and not
just in Down-Level Logon Name format, following the information
added in commit 7679cb3fa8 reworking the exisitng information in the
process.
2014-08-16 10:42:31 +01:00
Steve Holme
7679cb3fa8 docs: Added Kerberos V5 and NTLM domain information to --user 2014-08-16 10:37:16 +01:00
Steve Holme
0574196acb docs: Added Kerberos V5 to the --user SSPI current credentials usage 2014-08-16 10:16:05 +01:00
Kamil Dudka
cb1f18661a docs/SSLCERTS: update the section about NSS database
Bug: http://curl.haxx.se/mail/lib-2014-07/0335.html
Reported-by: David Shaw
2014-08-11 16:49:54 +02:00
Michael Osipov
37f0e8a32c docs: Update SPNEGO and GSS-API related doc sections
Reflect recent changes in SPNEGO and GSS-API code in the docs.
Update them with appropriate namings and remove visible spots for
GSS-Negotiate.
2014-08-09 00:08:51 +01:00
Steve Holme
f719a97e12 docs: Added Negotiate to the SSPI current credentials usage description 2014-08-07 08:04:40 +01:00
Steve Holme
6c6983f477 TODO: HTTP Digest via Windows SSPI 2014-08-06 22:58:42 +01:00
Steve Holme
c399f6eeb2 TODO: FTP GSSAPI via Windows SSPI 2014-08-06 21:54:27 +01:00
Daniel Stenberg
e4f6adb023 CURLOPT_SSL_VERIFYPEER.3. add a warning about disabling it 2014-08-02 23:09:22 +02:00
Daniel Stenberg
8da2124060 FEATURES: minor update 2014-08-01 09:00:06 +02:00
Michael Wallner
7bb4c8cadb CURLOPT_HEADEROPT.3: typo: do -> to 2014-07-31 17:52:08 +02:00
Daniel Stenberg
0c23ec232b curl_version_info.3: 'ssl_version_num' is always 0
... and has been so since 2005
2014-07-31 12:27:15 +02:00
Daniel Stenberg
a439e438f3 ssl: generalize how the ssl backend identifier is set
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS
one which was missing previously.
2014-07-31 12:19:51 +02:00
Dan Fandrich
524bb823c9 opts: fixed some typos 2014-07-30 23:37:24 +02:00
Michael Wallner
df52f3500c curl_tlsinfo -> curl_tlssessioninfo 2014-07-30 11:11:29 +02:00
Daniel Stenberg
37faf55e17 libcurl.m4: include the standard source header
... with permission from David Shaw
2014-07-29 00:06:36 +02:00
Daniel Stenberg
821d4a1e55 symbols: CURL_VERSION_GSSNEGOTIATE is deprecated 2014-07-24 23:47:32 +02:00
Daniel Stenberg
81cd24adb8 http2: more and better error checking
1 - fixes the warnings when built without http2 support

2 - adds CURLE_HTTP2, a new error code for errors detected by nghttp2
basically when they are about http2 specific things.
2014-07-23 09:23:56 +02:00
Daniel Stenberg
cc52d776dd symbols-in-versions: new SPNEGO/GSS-API symbols in 7.38.0 2014-07-23 00:01:39 +02:00
Alessandro Ghedini
6f8046f7a4 CURLOPT_CHUNK_BGN_FUNCTION: fix typo 2014-07-19 21:27:38 +02:00
Daniel Stenberg
da172b0dde THANKS: added new contributors from 7.37.1 announcement 2014-07-17 13:18:46 +02:00
David Woodhouse
9ad282b1ae Remove all traces of FBOpenSSL SPNEGO support
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.

A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.

But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).

Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.

So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".

You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.

The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.

That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
2014-07-16 17:26:08 +02:00
Steve Holme
f9b80cded7 CURLOPT_UPLOAD: Corrected argument type 2014-07-10 22:30:43 +01:00
Daniel Stenberg
6273b23a05 FAQ: expand the thread-safe section
... with a mention of *NOSIGNAL, based on talk in bug #1386
2014-07-09 22:07:36 -05:00
Dan Fandrich
3ae2b6cd7f Update instances of some obsolete CURLOPTs to their new names 2014-07-05 22:47:13 +02:00
Dimitrios Siganos
22eb00f937 example: use correct type (long) for CURLOPT_FOLLOWLOCATION 2014-07-03 22:47:28 +02:00
Dimitrios Siganos
afbd5f978e Document type of argument for CURLOPT_FOLLOWLOCATION. 2014-07-03 22:44:45 +02:00
Dimitrios Siganos
7441c6d7af Document type of argument for CURLOPT_ERRORBUFFER. 2014-07-03 22:44:45 +02:00
Dimitrios Siganos
3e0443239a Document type of argument for CURLOPT_COPYPOSTFIELDS. 2014-07-03 22:44:45 +02:00
Dimitrios Siganos
8b8cc85d8d Document type of argument for CURLOPT_ADDRESS_SCOPE. 2014-07-03 22:44:45 +02:00
Daniel Stenberg
97db9fb653 curl.1: minor language fix
Bug: http://curl.haxx.se/mail/archive-2014-07/0006.html
2014-07-03 22:37:43 +02:00
Dan Fandrich
1c1d9a3a86 opts: fixed some CURLOPT references so they get turned into links 2014-07-02 21:40:39 +02:00
Dan Fandrich
46a886cd48 opts: Document the socket callback function parameters 2014-07-01 08:12:11 +02:00
Steve Holme
1b6bc02fb9 opts: Fixed some typos 2014-06-28 12:40:06 +01:00
Dan Fandrich
057cc2e915 curl_easy_setopt.3: fixed the error code for an unsupported option 2014-06-25 22:33:32 +02:00
Dan Fandrich
d8287ca8bc opts: added some DEFAULT and RETURN VALUE sections 2014-06-24 00:00:34 +02:00
Daniel Stenberg
cf1f8d4528 libcurl docs: man page edits
mainly to improve how the web versions render
2014-06-21 23:52:06 +02:00
Dan Fandrich
c66c2dd755 curl_easy_setopt.3: fixed some typos 2014-06-21 20:43:04 +02:00
Daniel Stenberg
c7e491f9c2 lib man pages: update easy setopt option references
... by using the "\fIopt(3)\fP" syntax they will be linked properly when
the web version of the page is generated.
2014-06-21 20:21:47 +02:00
Daniel Stenberg
7d618c477f opts: the CURLOPT_SSL_ENABLE_*PN options are enabled by default 2014-06-21 20:03:35 +02:00
Daniel Stenberg
ac5b6f8082 curl_easy_setopt.3: CURLOPT_POSTFIELDS is the exception
... to the always-copy-char *-argument.

And fix some minor mistakes.
2014-06-21 19:46:45 +02:00
Daniel Stenberg
ecacdb3430 curl_easy_setopt.3: refer to the individual man pages
With all the new individual option man pages created, this now refers to
each separate one instead of duplicaing the info. Also makes this page
easier to overview.
2014-06-21 15:45:50 +02:00
Dan Fandrich
d4cc9db64d opts: fixed mancheck for out-of-tree builds 2014-06-21 11:22:04 +02:00
Daniel Stenberg
31b28a0942 curl_easy_setopt.3: shorten
shorten descriptions, mostly refer to the separate descriptions
2014-06-21 00:04:13 +02:00
Daniel Stenberg
25a975408e CURLOPT_DNS_LOCAL_IP4.3: better short desc 2014-06-21 00:04:13 +02:00
Dan Fandrich
c088f29b98 opts: document CURLE_OUT_OF_MEMORY among other return values 2014-06-20 23:43:46 +02:00
Dan Fandrich
59d5b4ce06 opts: fixed some typos 2014-06-20 23:31:06 +02:00
Daniel Stenberg
68d1bea5fc opts: various corrections 2014-06-20 01:10:34 +02:00
Daniel Stenberg
662f749cec opts: add the rest of the options
... and fixed mancheck to ignore obsolete options
2014-06-20 01:02:49 +02:00
Daniel Stenberg
290e1bbe0d opts: the final bunch of options as man pages
Now all current options have their own man pages.
2014-06-20 00:58:18 +02:00
Daniel Stenberg
a6cd174b2e opts: 37 additional man pages 2014-06-19 17:59:13 +02:00
Daniel Stenberg
fede49532d CURLOPT_URL: move up the text from "Notes" 2014-06-19 15:11:49 +02:00
Daniel Stenberg
49078ae363 ROADMAP: removed, now ROADMAP.md 2014-06-19 15:11:28 +02:00
Daniel Stenberg
42d199b1f1 ROADMAP.md: make it markdown formatted 2014-06-19 14:16:14 +02:00
Daniel Stenberg
00d84a2f3e ROADMAP: initial commit of "curl the next few years"
To be further discussed, debated and edited
2014-06-19 14:08:12 +02:00
Daniel Stenberg
c31e6d223a opts: more man pages 2014-06-19 13:53:13 +02:00
Daniel Stenberg
47311e4c7e CURLOPT_UNRESTRICTED_AUTH.3: added missing 'T' 2014-06-19 08:40:51 +02:00
Daniel Stenberg
ba1d831cf1 opts: makefile now includes all current man pages 2014-06-19 00:08:18 +02:00
Daniel Stenberg
ae353b0b20 opts: 11 more man pages 2014-06-19 00:03:17 +02:00
Dan Fandrich
efbffa2fb7 opts: document CURLE_OUT_OF_MEMORY as RETURN VALUE 2014-06-18 23:28:13 +02:00
Dan Fandrich
479675f23e opts: fixed a couple of typos 2014-06-18 23:07:08 +02:00
Daniel Stenberg
8fab76e8f3 opts: 16 more man pages 2014-06-18 14:40:26 +02:00
Daniel Stenberg
c3954ffb25 opts: more man pages 2014-06-18 13:18:58 +02:00
Daniel Stenberg
38bf85fd61 CURLOPT_READFUNCTION.3: add short desc 2014-06-18 11:55:13 +02:00
Daniel Stenberg
de6b89262e CURLOPT_LOW_SPEED_LIMIT.3: language 2014-06-18 11:54:42 +02:00
Daniel Stenberg
e34bdc3187 opts: 4 more man pages 2014-06-18 11:45:22 +02:00
Daniel Stenberg
1a876a37cf opts: add all existing man pages to the dist 2014-06-18 10:18:00 +02:00
Daniel Stenberg
082d5300db libcurl build: use correct dir when cd'ing to opts for pdf building 2014-06-18 10:15:07 +02:00
Dan Fandrich
455bfedc84 opts: fixed a few typos 2014-06-18 00:54:30 +02:00
Daniel Stenberg
38d517fcd4 opts: 29 more options as man pages 2014-06-18 00:30:02 +02:00
Daniel Stenberg
0890bb6a51 opts: 9 more options as separate man pages 2014-06-17 18:04:40 +02:00
Daniel Stenberg
0042557598 opts: 3 more options as man pages 2014-06-17 16:48:16 +02:00
Daniel Stenberg
d865376c1d opts: 7 more setopt options as individual man pages 2014-06-17 11:39:26 +02:00
Daniel Stenberg
0219d4e04e opts template: provide a filled in error code phrase 2014-06-17 11:38:51 +02:00
Daniel Stenberg
c522c7ba88 CURLOPT_SOCKOPTFUNCTION.3: clarify return code 2014-06-17 10:10:13 +02:00
Daniel Stenberg
89a2178bc9 CURLOPT_WRITEDATA.3: move version info to AVAILABILITY 2014-06-17 10:02:14 +02:00
Daniel Stenberg
5d746fc98c opts: 4 more options with stand-alone man pages 2014-06-17 09:54:58 +02:00
Daniel Stenberg
d8aa360058 CURLOPT_READFUNCTION.3: see also the seekfunction 2014-06-17 09:54:40 +02:00
Daniel Stenberg
a6882a3a49 CURLOPT_IOCTLFUNCTION.3: fill in short desc 2014-06-17 08:12:14 +02:00
Dan Fandrich
4a2da38bed CURLOPT_READDATA.3: fixed typo 2014-06-17 00:47:25 +02:00
Daniel Stenberg
b56dff79ad opts: initial makefile
with a bonus first rough 'mancheck' target to see which man pages that
are still missing
2014-06-17 00:29:02 +02:00
Daniel Stenberg
e029243727 CURLOPT_IOCTLFUNCTION.3: initial man page 2014-06-17 00:15:41 +02:00
Daniel Stenberg
bb71f1aa25 CURLOPT_WRITEFUNCTION: changed the order of some sentences
First explain the data then describe what the callback should return.
2014-06-17 00:02:22 +02:00
Daniel Stenberg
b203377df7 CURLOPT_WRITEFUNCTION.3: improved language
Suggestions-by: Jeff Pohlmeyer
2014-06-16 23:55:30 +02:00
Daniel Stenberg
28b698858c opts docs: 3 more options in their own man pages 2014-06-16 23:01:12 +02:00
Daniel Stenberg
7ad9cb12b2 template: a template for adding new option man pages
Inludes all the sections to consider.
2014-06-16 22:16:13 +02:00
Daniel Stenberg
a5e498b543 CURLOPT_WRITEFUNCTION: add RETURN VALUE and DEFAULT sections 2014-06-16 22:01:08 +02:00
Daniel Stenberg
e810ddbb70 CURLOPT_WRITEFUNCTION: initial man page 2014-06-16 20:27:37 +02:00
Daniel Stenberg
0761f17560 CURLOPT_WILDCARDMATCH: initial man page 2014-06-16 20:27:28 +02:00
Daniel Stenberg
0795e5c8b9 CURLOPT_VERBOSE: initial man page 2014-06-16 20:27:18 +02:00
Daniel Stenberg
49b3c145ee CURLOPT_NOSIGNAL: initial man page 2014-06-16 20:27:07 +02:00
Daniel Stenberg
801a683007 CURLOPT_NOPROGRESS: initial man page 2014-06-16 20:26:53 +02:00
Daniel Stenberg
7e109995fd CURLOPT_HEADER: initial man page 2014-06-16 20:26:32 +02:00
Daniel Stenberg
5468a2122c KNOWN_BUGS: #83 was addressed with commit c50ce85918 2014-06-04 18:21:33 +00:00
Daniel Stenberg
c50ce85918 Curl_ossl_init: call OPENSSL_config for initing engines
Bug: http://curl.haxx.se/mail/lib-2014-06/0003.html
Reported-by: Дмитрий Фалько
2014-06-03 22:15:38 +02:00
Daniel Stenberg
d603ed6753 KNOWN_BUGS: #30 was fixed in 0bc4938eec, 7.37.0 2014-06-01 19:59:17 +02:00
Daniel Stenberg
9d85d4746b curl_version_info.3: returns a pointer to a static struct
And clarify that age 3 means 7.16.1 or later.
2014-05-26 11:53:49 +02:00
Daniel Stenberg
3b65aeda52 curl.1: clarify that -u can't specify a user with colon 2014-05-23 14:34:03 +02:00
Daniel Stenberg
3fed9acaef THANKS: 18 new contributors for 7.37.0 2014-05-20 23:42:47 +02:00
Steve Holme
905b63e433 INSTALL: Updated MSVC 6 caveats
To use an up to date download link as well as remove duplicate
information.
2014-05-19 10:34:05 +01:00