326 Commits

Author SHA1 Message Date
Daniel Stenberg
ce81cd21d3 I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made this
return code get used by the previous SSH MD5 fingerprint check in case it
fails.
2007-10-03 08:07:50 +00:00
Daniel Stenberg
51c6a5d43b Based on a patch brought by Johnny Luong, libcurl now offers
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.
2007-10-03 08:00:42 +00:00
Daniel Stenberg
30a39fe877 document --post301, based on the phrasing in curl_easy_setopt.3 for
CURLOPT_POST301 written by Philip Langdale
2007-10-02 09:57:48 +00:00
Daniel Stenberg
db1c92ceac Bad use of "its" replaceed with a rephrase. I noticed this flaw thanks to the
Debian bug report http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=443734
2007-09-24 10:56:26 +00:00
Daniel Stenberg
6c511abf43 --proxy-negotiate is added in 7.17.1 2007-09-21 11:53:56 +00:00
Daniel Stenberg
015d5869d7 Mark Davies fixed Negotiate authentication over proxy, and also introduced
the --proxy-negotiate command line option to allow a user to explicitly
select it.
2007-09-21 11:05:31 +00:00
Daniel Stenberg
8c3f40ee32 Rob Crittenden provided an NSS update with the following highlights:
o It looks for the NSS database first in the environment variable SSL_DIR,
  then in /etc/pki/nssdb, then it initializes with no database if neither of
  those exist.

o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
  loaded, including the ca-bundle. If it is not available then only
  certificates already in the NSS database are used.

o Tries to detect whether a file or nickname is being passed in so the right
  thing is done

o Added a bit of code to make the output more like the OpenSSL module,
  including displaying the certificate information when connecting in
  verbose mode

o Improved handling of certificate errors (expired, untrusted, etc)

The libnsspem.so PKCS#11 module is currently only available in Fedora
8/rawhide. Work will be done soon to upstream it. The NSS module will work
with or without it, all that changes is the source of the certificates and
keys.
2007-09-18 22:21:54 +00:00
Daniel Stenberg
4cf3ad07e5 --libcurl does not support -F 2007-08-23 14:33:08 +00:00
Dan Fandrich
000fdc6b99 Document pwd as an sftp quote command for curl(1), and show it as
lower case for consistency since sftp commands are case insensitive.
2007-07-20 17:29:43 +00:00
Daniel Stenberg
54967d2a3a Thomas J. Moore provided a patch that introduces Kerberos5 support in
libcurl. This also makes the options change name to --krb (from --krb4) and
CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still
2007-07-01 22:01:18 +00:00
James Housley
17798ed740 Update documentation to reflect SFTP's ability to create directories on
upload.  Some text provieded by Tom Regner
2007-06-13 15:02:34 +00:00
Dan Fandrich
ea43bb013b Added support for quote commands before a transfer using SFTP and test
case 614.
Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.
2007-05-15 00:28:50 +00:00
Dan Fandrich
b0a4c992e7 Added SFTP directory listing test case 613. 2007-05-14 22:03:42 +00:00
Dan Fandrich
4367e0513a Added the list of SFTP post-quote commands, and fixed a few typos. 2007-05-09 18:05:14 +00:00
Daniel Stenberg
a93af43974 - Song Ma's warning if -r/--range is given with a "bad" range, also noted in
the man page now.
2007-04-22 09:31:27 +00:00
Daniel Stenberg
56a5c49ac0 clarify a bit on the follow-redirect logic and when curl switches from POST
to GET on redirect
2007-04-22 08:05:40 +00:00
Dan Fandrich
0043e87014 Added --pubkey option to curl and made --key also work for SCP/SFTP,
plus made --pass work on an SSH private key as well.
2007-03-23 17:59:40 +00:00
Daniel Stenberg
dd433679e6 clarify that -K files are expected to have one option per line 2007-02-28 10:30:57 +00:00
Daniel Stenberg
e37973913d - Added warning outputs if the command line uses more than one of the options
-v, --trace and --trace-ascii, since it could really confuse the user.
  Clarified this fact in the man page.
2007-02-23 09:48:01 +00:00
Linus Nielsen Feltzing
2f5e99ca02 New FTP CCC functionality - adds passive and active mode to accomodate for different server behaviour 2007-02-20 22:02:11 +00:00
Daniel Stenberg
7f70dbcad5 Rob Crittenden added support for NSS (Network Security Service) for the
SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/
2007-02-12 22:32:37 +00:00
Daniel Stenberg
28b932fb4e - Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
to the debug callback.

- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
  CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
  internal decoding of content or transfer encoded content. This may be
  preferable in cases where you use libcurl for proxy purposes or similar. The
  command line tool got a --raw option to disable both at once.
2007-02-12 21:13:47 +00:00
Daniel Stenberg
dbdb7fa55a - Added the --libcurl [file] option to curl. Append this option to any
ordinary curl command line, and you will get a libcurl-using source code
  written to the file that does the equivalent operation of what your command
  line operation does!
2007-01-25 15:58:00 +00:00
Daniel Stenberg
4750e6f3c5 - Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
  will make libcurl shutdown SSL/TLS after the authentication is done on a
  FTP-SSL operation.
2007-01-05 23:11:14 +00:00
Daniel Stenberg
6fe932b255 minor syntax mistake 2006-12-14 18:20:46 +00:00
Daniel Stenberg
4dcd606b47 7.16.1 knows SFTP too 2006-12-06 10:07:12 +00:00
Daniel Stenberg
393ddd6e1f clarify --limit-rate somewhat: it might send away/receive chunks of date in
temporarily higher speeds than requested, but the given limiting is considered
"over time" and is an average
2006-12-06 09:52:04 +00:00
Daniel Stenberg
961ec228d4 SCP support added 2006-11-03 13:45:52 +00:00
Daniel Stenberg
cde5e35d9b Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
case when 401 or 407 are returned, *IF* no auth credentials have been given.
The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
and 407 cases when auth credentials is given, but we've now covered this
somewhat more.

You might get some amounts of headers transferred before this situation is
detected, like for when a "100-continue" is received as a response to a
POST/PUT and a 401 or 407 is received immediately afterwards.

Added test 281 to verify this change.
2006-10-25 20:40:14 +00:00
Daniel Stenberg
3c4f3a680a point out the sslcert web page for -k/--insecure 2006-10-12 08:52:20 +00:00
Daniel Stenberg
a40dcca794 changed the wording about removal of internal headers with -H 2006-10-09 14:54:11 +00:00
Daniel Stenberg
5e0d9aea32 Support for FTP third party transfers is now dropped 2006-09-30 20:31:11 +00:00
Daniel Stenberg
fe8aee6b08 eeep, tab completion error 2006-09-24 10:33:25 +00:00
Daniel Stenberg
0639e2a6e2 --ftp-ssl-control requires SSL/TLS, it does not "try" it 2006-09-24 10:30:40 +00:00
Daniel Stenberg
4c0936e72f minor edits 2006-09-23 20:46:07 +00:00
Daniel Stenberg
f7d31bb3e3 Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
encrypt the control connection and use the data connection "plain".
2006-09-23 19:37:23 +00:00
Dan Fandrich
b0d3ba76a0 -z works on FTP, too 2006-09-21 22:15:05 +00:00
Daniel Stenberg
ca5de26f50 lots of "HTTPS" features are really "SSL" ones as they are also valid for
FTPS
2006-09-20 13:09:27 +00:00
Daniel Stenberg
5de75eee56 PEM is default type for key and cert 2006-09-20 11:35:13 +00:00
Daniel Stenberg
29dc39fce1 - Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
handle that is part of a multi handle first removes the handle from the
  stack.

- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
  session-ID re-use on demand since there obviously are broken servers out
  there that misbehave with session-IDs used.
2006-09-11 17:18:18 +00:00
Daniel Stenberg
4d4151f6c1 David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
control and data connection, as the existing --ftp-ssl option only requests
it.
2006-07-26 23:20:47 +00:00
Daniel Stenberg
2527b53019 Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
tool option named --ftp-alternative-to-user. It provides a mean to send a
particular command if the normal USER/PASS approach fails.
2006-07-25 22:45:21 +00:00
Daniel Stenberg
55d22ba10c when mentioning the default config file, point back to the actual description
of how to write such a file
2006-06-16 07:27:06 +00:00
Daniel Stenberg
fb88723afc minor RFC updates, Dan Fandrich brought my attention to them 2006-05-25 11:15:25 +00:00
Daniel Stenberg
6ef7a81a3b updated with more error codes 2006-04-26 13:00:45 +00:00
Daniel Stenberg
598ffeea89 David McCreedy added CURLINFO_FTP_ENTRY_PATH to export the FTP entry path 2006-03-21 22:30:03 +00:00
Daniel Stenberg
938b5c886e slightly edited explanation for -f/--fail by the help of Kjell Ericson 2006-03-15 21:21:35 +00:00
Daniel Stenberg
bac52f3969 --ftp-method and CURLOPT_FTP_FILEMETHOD are now documented and usable 2006-03-14 00:05:15 +00:00
Daniel Stenberg
26f112ba55 added large chunk of blurb about the progress meter 2006-03-02 22:04:39 +00:00
Daniel Stenberg
a15d107dde Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
type to the already provided type CURLPROXY_SOCKS4.
I added a --socks4 option that works like the current --socks5 option but
instead use the socks4 protocol.
2006-02-21 07:46:41 +00:00