Compare commits

..

529 Commits

Author SHA1 Message Date
Daniel Stenberg
33c02d4771 RELEASE-NOTES: synced with 8373ca3641
One bug, one contributor. Getting ready for release.
2012-10-10 21:58:16 +02:00
Daniel Stenberg
8373ca3641 curl_multi_wait: no wait if no descriptors to wait for
This is a minor change in behavior after having been pointed out by Mark
Tully and discussed on the list. Initially this case would internally
call poll() with no sockets and a timeout which would equal a sleep for
that specified time.

Bug: http://curl.haxx.se/mail/lib-2012-10/0076.html
Reported by: Mark Tully
2012-10-09 22:19:49 +02:00
Daniel Stenberg
3644a35027 TODO-RELEASE: cleanup for 7.28.0
one issue is now KNOWN_BUG #79

the other we just skip since nobody is working on it or is planning to
start working on it anytime soon
2012-10-09 00:34:16 +02:00
Daniel Stenberg
542802af23 curl_multi_wait.3: style formatting mistake 2012-10-09 00:34:16 +02:00
Marc Hoersken
9547be37c2 ssluse.c: md5.h is required for Curl_ossl_md5sum 2012-10-08 18:48:54 +02:00
Daniel Stenberg
974d5d5921 curl_multi_wait.3: fix the name of the man page 2012-10-08 14:35:25 +02:00
Daniel Stenberg
211605f0c5 curl_multi_wait.3: renamed the last argument variable for clarity 2012-10-08 14:32:15 +02:00
Marc Hoersken
a5b6f91e8d curl_schannel.c: Fixed caching more data than required
Do not fill the decrypted data buffer with more data unless
required in order to return the requested amount of data.
2012-10-06 15:47:14 +02:00
Marc Hoersken
fbf3560886 curl_schannel: Removed buffer limit and optimized buffer strategy
Since there are servers that seem to return very big encrypted
data packages, we need to be able to handle those without having
an internal size limit. To avoid the buffer growing to fast to
early the initial size was decreased and the minimum free space
in the buffer was decreased as well.
2012-10-06 13:59:28 +02:00
Marc Hoersken
07593b2422 lib/socks.c: Merged two size variables into one 2012-10-04 21:27:46 +02:00
Marc Hoersken
cd423348d9 lib/socks.c: Avoid type conversions where possible
Streamlined variable names and types to avoid type conversions that
may result in data being lost on non 32-bit systems.
2012-10-04 20:17:49 +02:00
Marc Hoersken
90821c6202 lib/curl_schannel.c: Hide size_t conversion warning 2012-10-04 19:55:17 +02:00
Marc Hoersken
dee2ef8083 krb5/curl_rtmp.c: Hide size_t to int type conversion warning 2012-10-04 19:17:00 +02:00
Marc Hoersken
50a7d32af0 security.c: Aligned internal type to return type
Use ssize_t instead of int to avoid conversion problems on 64-bit
systems. Also added curlx_sztosi where necessary.
2012-10-04 19:16:59 +02:00
Marc Hoersken
a5c6ecba8d lib/curl_schannel: Increased maximum buffer size to factor 128 2012-10-03 18:15:41 +02:00
Marc Hoersken
7a53474f43 winbuild/MakefileBuild.vc: Follow up on 0c8ccf7 2012-10-03 16:56:35 +02:00
Daniel Stenberg
6b18f18b4c RELEASE-NOTES: synced with 971f5bcedd
9 new bug fixes, 5 changes, 6 more contributors
2012-10-02 10:39:51 +02:00
Daniel Stenberg
971f5bcedd multi_runsingle: CURLOPT_LOW_SPEED_* fix for rate limitation
During the periods of rate limitation, the speedcheck function wasn't
called and thus the values weren't updated accordingly and it would then
easily trigger wrongly once data got transferred again.

Also, the progress callback's return code was not acknowledged in this
state so it could make an "abort" return code to get ignored and not
have the documented effect of aborting an ongoing transfer.

Bug: http://curl.haxx.se/mail/lib-2012-09/0081.html
Reported by: Jie He
2012-10-02 00:16:20 +02:00
Tatsuhiro Tsujikawa
42bbc5ce10 tool_metalink.c: Filtered resource URLs by type
In Metalink v3, the type attribute of url element indicates the
type of the resource the URL points to. It can include URL to the
meta data, such as BitTorrent metainfo file.  In Curl, we are not
interested in these meta data URLs. Instead, we are only
interested in the HTTP and FTP URLs. This change filters out
non-HTTP and FTP URLs. If we don't filter out them, it will be
downloaded by curl and hash check will fail if hash is provided
and next URL will be tried. This change will cut this useless
network transfer.
2012-10-01 22:03:07 +02:00
Kamil Dudka
c01b6f4d09 https.c example: remember to call curl_global_init()
... in order not to leak memory on initializing an SSL library.

Reported by: Tomas Mlcoch
2012-10-01 11:23:51 +02:00
Daniel Stenberg
9da2c96039 FAQ: remove the date from the topmost line 2012-09-28 15:53:46 +02:00
Daniel Stenberg
e8ab9a0d27 FAQ: 5.16 I want a different time-out! 2012-09-28 15:50:18 +02:00
Daniel Stenberg
628c4e7af1 Curl_reconnect_request: clear pointer on failure
The Curl_reconnect_request() function could end up returning a pointer
to a free()d struct when Curl_done() failed inside. Clearing the pointer
unconditionally after Curl_done() avoids this risk.

Reported by: Ho-chi Chen
Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html
2012-09-28 13:57:41 +02:00
Daniel Stenberg
4ea7a65af7 CURLOPT_CONNECTTIMEOUT: works without signals or posix too! 2012-09-26 11:46:23 +02:00
Marc Hoersken
d89861f651 Makefile.vc6: Follow up on 0c8ccf7 2012-09-24 10:26:15 +02:00
Marc Hoersken
0c8ccf7207 Makefile.vc6: Added missing default library advapi32.lib 2012-09-23 10:18:47 +02:00
Daniel Stenberg
39dff07a27 HTTP_ONLY: disable more protocols 2012-09-19 11:03:34 +02:00
Daniel Stenberg
84e6c7a9e5 test2006: Updated expected output to include hash name
Output changed in commit a34197ef77
2012-09-18 00:14:34 +02:00
Sergei Nikulov
c1400f6f12 cmake: use standard findxxx modules for cmake v2.8+ 2012-09-17 23:22:09 +02:00
Sergei Nikulov
889038f668 setup.h: fixed for MS VC10 build
Bug: http://curl.haxx.se/bug/view.cgi?id=3568327
2012-09-17 23:21:31 +02:00
Daniel Stenberg
907a9d25e8 TODO-RELEASE: push new features to 7.29
Leave two bug fixes as possibly fixed for 7.28 but as nobody seems to be
working on them I have little hope...
2012-09-17 23:10:32 +02:00
Marc Hoersken
b3d72a95be metalink tests: Updated expected output to include hash name 2012-09-17 07:35:11 +02:00
Sara Golemon
b78944146a curl_multi_wait: Add parameter to return number of active sockets
Minor change to recently introduced function.  BC breaking, but since
curl_multi_wait() doesn't exist in any releases that should be fine.
2012-09-16 19:58:02 +02:00
Marc Hoersken
9b25b00fa3 socks.c: Fixed warning: conversion to 'int' from 'long unsigned int' 2012-09-14 16:01:19 +02:00
Marc Hoersken
ba41ecfa17 http_negotiate.c: Fxied warning: unused variable 'rc' 2012-09-14 15:50:24 +02:00
Marc Hoersken
1ab6c35363 ssh.c: Fixed warning: implicit conversion from enumeration type 2012-09-14 14:48:55 +02:00
Marc Hoersken
5162cb8ad6 socks.c: Check that IPv6 is enabled before using it's features 2012-09-14 08:12:07 +02:00
Marc Hoersken
8a2be299f4 checksrc: Fixed line length and comment indentation 2012-09-14 00:44:16 +02:00
Marc Hoersken
f73a27cadc socks.c: Updated error messages to handle hostname and IPv6 2012-09-14 00:14:46 +02:00
Marc Hoersken
f332f14102 socks.c: Added support for IPv6 connections through SOCKSv5 proxy 2012-09-14 00:14:38 +02:00
Daniel Stenberg
775cc1be66 parse_proxy: treat "socks://x" as a socks4 proxy
Selected socks proxy in Google's Chrome browser. Resulting in the
following environment variables:

NO_PROXY=localhost,127.0.0.0/8
ALL_PROXY=socks://localhost:1080/
all_proxy=socks://localhost:1080/
no_proxy=localhost,127.0.0.0/8

... and libcurl didn't treat 'socks://' as socks but instead picked HTTP
proxy.

Reported by: Scott Bailey

Bug: http://curl.haxx.se/bug/view.cgi?id=3566860
2012-09-13 22:57:38 +02:00
Kamil Dudka
f05e51362f ssh: do not crash if MD5 fingerprint is not provided by libssh2
The MD5 fingerprint cannot be computed when running in FIPS mode.
2012-09-12 16:49:10 +02:00
Kamil Dudka
ce515e993f ssh: move the fingerprint checking code to a separate fnc 2012-09-12 16:49:09 +02:00
Marc Hoersken
a34197ef77 tool_metalink.c: Added name of validation hash to messages
This makes it easier to debug broken hashes or hash functions.
2012-09-12 00:09:23 +02:00
Marc Hoersken
7f7e2ea72f wincrypt: Fixed cross-compilation issues caused by include name
For some reason WinCrypt.h is named wincrypt.h under MinGW.
2012-09-11 14:35:18 +02:00
Marc Hoersken
4d384a8714 md5.c: Added support for Microsoft Windows CryptoAPI 2012-09-11 14:12:41 +02:00
Marc Hoersken
c44e6741ce Makefile.m32: Updated to build against libmetalink 0.1.2
The include and library path were moved within libmetalink, this
patch adjusts the defaults provided within the curl MinGW makefile.
2012-09-11 13:37:37 +02:00
Marc Hoersken
94c3e0f702 tool_metalink.c: Added support for Microsoft Windows CryptoAPI
Since Metalink support requires a crypto library for hash functions
and Windows comes with the builtin CryptoAPI, this patch adds that
API as a fallback to the supported crypto libraries.
It is automatically used on Windows if no other library is provided.
2012-09-11 13:37:30 +02:00
Marc Hoersken
c8846c0907 libntlmconnect.c: Fixed typo and conversion 2012-09-11 12:58:08 +02:00
Marc Hoersken
f9da9a0edb libntlmconnect.c: Fixed warning: curl_easy_getinfo expects long pointer
Fixed tests/libtest/libntlmconnect.c:52: warning: call to
'_curl_easy_getinfo_err_long' declared with attribute warning:
curl_easy_getinfo expects a pointer to long for this info
2012-09-11 12:19:05 +02:00
Marc Hoersken
6372144be0 sws.c: Fixed warning: 'err' may be used uninitialized in this function 2012-09-11 11:48:27 +02:00
Marc Hoersken
ef753b710b libntlmconnect.c: Fixed warning: comparison of signed/unsigned integer
Windows does not use -1 to represent invalid sockets and the
SOCKET type is unsigned.
2012-09-11 11:02:09 +02:00
Marc Hoersken
e6ba048701 nss.c: Fixed warning: 'err' may be used uninitialized in this function 2012-09-11 09:49:23 +02:00
Marc Hoersken
71813f5e46 tool_metalink.c: Fixed error: 'O_BINARY' undeclared
Check for O_BINARY which is not available on every system.
2012-09-11 08:20:43 +02:00
Marc Hoersken
a6df3550cf tool_metalink.c: Fixed validation of binary files containing EOF
Since Windows/MinGW threat 0x1A as the EOF character, reading binary
files which contain that byte does not work using text mode.
The read function will only read until the first 0x1A byte. This
means that the hash is not computed from the whole file and the
final validation check using hash comparision fails.
2012-09-11 01:42:58 +02:00
Marc Hoersken
8a57b3c972 winbuild: Added support for building with SPNEGO enabled
Since Simple and Protected GSSAPI Negotiation Mechanism
is already implemented in curl and supported by the MinGW
builds, this change adds build support to winbuild makefiles.
2012-09-10 22:03:56 +02:00
Marc Hoersken
f665e5d130 winbuild: Adjusted order of options to generated config name
Cleaned up order of handled build options by ordering them
nearly alphabetically by using the order of the generated
config name. Preparation for future/more build options.
2012-09-10 21:56:39 +02:00
Anthony Bryan
fa4b4d2033 MANUAL: clarified user+password in HTTP URLs 2012-09-09 23:08:59 +02:00
Daniel Stenberg
a492632022 RELEASE-NOTES: synced with 6c6f1f64c2
6 bug fixes to mention, 5 contributors
2012-09-09 14:55:52 +02:00
Daniel Stenberg
6c6f1f64c2 TODO-RELEASE: CURLSSH_AUTH_AGENT and curl_multi_wait() are done
-321 - CURLSSH_AUTH_AGENT patch by Armel Asselin

-324 - curl_multi_select() vs curl_multi_fdvec() etc
2012-09-09 14:50:21 +02:00
Marc Hoersken
160312d945 curl_schannel.c: Reference count the credential/session handle
Reference counting the credential handle should avoid that such a
handle is freed while it is still required for connection shutdown
2012-09-09 12:36:54 +02:00
Nick Zitzmann
badb81769a darwinssl: fixed for older Mac OS X versions
SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat
2012-09-08 22:35:14 +02:00
David Blaikie
8b5d050267 tool_easysrc.c: Test pointers against NULL
While validating a new Clang diagnostic (-Wnon-literal-null-conversion -
yes, the name isn't quite correct in this case, but it suffices) I found
a few violations of it in Curl.
2012-09-06 21:00:26 +02:00
Daniel Stenberg
2e7d2c8f74 SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
Bug: http://curl.haxx.se/bug/view.cgi?id=3561305

Patch by: Marcel Raad
2012-09-06 20:51:30 +02:00
Daniel Stenberg
3a0b64489f mk-ca-bundle: detect start of trust section better
Each certificate section of the input certdata.txt file has a trust
section following it with details.

This script failed to detect the start of the trust for at least one
cert[*], which made the script continue pass that section into the next
one where it found an 'untrusted' marker and as a result that certficate
was not included in the output.

[*] = "Hellenic Academic and Research Institutions RootCA 2011"

Bug: http://curl.haxx.se/mail/lib-2012-09/0019.html
2012-09-04 23:21:15 +02:00
Alessandro Ghedini
ee3551e45e gnutls: do not fail on non-fatal handshake errors
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
2012-09-04 22:11:58 +02:00
Daniel Stenberg
1b0477a5a9 FILEFORMAT: the FTP commands work for more protocols 2012-09-04 19:41:09 +02:00
Daniel Stenberg
4ae2f77ba1 test1411: verify SMTP without SIZE support 2012-09-04 19:40:46 +02:00
František Kučera
0a0f3c63a6 SMTP: only send SIZE if supported
SMTP client will send SIZE parameter in MAIL FROM command only if server
supports it. Without this patch server might say "504 Command parameter
not implemented" and reject the message.

Bug: http://curl.haxx.se/bug/view.cgi?id=3564114
2012-09-04 16:54:41 +02:00
Daniel Stenberg
da0d15733c ftpserver: respond with a 250 to SMTP EHLO
... and specify that SIZE is supported. 250 is the "correct" response
code according to RFC 2821
2012-09-04 16:50:31 +02:00
Daniel Stenberg
cb2feb9def RELEASE-NOTES: synced with abb0da9193 2012-09-03 23:20:33 +02:00
Dan Fandrich
abb0da9193 Updated Symbian build files
This is untested, but at least Symbian still has a chance of
still working now.
2012-09-03 22:54:58 +02:00
Dan Fandrich
b6a141ea8a Updated build docs w.r.t. Android and binary sizes 2012-09-03 22:41:03 +02:00
Daniel Stenberg
ca84361e4b symbols-in-versions: new CURL_WAIT_* symbols 2012-09-01 23:53:15 +02:00
Sara Golemon
09d9dd8873 Unit test for curl_multi_wait() 2012-09-01 23:27:11 +02:00
Sara Golemon
925707c0f8 Manpage for curl_multi_wait(). 2012-09-01 23:19:40 +02:00
Sara Golemon
de24d7bd4c multi: add curl_multi_wait()
/*
 * Name:     curl_multi_wait()
 *
 * Desc:     Poll on all fds within a CURLM set as well as any
 *           additional fds passed to the function.
 *
 * Returns:  CURLMcode type, general multi error code.
 */
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
                                      struct curl_waitfd extra_fds[],
                                      unsigned int extra_nfds,
                                      int timeout_ms);
2012-09-01 23:10:53 +02:00
Nick Zitzmann
2f6e1a8cc3 darwinssl: Bugfix for previous commit for older cats
I accidentally broke functionality for versions of OS X prior to Mountain
Lion in the previous commit. This commit fixes the problems.
2012-09-01 20:24:05 +02:00
Joe Mason
40153716a3 Use MAX_EASY_HANDLES instead of hardcoding the number of handles twice 2012-09-01 20:21:30 +02:00
Daniel Stenberg
7735141e73 test2032: bail out after last transfer
The test would hang and get aborted with a "ABORTING TEST, since it
seems that it would have run forever." until I prevented that from
happening.

I also fixed the data file which got broken CRLF line endings when I
sucked down the path from Joe's repo == my fault.

Removed #37 from KNOWN_BUGS as this fix and test case verifies exactly
this.
2012-08-31 23:23:40 +02:00
Joe Mason
5ede86ae51 NTLM: re-use existing connection better
If we need an NTLM connection and one already exists, always choose that
one.
2012-08-31 22:54:23 +02:00
Joe Mason
3b7d31c1ed NTLM: verify multiple connections work
Add test2032 to test that NTLM does not switch connections in the middle
of the handshake
2012-08-31 22:53:17 +02:00
Daniel Stenberg
d4af0bb8f6 curl.1: list the -w variables sorted alphabetically 2012-08-28 10:43:12 +02:00
Daniel Stenberg
4eec66e479 libcurl-share.3: remove wrong info of what can be shared
"Currently you can only share DNS and/or COOKIE data" is incorrect since
also SSL sessions can be shared.

Bug: http://curl.haxx.se/bug/view.cgi?id=3562261
Reported by: Joe Mason
2012-08-27 23:51:40 +02:00
Dave Reisner
4c070de4fb examples: use do/while loop for multi examples
It's conceivable that after the first time curl_multi_perform returns,
the outvalue still_running will be 0, but work will have been done. This
is shown by a workload of small, purely file:// based URLs. Ensure that
we always read pending messages off the multi handle by forcing the
while loop to run at least once.
2012-08-27 15:10:13 +02:00
Daniel Stenberg
54faab69cb curl.h: fix comment to refer to current names
CURLOPT_USE_SSL should be set to CURLUSESSL_* and nothing else in modern
libcurl versions.
2012-08-27 14:50:53 +02:00
Daniel Stenberg
8136649e9d ftpsget: simple example showing a FTPS fetch 2012-08-27 14:50:09 +02:00
Daniel Stenberg
71358ddffd sftpget: SFTP is not "SSH FTP" 2012-08-27 14:42:56 +02:00
Armel Asselin
be5fbf7372 sftpget: example showing a simple SFTP download
... using SSH-agent
2012-08-27 14:34:15 +02:00
Daniel Stenberg
ba569a27cc curl_multi_perform.3: extended/clarified 2012-08-27 00:16:03 +02:00
Daniel Stenberg
0f76e492ae INSTALL.cmake: clarify some flaws/limits in the cmake build 2012-08-23 10:53:08 +02:00
Daniel Stenberg
a90492a083 https.c example: spell check used define
Bug: http://curl.haxx.se/bug/view.cgi?id=3559845
Reported by: Olivier Berger
2012-08-21 22:30:47 +02:00
Daniel Stenberg
f4b4365c19 configure: update the copyright years for the output 2012-08-19 00:18:34 +02:00
Nick Zitzmann
d792e75f2c darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
of SecureTransport functions, some of which we were using. We now check
to see if the replacement functions are present, and if so, we use them
instead.  The old functions are still present for users of older
cats. Also fixed a build warning that started to appear under Mountain
Lion
2012-08-18 20:36:45 +02:00
Daniel Stenberg
41a3bff3da curl_easy_setopt: documented CURLSOCKTYPE_ACCEPT for SOCKOPTFUNCTION 2012-08-16 23:34:23 +02:00
Gokhan Sengun
82b0aebef3 ftp: active conn, place calling sockopt callback at the end of function
Commit b91d29a28e170c16d65d956db79f2cd3a82372d2 introduces a bug and breaks Curl_closesocket function. sock_accepted flag for the second socket should be tagged as TRUE before the sockopt callback is called because in case the callback returns an error, Curl_closesocket function is going to call the - fclosesocket - callback for the accept()ed socket
2012-08-16 23:20:12 +02:00
Gokhan Sengun
23ef5e4ba2 ftp: active conn, allow application to set sockopt after accept() call
For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
2012-08-16 23:20:08 +02:00
Daniel Stenberg
44154e0733 configure: remove the --enable/disable-nonblocking options
Removing this option as it currently only functions to lure people into
wrongly using it and falsely believing that libcurl will work fine
without using nonblocking sockets internally - which leads to hard to
track or understand errors.
2012-08-16 19:24:33 +02:00
Ant Bryan
d22186bbbc MANUAL review 2012-08-15 00:38:14 +02:00
Daniel Stenberg
b8983aa309 curl.1: shorten lines, avoid referring to libcurl instead of curl 2012-08-10 10:54:38 +02:00
Ant Bryan
4dcde5aa3d curl.1: fix more consistent wording
"If this option is used several times, the last one will be used."
uniformity
2012-08-10 10:49:22 +02:00
Daniel Stenberg
99f0e45b61 ssh: use the libssh2 agent API conditionally
Commit e351972bc8 brought in the ssh agent support but some uses of
the libssh2 agent API was done unconditionally which wasn't good enough
since that API hasn't always been present.
2012-08-10 08:59:36 +02:00
Daniel Stenberg
7520f9f1c3 white space fix: shorten long line
... to please checksrc.pl
2012-08-10 08:59:36 +02:00
Kamil Dudka
f208bf5a2d docs: update the links to cipher-suites supported by NSS
... and make the list of cipher-suites in nss.c readable by humans.

Bug: http://curl.haxx.se/mail/archive-2012-08/0016.html
2012-08-09 16:24:53 +02:00
Kamil Dudka
52b6eda4f2 nss: do not print misleading NSS error codes 2012-08-09 13:33:49 +02:00
Daniel Stenberg
73342f0ee0 RELEASE-NOTES: synced with 0774386b23
5 more bug fixes, one change, 6 contributors
2012-08-08 23:19:05 +02:00
Armel Asselin
0774386b23 docs: mention CURLSSH_AUTH_AGENT 2012-08-08 23:03:11 +02:00
Armel Asselin
e351972bc8 SSH: added agent based authentication
CURLSSH_AUTH_AGENT is a new auth type for SSH
2012-08-08 23:03:10 +02:00
Daniel Stenberg
021e89b8c6 bump version to 7.28.0
I am about to merge the first patch that adds changes into the pending
release, and thus we bump the minor number.
2012-08-08 23:01:34 +02:00
Daniel Stenberg
4dd44d9c20 RELEASE-NOTES: added missing link 2012-08-08 23:01:14 +02:00
Daniel Stenberg
31f39120b7 curl_version: fixed Value stored to 'len' is never read
Fixed this (harmless) clang-analyzer warning. Also fixed the source
indentation level.
2012-08-08 14:58:09 +02:00
Daniel Stenberg
b9fb9c2380 TODO-RELEASE: the (nil) bug is fixed 2012-08-08 14:54:38 +02:00
Daniel Stenberg
14afbf361a add_next_timeout: minor restructure of code
By reading the ->head pointer and using that instead of the ->size
number to figure out if there's a list remaining we avoid the (false
positive) clang-analyzer warning that we might dereference of a null
pointer.
2012-08-08 14:50:32 +02:00
Daniel Stenberg
bf6dc61967 verbose messages: fixed output of hostnames in re-used connections
I suspect this is a regression introduced in commit 207cf150, included
since 7.24.0.

Avoid showing '(nil)' as hostname in verbose output by making sure the
hostname fixup function is called early enough to set the pointers that
are used for this. The name data is set again for each request even for
re-used connections to handle multiple hostnames over the same
connection (like with proxy) or that the casing etc of the host name is
changed between requests (which has proven to be important at least once
in the past).

Test1011 was modified to use a redirect with a re-used a connection
since it then showed the bug and now lo longer does. There's currently
no easy way to have the test suite detect 'nil' texts in verbose ouputs
so no tests will detect if this problem gets reintroduced.

Bug: http://curl.haxx.se/mail/lib-2012-07/0111.html
Reported by: Gisle Vanem
2012-08-08 13:57:56 +02:00
Nick Zitzmann
1de496cf0f metalink: Un-broke the build when building --with-darwinssl 2012-08-08 11:16:26 +02:00
Guenter Knauf
154fc29f58 Fix some compiler warnings. 2012-08-08 05:03:16 +02:00
Daniel Stenberg
52db6e370d TODO-RELEASE: two bugs fixed
These are now addressed:

323 - patch - select.c / Curl_socket_check() interrupted

325 - Avoid leak of local device string when reusing connection
2012-08-08 00:04:00 +02:00
Daniel Stenberg
672f24b1dc curl.1: minor format fix for --data-ascii
... and removal of trailing whitespace on a single line
2012-08-08 00:03:30 +02:00
Ant Bryan
2f02d825f1 curl man page cleanup 2012-08-07 23:49:34 +02:00
Mike Crowe
15108d6308 Avoid leak of local device string when reusing connection
Ensure that the copy of the CURLOPT_INTERFACE string is freed if we
decide we can reuse an existing connection.
2012-08-07 23:35:35 +02:00
Daniel Stenberg
c771968ab6 Curl_socket_check: fix timeout return value for select users
This is the same fix applied for the conditional code that uses select()
that was already done for the poll specific code in commit
b61e8b81f5.
2012-08-07 23:30:05 +02:00
Maxime Larocque
b61e8b81f5 Curl_socket_check: fix return code for timeout
We found a problem with ftp transfer using libcurl (7.23 and 7.25)
inside an application which is receiving unix signals (SIGUSR1,
SIGUSR2...) almost continuously. (Linux 2.4, PowerPC, HAVE_POLL_FINE
defined).

Curl_socket_check() uses poll() to wait for the socket, and retries it
when a signal is received (EINTR). However, if a signal is received and
it also happens that the timeout has been reached, Curl_socket_check()
returns -1 instead of 0 (indicating an error instead of a timeout).

In our case, the result is an aborted connection even before the ftp
banner is received from the server, and a return value of
CURLE_OUT_OF_MEMORY from curl_easy_perform() (Curl_pp_multi_statemach(),
in pingpong.c, actually returns OOM if Curl_socket_check() fails :-)
Funny to debug on a system on which OOM is a possible cause).

Bug: http://curl.haxx.se/mail/lib-2012-07/0122.html
2012-08-07 23:24:13 +02:00
Daniel Stenberg
77f72aa6c3 RELEASE-NOTES: synced with b4a558041f 2012-08-07 23:20:06 +02:00
Daniel Stenberg
b4a558041f TODO-RELEASE: fixed another bug
bug #3544688 "crash during retry with libcurl and SFTP"
2012-08-07 23:19:42 +02:00
Daniel Stenberg
8bad5f2a61 WSAPoll: disabled on all windows builds
Due to WSAPoll bugs, libcurl does not work as intended. When the cURL
library is used to setup a connection to an incorrect port, normally the
result is CURLE_COULDNT_CONNECT, /* 7 */, but due to the bug in WSAPoll,
the result now is CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was
reached */.

On August 1, Jan Koen Annot opened a case for this to Microsoft Premier
Online (https://premier.microsoft.com/).  The support engineer handling
the case wrote that the case description is quite clear.  He will try to
reproduce the issue and then proceed with troubleshooting it.

Reported by: Jan Koen Annot
Bug: http://curl.haxx.se/mail/lib-2012-07/0310.html
2012-08-07 20:47:31 +02:00
Daniel Stenberg
f0d611df9e retry request: only access the HTTP data if in fact HTTP
When figuring out if the data stream needs to be rewound when the
request is to be resent, we must not access the HTTP struct unless the
protocol used is indeed HTTP...

Bug: http://curl.haxx.se/bug/view.cgi?id=3544688
2012-08-07 14:55:19 +02:00
Daniel Stenberg
013d043d22 TODO: support DANE, we already support gnutls without gcrypt 2012-08-07 14:48:34 +02:00
Daniel Stenberg
382429e760 curl-config: parentheses fix
Braces, not parentheses, should be used for shell variable names.

Bug: http://curl.haxx.se/bug/view.cgi?id=3551460
Reported by: Edward Sheldrake
2012-08-07 14:13:09 +02:00
Daniel Stenberg
0b08491f83 VC build: add define for openssl
This fixes a build failure of lib/ssluse.c.

Bug: http://curl.haxx.se/bug/view.cgi?id=3552997
2012-08-07 13:57:13 +02:00
Daniel Stenberg
5fbf4e348c TODO-RELEASE: two bugs fixed! 2012-08-07 13:49:13 +02:00
Daniel Stenberg
73b1a965f7 globbing: fix segfault when >9 globs were used
Stupid lack of range checks caused the code to overwrite local variables
after glob number nine. Added checks now.

Bug: http://curl.haxx.se/bug/view.cgi?id=3546353
2012-08-07 13:45:59 +02:00
Joe Mason
42e4c34ff3 sws: close sockets properly
Fix a bug where closed sockets (fd -1) were left in the all_sockets
list, because of missing parens in a pointer arithmetic expression

Reenable the tests that were locking up due to this bug.
2012-08-07 00:28:21 +02:00
Joe Mason
0df14c8393 Remove debug logs that were accidentally checked in 2012-08-07 00:21:14 +02:00
Joe Mason
60a2ee88a5 Use select in sws, which has better cross-platform support than poll 2012-08-07 00:21:14 +02:00
Joe Mason
66a77a9b49 Use cross-platform curlx_nonblock instead of fcntl in sws 2012-08-07 00:21:14 +02:00
Daniel Stenberg
3b9103e4a6 operate: fix clang-analyzer warnings for never read variables
Two separate "Value stored to 'XXX' is never read" warnings
2012-08-06 23:59:28 +02:00
Daniel Stenberg
77c66e0247 operate: fix clang-analyzer warning
Value stored to 'separator' is never read
2012-08-06 23:32:49 +02:00
Daniel Stenberg
9f304291bd metalink: change code order to build with gnutls-nettle
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile
2012-08-06 22:39:13 +02:00
Daniel Stenberg
986c7949c0 gtls: fix build failure by including nettle-specific headers
Bug: http://curl.haxx.se/bug/view.cgi?id=3554668
Reported by: Anthony G. Basile
2012-08-06 15:04:25 +02:00
Guenter Knauf
69f5fe070d Fixed compiler warning - argument is type long. 2012-08-06 11:45:06 +02:00
Daniel Stenberg
5dedda1448 DISABLED: disable the new tests that do NTLM
The tests 2025, 2028 and 2031 don't work for me so I'll have them
disabled for now until we solve the problem.
2012-08-06 00:33:25 +02:00
Joe Mason
24c43e9d34 Add tests of auth retries 2012-08-03 17:01:54 -04:00
Joe Mason
50b87c4e68 Cleanup handshake after clean NTLM failure 2012-08-03 17:01:54 -04:00
Joe Mason
ce8311c7e4 Zero out auth structs before transfer 2012-08-03 17:01:02 -04:00
Joe Mason
674da8ae07 Add a polling loop in main to read from more than one socket at once. Add the O_NONBLOCK and
SO_KEEPALIVE flag to all sockets. Note that several loops which used to continue on a return value
of 0 (theoretical since 0 would never be returned without O_NONBLOCK) now break on 0 so that they
won't continue reading until after poll is called again.
2012-08-02 18:52:38 -04:00
Joe Mason
84490052d4 Change return values of get_request, accept_connection and service_connection to add a return code
for non-blocking sockets: now -1 means error or connection finished, 1 means data was read, and 0
means there is no data available now so need to wait for poll (new return value)
2012-08-02 18:52:31 -04:00
Joe Mason
19035292d0 Hoist the loop out of get_request, and make sure that it can be reentered when a request is
half-finished.

Note the the req struct used to be re-initialized AFTER reading pipeline data, so now that we
initialize it from the caller we must be careful not to overwrite the pipeline data.

Also we now need to handle the case where the buffer is already full when get_request is called -
previously this never happened as it was always called with an empty buffer and looped until done.

Now get_request is called in a loop, so the next step is to run the loop on a socket only when poll
signals it is readable.
2012-08-02 17:43:25 -04:00
Joe Mason
81656a8466 Move blocks of code from the sws main loop into their own functions for easier refactoring later.
The next step will be to call the correct function after a poll, rather than looping unconditionally
2012-08-02 17:43:15 -04:00
Joe Mason
76ba591957 Remove the --fork option of sws, since it makes refactoring to use poll more complicated and should
be redundant once we poll
2012-08-02 17:34:45 -04:00
Kamil Dudka
1f8518c5d9 file: use fdopen() for uploaded files if available
It eliminates noisy events when using inotify and fixes a TOCTOU issue.

Bug: https://bugzilla.redhat.com/844385
2012-07-30 15:04:38 +02:00
Guenter Knauf
a52857cb02 Added DWANT_IDN_PROTOTYPES define for MSVC too.
Discussion on the list: http://curl.haxx.se/mail/lib-2012-07/0271.html
2012-07-29 15:14:40 +02:00
Guenter Knauf
9e01625779 Added Win32 problems. 2012-07-29 14:30:52 +02:00
Guenter Knauf
6e1f867523 Added hint to read docs/INSTALL too. 2012-07-29 14:15:23 +02:00
Guenter Knauf
cd350e3829 Added new file to distro. 2012-07-29 13:16:58 +02:00
Steve Holme
0bededd7c5 TODO: Updated after 7.27.0 release
Removed APOP and SASL authentication from the POP3 section and metalink
support from the client section as these features were implemented in
this release.

Moved adding gssapi to SASL into it's own section rather than repeat it
for each protocol.
2012-07-28 11:46:50 +01:00
Daniel Stenberg
a797e9efdf TODO-RELEASE: updated after 7.27.0 release 2012-07-28 00:16:51 +02:00
Daniel Stenberg
27893c64f3 THANKS: 12 new contributors from the 7.27.0 release 2012-07-28 00:00:26 +02:00
Daniel Stenberg
dd4699c111 version bump: start towards next release
Let's call it 7.27.1 for now, but it it probably going to become 7.28.0
when released.
2012-07-27 23:57:27 +02:00
Guenter Knauf
11a7ac0d6a Fixed compiler warning 'unused parameter'. 2012-07-27 03:54:58 +02:00
Guenter Knauf
b13106339e Added prototypes to kill compiler warning. 2012-07-27 03:27:51 +02:00
Guenter Knauf
1b1c43a9fe Added --with-winidn to configure.
This needs another look from the configure experts. I tested that
it works so far with MinGW64 cross-compiler; libcurl builds and
links fine, but curl not yet ...
2012-07-27 03:19:21 +02:00
Ant Bryan
7b5c411f5c Update man page info on --metalink and typo. 2012-07-27 01:01:45 +02:00
Daniel Stenberg
7f9f94a1df RELEASE-NOTES: remove mentioned of bug never in a release
The --silent bug came with 7561a0fc83 which was never in a release.
Pointed out by Kamil Dudka
2012-07-27 00:31:15 +02:00
Daniel Stenberg
3b4d430cd8 RELEASE-NOTES: synced with 33b815e894
4 more bugfixes, 3 more contributors
2012-07-27 00:15:17 +02:00
Guenter Knauf
33b815e894 Changed Windows IDN text to 'WinIDN'.
Synced the output to the same short form as we now use for
Windows SSL (WinSSL).
2012-07-26 02:49:39 +02:00
Nick Zitzmann
f92779198d darwinssl: fixed freeze involving the multi interface
Previously the curl_multi interface would freeze if darwinssl was
enabled and at least one of the handles tried to connect to a Web site
using HTTPS. Removed the "wouldblock" state darwinssl was using because
I figured out a solution for our "would block but in which direction?"
dilemma.
2012-07-25 23:22:11 +02:00
Guenter Knauf
9ac5cdfc2f Added support for tls-srp to MinGW builds. 2012-07-25 13:16:22 +02:00
Daniel Stenberg
8a279d2275 curl_easy_setopt: fix typo
Reported by: Santhana Todatry
2012-07-24 00:29:39 +02:00
Daniel Stenberg
c0f8340c7c keepalive: multiply value for OS-specific units
DragonFly uses milliseconds, while our API and Linux use full seconds.

Reported by: John Marino
Bug: http://curl.haxx.se/bug/view.cgi?id=3546257
2012-07-22 22:42:42 +02:00
Kamil Dudka
d317ca50ae http: print reason phrase from HTTP status line on error
Bug: https://bugzilla.redhat.com/676596
2012-07-22 02:12:43 +02:00
Kamil Dudka
487406c3c0 tool_operate: fix misplaced initialization of orig_noprogress
... and orig_isatty which caused --silent to be entirely ignored in case
the standard output was redirected to a file!
2012-07-22 02:06:22 +02:00
Anton Yabchinskiy
2c7cfd2926 Client's "qop" value should not be quoted (RFC2617, section 3.2.2). 2012-07-21 22:21:17 +02:00
Guenter Knauf
c66f6e60fc Fixed typo. 2012-07-21 09:02:03 +02:00
Daniel Stenberg
b0735f3165 make: make distclean work again
The clean-local hook needed some polish to make sure make distclean
works. Added comment describing why.
2012-07-20 21:56:27 +02:00
Daniel Stenberg
1fc5a41447 test Makefile: only feature 'unit' once in the list of dirs 2012-07-20 21:56:27 +02:00
Dan Fandrich
cb787b70bf Fixed some typos in documentation 2012-07-20 21:02:58 +02:00
Guenter Knauf
0f15ed1617 Fixed CR issue with Win32 version on MSYS.
Previous fix didnt work on Linux ...
2012-07-20 17:22:10 +02:00
Guenter Knauf
5d80017fd6 Fixed CR issue with Win32 version on MSYS. 2012-07-20 15:39:28 +02:00
Guenter Knauf
e1711b0e9a Fixed MSYS <-> Windows path convertion.
Replaced the Windows real path from mount hack with a more
reliable and simpler hack: the MSYS shell has a builtin pwd
which understands a -W option which does convertion to Windows
paths. Tested and confirmed that this works on all MSYS versions
I have back to a 3 year old one.
2012-07-20 15:30:41 +02:00
Guenter Knauf
c27cc4cfe0 Follow-up fix to detect SSL libs with MinGW.
1) the check for winssl needs to come before nss check
2) the SSL checks must begin with a new if or else we will
never find any SSL lib with MinGW.
2012-07-19 16:31:08 +02:00
Guenter Knauf
dc470723b1 Tell git to not convert configure-related files. 2012-07-17 20:35:23 +02:00
Guenter Knauf
da2bde9d62 Trial to teach runtests.pl about WinSSL. 2012-07-17 07:13:58 +02:00
Guenter Knauf
13abfd997e Fixed warning 'uninitialized value in numeric gt'.
This is a MSYS/MinGW-only warning; full warning text is:
Use of uninitialized value in numeric gt (>) at ../../curl/tests/runtests.pl line 2227.
2012-07-17 06:55:38 +02:00
Daniel Stenberg
8276791749 RELEASE-NOTES: synced with 9d11716933
Fixed 6 bugs, added 3 contributors
2012-07-15 22:39:06 +02:00
Daniel Stenberg
9d11716933 multi_runsingle: added precaution against easy_conn NULL pointer
In many states the easy_conn pointer is referenced and just assumed to
be working. This is an added extra check since analyzing indicates
there's a risk we can end up in these states with a NULL pointer there.
2012-07-15 20:33:11 +02:00
Daniel Stenberg
ff318a6302 getparam: fix the GetStr() macro
It should return PARAM_NO_MEM if the strdup fails. Spotted by
clang-analyzer
2012-07-15 20:33:11 +02:00
Guenter Knauf
0e24c1e921 Tell git to not convert configure-related files. 2012-07-15 18:25:55 +02:00
Daniel Stenberg
9ca3137987 parse_proxy: remove dead assignment
Spotted by clang-analyzer
2012-07-13 14:28:12 +02:00
Daniel Stenberg
20ff8a0988 ftp_do_more: add missing check of return code
Spotted by clang-analyzer. The return code was never checked, just
stored.
2012-07-13 14:12:39 +02:00
Daniel Stenberg
771e91374b getinfo: use va_end and cut off Curl_ from static funcs
va_end() needs to be used after va_start() and we don't normally use
Curl_ prefixes for purely static functions.
2012-07-13 13:47:34 +02:00
Philip Craig
1a74e54e8b Split up Curl_getinfo
This avoids false positives from clang's scan-build.
2012-07-13 13:20:32 +02:00
Guenter Knauf
6e3802a2cf Added error checking for curl_global_init(). 2012-07-12 15:18:00 +02:00
Guenter Knauf
df5a47b819 Added curl_global_* functions. 2012-07-12 15:01:18 +02:00
Guenter Knauf
a39789c85c Minor fixes to MinGW makefiles. 2012-07-12 14:15:58 +02:00
Daniel Stenberg
b7298e49ae docs: mention CURL_GLOBAL_DEFAULT 2012-07-12 08:41:07 +02:00
Guenter Knauf
be795f90da Added curl_global_* functions. 2012-07-12 02:02:57 +02:00
Daniel Stenberg
1c4663bc42 tests: verify the stricter numeric option parser
Test 1409 and 1410 verifies the stricter numeric option parser
introduced the other day in commit f2b6ebed7b.
2012-07-12 00:32:23 +02:00
Daniel Stenberg
d759a70db8 SWS: use of uninitialized memory fix
I made "connmon" not get initialized properly before use, and I use the
big hammer and make sure we always clear the entire struct to avoid any
problem like this in the future.
2012-07-12 00:08:38 +02:00
Daniel Stenberg
1dcf4418ba test48: verify that HEAD doesn't close extra
Two commits ago, we fixed a bug where the connction would be closed
prematurely after a HEAD. Now I added connection-monitor to test 48 and
added a second HEAD and make sure that both are sent over the same
connection.

This triggered a failure before the bug fix and now works. Will help us
avoid a future regression of this kind.
2012-07-12 00:08:37 +02:00
Daniel Stenberg
685366006c connection-monitor: always log disconnect when enabled
This makes verifying easier and makes us more sure curl closes the
connection only at the correct point in time. Adjusted test 206 and 1008
accordingly and updated the docs for it.
2012-07-12 00:08:37 +02:00
Daniel Stenberg
85ce195f75 HEAD: don't force-close after response-headers
A HEAD response has no body length and gets the headers like the
corresponding GET would so it should not get closed after the response
based on the same rules. This mistake caused connections that did HEAD
to get closed too often without a valid reason.

Bug: http://curl.haxx.se/bug/view.cgi?id=3542731
Reported by: Eelco Dolstra
2012-07-12 00:08:37 +02:00
Guenter Knauf
18f8b7eb72 Removed trailing empty strings from awk script. 2012-07-12 00:07:01 +02:00
Guenter Knauf
0dc1e1e92e Cleaned up version awk script. 2012-07-11 23:23:19 +02:00
Guenter Knauf
0e1f107f83 Added project copyright header. 2012-07-11 21:59:20 +02:00
Guenter Knauf
dfe405076e Removed libcurl.imp from Makefile.am.
Updated .gitignore for NetWare created files.
2012-07-11 17:40:09 +02:00
Guenter Knauf
dce2e1aa0f Added missing dependency to export list. 2012-07-11 16:52:48 +02:00
Guenter Knauf
d8ce83e73a Fixed export list path. 2012-07-11 16:01:48 +02:00
Guenter Knauf
33eac5f7fd Changed NetWare build to generate export list. 2012-07-11 15:48:02 +02:00
Guenter Knauf
0025770a99 Added pointer to FAQ for linkage errors. 2012-07-11 12:58:54 +02:00
Guenter Knauf
d4bade7a4e Small NetWare makefile tweak. 2012-07-11 11:54:49 +02:00
Guenter Knauf
f9dfd7e4b7 Changed MinGW makefiles to use WINSSL now. 2012-07-11 11:33:08 +02:00
Daniel Stenberg
c7106b3eb7 test231: fix wrong -C use! 2012-07-10 23:20:05 +02:00
Daniel Stenberg
f2b6ebed7b cmdline: parse numerical options stricter
1 - str2offset() no longer accepts negative numbers since offsets are by
nature positive.

2 - introduced str2unum() for the command line parser that accepts
numericals which are not supposed to be negative, so that it will
properly complain on apparent bad uses and mistakes.

Bug: http://curl.haxx.se/mail/archive-2012-07/0013.html
2012-07-10 23:11:30 +02:00
Daniel Stenberg
e5843470e8 docs: switch to proper UTF-8 for text file encoding 2012-07-09 19:28:51 +02:00
Yang Tse
4ab2d26cb8 Make Curl_schannel_version() return "WinSSL"
Modification based on voting result:

http://curl.haxx.se/mail/lib-2012-07/0104.html
2012-07-09 15:28:16 +02:00
Daniel Stenberg
40cd996cc0 test 46: use different path lengths to get reliable sort order
Since the order of the cookies is sorted by the length of the paths,
having them on the same path length will make the test depend on what
order the qsort() implementation will put them. As seen in the
windows/msys output posted by Guenter in this posting:
http://curl.haxx.se/mail/lib-2012-07/0105.html
2012-07-09 15:25:54 +02:00
Daniel Stenberg
904346bf88 cookie: fixed typo in comment 2012-07-09 15:25:34 +02:00
Christian Hägele
c42ca3e73a https_getsock: provided for schannel backend as well
The function https_getsock was only implemented properly when USE_SSLEAY
or USE_GNUTLS is defined, but it is also necessary for USE_SCHANNEL.

The problem occurs when Curl_read_plain or Curl_write_plain returns
CURLE_AGAIN. In that case CURL_OK is returned to the multi-interface an
the used socket is set to state CURL_POLL_REMOVE and the easy-state is
set to CURLM_STATE_PROTOCONNECT. This is fine, because later the socket
should be set to CURL_POLL_IN or CURL_POLL_OUT via multi_getsock. That's
where https_getsock is called and doesn't return any sockets.
2012-07-09 13:55:23 +02:00
Daniel Stenberg
329be28d69 RELEASE-NOTES: added a URL reference to cookie docs 2012-07-09 13:11:44 +02:00
Guenter Knauf
9a158f1ef0 Removed obsolete include path to project root. 2012-07-08 18:06:15 +02:00
Daniel Stenberg
61c7af92f2 TODO-RELEASE: issue 316 NTLM over proxy is fixed 2012-07-08 15:48:46 +02:00
Nick Zitzmann
59c88da74d darwinssl: don't use arc4random_buf
Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the
function is not available prior to iOS 4.3 and OS X 10.7.
2012-07-08 15:42:36 +02:00
Daniel Stenberg
bce8bc203f KNOWN_BUGS: #80 Curl doesn't recognize certs in DER format 2012-07-08 15:37:52 +02:00
Daniel Stenberg
24af69a411 KNOWN_BUGS: #79 - any RCPT TO failure makes and error 2012-07-08 15:34:58 +02:00
Marc Hoersken
d7c9f2f63a winbuild: Aligned BUILD.WINDOWS.txt and Makefile.vc usage help 2012-07-08 10:41:53 +02:00
Marc Hoersken
d39bbcfa8d winbuild: Make USE_WINSSL depend on USE_SSPI
Since WinSSL cannot be build without SSPI being enabled,
USE_WINSSL now defaults to the value of USE_SSPI.

The makefile does now raise an error if WinSSL is enabled
while SSPI is disabled.
2012-07-07 23:30:37 +02:00
Marc Hoersken
86871577d9 winbuild: Aligned USE_SSPI with other USE_x defines
Renamed external parameter USE_SSPI = yes/no to ENABLE_SSPI = yes/no.
Backwards compatible change: USE_SSPI can still be passed as external
parameter with yes/no value as long as ENABLE_SSPI is not given.

USE_x defines are passed around with true/false values internally,
USE_SSPI is now aligned to this approach, but still accepts external
values yes/no being passed, just like the other defines.
2012-07-07 23:30:37 +02:00
Marc Hoersken
aeca33f96c winbuild: Clean up formatting and variable naming
- Changed space usage to line up with the whole file
- Renamed CFLAGS_SSPI/IPV6 to SSPI/IPV6_CFLAGS to be
  consistent with the other CFLAGS_x variables
- Make use of existing CFLAGS_IPV6 (previously IPV6_CFLAGS)
  instead of appending directly to CFLAGS
2012-07-07 23:30:36 +02:00
Nick Zitzmann
825fff880e darwinssl: output cipher with text, remove SNI warning
The code was printing a warning when SNI was set up successfully. Oops.

Printing the cipher number in verbose mode was something only TLS/SSL
programmers might understand, so I had it print the name of the cipher,
just like in the OpenSSL code. That'll be at least a little bit easier
to understand. The SecureTransport API doesn't have a method of getting
a string from a cipher like OpenSSL does, so I had to generate the
strings manually.
2012-07-07 22:37:52 +02:00
Daniel Stenberg
68e6b56a2a RELEASE-NOTES: synced with 5a99bce07d 2012-07-07 14:47:46 +02:00
Daniel Stenberg
5a99bce07d KNOWN_BUGS: NTLM with unicode works with schannel/winssl!
Bug #75 updated with additional info, still remains for builds with
other backends.
2012-07-07 14:38:50 +02:00
Daniel Stenberg
4ac56b9d9f code police: narrow source to < 80 columns 2012-07-06 00:19:41 +02:00
Yang Tse
b1f64d3a2a unicode NTLM SSPI: cleanup follow-up 2012-07-05 23:41:47 +02:00
Yang Tse
e77d867068 unicode NTLM SSPI: cleanup
Reduce the number of #ifdef UNICODE directives used in source files.
2012-07-05 22:18:11 +02:00
Daniel Stenberg
1b27bb446f tests: use connection-monitor and verify results
Test 1008 and 206 don't show the disconnect since it happens when SWS
awaits a new request, but 503 does and so the verify section needs that
string added.
2012-07-05 11:24:23 +02:00
Daniel Stenberg
ed7bfeee7a http-proxy: keep CONNECT connections alive (for NTLM)
When doing CONNECT requests, libcurl must make sure the connection is
alive as much as possible. NTLM requires it and it is generally good for
other cases as well.

NTLM over CONNECT requests has been broken since this regression I
introduced in my CONNECT cleanup commits that started with 41b0237834,
included since 7.25.0.

Bug: http://curl.haxx.se/bug/view.cgi?id=3538625
Reported by: Marcel Raad
2012-07-05 11:24:23 +02:00
Daniel Stenberg
176f7ea3bb sws: support <servercmd> for CONNECT requests
I moved out the servercmd parsing into a its own function called
parse_servercmd() and made sure it gets used also when the test number
is extracted from CONNECT requests. It turned out sws didn't do that
previously!
2012-07-05 11:24:23 +02:00
Daniel Stenberg
6398c8bba8 FILEFORMAT: provided a full description of connection-monitor 2012-07-05 11:24:23 +02:00
Daniel Stenberg
c5de48b56c lib503: enable verbose to ease debugging this 2012-07-05 11:24:23 +02:00
Daniel Stenberg
28dc509dde sws: add 'connection-monitor' command support
Using this, the server will output in the protocol log when the
connection gets disconnected and thus we will verify correctly in the
test cases that the connection doesn't get closed prematurely. This is
important for example NTLM to work.

Documentation added to FILEFORMAT, test 503 updated to use this.
2012-07-05 11:24:23 +02:00
Guenter Knauf
897cf5d117 Removed non-used variable. 2012-07-04 22:14:18 +02:00
Guenter Knauf
a3dbbcfd2a Added error checking for samples. 2012-07-04 17:03:52 +02:00
Guenter Knauf
6388ac7dc1 Renamed vars to avoid shadow global declaration. 2012-07-04 12:54:21 +02:00
Daniel Stenberg
304e24e211 docs: clarify how to start with curl_multi_socket_action
Mention the CURL_SOCKET_TIMEOUT argument in step 6 of the typical
application.
2012-07-03 17:18:36 +02:00
Guenter Knauf
6fb0ed88d6 Moved some patterns to subfolder's .gitignore. 2012-07-03 14:31:50 +02:00
Guenter Knauf
98ca62c2d6 Merge branch 'master' of ssh://github.com/bagder/curl 2012-07-03 13:01:17 +02:00
Guenter Knauf
1ba5712f88 MinGW makefile tweaks for running from sh.
Added function macros to make path converting easier.
Added CROSSPREFIX to all compile tools.
2012-07-03 12:56:41 +02:00
Marc Hoersken
1a97fd7b63 curl_ntlm_msgs.c: Removed unused variable passwd 2012-07-03 11:41:00 +02:00
Guenter Knauf
32b4896107 Added files generated by mingw32, eclipse and VC.
Posted by Marc Hoersken.
2012-07-03 11:36:24 +02:00
Daniel Stenberg
c75ece4442 cookies: change the URL in the cookie jar file header 2012-07-03 11:27:45 +02:00
Daniel Stenberg
016dabcf04 HTTP-COOKIES: clarified and modified layout 2012-07-03 11:10:41 +02:00
Daniel Stenberg
ae8f08ee59 HTTP-COOKIES: use the FAQ document layout 2012-07-03 10:54:46 +02:00
Daniel Stenberg
33ee67112f HTTP-COOKIES: added cookie documentation 2012-07-03 09:03:08 +02:00
Yang Tse
e0b9d3b2c9 curl_ntlm_msgs.c: include <tchar.h> for prototypes 2012-07-03 00:14:14 +02:00
Neil Bowers
33e19f881e testcurl.pl: fix missing semicolon 2012-07-02 23:25:30 +02:00
Christian Hägele
dd302206ad unicode NTLM SSPI: heap corruption fixed
When compiling libcurl with UNICODE defined and using unicode characters
in username.
2012-07-02 22:59:54 +02:00
Yang Tse
b3ebfc2b74 testcurl.pl: allow non in-tree c-ares enabled autobuild 2012-07-02 20:21:48 +02:00
Yang Tse
069b280f63 configure.ac: verify that libmetalink is new enough
Enabling test2017 to test2022.
2012-07-02 16:42:54 +02:00
Tatsuhiro Tsujikawa
89b431f60f curl: Added runtime version check for libmetalink 2012-07-02 16:28:01 +02:00
Tatsuhiro Tsujikawa
4e3320a679 Include metalink/metalink.h for libmetalink functions 2012-07-02 03:39:21 +02:00
Daniel Stenberg
39a72bbcd1 errors: CURLM_CALL_MULTI_PERFORM is not returned anymore 2012-07-02 00:10:59 +02:00
Daniel Stenberg
696ddf6f0a release: cleaned up plans for this and coming release 2012-07-01 20:09:35 +02:00
Yang Tse
60d5a16b99 curl-compilers.m4: remove -Wstrict-aliasing=3 from clang
Currently it is unknown if there is any version of clang that
actually supports -Wstrict-aliasing. What is known is that there
are several that don't support it.
2012-06-29 16:40:23 +02:00
Yang Tse
febd598597 test2017 to test2022: more metalink tests
With this commit, checks done in previous test2017 are now done in test2018.

Whole range test2017 to test2022 DISABLED until configure is capable of
requiring a new-enough metalink library.

Don't try these without mentioned check in place!
2012-06-29 16:09:55 +02:00
Yang Tse
7747136421 test2005 to test2016: improve failure detection 2012-06-29 15:44:50 +02:00
Yang Tse
dd707b746f lib582.c: fix conversion warning 2012-06-28 17:14:41 +02:00
Yang Tse
ac6111aeb0 nss.c: #include warnless.h for curlx_uztosi and curlx_uztoui prototypes 2012-06-28 16:58:07 +02:00
Marc Hoersken
c0f2bfb2c7 nss.c: Fixed size_t conversion warnings 2012-06-28 16:52:17 +02:00
Yang Tse
74552acaea sslgen.c: cleanup temporary compile-time SSL-backend check 2012-06-28 12:49:12 +02:00
Daniel Stenberg
5600879a1d schannel: provide two additional (dummy) API defines 2012-06-28 08:40:17 +02:00
Tatsuhiro Tsujikawa
bf4580d5fd Metalink: message updates
Print "parsing (...) OK" only when no warnings are generated.  If
no file is found in Metalink, treat it FAILED.

If no digest is provided, print WARNING in parse_metalink().
Also print validating FAILED after download.

These changes make tests 2012 to 2016 pass.
2012-06-28 00:26:16 +02:00
Daniel Stenberg
5439849246 sslgen: avoid compiler error in SSPI builds 2012-06-27 23:16:14 +02:00
Yang Tse
3bda1cef92 ssluse.c: fix compiler warning: conversion to 'int' from 'size_t'
Reported by Tatsuhiro Tsujikawa

http://curl.haxx.se/mail/lib-2012-06/0371.html
2012-06-27 19:06:43 +02:00
Yang Tse
e3014dcc01 sslgen.c: add compile-time check for SSL-backend completeness 2012-06-27 17:14:59 +02:00
Yang Tse
57d2732ccb build: add our standard includes to curl_darwinssl.c and curl_multibyte.c 2012-06-27 17:13:16 +02:00
Yang Tse
e6b2eb78a2 build: add curl_schannel and curl_darwinssl files to other build systems 2012-06-27 14:05:32 +02:00
Yang Tse
6c09ffaf46 tests: add five more Metalink test cases 2012-06-27 13:16:01 +02:00
Yang Tse
5ce9e7a0b7 tests: update Metalink message format 2012-06-27 13:16:00 +02:00
Tatsuhiro Tsujikawa
3e6dfe138a Metalink: updated message format 2012-06-27 13:15:59 +02:00
Nick Zitzmann
7aa95afadd DarwinSSL: allow using NTLM authentication
Allow NTLM authentication when building using SecureTransport (Darwin) for SSL.

This uses CommonCrypto, a cryptography library that ships with all versions of
iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few
less-common cyphers and doesn't have a big number data structure.
2012-06-27 11:57:31 +02:00
Yang Tse
dc7dc9786f curl_darwinssl.h: add newline at end of file 2012-06-27 10:55:54 +02:00
Daniel Stenberg
aed6db2cb9 ossl_seed: remove leftover RAND_screen check
Before commit 2dded8fedb (dec 2010) there was logic that used
RAND_screen() at times and now I remove the leftover #ifdef check for
it.

The seeding code that uses Curl_FormBoundary() in ossl_seed() is dubious
to keep since it hardly increases randomness but I fear I'll break
something if I remove it now...
2012-06-26 22:18:53 +02:00
Nick Zitzmann
3a4b28d473 DarwinSSL: several adjustments
- Renamed st_ function prefix to darwinssl_
- Renamed Curl_st_ function prefix to Curl_darwinssl_
- Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h
- Fixed a teensy little bug that made non-blocking connection attempts block
- Made it so that it builds cleanly against the iOS 5.1 SDK
2012-06-26 21:39:48 +02:00
Yang Tse
f1474db360 curl-compilers.m4: -Wstrict-aliasing=3 for warning enabled gcc and clang builds 2012-06-26 21:24:30 +02:00
Marc Hoersken
a8478fc8d3 sockaddr.h: Fixed dereferencing pointer breakin strict-aliasing
Fixed warning: dereferencing pointer does break strict-aliasing rules
by using a union inside the struct Curl_sockaddr_storage declaration.
2012-06-26 21:24:29 +02:00
Daniel Stenberg
849179ba27 SSL cleanup: use crypto functions through the sslgen layer
curl_ntlm_msgs.c would previously use an #ifdef maze and direct
SSL-library calls instead of using the SSL layer we have for this
purpose.
2012-06-26 19:40:36 +02:00
Nick Zitzmann
6d1ea388cb darwinssl: add support for native Mac OS X/iOS SSL 2012-06-26 14:04:15 +02:00
Daniel Stenberg
07e3ea7f26 RELEASE-NOTES: link to more metalink info 2012-06-25 23:03:52 +02:00
Daniel Stenberg
4afc33db8d RELEASE-NOTES: synced with d025af9bb5 2012-06-25 23:02:32 +02:00
Yang Tse
d025af9bb5 curl_schannel.c: Remove redundant NULL assignments following Curl_safefree() 2012-06-25 21:48:20 +02:00
Marc Hoersken
f99f02bb05 curl_schannel.c: Replace free() with Curl_safefree() 2012-06-25 21:34:31 +02:00
Tatsuhiro Tsujikawa
92c40ce190 curl.1: Updated Metalink description in man page
Documented that --include will be ignored if both --metalink
and --include are specified.
Also documented that a Metalink file in the local file system
cannot be used if FILE protocol is disabled.
2012-06-25 19:22:17 +02:00
Steve Holme
1eb74f94c4 DOCS: Added clarification to CURLOPT_CUSTOMREQUEST for the POP3 protocol
Bug: http://curl.haxx.se/mail/lib-2012-06/0302.html
Reported by: Nagai H
2012-06-24 23:23:30 +01:00
Steve Holme
a28cda3653 smtp: Corrected result code for MAIL, RCPT and DATA commands
Bug: http://curl.haxx.se/mail/lib-2012-06/0094.html
Reported by: Dan
2012-06-24 22:40:17 +01:00
Ghennadi Procopciuc
861e1ba604 test: Added test HTTP receive cookies over IPv6 2012-06-24 22:59:15 +02:00
Yang Tse
7731c34d79 tests: add another Metalink test case 2012-06-22 20:14:30 +02:00
Tatsuhiro Tsujikawa
14dc361433 tests: Enable test2010 and fixed hash value 2012-06-22 19:06:10 +02:00
Tatsuhiro Tsujikawa
7f59577fdd Metalink: ignore --include if --metalink is used.
Including headers in response body will break Metalink XML parser.
If it is included in the file described in Metalink XML, hash check
will fail. Therefore, --include should be ignored if --metalink is
used.
2012-06-22 18:58:30 +02:00
Yang Tse
b193ba8a02 tests: add six Metalink test cases 2012-06-21 18:32:31 +02:00
Yang Tse
53423673ca test 2005: add verification of hash checking outcome 2012-06-21 18:32:31 +02:00
Yang Tse
2f738c7f40 getpart.pm: remove misleading comment 2012-06-21 18:32:30 +02:00
Tatsuhiro Tsujikawa
aefb9196cf curl: Prefixed all Metalink related messages with "Metalink: " 2012-06-21 17:34:54 +02:00
Tatsuhiro Tsujikawa
7292486ec3 tests: Added Metalink test case # 2005 2012-06-21 04:16:53 +02:00
Tatsuhiro Tsujikawa
7561a0fc83 curl: Restore noprogress and isatty config values.
The noprogress and isatty in Configurable are global, in a sense
that they persist in one curl invocation. Currently once one
download writes its response data to tty, they are set to FALSE
and they are not restored on successive downloads.  This change
first backups the current noprogress and isatty, and restores
them when download does not write its data to tty.
2012-06-21 03:35:52 +02:00
Tatsuhiro Tsujikawa
196c8242ca curl: Made --metalink option toggle Metalink functionality
In this change, --metalink option no longer takes argument.  If
it is specified, given URIs are processed as Metalink XML file.
If given URIs are remote (e.g., http URI), curl downloads it
first. Regardless URI is local file (e.g., file URI scheme) or
remote, Metalink XML file is not written to local file system and
the received data is fed into Metalink XML parser directly.  This
means with --metalink option, filename related options like -O
and -o are ignored.

Usage examples:

$ curl --metalink http://example.org/foo.metalink

This will download foo.metalink and parse it and then download
the URI described there.

$ curl --metalink file://foo.metalink

This will parse local file foo.metalink and then download the URI
described there.
2012-06-21 03:35:23 +02:00
Tatsuhiro Tsujikawa
424bb35877 curl: Refactored metalink_checksum
When creating metalink_checksum from metalink_checksum_t, first
check hex digest is valid for the given hash function.  We do
this check in the order of digest_aliases so that first good
match will be chosen (strongest hash function available).  As a
result, the metalinkfile now only contains at most one
metalink_checksum because other entries are just redundant.
2012-06-21 03:34:37 +02:00
Gisle Vanem
08e0ad7b39 tool_doswin.c: fix djgpp function _use_lfn() used without a prototype
http://curl.haxx.se/mail/archive-2012-06/0028.html
2012-06-20 23:40:42 +02:00
Yang Tse
2ebb87f047 build: fix RESOURCE bug in lib/Makefile.vc*
Removed two, not intended to exist, RESOURCE declarations.

Bug: http://curl.haxx.se/bug/view.cgi?id=3535977

And sorted configuration hunks to reflect same internal order
as the one shown in the usage message.
2012-06-20 23:32:24 +02:00
Marc Hoersken
006b83798e schannel: Implement new buffer size strategy
Increase decrypted and encrypted cache buffers using limitted
doubling strategy. More information on the mailinglist:
http://curl.haxx.se/mail/lib-2012-06/0255.html

It updates the two remaining reallocations that have already been there
and fixes the other one to use the same "do we need to increase the
buffer"-condition as the other two.  CURL_SCHANNEL_BUFFER_STEP_SIZE was
renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it
is now.  Since we don't know how much more data we are going to read
during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the
minimum free space required in the buffer for the next operation.
CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since
we don't have a step size now, the define was renamed.
2012-06-20 22:59:03 +02:00
Yang Tse
293c9288b3 schannel SSL: fix compiler warning 2012-06-20 22:26:51 +02:00
Mark Salisbury
8f92e8be12 schannel SSL: fix for renegotiate problem
In schannel_connect_step2() doread should be initialized based
on connssl->connecting_state.
2012-06-20 20:32:14 +02:00
Tatsuhiro Tsujikawa
a3e3f8ffa0 runtests.pl: make it support metalink feature 2012-06-20 20:15:42 +02:00
Yang Tse
07086c9487 getpart.pm: make test definition section/part parser more robust
Test definition section parts which needed to include xml-lingo as contents
of that part required that the xml-blurb was written as a single line. Now the
xml-data inside the part can be written multiline making it more readable.

Tested with <client><file> part which is written to disk before <command> runs.
2012-06-20 20:14:53 +02:00
Daniel Stenberg
066811592d schannel_connect_step2: checksrc whitespace fix 2012-06-20 00:51:03 +02:00
Mark Salisbury
72a5813192 schannel SSL: changes in schannel_connect_step2
Process extra data buffer before returning from schannel_connect_step2.
Without this change I've seen WinCE hang when schannel_connect_step2
returns and calls Curl_socket_ready.

If the encrypted handshake does not fit in the intial buffer (seen with
large certificate chain), increasing the encrypted data buffer is necessary.

Fixed warning in curl_schannel.c line 1215.
2012-06-20 00:51:03 +02:00
Mark Salisbury
99b13f2741 config-win32ce.h: WinCE config adjustment
process.h is not present on WinCE
2012-06-20 00:49:49 +02:00
Mark Salisbury
a15378e073 schannel SSL: Made send method handle unexpected cases better
Implemented timeout loop in schannel_send while sending data.  This
is as close as I think we can get to write buffering; I put a big
comment in to explain my thinking.

With some committer adjustments
2012-06-20 00:16:40 +02:00
Marc Hoersken
7d2abe27dd curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer size 2012-06-19 22:54:58 +02:00
Mark Salisbury
64962b0218 schannel SSL: Use standard Curl read/write methods
Replaced calls to swrite with Curl_write_plain and calls to sread
with Curl_read_plain.

With some committer adjustments
2012-06-19 20:32:35 +02:00
Yang Tse
75dd191bdf schannel SSL: make wording of some trace messages better reflect reality 2012-06-19 20:32:19 +02:00
Marc Hoersken
e93e3bcb82 curl_schannel.h: Use BUFSIZE as the initial buffer size if available
Make the Schannel implementation use libcurl's default buffer size
for the initial received encrypted and decrypted data cache buffers.
The implementation still needs to handle more data since more data
might have already been received or decrypted during the handshake
or a read operation which needs to be cached for the next read.
2012-06-19 14:41:43 +02:00
Guenter Knauf
feaf8f9590 Fixed NetWare makefile broken from last commit. 2012-06-19 11:55:06 +02:00
Mark Salisbury
8a8829499d schannel SSL: Implemented SSL shutdown
curl_schannel.c - implemented graceful SSL shutdown.  If we fail to
shutdown the connection gracefully, I've seen schannel try to use a
session ID for future connects and the server aborts the connection
during the handshake.
2012-06-19 04:39:46 +02:00
Mark Salisbury
1e4c57fa64 schannel SSL: certificate validation on WinCE
curl_schannel.c - auto certificate validation doesn't seem to work
right on CE.  I added a method to perform the certificate validation
which uses CertGetCertificateChain and manually handles the result.
2012-06-19 04:39:45 +02:00
Mark Salisbury
29dd7192e6 schannel SSL: Added helper methods to simplify code
Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it
easier to set up SecBuffer & SecBufferDesc structs.
2012-06-19 04:39:44 +02:00
Guenter Knauf
705330c750 Some more NetWare makefile tweaks for metalink. 2012-06-18 23:19:35 +02:00
Yang Tse
599a2c1f1a tool_cb_see.c: WinCE build adjustment 2012-06-18 18:52:29 +02:00
Mark Salisbury
5a8649863c setup.h: WinCE build adjustment 2012-06-18 18:52:28 +02:00
Mark Salisbury
05f6f2497a ftplistparser.c: do not compile if FTP protocol is not enabled 2012-06-18 18:51:30 +02:00
Yang Tse
d56e8bcc8a Win32: downplay MS bazillion type synonyms game
Avoid usage of some MS type synonyms to allow compilation with
compiler headers that don't define these, using simpler synonyms.
2012-06-16 19:20:50 +02:00
Daniel Stenberg
220776de6b Curl_rtsp_parseheader: avoid useless malloc/free
Coverity actually pointed out flawed logic in the previous call to
Curl_strntoupper() where the code used sizeof() of a pointer to pass in
a size argument. That code still worked since it only needed to
uppercase 4 letters. Still, the entire malloc/uppercase/free sequence
was pointless since the code has already matched the string once in the
condition that starts the block of code.
2012-06-15 22:51:45 +02:00
Daniel Stenberg
3da2c0f6d2 curl_share_setopt: use va_end()
As spotted by Coverity, va_end() was not used previously. To make it
used I took away a bunch of return statements and made them into
assignments instead.
2012-06-15 22:37:19 +02:00
Yang Tse
ac3e356c95 SSPI related code: Unicode support for WinCE - kill compiler warnings 2012-06-15 21:50:57 +02:00
Mark Salisbury
a96fa00f38 SSPI related code: Unicode support for WinCE - commit 46480bb9 follow-up 2012-06-15 19:39:18 +02:00
Yang Tse
a5e0583cd3 build: add curl_multibyte files to build systems 2012-06-15 18:41:50 +02:00
Mark Salisbury
46480bb9a1 SSPI related code: Unicode support for WinCE
SSPI related code now compiles with ANSI and WCHAR versions of security
methods (WinCE requires WCHAR versions of methods).

Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file.

curl_sasl.c - include curl_memory.h to use correct memory functions.

getenv.c and telnet.c - WinCE compatibility fix

With some committer adjustments
2012-06-15 18:41:49 +02:00
Guenter Knauf
16c725dbc7 Fixed typo. 2012-06-15 02:25:09 +02:00
Yang Tse
0fd5dda99d winbuild/MakefileBuild.vc: convert line endings to DOS style
As per request on mailing list: http://curl.haxx.se/mail/lib-2012-06/0222.html
2012-06-14 19:19:18 +02:00
Marc Hoersken
9d8375c29b winbuild: Allow SSPI build with or without Schannel
The changes introduced in commit 2bfa57bc32 are not enough
to make it actually possible to use the USE_WINSSL option.
Makefile.vc was not updated and the configuration name which is
used in the build path did not match between both build files.

This patch fixes those issues and introduces the following changes:

- Replaced the -schannel name with -winssl in order to be consistent
with the other options
- Added ENABLE_WINSSL option to winbuild/Makefile.vc (default yes)
- Changed winbuild/MakefileBuild.vc to set USE_WINSSL to true if
USE_SSL is false and USE_WINSSL was not specified as a parameter
- Separated WINSSL handling from SSPI handling to be consistent with
the other options and their corresponding code path
2012-06-14 18:16:47 +02:00
Yang Tse
508dbb99aa curl.1: 7.27.0 seems next release 2012-06-14 18:10:29 +02:00
Yang Tse
42f0588ea8 schannel: fix printf-style format strings 2012-06-14 16:55:26 +02:00
Yang Tse
6085ca2aed Fix bad failf() and info() usage
Calls to failf() are not supposed to provide trailing newline.
Calls to infof() must provide trailing newline.

Fixed 30 or so strings.
2012-06-14 13:32:05 +02:00
Yang Tse
a8259945c4 schannel: fix unused parameter warnings 2012-06-14 12:12:54 +02:00
Yang Tse
3af5023a20 schannel: fix comparisons between signed and unsigned 2012-06-14 12:10:51 +02:00
Yang Tse
2bac074f08 schannel: fix discarding qualifier from pointer type 2012-06-14 12:05:48 +02:00
Yang Tse
d098cfd8c0 schannel: fix shadowing of global declarations 2012-06-14 11:53:46 +02:00
Yang Tse
b4b7f6828c schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarations 2012-06-14 11:34:12 +02:00
Gisle Vanem
0d0893f2b9 urldata.h: fix cyassl/openssl/ssl.h build clash with wincrypt.h
Building with CyaSSL failed compilation. Reason being that OCSP_REQUEST and
OCSP_RESPONSE are enum values in CyaSSL and defines in <wincrypt.h> included
via <winldap.h> in ldap.c.

http://curl.haxx.se/mail/lib-2012-06/0196.html
2012-06-14 01:51:51 +02:00
Yang Tse
2bfa57bc32 MakefileBuild.vc: Allow building without SSL
In order to use Windows native SSL support define 'USE_WINSSL'
2012-06-13 21:15:41 +02:00
Yang Tse
b276ac7691 configure: new option --with-winssl
This option may be used to build curl/libcurl using SSL/TLS support provided
by MS windows system libraries. Option is mutually exclusive with any other
SSL library. Default value is --without-winssl.

--with-winssl option implies --with-sspi option.

Option meaningful only for Windows builds.
2012-06-13 20:54:42 +02:00
Guenter Knauf
32ce7f19b2 Changed Schannel string to SSL-Windows-native.
This is more descriptive for the user who might
not even know what schannnel is at all.
2012-06-13 19:29:45 +02:00
Yang Tse
819afe46ee schannel: remove version number and identify its use with 'schannel' literal
Version number is removed in order to make this info consistent with
how we do it with other MS and Linux system libraries for which we don't
provide this info.

Identifier changed from 'WinSSPI' to 'schannel' given that this is the
actual provider of the SSL/TLS support. libcurl can still be built with
SSPI and without SCHANNEL support.
2012-06-13 16:42:48 +02:00
Daniel Stenberg
c13af84372 singlesocket: remove dead code
No need to check if 'entry' is non-NULL in a spot where it is already checked
and guaranteed to be non-NULL.

(Spotted by a Coverity scan)
2012-06-12 23:04:04 +02:00
Daniel Stenberg
47c1bf9e43 netrc: remove dead code
Remove two states from the enum and the corresponding code for them as
these states were never reached or used.

(Spotted by a Coverity scan)
2012-06-12 22:46:14 +02:00
Yang Tse
d95b8e0627 Revert "connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing"
This reverts commit 9c94236e6c.

It didn't server its purpose, so lets go back to long-time working code.
2012-06-12 13:12:09 +02:00
Yang Tse
1e8e6057ea socks_sspi.c: further cleanup 2012-06-12 12:34:52 +02:00
Marc Hoersken
38f05cea46 socks_sspi.c: Clean up and removal of obsolete minor status
Removed obsolete minor status variable and parameter of status function
which was never used or set at all. Also Curl_sspi_strerror does support
only one status and there is no need for a second sub status.
2012-06-12 11:52:42 +02:00
Guenter Knauf
7bf910482e Removed trailing whitespaces. 2012-06-12 05:36:08 +02:00
Yang Tse
b8edf5bbe9 strerror.c: make Curl_sspi_strerror() always return code for errors 2012-06-12 03:57:15 +02:00
Yang Tse
5e7a0fe73b curl_sspi.h: provide sspi status definitions missing in old headers 2012-06-12 03:56:24 +02:00
Yang Tse
746b80a210 sspi: make Curl_sspi_strerror() libcurl's sspi status code string function 2012-06-12 01:11:10 +02:00
Yang Tse
764a5e4a50 sspi: make Curl_sspi_strerror() libcurl's sspi status code string function 2012-06-12 01:06:48 +02:00
Daniel Stenberg
af0888aaf6 Revert: 634f7cfee4 partially
Make sure CURL_VERSION_SSPI is present and works as in previous releases
for ABI and API compatibility reasons.
2012-06-11 22:58:39 +02:00
Daniel Stenberg
9c18bb3702 checksrc: shorten a few lines to comply 2012-06-11 19:08:46 +02:00
Daniel Stenberg
c7cc914961 cleanup: remove trailing whitespace 2012-06-11 19:06:43 +02:00
Marc Hoersken
c45069bfbe winbuild: Removed WITH_SSL=schannel and tie schannel to SSPI
Removed specific WITH_SSL=schannel paramter that did not fit the general
schema and complicated the parameters. For now Schannel will be enabled
if SSPI is enabled and OpenSSL is disabled.
2012-06-11 19:04:49 +02:00
Steve Holme
9a51c11074 Makefile.vc6: Added version.lib if built with SSPI 2012-06-11 19:04:16 +02:00
Marc Hoersken
cb142cf217 winbuild: Updated winbuild scripts to add schannel 2012-06-11 19:03:14 +02:00
Marc Hoersken
7da6a9128b mingw32: Fixed warning of USE_SSL being redefined 2012-06-11 19:00:37 +02:00
Marc Hoersken
61d152384e sspi: Fixed incompatible parameter pointer type in Curl_sspi_version 2012-06-11 19:00:37 +02:00
Marc Hoersken
0c86ccc647 sspi: Updated RELEASE-NOTES, FEATURES and THANKS 2012-06-11 19:00:37 +02:00
Marc Hoersken
a92df2e007 setup.h: Automatically define USE_SSL if USE_SCHANNEL is defined 2012-06-11 19:00:36 +02:00
Marc Hoersken
634f7cfee4 version: Replaced SSPI feature information with version string details
Added Windows SSPI version information to the curl version string when
SCHANNEL SSL is not enabled, as the version of the library should also
be included when SSPI is used to generate security contexts.

Removed SSPI from the feature list as the features are GSS-Negotiate,
NTLM and SSL depending on the usage of the SSPI library.
2012-06-11 19:00:36 +02:00
Steve Holme
70d56bfe3c sspi.c: Post Curl_sspi_version() rework code tidy up
Removed duplicate blank lines.
Removed spaces between the not and test in various if statements.
Removed explicit test of NULL in an if statement.
Placed function returns on same line as function declarations.
Replaced the use of curl_maprintf() with aprintf() as it is the
preprocessor job to do this substitution if ENABLE_CURLX_PRINTF
is set.
2012-06-11 19:00:36 +02:00
Steve Holme
bd38ebc697 sspi: Reworked Curl_sspi_version() to return version components
Reworked the version function to return four version components rather
than a string that has to be freed by the caller.
2012-06-11 19:00:36 +02:00
Guenter Knauf
b15434e749 configure.ac: Added -lversion if built with SSPI 2012-06-11 19:00:36 +02:00
Marc Hoersken
7047e2ed72 schannel: Code cleanup and bug fixes
curl_sspi.c: Fixed mingw32-gcc compiler warnings
curl_sspi.c: Fixed length of error code hex output

The hex value was printed as signed 64-bit value on 64-bit systems:
SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322)

It is now correctly printed as the following:
SEC_E_WRONG_PRINCIPAL (0x80090322)

curl_sspi.c: Fallback to security function table version number
Instead of reporting an unknown version, the interface version is used.

curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version
curl_schannel: Replaced static buffer sizes with defined names
curl_schannel.c: First brace when declaring functions on column 0
curl_schannel.c: Put the pointer sign directly at variable name
curl_schannel.c: Use structs directly instead of typedef'ed structs
curl_schannel.c: Removed space before opening brace
curl_schannel.c: Fixed lines being longer than 80 chars
2012-06-11 19:00:35 +02:00
Marc Hoersken
c1311c2b8f curl_sspi: Added Curl_sspi_version function
Added new function to get SSPI version as string.
Added required library version.lib to makefiles.
Changed curl_schannel.c to use Curl_sspi_version.
2012-06-11 19:00:35 +02:00
Guenter Knauf
0bb5ff5d1a schannel: Updated mingw32 makefiles 2012-06-11 19:00:35 +02:00
Marc Hoersken
64dc957a41 schannel: Replace ASCII specific code with general defines 2012-06-11 19:00:35 +02:00
Marc Hoersken
3d3a3f9e7c schannel: Added definitions which are missing in mingw32 2012-06-11 19:00:34 +02:00
Marc Hoersken
8d78848a39 schannel: Moved interal struct types to urldata.h
Moved type definitions in order to avoid inclusion loop
2012-06-11 19:00:34 +02:00
Marc Hoersken
90412c8613 schannel: Fixed compiler warnings about pointer type assignments 2012-06-11 19:00:34 +02:00
Marc Hoersken
78729e76da schannel: Fixed critical typo in conditions and added buffer length checks 2012-06-11 19:00:34 +02:00
Marc Hoersken
f858bb0d1f sspi: Refactored socks_sspi and schannel to use same error message functions
Moved the error constant switch to curl_sspi.c and added two new helper
functions to curl_sspi.[ch] which either return the constant or a fully
translated message representing the SSPI security status.
Updated socks_sspi.c and curl_schannel.c to use the new functions.
2012-06-11 19:00:34 +02:00
Marc Hoersken
15ca80c831 schannel: Added special shutdown check for Windows 2000 Professional
Windows 2000 Professional:  Schannel returns SEC_E_OK instead
of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer
is zero and the first byte of the encrypted packet is 0x15,
the application can safely assume that the message was a
close_notify message and change the return value to
SEC_I_CONTEXT_EXPIRED.

Connection shutdown does not mean that there is no data to read
Correctly handle incomplete message and ask curl to re-read
Fixed buffer for decrypted being to small
Re-structured read condition to be more effective
Removed obsolete verbose messages
Changed memory reduction method to keep a minimum buffer of size 4096
2012-06-11 19:00:34 +02:00
Marc Hoersken
ec9e9f38b1 schannel: Implemented SSL/TLS renegotiation
Updated TODO information and added related MSDN articles
2012-06-11 19:00:34 +02:00
Marc Hoersken
46792af733 schannel: Save session credential handles in session cache 2012-06-11 19:00:34 +02:00
Marc Hoersken
445245ca85 schannel: Code cleanup 2012-06-11 19:00:34 +02:00
Marc Hoersken
f96f1f3165 schannel: Check for required context attributes 2012-06-11 19:00:34 +02:00
Marc Hoersken
bead90a837 schannel: Allow certificate and revocation checks being deactivated 2012-06-11 19:00:34 +02:00
Marc Hoersken
aaa42aa0d5 schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPI 2012-06-11 19:00:29 +02:00
Marc Hoersken
1f635608bb http: Replaced specific SSL libraries list in https_getsock fallback 2012-06-11 19:00:29 +02:00
Marc Hoersken
9c94236e6c connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing
Fixed warning: dereferencing pointer does break strict-aliasing rules
by using a union instead of separate pointer variables.
Internal union sockaddr_u could probably be moved to generic header.
Thanks to Paul Howarth for the hint about using unions for this.

Important for winbuild: Separate declaration of sockaddr_u pointer.
The pointer variable *sock cannot be declared and initialized right
after the union declaration. Therefore it has to be a separate statement.
2012-06-11 15:26:30 +02:00
Marc Hoersken
3f9ab7cf5d curl_ntlm_msgs.c: Fixed passwdlen not being used and recalculated 2012-06-11 14:47:23 +02:00
Yang Tse
63e9685470 tests: fix test definitions # 1355, 1363, 1385 and 1393
-i without HTTP protocol shall not include headers in the output
2012-06-11 13:56:40 +02:00
Daniel Stenberg
6cd084a3b5 Curl_pgrsDone: return int and acknowledge return code
Since Curl_pgrsDone() itself calls Curl_pgrsUpdate() which may return an
abort instruction or similar we need to return that info back and
subsequently properly handle return codes from Curl_pgrsDone() where
used.

(Spotted by a Coverity scan)
2012-06-10 23:40:35 +02:00
Marc Hoersken
72c7c1d64e winbuild: Fixed environment variables being lost
Fixed USE_IPV6 and USE_IDN not being passed
from Makefile.vc to MakefileBuild.vc
Fixed whitespace and formatting issues
Fixed typo and format in help message
2012-06-10 16:12:48 +01:00
Guenter Knauf
6ea32b8b76 Added metalink support to NetWare builds. 2012-06-09 23:10:47 +02:00
Steve Holme
1aaf86a596 smtp.c: Removed unused variable 2012-06-09 19:49:59 +01:00
Steve Holme
6188855b67 smtp: Post apop feature code tidy up 2012-06-09 19:22:29 +01:00
Steve Holme
a3660127a4 pop3: Post apop feature code tidy up 2012-06-09 19:21:44 +01:00
Steve Holme
c09c621af7 pop3: Added support for apop authentication 2012-06-09 13:49:37 +01:00
Steve Holme
4e430a8a16 pop3: Enhanced the extended authentication mechanism detection
Enhanced the authentication type / mechanism detection in preparation
for the introduction of APOP support.
2012-06-09 11:48:44 +01:00
Steve Holme
6478e1d7e5 pop3.c: Fixed length of SASL check 2012-06-09 11:08:08 +01:00
Yang Tse
a884ffe430 Fixes allowing 26 more test cases in 1334 to 1393 range to succeed 2012-06-09 05:49:49 +02:00
Yang Tse
c29d1f4e3a tests: fix test definitions # 1370 and 1371
-J without -O shall not honor C-D filename
2012-06-09 05:49:48 +02:00
Daniel Stenberg
674e53f40e OpenSSL: support longer certificate subject names
Previously it would use a 256 byte buffer and thus cut off very long
subject names. The limit is now upped to the receive buffer size, 16K.

Bug: http://curl.haxx.se/bug/view.cgi?id=3533045
Reported by: Anthony G. Basile
2012-06-09 00:06:54 +02:00
Kamil Dudka
68857e40d6 ssl: fix duplicated SSL handshake with multi interface and proxy
Bug: https://bugzilla.redhat.com/788526
Reported by: Enrico Scholz
2012-06-08 23:27:11 +02:00
Daniel Stenberg
dd576194ce tool_getparam.h: fix compiler error
forward declare the Configurable struct
2012-06-08 23:14:30 +02:00
Daniel Stenberg
870c99b7e7 metalink: restore some includes
Commit eeeba1496c removed them and thus broke my Linux build
2012-06-08 23:13:32 +02:00
Daniel Stenberg
e3f5e04cf0 openldap: OOM fixes
when calloc fails, return error! (Detected by Fortify)

Reported by: Robert B. Harris
2012-06-08 20:57:11 +02:00
Steve Holme
0cd8c287a4 sasl: Re-factored mechanism constants in preparation for APOP work 2012-06-08 19:52:28 +01:00
Yang Tse
eeeba1496c metalink: build fixes and adjustments II
Additionally, make hash checking ability mandatory in order to allow metalink
support in curl.

A command line option could be introduced to skip hash checking at runtime,
but the ability to check hashes should always be built-in when providing
metalink support.
2012-06-08 14:27:45 +02:00
Guenter Knauf
186b101deb Added metalink support to MinGW builds. 2012-06-08 14:16:43 +02:00
Daniel Stenberg
d2fc8b4a5f log2changes.pl: fix the Version output
Previously it could easily wrongly get repeated
2012-06-07 23:50:00 +02:00
Yang Tse
04ca9aecd1 metalink: build fixes and adjustments I 2012-06-07 23:50:12 +02:00
Daniel Stenberg
2e48139fbf lib554.c: use curl_formadd() properly
The length/size options take longs so make sure to pass on such types.

Reported by: Neil Bowers
Bug: http://curl.haxx.se/mail/lib-2012-06/0001.html
2012-06-07 23:10:40 +02:00
Steve Holme
0636af6131 smtp.c: Re-factored the smtp_state_*_resp() functions
Re-factored the smtp_state_*_resp() functions to 1) Match the constants
that were refactored in commit 00fddba672, 2) To be more readable and
3) To match their counterparties in pop3.c.
2012-06-07 22:06:01 +01:00
Yang Tse
7352ac408b Fixes allowing HTTP test cases 1338, 1339, 1368 and 1369 to succeed 2012-06-07 21:57:53 +02:00
Yang Tse
c41d959ee6 tests 1364 to 1393: several -o filename -J -i -D combinations for HTTP and FTP 2012-06-07 17:45:37 +02:00
Yang Tse
430791616b tests 1348 to 1363: test definition polishing
Verify that the "Saved to filename 'blabla'" message is only displayed when
the 'blabla' filename being used _actually_ has been specified by the server
in the Content-Disposition header.

Use relative path for unintended file creation postcheck.
2012-06-07 15:29:46 +02:00
Steve Holme
00fddba672 smtp: Re-factored the SMTP_AUTH* state machine constants
Re-factored the SMTP_AUTH* constants, that are used by the state
machine, to be clearer to read.
2012-06-06 20:14:52 +01:00
Guenter Knauf
eef4b3fcfc Added hint for pkg-config wrapper script. 2012-06-06 17:22:17 +02:00
Guenter Knauf
aaa1e7f9d4 Updated Android section with recent NDK.
The r7b had some bugs, and shouldnt be used.
2012-06-06 16:16:52 +02:00
Yang Tse
37550c16f9 Disable non-HTTP header related tests
These now detect incompleate header data and fail
2012-06-06 13:04:18 +02:00
Yang Tse
b1f2a680bd tests 1348 to 1363: compleate header data part of test definition 2012-06-06 12:59:52 +02:00
Yang Tse
2b56e4c1bb tests 1334 to 1363 revisited.
Add a postcheck section to verify unintended file creation.

Remove needless <file> checks in verify section. Renumbering where appropriate.
2012-06-05 20:20:40 +02:00
Yang Tse
62f374b19e tests: adjust file part behavior in test verify section.
When a <file> part is now specified with no contents at all, this
will actually verify that the specified file has no contents at all.
Previously file contents would be ignored.
2012-06-05 20:20:39 +02:00
Steve Holme
89b5680d81 smtp.c: Removed whitespace 2012-06-05 14:34:17 +01:00
Steve Holme
0f3c330ad8 pop3: Another small code tidy up
Missed some comments that we identified during the SMTP tidy up earlier.
2012-06-05 13:49:50 +01:00
Steve Holme
7157363ab4 smtp: Post authentication code tidy up
Corrected lines longer than 78 characters.

Removed unnecessary braces in smtp_state_helo_resp().

Introduced some comments in data sending functions.

Tidied up comments to match changes made in pop3.c.
2012-06-05 12:23:01 +01:00
Yang Tse
c5b66836a5 tests 1348 to 1363: add a comma in test description 2012-06-05 13:16:35 +02:00
Steve Holme
57e6336794 email: Removed duplicated header file 2012-06-05 11:18:07 +01:00
Steve Holme
64510fe917 sasl: Renamed Curl_sasl_decode_ntlm_type2_message()
For consistency with other SASL based functions renamed this function
to Curl_sasl_create_ntlm_type3_message() which better describes its
usage.
2012-06-04 22:25:45 +01:00
Steve Holme
38dfe52559 pop3: Post authentication code tidy up
Corrected lines longer than 78 characters.

Changed POP3_AUTH_FINAL to POP3_AUTH to match SMTP code now that the
AUTH command is no longer sent on its own.

Introduced some comments in data sending functions.

Another attempt at trying to rational code and comment style.
2012-06-04 22:15:51 +01:00
Steve Holme
7759d10f36 pop3: Added support for sasl digest-md5 authentication 2012-06-04 21:50:16 +01:00
Yang Tse
32ab3276ee sasl: add reference for curl_sasl 2012-06-04 22:51:00 +02:00
Yang Tse
74a7ee9973 Makefile.inc: tab adjustment 2012-06-04 22:50:59 +02:00
Daniel Stenberg
0c460e80ed pop3 tests: CAPA instead of AUTH
After Steve's commit e336bc7c42 test 1319 and 1407 need to check
for CAPA instead of AUTH.
2012-06-04 22:34:06 +02:00
Steve Holme
bf51b8c07a sasl: Added service parameter to Curl_sasl_create_digest_md5_message()
Added a service type parameter to Curl_sasl_create_digest_md5_message()
to allow the function to be used by different services rather than being
hard coded to "smtp".
2012-06-04 20:22:06 +01:00
Yang Tse
04a6f0a1a4 tests 1356 to 1363: several -O -J -i -D combinations with FTP protocol
Currently 1356 to 1362 succeed but a write failure is logged in traceNNNN.

Currently 1363 fails, so disabled for now.
2012-06-04 20:59:45 +02:00
Steve Holme
1fc89eb87f tests: Updated pop3 tests for change in auth mechanism detection 2012-06-04 19:41:56 +01:00
Steve Holme
e336bc7c42 pop3: Changed the sasl mechanism detection from auth to capa
Not all SASL enabled POP3 servers support the AUTH command on its own
when trying to detect the supported mechanisms. As such changed the
mechanism detection to use the CAPA command instead.
2012-06-04 19:09:45 +01:00
Daniel Stenberg
b511486fcd curl_easy_setopt.3: proto updates + cleanups
- For all *FUNCTION options, they now all show the complete prototype in
  the description. Previously some of them would just refer to a
  typedef'ed function pointer in the curl.h header.

- I made the phrasing of that "Pass a pointer to a function that matches
  the following prototype" the same for all *FUNCTION option descriptions.

- I removed some uses of 'should'. I think I sometimes over-use this
  word as in many places I actually mean MUST or otherwise more specific
  and not-so-optional synonyms.
2012-06-04 20:03:13 +02:00
Yang Tse
3bfff57e1f tests 1348 to 1355: several -O -J -i -D combinations with FTP protocol
Currently 1348 to 1354 succeed but a write failure is logged in traceNNNN.

Currently 1355 fails, so disabled for now.
2012-06-04 19:40:04 +02:00
Yang Tse
628e62a966 tests 1346 to 1347: several -O -J -i -D combinations with HTTP protocol 2012-06-04 18:56:28 +02:00
Steve Holme
f087211566 sasl: Small code tidy up
Reworked variable names in Curl_sasl_create_cram_md5_message() to match
those in Curl_sasl_create_digest_md5_message() as they are more
appropriate.
2012-06-04 11:02:03 +01:00
Steve Holme
665e16899c sasl: Moved digest-md5 authentication message creation from smtp.c
Moved the digest-md5 message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-06-04 10:53:18 +01:00
Steve Holme
58987556d5 sasl: Small code tidy up before moving digest-md5 over
Correction of comments and variable names.
2012-06-04 10:49:55 +01:00
Steve Holme
79c2af3082 RELEASE-NOTES: Added missing addition of sasl login support 2012-06-03 19:28:08 +01:00
Steve Holme
8c0bfd3e0c pop3: Added support for sasl cram-md5 authentication 2012-06-03 19:13:16 +01:00
Daniel Stenberg
24f127027b Curl_sasl_create_plain_message: remove TAB 2012-06-03 19:42:47 +02:00
Steve Holme
2b9ca12edf sasl: Small code tidy up
Added some comments and removed an unreferenced variable.
2012-06-03 18:24:35 +01:00
Steve Holme
3b8cf5bd14 pop3.c: Added conditional compilation for NTLM function calls
Added USE_NTLM condition compilation around the NTLM functions called
from pop3_statemach_act() introduced in commit 69f7156ad9.
2012-06-03 17:40:05 +01:00
Steve Holme
c12a414b21 sasl: Moved cram-md5 authentication message creation from smtp.c
Moved the cram-md5 message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-06-03 17:21:49 +01:00
Steve Holme
b5bb61ee69 pop3: Fixed an issue with changes introduced in commit c267c53017
Because pop3_endofresp() is called for each line of data yet is not
passed the line and line length, so we have to use the data pointed to
by pp->linestart_resp which contains the whole packet, the mechanisms
were being detected in one call yet the function would be called for
each line of data.

Using curl with verbose mode enabled would show that one line of data
would be received in response to the AUTH command, before the AUTH
<mechanism> command was sent to the server and then the next few lines
of the original AUTH command would be displayed before the response from
the AUTH <mechanism> command. This would then cause problems when
parsing the CRAM-MD5 challenge data as extra data was contained in the
buffer.

Changed the parsing so that each line is checked for the mechanisms
and the function returns FALSE until the whole of the AUTH response has
been processed.
2012-06-03 17:06:48 +01:00
Daniel Stenberg
69f01ec2d1 version: bump to 7.27.0 for next release
Due to new features
2012-06-03 13:52:25 +02:00
Daniel Stenberg
4cff10af69 RELEASE-NOTES: synced with c4e3578e4b
Also bumped the contributor number and next release is to become 7.27.0
2012-06-03 13:51:54 +02:00
Daniel Stenberg
c4e3578e4b THANKS: 16 new contributors from the 7.26.0 release 2012-06-03 13:43:44 +02:00
Steve Holme
797315044d DOCS: Fixed list in Section 18.2 not displaying correctly on web site 2012-06-03 01:17:21 +01:00
Steve Holme
08c128bd93 DOCS: Corrected missed heading renumbering from commit 530675a1ad 2012-06-03 01:13:36 +01:00
Steve Holme
530675a1ad DOCS: Added IMAP and LDAP sections
Added new sections 11. IMAP and 12. LDAP to document adding SASL based
authentication.

Renumbered current sections 11 to 17 as 13 to 19.

Additionally added 19.10 Add CURLOPT_MAIL_CLIENT option.
2012-06-03 01:00:45 +01:00
Steve Holme
273e9afcc8 sasl.c: Fix to avoid warnings introduced in commit d9ca9e9869
Applied a fix to avoid warnings on systems where Curl_ntlm_sspi_cleanup()
is just a nop.
2012-06-03 00:00:34 +01:00
Steve Holme
9c7016f560 pop3.c:Corrected typo in commit 69ba0da827 2012-06-02 23:12:07 +01:00
Steve Holme
69ba0da827 pop3: Fixed the issue of having to supply the user name for all requests
Previously it wasn't possible to connect to POP3 and not specify the
user name as a CURLE_ACCESS_DENIED error would be returned. This error
occurred because USER would be sent to the server with a blank user name
if no mailbox user was specified as the server would reply with -ERR.

This wasn't a problem prior to the 7.26.0 release but with the
introduction of custom commands the user and/or application developer
might want to issue a CAPA command without having to log in as a
specific mailbox user.

Additionally this fix won't send the newly introduced AUTH command if no
user name is specified.
2012-06-02 22:11:37 +01:00
Steve Holme
1fa2af5136 pop3.c: Small code tidy up
Corrected lines exceeding 78 characters.

Repositioned some comments and added extra clarity.
2012-06-02 21:38:55 +01:00
Steve Holme
cfa81b8fb0 sasl: Corrected variable names in comments and parameters 2012-06-02 14:03:55 +01:00
Steve Holme
69f7156ad9 pop3: Added support for sasl ntlm authentication 2012-06-02 11:55:58 +01:00
Steve Holme
6f964e4f06 sasl: Small comment style tidy up following ntlm commit 2012-06-02 11:09:59 +01:00
Steve Holme
d9ca9e9869 sasl: Moved ntlm authentication message handling from smtp.c
Moved the ntlm message creation and decoding from smtp.c into the sasl
module to allow for use by other modules such as pop3.
2012-06-02 11:07:58 +01:00
Steve Holme
2df6e6d9f8 pop3: Added support for sasl login authentication 2012-06-01 15:59:29 +01:00
Yang Tse
379efd62aa tests 1334 to 1345: several -O -J -i -D combinations with HTTP protocol 2012-06-01 05:48:26 +02:00
Yang Tse
00dd45720e tests: support test definitions with up to 5 file checks in <verify> section
This is done introducing tags <file1> to <file4> besides existing <file> one,
as well as corresponding <stripfile1> to <stripfile4> ones, that can be used
in the <verify> section in the same way as the non-numbered ones.
2012-06-01 05:37:00 +02:00
Steve Holme
54d484e136 sasl: Moved login authentication message creation from smtp.c
Moved the login message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-05-31 23:11:54 +01:00
Steve Holme
cb3d0ce2cb smtp.c: Reworked message encoding in smtp_state_authpasswd_resp()
Rather than encoding the password message itself the
smtp_state_authpasswd_resp() function now delegates the work to the same
function that smtp_state_authlogin_resp() and smtp_authenticate() use
when constructing the encoded user name.
2012-05-31 22:58:07 +01:00
Steve Holme
f86432b119 smtp.c: Re-factored smtp_auth_login_user() for use with passwords
In preparation for moving to the SASL module re-factored the
smtp_auth_login_user() function to smtp_auth_login() so that it can be
used for both user names and passwords as sending both of these under
the login authentication mechanism is the same.
2012-05-31 22:49:14 +01:00
Steve Holme
2c6d32b864 pop3: Added support for sasl plain text authentication 2012-05-31 20:45:53 +01:00
Steve Holme
3c14c524c5 curl_ntlm_msgs.c: Corrected small spelling mistake in comments 2012-05-30 20:56:37 +01:00
Steve Holme
8e860c1662 sasl: Moved plain text authentication message creation from smtp.c
Moved the plain text message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-05-30 20:52:52 +01:00
Yang Tse
c90acaa77a configure: fix LDAPS disabling related misplaced closing parenthesis 2012-05-30 17:40:13 +02:00
Yang Tse
b420f60a06 pop3 test server: allow pop3 test server verification to succeed again
Introduce SUPPORTCAPA and SUPPORTAUTH config commands to allow further
pop3 test server expansion for tests that require CAPA or AUTH support,
although this will need some extra work to make it fully functional.
2012-05-30 17:39:14 +02:00
Steve Holme
7291c1f565 pop3: Introduced the continue response in pop3_endofresp() 2012-05-28 21:29:01 +01:00
Steve Holme
3fa0fbb816 pop3: Changed response code from O and E to + and -
The POP3 protocol doesn't really have the concept of error codes and
uses +, +OK and -ERR in response to commands to indicate continue,
success and error.

The AUTH command is one of those commands that requires multiple pieces
of data to be sent to the server where the server will respond with + as
part of the handshaking. This meant changing the values before
continuing with the next stage of adding authentication support.
2012-05-28 20:59:10 +01:00
Steve Holme
a9d798c4d5 pop3: Small code tidy up following authentication work so far
Changed the order of the state machine to match the order of actual
events.

Reworked some comments and function parameter positioning that I missed
the other day.
2012-05-28 20:21:52 +01:00
Kamil Dudka
72f4b534c4 nss: use human-readable error messages provided by NSS
Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html
2012-05-28 11:24:24 +02:00
Daniel Stenberg
a03100c357 test1013.pl: filter out Metalink
Since it isn't a feature supported by curl-config we can't compare that
with the --version output
2012-05-27 23:43:23 +02:00
Daniel Stenberg
a7731673d0 pop3: remove variable-not-used warnings 2012-05-27 23:29:15 +02:00
Steve Holme
3124a8df93 DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH
Additionally corrected another RFC link that I missed yesterday.
2012-05-27 20:04:36 +01:00
Steve Holme
c267c53017 pop3: Added support for SASL based authentication mechanism detection
Added support for detecting the supported SASL authentication mechanisms
via the AUTH command. There are two ways of detecting them, either by
using the AUTH command, that will return -ERR if not supported or by
using the CAPA command which will return SASL and the list of mechanisms
if supported, not include SASL if SASL authentication is not supported
or -ERR if the CAPA command is not supported. As such it seems simpler
to use the AUTH command and fallback to normal clear text authentication
if the the command is not supported.

Additionally updated the test cases to return -ERR when the AUTH command
is encountered. Additional test cases will be added when support for the
individual authentication mechanisms is added.
2012-05-27 19:09:38 +01:00
Daniel Stenberg
dc454bd16b pop3: remove trailing whitespace 2012-05-27 14:08:46 +02:00
Steve Holme
c6495bccbf pop3: Code tidy up before the introduction of authentication code
Moved EOB definition into header file.

Switched the logic around in pop3_endofresp() to allow for the
introduction of auth-mechanism detection.

Repositioned second and third function variables where they will fit
within the 78 character line limit.

Tidied up some comments.
2012-05-27 10:54:13 +01:00
Guenter Knauf
f95f19e854 Enabled OpenSSL static linkage. 2012-05-27 07:26:48 +02:00
Guenter Knauf
ca8b4e9742 Enabled OpenSSL static linkage. 2012-05-27 07:16:45 +02:00
Guenter Knauf
cd4cf989bb Try to detect OpenSSL build type automatically. 2012-05-27 03:28:43 +02:00
Daniel Stenberg
6015b71c4e metalink: fix build errors when disabled 2012-05-26 23:20:23 +02:00
Tatsuhiro Tsujikawa
1bfd750f3f Reduced #ifdef HAVE_METALINK 2012-05-26 23:12:09 +02:00
Tatsuhiro Tsujikawa
7bdb9fba95 Disable hash check if neither OpenSSL nor GNUTLS is installed. 2012-05-26 23:12:02 +02:00
Tatsuhiro Tsujikawa
6927153703 Format GETOUT_METALINK nicely 2012-05-26 23:11:58 +02:00
Tatsuhiro Tsujikawa
6a655ca192 Minimize usage of structs from libmetalink 2012-05-26 23:11:52 +02:00
Tatsuhiro Tsujikawa
9f7f7925da Check checksum of downloaded file if checksum is available
Metalink file contains several hash types of checksums, such as
md5, sha-1, sha-256, etc. To deal with these checksums, I created
abstraction layer based on lib/curl_md5.h and
lib/md5.c. Basically, they are almost the same but I changed the
code so that it is not hash type dependent. Currently,
GNUTLS(nettle or gcrypt) and OpenSSL functions are supported.

Checksum checking is done by reopening download file.  If there
is an I/O error, the current implementation just prints error
message and does not try next resource.

In this patch, the supported hash types are: md5, sha-1 and sha-256.
2012-05-26 23:11:46 +02:00
Tatsuhiro Tsujikawa
c3ef63f167 Always create directory hierarchy for Metalink.
Filenames contained in Metalink file can include directory information.
Filenames are unique in Metalink file, taking into account the directory
information. So we need to create the directory hierarchy.

Curl has --create-dirs option, but we create directory hierarchy for
Metalink downloads regardless of the option value.

This patch also put metalink int variable outside of HAVE_LIBMETALINK
guard. This reduces the number of #ifdefs.
2012-05-26 23:11:40 +02:00
Tatsuhiro Tsujikawa
94eb132896 Fixed segmentation fault when Metalink has no valid file or no resource. 2012-05-26 23:11:14 +02:00
Tatsuhiro Tsujikawa
383641d70a Support media-type parameter in Content-Type 2012-05-26 23:11:06 +02:00
Tatsuhiro Tsujikawa
963bcde476 Print "Metalink" in Features if Metalink support is enabled. 2012-05-26 23:11:01 +02:00
Tatsuhiro Tsujikawa
dde279ed31 Removed trailing space 2012-05-26 23:10:56 +02:00
ant
89747794fe Add --metalink to --help 2012-05-26 23:10:53 +02:00
ant
462f10f824 Add Metalink information and --metalink option to man page 2012-05-26 23:10:25 +02:00
ant
8834448cc1 Add Metalink information and --metalink option to man page 2012-05-26 23:10:15 +02:00
ant
ee483aeca2 Adds Metalink information to INSTALL 2012-05-26 23:10:07 +02:00
Tatsuhiro Tsujikawa
fd17cd4d9c --metalink option is available regardless of Metalink support. 2012-05-26 23:09:57 +02:00
Tatsuhiro Tsujikawa
53f2c02ac7 metalink: parse downloaded Metalink file
Parse downloaded Metalink file and add downloads described there. Fixed
compile error without metalink support.
2012-05-26 23:09:37 +02:00
Tatsuhiro Tsujikawa
1919352a10 Fixed HAVE_LIBMETALINK conditional is always true 2012-05-26 23:09:24 +02:00
Tatsuhiro Tsujikawa
9f9f9ed1b2 metalink: minor metalinkfile fix
Don't update config->metalinkfile_last in operate(). Use local variable
to point to the current metalinkfile.
2012-05-26 23:08:56 +02:00
Tatsuhiro Tsujikawa
a0d7a26e32 metalink: show help message even if disabled
Print message if --metalink is used while metalink support is not
enabled. Migrated Metalink support in tool_operate.c and removed
operatemetalink().
2012-05-26 23:08:13 +02:00
Tatsuhiro Tsujikawa
bb1ce6cc0b Applied patches from Daniel 2012-05-26 23:07:53 +02:00
Tatsuhiro Tsujikawa
b5fdbe848b Support Metalink.
This change adds experimental Metalink support to curl.
To enable Metalink support, run configure with --with-libmetalink.
To feed Metalink file to curl, use --metalink option like this:

  $ curl -O --metalink foo.metalink

We use libmetalink to parse Metalink files.
2012-05-26 23:07:42 +02:00
Steve Holme
efb8471a69 DOCS: Fixed line spacing of authentication examples in CURLOPT_URL 2012-05-26 14:15:33 +01:00
Steve Holme
25c1b29226 DOCS: Changed domain names in various examples to example.com
Updated various references of real domain names to example.com as per
RFC-2606.
2012-05-26 14:05:45 +01:00
Steve Holme
2839c059b1 DOCS: Fixed meaning of bit 2 in CURLOPT_POSTREDIR
Setting bit 2 for this value was documented as having a constant value
defined as CURL_REDIR_POST_303 yet referenced a 302 request.

Additionally corrected the meaning of CURL_REDIR_POST_ALL for all three
bits and fixed problems with the bolding of keywords in this section.
2012-05-26 13:08:37 +01:00
Steve Holme
cb9e2e8466 DOCS: Standardised how RFCs are referenced.
Standardised how RFCs are referenced so that the website may autolink to
the correct documentation on ietf.org. Additionally removed the one link
to RFC3986 on curl.haxx.se.
2012-05-26 12:26:35 +01:00
Yang Tse
a379a4c163 Fix libcurl.pc and curl-config generation for static MingW* cross builds 2012-05-26 00:01:00 +02:00
Tatsuhiro Tsujikawa
b061fed981 Made -D option work with -O and -J.
To achieve this, first new structure HeaderData is defined to hold
necessary data to perform header-related work.  Then tool_header_cb now
receives HeaderData pointer as userdata.  All header-related work
(currently, dumping header and Content-Disposition inspection) are done
in this callback function.  HeaderData.outs->config is used to determine
whether each work is done.

Unit tests were also updated because after this change, curl code always
sets CURLOPT_HEADERFUNCTION and CURLOPT_HEADERDATA.

Tested with -O -J -D, -O -J -i and -O -J -D -i and all worked fine.
2012-05-25 23:06:08 +02:00
Steve Holme
9c480490f7 sasl: Re-factored auth-mechanism constants to be more generic 2012-05-25 21:58:17 +01:00
Steve Holme
978b808f7d smtp: Moved auth-mechanism constants into a separate header file
Move the SMTP_AUTH constants into a separate header file in
preparation for adding SASL based authentication to POP3 as the two
protocols will need to share them.
2012-05-25 21:49:25 +01:00
Kamil Dudka
74be993576 nss: avoid using explicit casts of code pointers 2012-05-25 13:35:23 +02:00
Steve Holme
4f3ec68dc7 DOCS: Added LDAP to the CURLOPT_URL section 2012-05-24 21:17:00 +01:00
Steve Holme
d220834f80 TODO: Removed DIGEST-MD5 authentication from SMTP to do list
Removed DIGEST-MD5 from Section 9.1 Other authentication mechanisms as
the feature was added to SMTP in 7.26.0.

Also corrected small spelling mistake.
2012-05-24 18:55:00 +01:00
Daniel Stenberg
244e966138 bump to 7.26.1: start working towards next release 2012-05-24 18:32:34 +02:00
340 changed files with 21257 additions and 3762 deletions

4
.gitattributes vendored
View File

@@ -1 +1,5 @@
*.dsw -crlf
buildconf eol=lf
configure.ac eol=lf
*.m4 eol=lf
*.in eol=lf

3
.gitignore vendored
View File

@@ -42,3 +42,6 @@ TAGS
*~
aclocal.m4.bak
CHANGES.dist
.project
.cproject
.settings

View File

@@ -1,5 +1,10 @@
# Google Android makefile for curl and libcurl
#
# This file can be used when building curl using the full Android source
# release or the NDK. Most users do not want or need to do this; please
# instead read the Android section in docs/INSTALL for alternate
# methods.
#
# Place the curl source (including this makefile) into external/curl/ in the
# Android source tree. Then build them with 'make curl' or just 'make libcurl'
# from the Android root. Tested with Android versions 1.5, 2.1-2.3

View File

@@ -2,6 +2,8 @@
# Adds OPENSSL_INCLUDE_DIRS and libeay32
include("${CMAKE_ROOT}/Modules/FindOpenSSL.cmake")
# starting 2.8 it is better to use standard modules
if(CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
# Bill Hoffman told that libeay32 is necessary for him:
find_library(SSL_LIBEAY NAMES libeay32)
@@ -12,7 +14,7 @@ if(OPENSSL_FOUND)
set(OPENSSL_FOUND FALSE)
endif()
endif()
endif() # if (CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
if(OPENSSL_FOUND)
set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIR})

View File

@@ -1,8 +1,10 @@
# Locate zlib
include("${CMAKE_ROOT}/Modules/FindZLIB.cmake")
# starting 2.8 it is better to use standard modules
if(CMAKE_MAJOR_VERSION EQUAL "2" AND CMAKE_MINOR_VERSION LESS "8")
find_library(ZLIB_LIBRARY_DEBUG NAMES zd zlibd zdlld zlib1d )
if(ZLIB_FOUND AND ZLIB_LIBRARY_DEBUG)
set( ZLIB_LIBRARIES optimized "${ZLIB_LIBRARY}" debug ${ZLIB_LIBRARY_DEBUG})
endif()
endif()

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -86,9 +86,13 @@ endif
examples:
@(cd docs/examples; $(MAKE) check)
# This is a hook to have 'make clean' also clean up the dosc and the tests
# dir. The extra check for the Makefiles being present is necessary because
# 'make distcheck' will make clean first in these directories _before_ it runs
# this hook.
clean-local:
@(cd tests; $(MAKE) clean)
@(cd docs; $(MAKE) clean)
@(if test -f tests/Makefile; then cd tests; $(MAKE) clean; fi)
@(if test -f docs/Makefile; then cd docs; $(MAKE) clean; fi)
#
# Build source and binary rpms. For rpm-3.0 and above, the ~/.rpmmacros

View File

@@ -1,54 +1,62 @@
Curl and libcurl 7.26.0
Curl and libcurl 7.28.0
Public curl releases: 127
Command line options: 151
Public curl releases: 129
Command line options: 152
curl_easy_setopt() options: 199
Public functions in libcurl: 58
Known libcurl bindings: 39
Contributors: 929
Contributors: 953
This release includes the following changes:
o nss: the minimal supported version of NSS bumped to 3.12.x
o nss: human-readable names are now provided for NSS errors if available
o add a manual page for mk-ca-bundle
o added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR
o smtp: Add support for DIGEST-MD5 authentication
o pop3: Added support for additional pop3 commands
o SSH: added agent based authentication
o ftp: active conn, allow application to set sockopt after accept() call
with CURLSOCKTYPE_ACCEPT
o multi: add curl_multi_wait() [12]
o metalink: Added support for Microsoft Windows CryptoAPI
o md5: Added support for Microsoft Windows CryptoAPI
o parse_proxy: treat "socks://x" as a socks4 proxy [17]
o socks: Added support for IPv6 connections through SOCKSv5 proxy
This release includes the following bugfixes:
o nss: libcurl now uses NSS_InitContext() to prevent collisions if available
[1]
o URL parse: reject numerical IPv6 addresses outside brackets [4]
o MD5: fix OOM memory leak [5]
o OpenSSL cert: provide more details when cert check fails
o HTTP: empty chunked POST ended up in two zero size chunks [6]
o fixed a regression when curl resolved to multiple addresses and the first
isn't supported [7]
o -# progress meter: avoid superfluous updates and duplicate lines [8]
o headers: surround GCC attribute names with double underscores [9]
o PolarSSL: correct return code for CRL matches
o PolarSSL: include version number in version string
o PolarSSL: add support for asynchronous connect
o mk-ca-bundle: revert the LWP usage [12]
o IPv6 cookie domain: get rid of the first bracket before the second
o connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
o OpenSSL: Made cert hostname check conform to RFC 6125 [10]
o HTTP: reset expected DL/UL sizes on redirects [11]
o CMake: fix Windows LDAP/LDAPS option handling [2]
o CMake: fix MS Visual Studio x64 unsigned long long literal suffix [3]
o configure: update detection logic of getaddrinfo() thread-safeness
o configure: check for gethostbyname in the watt lib
o curl-config.1: fix curl-config usage in example [13]
o smtp: Fixed non-escaping of dot character at beginning of line
o MakefileBuild.vc: use the correct IDN variable
o autoconf: improve handling of versioned symbols
o curl.1: clarify -x usage
o curl: shorten user-agent
o smtp: issue with the multi-interface always sending postdata [14]
o compile error with GnuTLS+Nettle fixed
o winbuild: fix IPv6 enabled build
o WSAPoll disabled on Windows builds due to its bugs [8]
o segfault on request retries [1]
o curl-config: parentheses fix [2]
o VC build: add define for openssl [3]
o globbing: fix segfault when >9 globs were used [4]
o fixed a few clang-analyzer warnings
o metalink: change code order to build with gnutls-nettle [5]
o gtls: fix build failure by including nettle-specific headers [5]
o change preferred HTTP auth on a handle previously used for another auth [9]
o file: use fdopen() to avoid race condition [6]
o Added DWANT_IDN_PROTOTYPES define for MSVC too [7]
o verbose: fixed (nil) output of hostnames in re-used connections [10]
o metalink: Un-broke the build when building --with-darwinssl
o curl man page cleanup
o Avoid leak of local device string when reusing connection
o Curl_socket_check: fix return code for timeout [11]
o nss: do not print misleading NSS error codes
o configure: remove the --enable/disable-nonblocking options
o darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
o NTLM: re-use existing connection better
o schannel crash on multi and easy handle cleanup
o SOCKS: truly disable it if CURL_DISABLE_PROXY is defined [13]
o mk-ca-bundle: detect start of trust section better [14]
o gnutls: do not fail on non-fatal handshake errors [15]
o SMTP: only send SIZE if supported [16]
o ftpserver: respond with a 250 to SMTP EHLO
o ssh: do not crash if MD5 fingerprint is not provided by libssh2
o winbuild: Added support for building with SPNEGO enabled
o metalink: Fixed validation of binary files containing EOF
o setup.h: fixed for MS VC10 build [18]
o cmake: use standard findxxx modules for cmake v2.8+
o HTTP_ONLY: disable more protocols [19]
o Curl_reconnect_request: clear pointer on failure [20]
o https.c example: remember to call curl_global_init()
o metalink: Filter resource URLs by type
o multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation [21]
o curl_schannel: Removed buffer limit and optimized buffer strategy
This release includes the following known bugs:
@@ -57,29 +65,35 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
Andrei Cipu, Armel Asselin, Benjamin Johnson, Dag Ekengren, Dave Reisner,
Gokhan Sengun, Guenter Knauf, Jan Schaumann, Jonathan Nieder, Kamil Dudka,
Lijo Antony, Olaf Flebbe, Rodrigo Silva, Steve Holme, Tatsuhiro Tsujikawa,
Tim Heckman, Yang Tse, Arnaud Compan, Blaise Potard, Daniel Theron,
Michael Mueller, Michael Wallner, Tim Heckman, Roman Mamedov, Julian Taylor,
Claes Jakobsson, Pierre Chapuis, Jan Ehrhardt
Guenter Knauf, Joe Mason, Kamil Dudka, Steve Holme, Anthony G. Basile,
Edward Sheldrake, Jan Koen Annot, Maxime Larocque, Mike Crowe, Anthony Bryan,
Nick Zitzmann, Gisle Vanem, Armel Asselin, Dan Fandrich, Dave Reisner,
Gokhan Sengun, Sara Golemon, Olivier Berger, Marc Hoersken, David Blaikie,
Alessandro Ghedini, František Kučera, Marcel Raad, Scott Bailey, Ho-chi Chen,
Tomas Mlcoch, Jie He, Tatsuhiro Tsujikawa, Sergei Nikulov, Mark Tully
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = https://bugzilla.redhat.com/738456
[2] = http://curl.haxx.se/mail/lib-2012-03/0278.html
[3] = http://curl.haxx.se/mail/lib-2012-03/0255.html
[4] = http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670126
[5] = http://curl.haxx.se/mail/lib-2012-04/0246.html
[6] = http://curl.haxx.se/mail/archive-2012-04/0060.html
[7] = http://curl.haxx.se/bug/view.cgi?id=3516508
[8] = http://curl.haxx.se/bug/view.cgi?id=3517418
[9] = http://curl.haxx.se/mail/lib-2012-04/0127.html
[10] = http://tools.ietf.org/html/rfc6125#section-6.4.3
[11] = http://curl.haxx.se/bug/view.cgi?id=3510057
[12] = http://curl.haxx.se/mail/lib-2012-03/0238.html
[13] = http://curl.haxx.se/bug/view.cgi?id=3528241
[14] = http://curl.haxx.se/mail/lib-2012-05/0108.html
[1] = http://curl.haxx.se/bug/view.cgi?id=3544688
[2] = http://curl.haxx.se/bug/view.cgi?id=3551460
[3] = http://curl.haxx.se/bug/view.cgi?id=3552997
[4] = http://curl.haxx.se/bug/view.cgi?id=3546353
[5] = http://curl.haxx.se/bug/view.cgi?id=3554668
[6] = https://bugzilla.redhat.com/844385
[7] = http://curl.haxx.se/mail/lib-2012-07/0271.html
[8] = http://curl.haxx.se/mail/lib-2012-07/0310.html
[9] = http://curl.haxx.se/bug/view.cgi?id=3545398
[10] = http://curl.haxx.se/mail/lib-2012-07/0111.html
[11] = http://curl.haxx.se/mail/lib-2012-07/0122.html
[12] = http://daniel.haxx.se/blog/2012/09/03/introducing-curl_multi_wait/
[13] = http://curl.haxx.se/bug/view.cgi?id=3561305
[14] = http://curl.haxx.se/mail/lib-2012-09/0019.html
[15] = http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685402
[16] = http://curl.haxx.se/bug/view.cgi?id=3564114
[17] = http://curl.haxx.se/bug/view.cgi?id=3566860
[18] = http://curl.haxx.se/bug/view.cgi?id=3568327
[19] = http://curl.haxx.se/mail/lib-2012-09/0127.html
[20] = http://curl.haxx.se/mail/lib-2012-09/0188.html
[21] = http://curl.haxx.se/mail/lib-2012-09/0081.html

View File

@@ -1,10 +1,14 @@
To be addressed in 7.27
To be addressed in 7.29
=======================
309 - metalink support for the curl tool
310 - a new authentication callback
311 - support for SSPI schannel for SSL on windows
312 - custom Content-Length appears in CONNECT, solve it by offering a
separate option to provide headers for the CONNECT request:
http://curl.haxx.se/mail/lib-2012-09/0059.html
312 -
317 - CURLINFO_SSL_TRUST to return SSL-specific data for a darwinssl build
322 - pipelining improvements
327 -

View File

@@ -30,7 +30,7 @@ XC_OVR_ZZ50
CURL_OVERRIDE_AUTOCONF
dnl configure script copyright
AC_COPYRIGHT([Copyright (c) 1998 - 2011 Daniel Stenberg, <daniel@haxx.se>
AC_COPYRIGHT([Copyright (c) 1998 - 2012 Daniel Stenberg, <daniel@haxx.se>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details])
@@ -145,7 +145,7 @@ AC_SUBST(PKGADD_VENDOR)
dnl
dnl initialize all the info variables
curl_ssl_msg="no (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls} )"
curl_ssl_msg="no (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl} )"
curl_ssh_msg="no (--with-libssh2)"
curl_zlib_msg="no (--with-zlib)"
curl_krb4_msg="no (--with-krb4*)"
@@ -154,7 +154,7 @@ dnl initialize all the info variables
curl_tls_srp_msg="no (--enable-tls-srp)"
curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
curl_ipv6_msg="no (--enable-ipv6)"
curl_idn_msg="no (--with-libidn)"
curl_idn_msg="no (--with-{libidn,winidn})"
curl_manual_msg="no (--enable-manual)"
curl_libcurl_msg="enabled (--disable-libcurl-option)"
curl_verbose_msg="enabled (--disable-verbose)"
@@ -163,6 +163,8 @@ curl_verbose_msg="enabled (--disable-verbose)"
curl_ldaps_msg="no (--enable-ldaps)"
curl_rtsp_msg="no (--enable-rtsp)"
curl_rtmp_msg="no (--with-librtmp)"
curl_mtlnk_msg="no (--with-libmetalink)"
init_ssl_msg=${curl_ssl_msg}
dnl
@@ -240,6 +242,7 @@ AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)
AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
use_cppflag_building_libcurl="no"
use_cppflag_curl_staticlib="no"
CPPFLAG_CURL_STATICLIB=""
case $host in
*-*-mingw*)
AC_MSG_RESULT(yes)
@@ -249,6 +252,7 @@ case $host in
then
AC_MSG_RESULT(yes)
use_cppflag_curl_staticlib="yes"
CPPFLAG_CURL_STATICLIB="-DCURL_STATICLIB"
else
AC_MSG_RESULT(no)
fi
@@ -259,6 +263,7 @@ case $host in
esac
AM_CONDITIONAL(USE_CPPFLAG_BUILDING_LIBCURL, test x$use_cppflag_building_libcurl = xyes)
AM_CONDITIONAL(USE_CPPFLAG_CURL_STATICLIB, test x$use_cppflag_curl_staticlib = xyes)
AC_SUBST(CPPFLAG_CURL_STATICLIB)
# Determine whether all dependent libraries must be specified when linking
if test "X$enable_shared" = "Xyes" -a "X$link_all_deplibs" = "Xno"
@@ -917,9 +922,9 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
AC_CHECK_LIB("$LDAPLIBNAME", ldap_init,, [
AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
AC_SUBST(CURL_DISABLE_LDAP, [1])])
AC_SUBST(CURL_DISABLE_LDAP, [1])
AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
AC_SUBST(CURL_DISABLE_LDAPS, [1])
AC_SUBST(CURL_DISABLE_LDAPS, [1])])
else
dnl Try to find the right ldap libraries for this system
CURL_CHECK_LIBS_LDAP
@@ -944,9 +949,9 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
AC_CHECK_LIB("$LBERLIBNAME", ber_free,, [
AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
AC_SUBST(CURL_DISABLE_LDAP, [1])])
AC_SUBST(CURL_DISABLE_LDAP, [1])
AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
AC_SUBST(CURL_DISABLE_LDAPS, [1])
AC_SUBST(CURL_DISABLE_LDAPS, [1])])
fi
fi
fi
@@ -1336,6 +1341,59 @@ else
CPPFLAGS="$save_CPPFLAGS"
fi
dnl -------------------------------------------------
dnl check winssl option before other SSL libraries
dnl -------------------------------------------------
OPT_WINSSL=no
AC_ARG_WITH(winssl,dnl
AC_HELP_STRING([--with-winssl],[enable Windows native SSL/TLS])
AC_HELP_STRING([--without-winssl], [disable Windows native SSL/TLS]),
OPT_WINSSL=$withval)
AC_MSG_CHECKING([whether to enable Windows native SSL/TLS (Windows native builds only)])
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$OPT_WINSSL" != "xno" &&
test "x$ac_cv_native_windows" = "xyes"; then
AC_MSG_RESULT(yes)
AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support])
AC_SUBST(USE_SCHANNEL, [1])
curl_ssl_msg="enabled (Windows-native)"
WINSSL_ENABLED=1
# --with-winssl implies --enable-sspi
AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support])
AC_SUBST(USE_WINDOWS_SSPI, [1])
curl_sspi_msg="enabled"
else
AC_MSG_RESULT(no)
fi
else
AC_MSG_RESULT(no)
fi
OPT_DARWINSSL=no
AC_ARG_WITH(darwinssl,dnl
AC_HELP_STRING([--with-darwinssl],[enable iOS/Mac OS X native SSL/TLS])
AC_HELP_STRING([--without-darwinssl], [disable iOS/Mac OS X native SSL/TLS]),
OPT_DARWINSSL=$withval)
AC_MSG_CHECKING([whether to enable iOS/Mac OS X native SSL/TLS])
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$OPT_DARWINSSL" != "xno" &&
test -d "/System/Library/Frameworks/Security.framework"; then
AC_MSG_RESULT(yes)
AC_DEFINE(USE_DARWINSSL, 1, [to enable iOS/Mac OS X native SSL/TLS support])
AC_SUBST(USE_DARWINSSL, [1])
curl_ssl_msg="enabled (iOS/Mac OS X-native)"
DARWINSSL_ENABLED=1
LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
else
AC_MSG_RESULT(no)
fi
else
AC_MSG_RESULT(no)
fi
dnl **********************************************************************
dnl Check for the presence of SSL libraries and headers
dnl **********************************************************************
@@ -1349,7 +1407,7 @@ AC_HELP_STRING([--with-ssl=PATH],[Where to look for OpenSSL, PATH points to the
AC_HELP_STRING([--without-ssl], [disable OpenSSL]),
OPT_SSL=$withval)
if test X"$OPT_SSL" != Xno; then
if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
dnl backup the pre-ssl variables
CLEANLDFLAGS="$LDFLAGS"
CLEANCPPFLAGS="$CPPFLAGS"
@@ -1736,7 +1794,7 @@ AC_HELP_STRING([--with-gnutls=PATH],[where to look for GnuTLS, PATH points to th
AC_HELP_STRING([--without-gnutls], [disable GnuTLS detection]),
OPT_GNUTLS=$withval)
if test "$OPENSSL_ENABLED" != "1"; then
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test X"$OPT_GNUTLS" != Xno; then
@@ -1832,7 +1890,7 @@ if test "$OPENSSL_ENABLED" != "1"; then
fi dnl GNUTLS not disabled
fi dnl OPENSSL != 1
fi
dnl ---
dnl Check which crypto backend GnuTLS uses
@@ -1889,7 +1947,7 @@ AC_HELP_STRING([--with-polarssl=PATH],[where to look for PolarSSL, PATH points t
AC_HELP_STRING([--without-polarssl], [disable PolarSSL detection]),
OPT_POLARSSL=$withval)
if test "$OPENSSL_ENABLED" != "1"; then
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test X"$OPT_POLARSSL" != Xno; then
@@ -1957,7 +2015,7 @@ if test "$OPENSSL_ENABLED" != "1"; then
fi dnl PolarSSL not disabled
fi dnl OPENSSL != 1
fi
dnl ----------------------------------------------------
dnl check for CyaSSL
@@ -1973,7 +2031,7 @@ AC_HELP_STRING([--with-cyassl=PATH],[where to look for CyaSSL, PATH points to th
AC_HELP_STRING([--without-cyassl], [disable CyaSSL detection]),
OPT_CYASSL=$withval)
if test "$OPENSSL_ENABLED" != "1"; then
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test X"$OPT_CYASSL" != Xno; then
@@ -2042,7 +2100,7 @@ if test "$OPENSSL_ENABLED" != "1"; then
fi dnl CyaSSL not disabled
fi dnl OPENSSL != 1
fi
dnl ----------------------------------------------------
dnl NSS. Only check if GnuTLS and OpenSSL are not enabled
@@ -2056,7 +2114,7 @@ AC_HELP_STRING([--with-nss=PATH],[where to look for NSS, PATH points to the inst
AC_HELP_STRING([--without-nss], [disable NSS detection]),
OPT_NSS=$withval)
if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test X"$OPT_NSS" != Xno; then
if test "x$OPT_NSS" = "xyes"; then
@@ -2141,7 +2199,7 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
fi dnl NSS not disabled
fi dnl OPENSSL != 1 -a GNUTLS_ENABLED != 1
fi dnl curl_ssl_msg = init_ssl_msg
OPT_AXTLS=off
@@ -2198,9 +2256,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
fi
fi
if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$AXTLS_ENABLED$CYASSL_ENABLED" = "x"; then
if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED$POLARSSL_ENABLED$AXTLS_ENABLED$CYASSL_ENABLED$WINSSL_ENABLED$DARWINSSL_ENABLED" = "x"; then
AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss or --with-axtls to address this.])
AC_MSG_WARN([Use --with-ssl, --with-gnutls, --with-polarssl, --with-cyassl, --with-nss, --with-axtls or --with-winssl to address this.])
else
# SSL is enabled, genericly
AC_SUBST(SSL_ENABLED)
@@ -2213,6 +2271,93 @@ dnl **********************************************************************
CURL_CHECK_CA_BUNDLE
dnl **********************************************************************
dnl Check for libmetalink
dnl **********************************************************************
OPT_LIBMETALINK=no
AC_ARG_WITH(libmetalink,dnl
AC_HELP_STRING([--with-libmetalink=PATH],[where to look for libmetalink, PATH points to the installation root])
AC_HELP_STRING([--without-libmetalink], [disable libmetalink detection]),
OPT_LIBMETALINK=$withval)
if test X"$OPT_LIBMETALINK" != Xno; then
addlib=""
addld=""
addcflags=""
version=""
libmetalinklib=""
PKGTEST="no"
if test "x$OPT_LIBMETALINK" = "xyes"; then
dnl this is with no partiular path given
PKGTEST="yes"
CURL_CHECK_PKGCONFIG(libmetalink)
else
dnl When particular path is given, set PKG_CONFIG_LIBDIR using the path.
LIBMETALINK_PCDIR="$OPT_LIBMETALINK/lib/pkgconfig"
AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$LIBMETALINK_PCDIR"])
if test -f "$LIBMETALINK_PCDIR/libmetalink.pc"; then
PKGTEST="yes"
fi
if test "$PKGTEST" = "yes"; then
CURL_CHECK_PKGCONFIG(libmetalink, [$LIBMETALINK_PCDIR])
fi
fi
if test "$PKGTEST" = "yes" && test "$PKGCONFIG" != "no"; then
addlib=`CURL_EXPORT_PCDIR([$LIBMETALINK_PCDIR]) dnl
$PKGCONFIG --libs-only-l libmetalink`
addld=`CURL_EXPORT_PCDIR([$LIBMETALINK_PCDIR]) dnl
$PKGCONFIG --libs-only-L libmetalink`
addcflags=`CURL_EXPORT_PCDIR([$LIBMETALINK_PCDIR]) dnl
$PKGCONFIG --cflags-only-I libmetalink`
version=`CURL_EXPORT_PCDIR([$LIBMETALINK_PCDIR]) dnl
$PKGCONFIG --modversion libmetalink`
libmetalinklib=`echo $addld | $SED -e 's/-L//'`
fi
if test -n "$addlib"; then
clean_CPPFLAGS="$CPPFLAGS"
clean_LDFLAGS="$LDFLAGS"
clean_LIBS="$LIBS"
CPPFLAGS="$addcflags $clean_CPPFLAGS"
LDFLAGS="$addld $clean_LDFLAGS"
LIBS="$addlib $clean_LIBS"
AC_MSG_CHECKING([if libmetalink is recent enough])
AC_LINK_IFELSE([
AC_LANG_PROGRAM([[
# include <metalink/metalink.h>
]],[[
if(0 != metalink_strerror(0)) /* added in 0.1.0 */
return 1;
]])
],[
AC_MSG_RESULT([yes ($version)])
want_metalink="yes"
],[
AC_MSG_RESULT([no ($version)])
AC_MSG_NOTICE([libmetalink library defective or too old])
want_metalink="no"
])
CPPFLAGS="$clean_CPPFLAGS"
LDFLAGS="$clean_LDFLAGS"
LIBS="$clean_LIBS"
if test "$want_metalink" = "yes"; then
dnl finally libmetalink will be used
AC_DEFINE(USE_METALINK, 1, [Define to enable metalink support])
LIBMETALINK_LIBS=$addlib
LIBMETALINK_LDFLAGS=$addld
LIBMETALINK_CFLAGS=$addcflags
AC_SUBST([LIBMETALINK_LIBS])
AC_SUBST([LIBMETALINK_LDFLAGS])
AC_SUBST([LIBMETALINK_CFLAGS])
curl_mtlnk_msg="enabled"
fi
fi
fi
dnl **********************************************************************
dnl Check for the presence of LIBSSH2 libraries and headers
dnl **********************************************************************
@@ -2413,6 +2558,10 @@ AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
versioned_symbols_flavour="CYASSL_"
elif test "x$AXTLS_ENABLED" == "x1"; then
versioned_symbols_flavour="AXTLS_"
elif test "x$WINSSL_ENABLED" == "x1"; then
versioned_symbols_flavour="WINSSL_"
elif test "x$DARWINSSL_ENABLED" == "x1"; then
versioned_symbols_flavour="DARWINSSL_"
else
versioned_symbols_flavour=""
fi
@@ -2431,6 +2580,78 @@ AC_MSG_RESULT(no)
AC_SUBST(VERSIONED_FLAVOUR, ["$versioned_symbols_flavour"])
AM_CONDITIONAL(VERSIONED_SYMBOLS, test "x$versioned_symbols" = "xyes")
dnl -------------------------------------------------
dnl check winidn option before other IDN libraries
dnl -------------------------------------------------
AC_MSG_CHECKING([whether to enable Windows native IDN (Windows native builds only)])
OPT_WINIDN="default"
AC_ARG_WITH(winidn,
AC_HELP_STRING([--with-winidn=PATH],[enable Windows native IDN])
AC_HELP_STRING([--without-winidn], [disable Windows native IDN]),
OPT_WINIDN=$withval)
case "$OPT_WINIDN" in
no|default)
dnl --without-winidn option used or configure option not specified
want_winidn="no"
AC_MSG_RESULT([no])
;;
yes)
dnl --with-winidn option used without path
want_winidn="yes"
want_winidn_path="default"
AC_MSG_RESULT([yes])
;;
*)
dnl --with-winidn option used with path
want_winidn="yes"
want_winidn_path="$withval"
AC_MSG_RESULT([yes ($withval)])
;;
esac
if test "$want_winidn" = "yes"; then
dnl winidn library support has been requested
clean_CPPFLAGS="$CPPFLAGS"
clean_LDFLAGS="$LDFLAGS"
clean_LIBS="$LIBS"
WINIDN_LIBS="-lnormaliz"
#
if test "$want_winidn_path" != "default"; then
dnl path has been specified
dnl pkg-config not available or provides no info
WINIDN_LDFLAGS="-L$want_winidn_path/lib$libsuff"
WINIDN_CPPFLAGS="-I$want_winidn_path/include"
WINIDN_DIR="$want_winidn_path/lib$libsuff"
fi
#
CPPFLAGS="$WINIDN_CPPFLAGS $CPPFLAGS"
LDFLAGS="$WINIDN_LDFLAGS $LDFLAGS"
LIBS="$WINIDN_LIBS $LIBS"
#
AC_MSG_CHECKING([if IdnToUnicode can be linked])
AC_LINK_IFELSE([
AC_LANG_FUNC_LINK_TRY([IdnToUnicode])
],[
AC_MSG_RESULT([yes])
tst_links_winidn="yes"
],[
AC_MSG_RESULT([no])
tst_links_winidn="no"
])
#
if test "$tst_links_winidn" = "yes"; then
AC_DEFINE(USE_WIN32_IDN, 1, [Define to 1 if you have the `normaliz' (WinIDN) library (-lnormaliz).])
AC_DEFINE(WANT_IDN_PROTOTYPES, 1, [Define to 1 to provide own prototypes.])
AC_SUBST([IDN_ENABLED], [1])
curl_idn_msg="enabled (Windows-native)"
else
AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
CPPFLAGS="$clean_CPPFLAGS"
LDFLAGS="$clean_LDFLAGS"
LIBS="$clean_LIBS"
fi
fi
dnl **********************************************************************
dnl Check for the presence of IDN libraries and headers
@@ -2853,10 +3074,6 @@ if test "$ipv6" = "yes"; then
CURL_CHECK_NI_WITHSCOPEID
fi
dnl ************************************************************
dnl enable non-blocking communications
dnl
CURL_CHECK_OPTION_NONBLOCKING
CURL_CHECK_NONBLOCKING_SOCKET
dnl ************************************************************
@@ -2985,10 +3202,20 @@ AC_HELP_STRING([--disable-sspi],[Disable SSPI]),
fi
;;
*)
if test "x$WINSSL_ENABLED" = "x1"; then
# --with-winssl implies --enable-sspi
AC_MSG_RESULT(yes)
else
AC_MSG_RESULT(no)
fi
;;
esac ],
if test "x$WINSSL_ENABLED" = "x1"; then
# --with-winssl implies --enable-sspi
AC_MSG_RESULT(yes)
else
AC_MSG_RESULT(no)
fi
)
dnl ************************************************************
@@ -3119,7 +3346,7 @@ AC_SUBST(ENABLE_SHARED)
dnl
dnl For keeping supported features and protocols also in pkg-config file
dnl since it is more cross-compile frient than curl-config
dnl since it is more cross-compile friendly than curl-config
dnl
if test "x$USE_SSLEAY" = "x1"; then
@@ -3147,7 +3374,8 @@ if test "x$USE_WINDOWS_SSPI" = "x1"; then
fi
if test "x$CURL_DISABLE_HTTP" != "x1"; then
if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1"; then
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
-o "x$DARWINSSL_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
if test "x$NTLM_WB_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
@@ -3316,6 +3544,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
LDAPS support: ${curl_ldaps_msg}
RTSP support: ${curl_rtsp_msg}
RTMP support: ${curl_rtmp_msg}
metalink support: ${curl_mtlnk_msg}
Protocols: ${SUPPORT_PROTOCOLS}
])

View File

@@ -6,7 +6,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 2001 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 2001 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -24,6 +24,7 @@
prefix=@prefix@
exec_prefix=@exec_prefix@
includedir=@includedir@
cppflag_curl_staticlib=@CPPFLAG_CURL_STATICLIB@
usage()
{
@@ -128,10 +129,15 @@ while test $# -gt 0; do
;;
--cflags)
if test "X@includedir@" = "X/usr/include"; then
echo ""
if test "X$cppflag_curl_staticlib" = "X-DCURL_STATICLIB"; then
CPPFLAG_CURL_STATICLIB="-DCURL_STATICLIB "
else
echo "-I@includedir@"
CPPFLAG_CURL_STATICLIB=""
fi
if test "X@includedir@" = "X/usr/include"; then
echo "$CPPFLAG_CURL_STATICLIB"
else
echo "${CPPFLAG_CURL_STATICLIB}-I@includedir@"
fi
;;

View File

@@ -91,7 +91,7 @@ BUGS
your problem and to work on a fix (if we agree it truly is a problem).
Lots of problems that appear to be libcurl problems are actually just abuses
of the libcurl API or other malfunctions in your applications. It is adviced
of the libcurl API or other malfunctions in your applications. It is advised
that you run your problematic program using a memory debug tool like
valgrind or similar before you post memory-related or "crashing" problems to
us.

View File

@@ -279,7 +279,7 @@
3.6 Please don't send pull requests
With git (and expecially github) it is easy and tempting to send a pull
With git (and especially github) it is easy and tempting to send a pull
request to one or more people in the curl project to have changes merged this
way instead of mailing patches to the curl-library mailing list.
@@ -294,7 +294,7 @@
- Commit messages can be tweaked and changed if merged locally instead of
using github. Merges directly on github requires the changes to be perfect
already, which they seldomly are.
already, which they seldom are.
- Merges on github prevents rebases and even enforces --no-ff which is a git
style we don't otherwise use in the project

View File

@@ -1,4 +1,3 @@
Updated: December 7, 2011 (http://curl.haxx.se/docs/faq.html)
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
@@ -97,6 +96,7 @@ FAQ
5.13 How do I stop an ongoing transfer?
5.14 Using C++ non-static functions for callbacks?
5.15 How do I get an FTP directory listing?
5.16 I want a different time-out!
6. License Issues
6.1 I have a GPL program, can I use the libcurl library?
@@ -138,7 +138,7 @@ FAQ
libcurl is highly portable, it builds and works identically on numerous
platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HPUX,
IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOs, Mac
IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOS, Mac
OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF,
Android, Minix, IBM TPF and more...
@@ -807,7 +807,7 @@ FAQ
4.5.3 "403 Forbidden"
The server understood the request, but is refusing to fulfill it.
The server understood the request, but is refusing to fulfil it.
Authorization will not help and the request SHOULD NOT be repeated.
4.5.4 "404 Not Found"
@@ -1294,6 +1294,22 @@ FAQ
libcurl since 7.21.0 also provide the ability to specify a wildcard to
download multiple files from one FTP directory.
5.16 I want a different time-out!
Time and time again users realize that CURLOPT_TIMEOUT and
CURLOPT_CONNECTIMEOUT are not sufficiently advanced or flexible to cover all
the various use cases and scenarios applications end up with.
libcurl offers many more ways to time-out operations. A common alternative
is to use the CURLOPT_LOW_SPEED_LIMIT and CURLOPT_LOW_SPEED_TIME options to
specify the lowest possible speed to accept before to consider the transfer
timed out.
The most flexible way is by writing your own time-out logic and using
CURLOPT_PROGRESSFUNCTION (perhaps in combination with other callbacks) and
use that to figure out exactly when the right condition is met when the
transfer should get stopped.
6. License Issues

View File

@@ -26,12 +26,12 @@ libcurl supports
- compiles on win32 (reported builds on 40+ operating systems)
- selectable network interface for outgoing traffic
- IPv6 support on unix and Windows
- persistant connections
- persistent connections
- socks5 support
- supports user name + password in proxy environment variables
- operations through proxy "tunnel" (using CONNECT)
- supports large files (>2GB and >4GB) both upload/download
- replacable memory functions (malloc, free, realloc, etc)
- replaceable memory functions (malloc, free, realloc, etc)
- asynchronous name resolving (*6)
- both a push and a pull style interface
@@ -125,7 +125,7 @@ FILE
FOOTNOTES
=========
*1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS or PolarSSL
*1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL or schannel
*2 = requires OpenLDAP
*3 = requires a GSSAPI-compliant library, such as Heimdal or similar.
*4 = requires FBopenssl

123
docs/HTTP-COOKIES Normal file
View File

@@ -0,0 +1,123 @@
Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html)
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
HTTP Cookies
1. HTTP Cookies
1.1 Cookie overview
1.2 Cookies saved to disk
1.3 Cookies with curl the command line tool
1.4 Cookies with libcurl
1.5 Cookies with javascript
==============================================================================
1. HTTP Cookies
1.1 Cookie overview
HTTP cookies are pieces of 'name=contents' snippets that a server tells the
client to hold and then the client sends back those the server on subsequent
requests to the same domains/paths for which the cookies were set.
Cookies are either "session cookies" which typically are forgotten when the
session is over which is often translated to equal when browser quits, or
the cookies aren't session cookies they have expiration dates after which
the client will throw them away.
Cookies are set to the client with the Set-Cookie: header and are sent to
servers with the Cookie: header.
For a very long time, the only spec explaining how to use cookies was the
original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
and details how cookies work within HTTP.
1.2 Cookies saved to disk
Netscape once created a file format for storing cookies on disk so that they
would survive browser restarts. curl adopted that file format to allow
sharing the cookies with browsers, only to see browsers move away from that
format. Modern browsers no longer use it, while curl still does.
The netscape cookie file format stores one cookie per physical line in the
file with a bunch of associated meta data, each field separated with
TAB. That file is called the cookiejar in curl terminology.
When libcurl saves a cookiejar, it creates a file header of its own in which
there is a URL mention that will link to the web version of this document.
1.3 Cookies with curl the command line tool
curl has a full cookie "engine" built in. If you just activate it, you can
have curl receive and send cookies exactly as mandated in the specs.
Command line options:
-b, --cookie
tell curl a file to read cookies from and start the cookie engine, or if
it isn't a file it will pass on the given string. -b name=var works and so
does -b cookiefile.
-j, --junk-session-cookies
when used in combination with -b, it will skip all "session cookies" on
load so as to appear to start a new cookie session.
-c, --cookie-jar
tell curl to start the cookie engine and write cookies to the given file
after the request(s)
1.4 Cookies with libcurl
libcurl offers several ways to enable and interface the cookie engine. These
options are the ones provided by the native API. libcurl bindings may offer
access to them using other means.
CURLOPT_COOKIE
Is used when you want to specify the exact contents of a cookie header to
send to the server.
CURLOPT_COOKIEFILE
Tell libcurl to activate the cookie engine, and to read the initial set of
cookies from the given file. Read-only.
CURLOPT_COOKIEJAR
Tell libcurl to activate the cookie engine, and when the easy handle is
closed save all known cookies to the given cookiejar file. Write-only.
CURLOPT_COOKIELIST
Provide detailed information about a single cookie to add to the internal
storage of cookies. Pass in the cookie as a HTTP header with all the
details set, or pass in a line from a netscape cookie file. This option
can also be used to flush the cookies etc.
CURLINFO_COOKIELIST
Extract cookie information from the internal cookie storage as a linked
list.
1.5 Cookies with javascript
These days a lot of the web is built up by javascript. The webbrowser loads
complete programs that render the page you see. These javascript programs
can also set and access cookies.
Since curl and libcurl are plain HTTP clients without any knowledge of or
capability to handle javascript, such cookies will not be detected or used.
Often, if you want to mimic what a browser does on such web sites, you can
record web browser HTTP traffic when using such a site and then repeat the
cookie operations using curl or libcurl.

View File

@@ -157,6 +157,9 @@ UNIX
To get support for SCP and SFTP, build with --with-libssh2 and have
libssh2 0.16 or later installed.
To get Metalink support, build with --with-libmetalink and have the
libmetalink packages installed.
SPECIAL CASES
-------------
Some versions of uClibc require configuring with CPPFLAGS=-D_GNU_SOURCE=1
@@ -197,6 +200,9 @@ Win32
first to rebuild every single library your app uses as well as your
app using the debug multithreaded dynamic C runtime.
If you get linkage errors read section 5.7 of the FAQ document.
MingW32
-------
@@ -540,7 +546,7 @@ VMS
Curl seems to work with FTP & HTTP other protocols are not tested. (the
perl http/ftp testing server supplied as testing too cannot work on VMS
because vms has no concept of fork(). [ I tried to give it a whack, but
thats of no use.
that's of no use.
SSL stuff has not been ported.
@@ -673,7 +679,7 @@ NetWare
you can find precompiled packages at:
http://www.gknw.net/development/ossl/netware/
for CLIB-based builds OpenSSL 0.9.8h or later is required - earlier versions
dont support buildunf with CLIB BSD sockets.
don't support building with CLIB BSD sockets.
- optional SSH2 sources (version 0.17 or later);
Set a search path to your compiler, linker and tools; on Linux make
@@ -843,10 +849,10 @@ Android
Method using the static makefile:
- see the build notes in the Android.mk file.
Method using a configure cross-compile (tested with Android NDK r7b):
Method using a configure cross-compile (tested with Android NDK r7c, r8):
- prepare the toolchain of the Android NDK for standalone use; this can
be done by invoking the script:
./tools/make-standalone-toolchain.sh
./build/tools/make-standalone-toolchain.sh
which creates a usual cross-compile toolchain. Lets assume that you put
this toolchain below /opt then invoke configure with something like:
export PATH=/opt/arm-linux-androideabi-4.4.3/bin:$PATH
@@ -865,6 +871,20 @@ Android
found in your automake folder:
find /usr -name config.sub
Wrapper for pkg-config
- In order to make proper use of pkg-config so that configure is able to
find all dependencies you should create a wrapper script for pkg-config;
file /opt/arm-linux-androideabi-4.4.3/bin/arm-linux-androideabi-pkg-config:
#!/bin/sh
SYSROOT=$(dirname ${0%/*})/sysroot
export PKG_CONFIG_DIR=
export PKG_CONFIG_LIBDIR=${SYSROOT}/usr/local/lib/pkgconfig:${SYSROOT}/usr/share/pkgconfig
export PKG_CONFIG_SYSROOT_DIR=${SYSROOT}
exec pkg-config "$@"
also create a copy or symlink with name arm-unknown-linux-androideabi-pkg-config.
CROSS COMPILE
=============
@@ -950,8 +970,9 @@ REDUCING SIZE
The GNU compiler and linker have a number of options that can reduce the
size of the libcurl dynamic libraries on some platforms even further.
Specify them by providing appropriate CFLAGS and LDFLAGS variables on the
configure command-line:
CFLAGS="-ffunction-sections -fdata-sections" \
configure command-line, e.g.
CFLAGS="-Os -ffunction-sections -fdata-sections \
-fno-unwind-tables -fno-asynchronous-unwind-tables" \
LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections"
Be sure also to strip debugging symbols from your binaries after
@@ -961,9 +982,9 @@ REDUCING SIZE
.comment section).
Using these techniques it is possible to create a basic HTTP-only shared
libcurl library for i386 Linux platforms that is only 101 KiB in size, and
an FTP-only library that is 105 KiB in size (as of libcurl version 7.21.5,
using gcc 4.4.3).
libcurl library for i386 Linux platforms that is only 106 KiB in size, and
an FTP-only library that is 108 KiB in size (as of libcurl version 7.27.0,
using gcc 4.6.3).
You may find that statically linking libcurl to your application will
result in a lower total size than dynamically linking.

View File

@@ -11,13 +11,32 @@ Building with CMake
This document describes how to compile, build and install curl and libcurl
from source code using the CMake build tool. To build with CMake, you will
of course have to first install CMake. The minimum required version of
CMake is specifed in the file CMakeLists.txt found in the top of the curl
CMake is specified in the file CMakeLists.txt found in the top of the curl
source tree. Once the correct version of CMake is installed you can follow
the instructions below for the platform you are building on.
CMake builds can be configured either from the command line, or from one
of CMake's GUI's.
Current flaws in the curl CMake build
=====================================
Missing features in the cmake build:
- Builds libcurl without large file support
- It doesn't build src/hugehelp.c which creates the --manual output
- Can't select which SSL library to build with, only OpenSSL
- Doesn't build with SCP and SFTP support (libssh2)
- Doesn't allow different resolver backends (no c-ares build support)
- No RTMP support built
- Doesn't allow build curl and libcurl debug enabled
- Doesn't allow a custom CA bundle path
- Doesn't allow you to disable specific protocols from the build
- Doesn't properly enable IPv6 support by default
- Doesn't find or use krb4 or GSS
- Rebuilds test files too eagerly, but still can't run the tests
Important notice
==================
If you got your curl sources from a distribution tarball, make sure to
@@ -31,27 +50,33 @@ Important notice
Command Line CMake
==================
A command line build of Curl is similar to the autotools build of Curl. It
A CMake build of curl is similar to the autotools build of curl. It
consists of the following steps after you have unpacked the source.
# 1st create an out of source build tree parallel to the curl source
# tree and change into that directory
mkdir curl-build
cd curl-build
# now run CMake from the build tree, giving it the path to the top of
# the Curl source tree. CMake will pick a compiler for you. If you
# want to specifiy the compile, you can set the CC environment
# variable prior to running CMake.
cmake ../curl
make
# currently make test is not implemented
#make test
# Install to default location:
make install
1. Create an out of source build tree parallel to the curl source
tree and change into that directory
$ mkdir curl-build
$ cd curl-build
2. Run CMake from the build tree, giving it the path to the top of
the curl source tree. CMake will pick a compiler for you. If you
want to specify the compile, you can set the CC environment
variable prior to running CMake.
$ cmake ../curl
$ make
3. Install to default location:
$ make install
(The teste suit does not work with the cmake build)
ccmake
=========
CMake comes with a curses based interface called ccmake. To run ccmake on
a curl use the instructions for the command line cmake, but substitue
a curl use the instructions for the command line cmake, but substitute
ccmake ../curl for cmake ../curl. This will bring up a curses interface
with instructions on the bottom of the screen. You can press the "c" key
to configure the project, and the "g" key to generate the project. After
@@ -65,7 +90,7 @@ cmake-gui
the curl source tree.
2. Fill in the "Where to build the binaries" combo box with the path
to the directory for your build tree, ideally this should not be the
same as the source tree, but a parallel diretory called curl-build or
same as the source tree, but a parallel directory called curl-build or
something similar.
3. Once the source and binary directories are specified, press the
"Configure" button.
@@ -73,5 +98,5 @@ cmake-gui
5. At this point you can change any of the options presented in the
GUI. Once you have selected all the options you want, click the
"Generate" button.
6. Run the native build tool that you used CMake to genratate.
6. Run the native build tool that you used CMake to generate.

View File

@@ -26,7 +26,7 @@ exists for a Unix/linux command line environments. This is of little help when
it comes to Windows O/S.
Secondly the help that does exist for the Windows O/S focused around mingw
thru a command line argument environment.
through a command line argument environment.
You may ask "Why is this a problem?"

View File

@@ -220,7 +220,7 @@ Library
done" loop. It loops if there's a Location: to follow.
When completed, the curl_easy_cleanup() should be called to free up used
resources. It runs Curl_disconnect() on all open connectons.
resources. It runs Curl_disconnect() on all open connections.
A quick roundup on internal function sequences (many of these call
protocol-specific function-pointers):

View File

@@ -3,13 +3,23 @@ join in and help us correct one or more of these! Also be sure to check the
changelog of the current development status, as one or more of these problems
may have been fixed since this was written!
80. Curl doesn't recognize certificates in DER format in keychain, but it
works with PEM.
http://curl.haxx.se/bug/view.cgi?id=3439999
79. SMTP. When sending data to multiple recipients, curl will abort and return
failure if one of the recipients indicate failure (on the "RCPT TO"
command). Ordinary mail programs would proceed and still send to the ones
that can receive data. This is subject for change in the future.
http://curl.haxx.se/bug/view.cgi?id=3438362
78. curl and libcurl don't always signal the client properly when "sending"
zero bytes files - it makes for example the command line client not creating
any file at all. Like when using FTP.
http://curl.haxx.se/bug/view.cgi?id=3438362
77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it
"absuses" the underlying connection re-use system and if connections are
"abuses" the underlying connection re-use system and if connections are
forced to close they break the NTLM support.
76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on
@@ -17,10 +27,15 @@ may have been fixed since this was written!
curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET
option as for all other operating systems.
75. NTLM authentication involving unicode user name or password.
75. NTLM authentication involving unicode user name or password only works
properly if built with UNICODE defined together with the schannel/winssl
backend. The original problem was mentioned in:
http://curl.haxx.se/mail/lib-2009-10/0024.html
http://curl.haxx.se/bug/view.cgi?id=2944325
The schannel version verified to work as mentioned in
http://curl.haxx.se/mail/lib-2012-07/0073.html
73. if a connection is made to a FTP server but the server then just never
sends the 220 response or otherwise is dead slow, libcurl will not
acknowledge the connection timeout during that phase but only the "real"
@@ -119,13 +134,6 @@ may have been fixed since this was written!
38. Kumar Swamy Bhatt's problem in ftp/ssl "LIST" operation:
http://curl.haxx.se/mail/lib-2007-01/0103.html
37. Having more than one connection to the same host when doing NTLM
authentication (with performs multiple "passes" and authenticates a
connection rather than a HTTP request), and particularly when using the
multi interface, there's a risk that libcurl will re-use a wrong connection
when doing the different passes in the NTLM negotiation and thus fail to
negotiate (in seemingly mysterious ways).
35. Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very
bad when used with the multi interface.
@@ -155,7 +163,6 @@ may have been fixed since this was written!
to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=1281867
23. SOCKS-related problems:
A) libcurl doesn't support SOCKS for IPv6.
B) libcurl doesn't support FTPS over a SOCKS proxy.
E) libcurl doesn't support active FTP over a SOCKS proxy

View File

@@ -59,7 +59,7 @@ MAIL ETIQUETTE
no way to read the reply, but to ask the one person the question. The one
person consequently gets overloaded with mail.
If you really want to contact an individual and perhaps pay for his or her's
If you really want to contact an individual and perhaps pay for his or her
services, by all means go ahead, but if it's just another curl question,
take it to a suitable list instead.
@@ -92,7 +92,7 @@ MAIL ETIQUETTE
1.6 Handling trolls and spam
Despite our good intensions and hard work to keep spam off the lists and to
Despite our good intentions and hard work to keep spam off the lists and to
maintain a friendly and positive atmosphere, there will be times when spam
and or trolls get through.
@@ -170,8 +170,8 @@ MAIL ETIQUETTE
Q: What is the most annoying thing in e-mail?
Apart from the screwed up read order (especially when mixed together in a
thread when some responds doing the mandaded bottom-posting style), it also
makes it impossible to quote only parts of the original mail.
thread when someone responds using the mandated bottom-posting style), it
also makes it impossible to quote only parts of the original mail.
When you reply to a mail. You let the mail client insert the previous mail
quoted. Then you put the cursor on the first line of the mail and you move

View File

@@ -19,7 +19,7 @@ SIMPLE USAGE
curl http://www.weirdserver.com:8000/
Get a list of a directory of an FTP site:
Get a directory listing of an FTP site:
curl ftp://cool.haxx.se/
@@ -54,7 +54,7 @@ SIMPLE USAGE
DOWNLOAD TO A FILE
Get a web page and store in a local file:
Get a web page and store in a local file with a specific name:
curl -o thatpage.html http://www.netscape.com/
@@ -113,9 +113,10 @@ USING PASSWORDS
ones out of the ones that the server accepts for the given URL, by using
--anyauth.
NOTE! Since HTTP URLs don't support user and password, you can't use that
style when using Curl via a proxy. You _must_ use the -u style fetch
during such circumstances.
NOTE! According to the URL specification, HTTP URLs can not contain a user
and password, so that style will not work when using curl via a proxy, even
though curl allows it at other times. When using a proxy, you _must_ use
the -u style for user and password.
HTTPS
@@ -133,7 +134,7 @@ PROXY
curl -x my-proxy:888 ftp://ftp.leachsite.com/README
Get a file from a HTTP server that requires user and password, using the
Get a file from an HTTP server that requires user and password, using the
same proxy as above:
curl -u user:passwd -x my-proxy:888 http://www.get.this/
@@ -171,7 +172,7 @@ PROXY
RANGES
With HTTP 1.1 byte-ranges were introduced. Using this, a client can request
HTTP 1.1 introduced byte-ranges. Using this, a client can request
to get only one or more subparts of a specified document. Curl supports
this with the -r flag.
@@ -202,8 +203,8 @@ UPLOADING
curl -T uploadfile -u user:passwd ftp://ftp.upload.com/myfile
Upload a local file to the remote site, and use the local file name remote
too:
Upload a local file to the remote site, and use the local file name at the remote
site too:
curl -T uploadfile -u user:passwd ftp://ftp.upload.com/
@@ -219,14 +220,14 @@ UPLOADING
HTTP
Upload all data on stdin to a specified http site:
Upload all data on stdin to a specified HTTP site:
curl -T - http://www.upload.com/myfile
Note that the http server must have been configured to accept PUT before
Note that the HTTP server must have been configured to accept PUT before
this can be done successfully.
For other ways to do http data upload, see the POST section below.
For other ways to do HTTP data upload, see the POST section below.
VERBOSE / DEBUG
@@ -289,7 +290,7 @@ POST (HTTP)
The 'variable' names are the names set with "name=" in the <input> tags, and
the data is the contents you want to fill in for the inputs. The data *must*
be properly URL encoded. That means you replace space with + and that you
write weird letters with %XX where XX is the hexadecimal representation of
replace weird letters with %XX where XX is the hexadecimal representation of
the letter's ASCII code.
Example:
@@ -361,8 +362,8 @@ POST (HTTP)
REFERRER
A HTTP request has the option to include information about which address
that referred to actual page. Curl allows you to specify the
An HTTP request has the option to include information about which address
referred it to the actual page. Curl allows you to specify the
referrer to be used on the command line. It is especially useful to
fool or trick stupid servers or CGI scripts that rely on that information
being available or contain certain data.
@@ -373,7 +374,7 @@ REFERRER
USER AGENT
A HTTP request has the option to include information about the browser
An HTTP request has the option to include information about the browser
that generated the request. Curl allows it to be specified on the command
line. It is especially useful to fool or trick stupid servers or CGI
scripts that only accept certain browsers.
@@ -613,21 +614,21 @@ SFTP and SCP and PATH NAMES
FTP and firewalls
The FTP protocol requires one of the involved parties to open a second
connection as soon as data is about to get transfered. There are two ways to
connection as soon as data is about to get transferred. There are two ways to
do this.
The default way for curl is to issue the PASV command which causes the
server to open another port and await another connection performed by the
client. This is good if the client is behind a firewall that don't allow
client. This is good if the client is behind a firewall that doesn't allow
incoming connections.
curl ftp.download.com
If the server for example, is behind a firewall that don't allow connections
on other ports than 21 (or if it just doesn't support the PASV command), the
If the server, for example, is behind a firewall that doesn't allow connections
on ports other than 21 (or if it just doesn't support the PASV command), the
other way to do it is to use the PORT command and instruct the server to
connect to the client on the given (as parameters to the PORT command) IP
number and port.
connect to the client on the given IP number and port (as parameters to the
PORT command).
The -P flag to curl supports a few different options. Your machine may have
several IP-addresses and/or network interfaces and curl allows you to select
@@ -685,8 +686,8 @@ HTTPS
If you neglect to specify the password on the command line, you will be
prompted for the correct password before any data can be received.
Many older SSL-servers have problems with SSLv3 or TLS, that newer versions
of OpenSSL etc is using, therefore it is sometimes useful to specify what
Many older SSL-servers have problems with SSLv3 or TLS, which newer versions
of OpenSSL etc use, therefore it is sometimes useful to specify what
SSL-version curl should use. Use -3, -2 or -1 to specify that exact SSL
version to use (for SSLv3, SSLv2 or TLSv1 respectively):
@@ -695,14 +696,13 @@ HTTPS
Otherwise, curl will first attempt to use v3 and then v2.
To use OpenSSL to convert your favourite browser's certificate into a PEM
formatted one that curl can use, do something like this (assuming netscape,
but IE is likely to work similarly):
formatted one that curl can use, do something like this:
You start with hitting the 'security' menu button in netscape.
In Netscape, you start with hitting the 'Security' menu button.
Select 'certificates->yours' and then pick a certificate in the list
Press the 'export' button
Press the 'Export' button
enter your PIN code for the certs
@@ -713,11 +713,21 @@ HTTPS
# ./apps/openssl pkcs12 -in [file you saved] -clcerts -out [PEMfile]
In Firefox, select Options, then Advanced, then the Encryption tab,
View Certificates. This opens the Certificate Manager, where you can
Export. Be sure to select PEM for the Save as type.
In Internet Explorer, select Internet Options, then the Content tab, then
Certificates. Then you can Export, and depending on the format you may
need to convert to PEM.
In Chrome, select Settings, then Show Advanced Settings. Under HTTPS/SSL
select Manage Certificates.
RESUMING FILE TRANSFERS
To continue a file transfer where it was previously aborted, curl supports
resume on http(s) downloads as well as ftp uploads and downloads.
resume on HTTP(S) downloads as well as FTP uploads and downloads.
Continue downloading a document:
@@ -731,7 +741,7 @@ RESUMING FILE TRANSFERS
curl -C - -o file http://www.server.com/
(*1) = This requires that the ftp server supports the non-standard command
(*1) = This requires that the FTP server supports the non-standard command
SIZE. If it doesn't, curl will say so.
(*2) = This requires that the web server supports at least HTTP/1.1. If it
@@ -740,7 +750,7 @@ RESUMING FILE TRANSFERS
TIME CONDITIONS
HTTP allows a client to specify a time condition for the document it
requests. It is If-Modified-Since or If-Unmodified-Since. Curl allow you to
requests. It is If-Modified-Since or If-Unmodified-Since. Curl allows you to
specify them with the -z/--time-cond flag.
For example, you can easily make a download that only gets performed if the
@@ -788,7 +798,7 @@ LDAP
and offer ldap:// support.
LDAP is a complex thing and writing an LDAP query is not an easy task. I do
advice you to dig up the syntax description for that elsewhere. Two places
advise you to dig up the syntax description for that elsewhere. Two places
that might suit you are:
Netscape's "Netscape Directory SDK 3.0 for C Programmer's Guide Chapter 10:
@@ -797,7 +807,7 @@ LDAP
RFC 2255, "The LDAP URL Format" http://curl.haxx.se/rfc/rfc2255.txt
To show you an example, this is now I can get all people from my local LDAP
To show you an example, this is how I can get all people from my local LDAP
server that has a certain sub-domain in their email address:
curl -B "ldap://ldap.frontec.se/o=frontec??sub?mail=*sth.frontec.se"
@@ -831,15 +841,15 @@ ENVIRONMENT VARIABLES
NETRC
Unix introduced the .netrc concept a long time ago. It is a way for a user
to specify name and password for commonly visited ftp sites in a file so
to specify name and password for commonly visited FTP sites in a file so
that you don't have to type them in each time you visit those sites. You
realize this is a big security risk if someone else gets hold of your
passwords, so therefore most unix programs won't read this file unless it is
only readable by yourself (curl doesn't care though).
Curl supports .netrc files if told so (using the -n/--netrc and
--netrc-optional options). This is not restricted to only ftp,
but curl can use it for all protocols where authentication is used.
Curl supports .netrc files if told to (using the -n/--netrc and
--netrc-optional options). This is not restricted to just FTP,
so curl can use it for all protocols where authentication is used.
A very simple .netrc file could look something like:
@@ -860,7 +870,7 @@ KERBEROS FTP TRANSFER
Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need
the kerberos package installed and used at curl build time for it to be
used.
available.
First, get the krb-ticket the normal way, like with the kinit/kauth tool.
Then use curl in way similar to:
@@ -895,7 +905,7 @@ TELNET
- NEW_ENV=<var,val> Sets an environment variable.
NOTE: the telnet protocol does not specify any way to login with a specified
NOTE: The telnet protocol does not specify any way to login with a specified
user and password so curl can't do that automatically. To do that, you need
to track when the login prompt is received and send the username and
password accordingly.
@@ -914,7 +924,7 @@ PERSISTENT CONNECTIONS
Note that curl cannot use persistent connections for transfers that are used
in subsequence curl invokes. Try to stuff as many URLs as possible on the
same command line if they are using the same host, as that'll make the
transfers faster. If you use a http proxy for file transfers, practically
transfers faster. If you use an HTTP proxy for file transfers, practically
all transfers will be persistent.
MULTIPLE TRANSFERS WITH A SINGLE COMMAND LINE
@@ -955,6 +965,28 @@ IPv6
IPv6 addresses provided other than in URLs (e.g. to the --proxy, --interface
or --ftp-port options) should not be URL encoded.
METALINK
Curl supports Metalink (both version 3 and 4 (RFC 5854) are supported), a way
to list multiple URIs and hashes for a file. Curl will make use of the mirrors
listed within for failover if there are errors (such as the file or server not
being available). It will also verify the hash of the file after the download
completes. The Metalink file itself is downloaded and processed in memory and
not stored in the local file system.
Example to use a remote Metalink file:
curl --metalink http://www.example.com/example.metalink
To use a Metalink file in the local file system, use FILE protocol (file://):
curl --metalink file://example.metalink
Please note that if FILE protocol is disabled, there is no way to use a local
Metalink file at the time of this writing. Also note that if --metalink and
--include are used together, --include will be ignored. This is because including
headers in the response will break Metalink parser and if the headers are included
in the file described in Metalink file, hash check will fail.
MAILING LISTS

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -36,7 +36,7 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \
README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \
KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \
$(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
MAIL-ETIQUETTE
MAIL-ETIQUETTE HTTP-COOKIES
MAN2HTML= roffit < $< >$@

View File

@@ -65,17 +65,20 @@ Andrew Fuller
Andrew Moise
Andrew Wansink
Andrew de los Reyes
Andr<EFBFBD>s Garc<EFBFBD>a
Andrés García
Andy Cedilnik
Andy Serpa
Andy Tsouladze
Angus Mackay
Anthony Bryan
Anthony G. Basile
Antoine Calando
Anton Bychkov
Anton Kalmykov
Anton Yabchinskiy
Arkadiusz Miskiewicz
Armel Asselin
Arnaud Compan
Arnaud Ebalard
Arthur Murray
Arve Knudsen
@@ -94,6 +97,7 @@ Ben Van Hof
Ben Winslow
Benbuck Nason
Benjamin Gerard
Benjamin Johnson
Bernard Leak
Bernhard Reutner-Fischer
Bertrand Demiddelaer
@@ -102,7 +106,8 @@ Bill Hoffman
Bjoern Sikora
Bjorn Augustsson
Bjorn Reese
Bj<EFBFBD>rn Stenberg
Björn Stenberg
Blaise Potard
Bob Richmond
Bob Schader
Bogdan Nicula
@@ -143,6 +148,7 @@ Chris Mumford
Chris Smowton
Christian Grothoff
Christian Hagele
Christian Hägele
Christian Krause
Christian Kurz
Christian Robottom Reis
@@ -171,6 +177,7 @@ Cris Bailiff
Cristian Rodriguez
Curt Bogmine
Cyrill Osterwalder
Dag Ekengren
Dagobert Michelsen
Damien Adant
Dan Becker
@@ -184,11 +191,11 @@ Dan Zitter
Daniel Black
Daniel Cater
Daniel Egger
Daniel Fandrich
Daniel Johnson
Daniel Mentz
Daniel Steinberg
Daniel Stenberg
Daniel Theron
Daniel at touchtunes
Darryl House
Darshan Mody
@@ -256,6 +263,7 @@ Early Ehlinger
Ebenezer Ikonne
Edin Kadribasic
Eduard Bloch
Eelco Dolstra
Eetu Ojanen
Ellis Pritchard
Emanuele Bovisio
@@ -311,7 +319,8 @@ Georg Lippitsch
Georg Wicherski
Gerd v. Egidy
Gerhard Herre
Gerrit Bruchh<EFBFBD>user
Gerrit Bruchhäuser
Ghennadi Procopciuc
Giancarlo Formicuccia
Giaslas Georgios
Gil Weber
@@ -335,7 +344,7 @@ Guenter Knauf
Guillaume Arluison
Gustaf Hui
Gwenole Beauchesne
G<EFBFBD>tz Babin-Ebell
Götz Babin-Ebell
Hamish Mackenzie
Hang Kin Lau
Hanno Kranzhoff
@@ -387,7 +396,9 @@ James MacMillan
Jamie Lokier
Jamie Newton
Jamie Wilkinson
Jan Ehrhardt
Jan Kunder
Jan Schaumann
Jan Van Boghout
Jared Lundell
Jari Sundell
@@ -439,6 +450,7 @@ John Joseph Bachir
John Kelly
John Lask
John Lightsey
John Marino
John McGowan
John P. McCaskey
John Wilkinson
@@ -453,6 +465,7 @@ Jonas Forsman
Jonas Schnelli
Jonatan Lander
Jonathan Hseu
Jonathan Nieder
Jongki Suwandi
Jose Kahan
Josef Wolf
@@ -461,18 +474,19 @@ Joshua Kwan
Josue Andrade Gomes
Juan Barreto
Juan F. Codagnone
Juan Ignacio Herv<EFBFBD>s
Juan Ignacio Hervás
Judson Bishop
Juergen Wilke
Jukka Pihl
Julian Noble
Julian Taylor
Julien Chaffraix
Julien Royer
Jun-ichiro itojun Hagino
Jurij Smakov
Justin Fletcher
J<EFBFBD>rg Mueller-Tolk
J<EFBFBD>rn Hartroth
Jörg Mueller-Tolk
Jörn Hartroth
Kai Sommerfeld
Kai-Uwe Rommel
Kalle Vahlman
@@ -506,7 +520,7 @@ Kris Kennaway
Krishnendu Majumdar
Krister Johansen
Kristian Gunstone
Kristian K<EFBFBD>hntopp
Kristian Köhntopp
Kyle Sallee
Lachlan O'Dea
Larry Campbell
@@ -523,6 +537,7 @@ Len Krause
Lenaic Lefever
Lenny Rachitsky
Liam Healy
Lijo Antony
Linas Vepstas
Ling Thio
Linus Nielsen Feltzing
@@ -544,7 +559,9 @@ Mandy Wu
Manfred Schwarb
Manuel Massing
Marc Boucher
Marc Hoersken
Marc Kleine-Budde
Marcel Raad
Marcel Roelofs
Marcelo Juchem
Marcin Adamski
@@ -561,6 +578,7 @@ Mark Eichin
Mark Incley
Mark Karpeles
Mark Lentczner
Mark Salisbury
Markus Duft
Markus Koetter
Markus Moeller
@@ -634,6 +652,7 @@ Nathan O'Sullivan
Nathanael Nerode
Naveen Chandran
Naveen Noel
Neil Bowers
Neil Dunbar
Neil Spring
Nic Roets
@@ -644,7 +663,7 @@ Nick Zitzmann
Nico Baggus
Nicolas Berloquin
Nicolas Croiset
Nicolas Fran<EFBFBD>ois
Nicolas François
Niels van Tongeren
Nikita Schmidt
Nikitinskit Dmitriy
@@ -658,8 +677,9 @@ Nodak Sodak
Norbert Frese
Norbert Novotny
Ofer
Olaf Flebbe
Olaf Stueben
Olaf St<EFBFBD>ben
Olaf Stüben
Oren Tirosh
Ori Avtalion
P R Schaffner
@@ -707,6 +727,7 @@ Phil Blundell
Phil Karn
Phil Lisiecki
Phil Pellouchoud
Philip Craig
Philip Gladstone
Philip Langdale
Philippe Hameau
@@ -714,6 +735,7 @@ Philippe Raoult
Philippe Vaucher
Pierre
Pierre Brico
Pierre Chapuis
Pierre Joye
Pierre Ynard
Pooyan McSporran
@@ -761,6 +783,7 @@ Rob Jones
Rob Stanzel
Rob Ward
Robert A. Monat
Robert B. Harris
Robert D. Young
Robert Foreman
Robert Iakobashvili
@@ -772,11 +795,13 @@ Robin Johnson
Robin Kay
Robson Braga Araujo
Rodney Simmons
Rodrigo Silva
Roland Blom
Roland Krikava
Roland Zimmermann
Rolland Dudemaine
Roman Koifman
Roman Mamedov
Ron Zapp
Rosimildo da Silva
Roy Shan
@@ -787,15 +812,16 @@ Ryan Chan
Ryan Nelson
Ryan Schmidt
S. Moonesamy
Salvador D<EFBFBD>vila
Salvador Dávila
Salvatore Sorrentino
Sam Listopad
Sampo Kellomaki
Samuel D<EFBFBD>az Garc<EFBFBD>a
Samuel Díaz García
Samuel Listopad
Samuel Thibault
Sander Gates
Sandor Feldi
Santhana Todatry
Saqib Ali
Saul good
Scott Barrett
@@ -849,11 +875,12 @@ Stoned Elipot
Sven Anders
Sven Neuhaus
Sven Wegener
S<EFBFBD>bastien Willemijns
Sébastien Willemijns
T. Bharath
T. Yamada
Taneli Vahakangas
Tanguy Fautre
Tatsuhiro Tsujikawa
Temprimus
Thomas J. Moore
Thomas Klausner
@@ -867,10 +894,11 @@ Tim Bartley
Tim Chen
Tim Costello
Tim Harder
Tim Heckman
Tim Newsome
Tim Sneddon
Tinus van den Berg
Tobias Rundstr<EFBFBD>m
Tobias Rundström
Toby Peterson
Todd A Ouska
Todd Kulesza
@@ -901,7 +929,7 @@ Traian Nicolescu
Troels Walsted Hansen
Troy Engel
Tupone Alfredo
Ulf H<EFBFBD>rnhammar
Ulf Härnhammar
Ulrich Zadow
Venkat Akella
Victor Snezhko

245
docs/TODO
View File

@@ -55,63 +55,69 @@
7.6 Provide callback for cert verification
7.7 Support other SSL libraries
7.9 improve configure --with-ssl
7.10 Support DANE
8. GnuTLS
8.1 SSL engine stuff
8.3 check connection
8.4 non-gcrypt
9. SMTP
9.1 Other authentication mechanims
9.2 Specify the preferred authentication mechanism
9.3 Initial response
9.4 Pipelining
9.1 Specify the preferred authentication mechanism
9.2 Initial response
9.3 Pipelining
10. POP3
10.1 APOP Authentication
10.2 Other authentication mechanims
10.3 auth= in URLs
10.1 auth= in URLs
11. Other protocols
11. IMAP
11.1 SASL based authentication mechanisms
12. New protocols
12.1 RSYNC
12. LDAP
12.1 SASL based authentication mechanisms
13. Client
13.1 sync
13.2 glob posts
13.3 prevent file overwriting
13.4 simultaneous parallel transfers
13.5 provide formpost headers
13.6 url-specific options
13.7 metalink support
13.8 warning when setting an option
13.9 IPv6 addresses with globbing
13. Other protocols
14. Build
14.1 roffit
14. New protocols
14.1 RSYNC
15. Test suite
15.1 SSL tunnel
15.2 nicer lacking perl message
15.3 more protocols supported
15.4 more platforms supported
15. SASL
15.1 Other authentication mechanisms
16. Next SONAME bump
16.1 http-style HEAD output for ftp
16.2 combine error codes
16.3 extend CURLOPT_SOCKOPTFUNCTION prototype
16. Client
16.1 sync
16.2 glob posts
16.3 prevent file overwriting
16.4 simultaneous parallel transfers
16.5 provide formpost headers
16.6 url-specific options
16.7 warning when setting an option
16.8 IPv6 addresses with globbing
17. Next major release
17.1 cleanup return codes
17.2 remove obsolete defines
17.3 size_t
17.4 remove several functions
17.5 remove CURLOPT_FAILONERROR
17.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
17.7 remove progress meter from libcurl
17.8 remove 'curl_httppost' from public
17.9 have form functions use CURL handle argument
17. Build
17.1 roffit
18. Test suite
18.1 SSL tunnel
18.2 nicer lacking perl message
18.3 more protocols supported
18.4 more platforms supported
19. Next SONAME bump
19.1 http-style HEAD output for ftp
19.2 combine error codes
19.3 extend CURLOPT_SOCKOPTFUNCTION prototype
20. Next major release
20.1 cleanup return codes
20.2 remove obsolete defines
20.3 size_t
20.4 remove several functions
20.5 remove CURLOPT_FAILONERROR
20.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
20.7 remove progress meter from libcurl
20.8 remove 'curl_httppost' from public
20.9 have form functions use CURL handle argument
20.10 Add CURLOPT_MAIL_CLIENT option
==============================================================================
@@ -349,6 +355,13 @@ to provide the data to send.
make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
then NSS...
7.10 Support DANE
DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
keys and certs over DNS using DNSSEC as an alternative to the CA model.
http://www.rfc-editor.org/rfc/rfc6698.txt
8. GnuTLS
8.1 SSL engine stuff
@@ -360,31 +373,16 @@ to provide the data to send.
Add a way to check if the connection seems to be alive, to correspond to the
SSL_peak() way we use with OpenSSL.
8.4 non-gcrypt
libcurl assumes that there are gcrypt functions available when
GnuTLS is.
GnuTLS can be built to use libnettle instead as crypto library,
which breaks the previously mentioned assumption
The correct fix would be to detect which crypto layer that is in use and
adapt our code to use that instead of blindly assuming gcrypt.
9. SMTP
9.1 Other authentication mechanims
Add support for other authentication mechanisms such as digest-md5 and
gssapi.
9.2 Specify the preferred authentication mechanism
9.1 Specify the preferred authentication mechanism
Add the ability to specify the preferred authentication mechanism or a list
of mechanims that should be used. Not only that, but the order that is
of mechanisms that should be used. Not only that, but the order that is
returned by the server during the EHLO response should be honored by curl.
9.3 Initial response
9.2 Initial response
Add the ability for the user to specify whether the initial response is
included in the AUTH command. Some email servers, such as Microsoft
@@ -393,43 +391,53 @@ to provide the data to send.
http://curl.haxx.se/mail/lib-2012-03/0114.html
9.4 Pipelining
9.3 Pipelining
Add support for pipelining emails.
10. POP3
10.1 APOP Authentication
10.1 auth= in URLs
Add support for the APOP command rather than using plain text authentication
(USER and PASS) as this is very week security wise. Note: The APOP command
is specified as "APOP <username> <md5 password>", however, it isn't
supported by all mail servers.
Being able to specify the preferred authentication mechanism in the URL as
per RFC2384.
10.2 Other authentication mechanims
11. IMAP
SASL offers support for additional authentication mechanisms via the AUTH
command. Detection of an email server's support for SASL authentication
can be detected via the CAPA command whilst a list of supported mechanisms
can be retrieved with an empty AUTH command.
11.1 SASL based authentication mechanisms
10.3 auth= in URLs
Curl currently sends usernames and passwords as clear text whilst SASL based
authentication mechanisms can be more secure. As such, support should be
added to support these authentication mechanisms.
Being able to specify the preferred authentication mechanim in the URL as
per RFC-2384 (http://tools.ietf.org/html/rfc2384).
12. LDAP
11. Other protocols
12.1 SASL based authentication mechansims
12. New protocols
Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
to an LDAP server. However, this function sends username and password details
using the simple authentication mechanism (as clear text). However, it should
be possible to use ldap_bind_s() instead specifing the security context
information ourselves.
12.1 RSYNC
13. Other protocols
14. New protocols
14.1 RSYNC
There's no RFC for the protocol or an URI/URL format. An implementation
should most probably use an existing rsync library, such as librsync.
13. Client
15. SASL
13.1 sync
15.1 Other authentication mechanisms
Add support for gssapi to SMTP and POP3.
16. Client
16.1 sync
"curl --sync http://example.com/feed[1-100].rss" or
"curl --sync http://example.net/{index,calendar,history}.html"
@@ -438,12 +446,12 @@ to provide the data to send.
remote file is newer than the local file. A Last-Modified HTTP date header
should also be used to set the mod date on the downloaded file.
13.2 glob posts
16.2 glob posts
Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
This is easily scripted though.
13.3 prevent file overwriting
16.3 prevent file overwriting
Add an option that prevents cURL from overwriting existing local files. When
used, and there already is an existing file with the target file name
@@ -451,14 +459,14 @@ to provide the data to send.
existing). So that index.html becomes first index.html.1 and then
index.html.2 etc.
13.4 simultaneous parallel transfers
16.4 simultaneous parallel transfers
The client could be told to use maximum N simultaneous parallel transfers and
then just make sure that happens. It should of course not make more than one
connection to the same remote host. This would require the client to use the
multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
13.5 provide formpost headers
16.5 provide formpost headers
Extending the capabilities of the multipart formposting. How about leaving
the ';type=foo' syntax as it is and adding an extra tag (headers) which
@@ -472,7 +480,7 @@ to provide the data to send.
which should overwrite the program reasonable defaults (plain/text,
8bit...)
13.6 url-specific options
16.6 url-specific options
Provide a way to make options bound to a specific URL among several on the
command line. Possibly by letting ':' separate options between URLs,
@@ -486,62 +494,57 @@ to provide the data to send.
The example would do a POST-GET-POST combination on a single command line.
13.7 metalink support
Add metalink support to curl (http://www.metalinker.org/). This is most useful
with simultaneous parallel transfers (11.6) but not necessary.
13.8 warning when setting an option
16.7 warning when setting an option
Display a warning when libcurl returns an error when setting an option.
This can be useful to tell when support for a particular feature hasn't been
compiled into the library.
13.9 IPv6 addresses with globbing
16.8 IPv6 addresses with globbing
Currently the command line client needs to get url globbing disabled (with
-g) for it to support IPv6 numerical addresses. This is a rather silly flaw
that should be corrected. It probably involves a smarter detection of the
'[' and ']' letters.
14. Build
17. Build
14.1 roffit
17.1 roffit
Consider extending 'roffit' to produce decent ASCII output, and use that
instead of (g)nroff when building src/hugehelp.c
15. Test suite
18. Test suite
15.1 SSL tunnel
18.1 SSL tunnel
Make our own version of stunnel for simple port forwarding to enable HTTPS
and FTP-SSL tests without the stunnel dependency, and it could allow us to
provide test tools built with either OpenSSL or GnuTLS
15.2 nicer lacking perl message
18.2 nicer lacking perl message
If perl wasn't found by the configure script, don't attempt to run the tests
but explain something nice why it doesn't.
15.3 more protocols supported
18.3 more protocols supported
Extend the test suite to include more protocols. The telnet could just do ftp
or http operations (for which we have test servers).
15.4 more platforms supported
18.4 more platforms supported
Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
fork()s and it should become even more portable.
16. Next SONAME bump
19. Next SONAME bump
16.1 http-style HEAD output for ftp
19.1 http-style HEAD output for ftp
#undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
from being output in NOBODY requests over ftp
16.2 combine error codes
19.2 combine error codes
Combine some of the error codes to remove duplicates. The original
numbering should not be changed, and the old identifiers would be
@@ -551,37 +554,44 @@ to provide the data to send.
Candidates for removal and their replacements:
CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND
CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND
CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR
CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT
CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT
CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL
CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
16.3 extend CURLOPT_SOCKOPTFUNCTION prototype
19.3 extend CURLOPT_SOCKOPTFUNCTION prototype
The current prototype only provides 'purpose' that tells what the
connection/socket is for, but not any protocol or similar. It makes it hard
for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
similar.
17. Next major release
20. Next major release
17.1 cleanup return codes
20.1 cleanup return codes
curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
CURLMcode. These should be changed to be the same.
17.2 remove obsolete defines
20.2 remove obsolete defines
remove obsolete defines from curl/curl.h
17.3 size_t
20.3 size_t
make several functions use size_t instead of int in their APIs
17.4 remove several functions
20.4 remove several functions
remove the following functions from the public API:
@@ -602,18 +612,18 @@ to provide the data to send.
curl_multi_socket_all
17.5 remove CURLOPT_FAILONERROR
20.5 remove CURLOPT_FAILONERROR
Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
internally. Let the app judge success or not for itself.
17.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
20.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
Remove support for a global DNS cache. Anything global is silly, and we
already offer the share interface for the same functionality but done
"right".
17.7 remove progress meter from libcurl
20.7 remove progress meter from libcurl
The internally provided progress meter output doesn't belong in the library.
Basically no application wants it (apart from curl) but instead applications
@@ -623,7 +633,7 @@ to provide the data to send.
variable types passed to it instead of doubles so that big files work
correctly.
17.8 remove 'curl_httppost' from public
20.8 remove 'curl_httppost' from public
curl_formadd() was made to fill in a public struct, but the fact that the
struct is public is never really used by application for their own advantage
@@ -632,10 +642,21 @@ to provide the data to send.
Changing them to return a private handle will benefit the implementation and
allow us much greater freedoms while still maintining a solid API and ABI.
17.9 have form functions use CURL handle argument
20.9 have form functions use CURL handle argument
curl_formadd() and curl_formget() both currently have no CURL handle
argument, but both can use a callback that is set in the easy handle, and
thus curl_formget() with callback cannot function without first having
curl_easy_perform() (or similar) called - which is hard to grasp and a design
mistake.
20.10 Add CURLOPT_MAIL_CLIENT option
Rather than use the URL to specify the mail client string to present in the
HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
specifing this data as the URL is non-standard and to be honest a bit of a
hack ;-)
Please see the following thread for more information:
http://curl.haxx.se/mail/lib-2012-05/0178.html

View File

@@ -20,7 +20,7 @@
.\" *
.\" **************************************************************************
.\"
.TH curl 1 "16 February 2012" "Curl 7.25.0" "Curl Manual"
.TH curl 1 "27 July 2012" "Curl 7.27.0" "Curl Manual"
.SH NAME
curl \- transfer a URL
.SH SYNOPSIS
@@ -35,8 +35,8 @@ command is designed to work without user interaction.
curl offers a busload of useful tricks like proxy support, user
authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
resume and more. As you will see below, the number of features will make your
head spin!
resume, Metalink, and more. As you will see below, the number of features will
make your head spin!
curl is powered by libcurl for all transfer-related features. See
.BR libcurl (3)
@@ -79,14 +79,14 @@ curl will do its best to use what you pass to it as a URL. It is not trying to
validate it as a syntactically correct URL by any means but is instead
\fBvery\fP liberal with what it accepts.
Curl will attempt to re-use connections for multiple file transfers, so that
curl will attempt to re-use connections for multiple file transfers, so that
getting many files from the same server will not do multiple connects /
handshakes. This improves speed. Of course this is only done on files
specified on a single command line and cannot be used between separate curl
invokes.
.SH "PROGRESS METER"
curl normally displays a progress meter during operations, indicating the amount
of transferred data, transfer speeds and estimated time left, etc.
curl normally displays a progress meter during operations, indicating the
amount of transferred data, transfer speeds and estimated time left, etc.
curl displays this data to the terminal by default, so if you invoke curl to
do an operation and it is about to write data to the terminal, it
@@ -103,7 +103,7 @@ any response data to the terminal.
If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your
friend.
.SH OPTIONS
In general, all boolean options are enabled with --option and yet again
In general, all boolean options are enabled with --\fBoption\fP and yet again
disabled with --\fBno-\fPoption. That is, you use the exact same option name
but prefix it with "no-". However, in this list we mostly only list and show
the --option version of them. (This concept with --no options was added in
@@ -125,14 +125,13 @@ Forces curl to use SSL version 2 when negotiating with a remote SSL server.
(SSL)
Forces curl to use SSL version 3 when negotiating with a remote SSL server.
.IP "-4, --ipv4"
If libcurl is capable of resolving an address to multiple IP versions (which
it is if it is IPv6-capable), this option tells libcurl to resolve names to
IPv4 addresses only.
If curl is capable of resolving an address to multiple IP versions (which it
is if it is IPv6-capable), this option tells curl to resolve names to IPv4
addresses only.
.IP "-6, --ipv6"
If libcurl is capable of resolving an address to multiple IP versions (which
it is if it is IPv6-capable), this option tells libcurl to resolve names to
IPv6 addresses only.
default statistics.
If curl is capable of resolving an address to multiple IP versions (which it
is if it is IPv6-capable), this option tells curl to resolve names to IPv6
addresses only.
.IP "-a, --append"
(FTP/SFTP) When used in an upload, this will tell curl to append to the target
file instead of overwriting it. If the file doesn't exist, it will be created.
@@ -143,8 +142,7 @@ done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in
the string, surround the string with single quote marks. This can also be set
with the \fI-H, --header\fP option of course.
If this option is set more than once, the last one will be the one that's
used.
If this option is used several times, the last one will be used.
.IP "--anyauth"
(HTTP) Tells curl to figure out authentication method by itself, and use the
most secure one the remote site claims to support. This is done by first
@@ -176,10 +174,9 @@ input. No cookies will be stored in the file. To store cookies, use the
\fI-c, --cookie-jar\fP option or you could even save the HTTP headers to a file
using \fI-D, --dump-header\fP!
If this option is set more than once, the last one will be the one that's
used.
If this option is used several times, the last one will be used.
.IP "-B, --use-ascii"
Enable ASCII transfer when using FTP or LDAP. For FTP, this can also be
(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be
enforced by using an URL that ends with ";type=A". This option causes data
sent to stdout to be in text mode for win32 systems.
.IP "--basic"
@@ -188,12 +185,12 @@ this option is usually pointless, unless you use it to override a previously
set option that sets a different authentication method (such as \fI--ntlm\fP,
\fI--digest\fP, or \fI--negotiate\fP).
.IP "-c, --cookie-jar <file name>"
Specify to which file you want curl to write all cookies after a completed
operation. Curl writes all cookies previously read from a specified file as
well as all cookies received from remote server(s). If no cookies are known,
no file will be written. The file will be written using the Netscape cookie
file format. If you set the file name to a single dash, "-", the cookies will
be written to stdout.
(HTTP) Specify to which file you want curl to write all cookies after a
completed operation. Curl writes all cookies previously read from a specified
file as well as all cookies received from remote server(s). If no cookies are
known, no file will be written. The file will be written using the Netscape
cookie file format. If you set the file name to a single dash, "-", the
cookies will be written to stdout.
This command line option will activate the cookie engine that makes curl
record and use cookies. Another way to activate it is to use the \fI-b,
@@ -221,13 +218,13 @@ If this option is used several times, the last one will be used.
must specify valid ciphers. Read up on SSL cipher list details on this URL:
\fIhttp://www.openssl.org/docs/apps/ciphers.html\fP
NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of
NSS ciphers is in the NSSCipherSuite entry at this URL:
\fIhttp://directory.fedora.redhat.com/docs/mod_nss.html#Directives\fP
NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS
ciphers is in the NSSCipherSuite entry at this URL:
\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
If this option is used several times, the last one will override the others.
If this option is used several times, the last one will be used.
.IP "--compressed"
(HTTP) Request a compressed response using one of the algorithms libcurl
(HTTP) Request a compressed response using one of the algorithms curl
supports, and save the uncompressed document. If this option is used and the
server sends an unsupported encoding, curl will report an error.
.IP "--connect-timeout <seconds>"
@@ -237,10 +234,10 @@ of no more use. See also the \fI-m, --max-time\fP option.
If this option is used several times, the last one will be used.
.IP "--create-dirs"
When used in conjunction with the -o option, curl will create the necessary
local directory hierarchy as needed. This option creates the dirs mentioned
with the -o option, nothing else. If the -o file name uses no dir or if the
dirs it mentions already exist, no dir will be created.
When used in conjunction with the \fI-o\fP option, curl will create the
necessary local directory hierarchy as needed. This option creates the dirs
mentioned with the \fI-o\fP option, nothing else. If the \fI-o\fP file name
uses no dir or if the dirs it mentions already exist, no dir will be created.
To create remote directories when using FTP or SFTP, try
\fI--ftp-create-dirs\fP.
@@ -277,7 +274,7 @@ specified. Posting data from a file named 'foobar' would thus be done with
.IP "-D, --dump-header <file>"
Write the protocol headers to the specified file.
This option is handy to use when you want to store the headers that a HTTP
This option is handy to use when you want to store the headers that an HTTP
site sends to you. Cookies from the headers could then be read in a second
curl invocation by using the \fI-b, --cookie\fP option! The
\fI-c, --cookie-jar\fP option is however a better way to store cookies.
@@ -285,8 +282,10 @@ curl invocation by using the \fI-b, --cookie\fP option! The
When used in FTP, the FTP server response lines are considered being "headers"
and thus are saved there.
If this option is used several times, the last one will be used. IP
"--data-ascii <data>" See \fI-d, --data\fP.
If this option is used several times, the last one will be used.
.IP "--data-ascii <data>"
See \fI-d, --data\fP.
.IP "--data-binary <data>"
(HTTP) This posts data exactly as specified with no extra processing
whatsoever.
@@ -337,21 +336,20 @@ service ticket, which is a matter of realm policy.
Unconditionally allow the server to delegate.
.RE
.IP "--digest"
(HTTP) Enables HTTP Digest authentication. This is a authentication that
prevents the password from being sent over the wire in clear text. Use this in
combination with the normal \fI-u, --user\fP option to set user name and
password. See also \fI--ntlm\fP, \fI--negotiate\fP and \fI--anyauth\fP for
(HTTP) Enables HTTP Digest authentication. This is an authentication scheme
that prevents the password from being sent over the wire in clear text. Use
this in combination with the normal \fI-u, --user\fP option to set user name
and password. See also \fI--ntlm\fP, \fI--negotiate\fP and \fI--anyauth\fP for
related options.
If this option is used several times, the following occurrences make no
difference.
If this option is used several times, only the first one is used.
.IP "--disable-eprt"
(FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing
active FTP transfers. Curl will normally always first attempt to use EPRT,
then LPRT before using PORT, but with this option, it will use PORT right
away. EPRT and LPRT are extensions to the original FTP protocol, and may not work
on all servers, but they enable more functionality in a better way than the
traditional PORT command.
away. EPRT and LPRT are extensions to the original FTP protocol, and may not
work on all servers, but they enable more functionality in a better way than
the traditional PORT command.
\fB--eprt\fP can be used to explicitly enable EPRT again and \fB--no-eprt\fP
is an alias for \fB--disable-eprt\fP.
@@ -399,9 +397,9 @@ operations. Use \fI--engine list\fP to print a list of build-time supported
engines. Note that not all (or none) of the engines may be available at
run-time.
.IP "--environment"
(RISC OS ONLY) Sets a range of environment variables, using the names the -w
option supports, to allow easier extraction of useful information after having
run curl.
(RISC OS ONLY) Sets a range of environment variables, using the names the
\fI-w\fP option supports, to allow easier extraction of useful information
after having run curl.
.IP "--egd-file <file>"
(SSL) Specify the path name to the Entropy Gathering Daemon socket. The socket
is used to seed the random engine for SSL connections. See also the
@@ -446,7 +444,7 @@ used several times, the last one will be used.
.IP "-f, --fail"
(HTTP) Fail silently (no output at all) on server errors. This is mostly done
to better enable scripts etc to better deal with failed attempts. In
normal cases when a HTTP server fails to deliver a document, it returns an
normal cases when an HTTP server fails to deliver a document, it returns an
HTML document stating so (which often also describes why and more). This flag
will prevent curl from outputting that and return error 22.
@@ -494,7 +492,7 @@ This option can be used multiple times.
has been provided, this data is sent off using the ACCT command. (Added in
7.13.0)
If this option is used twice, the second will override the previous use.
If this option is used several times, the last one will be used.
.IP "--ftp-alternative-to-user <command>"
(FTP) If authenticating with the USER and PASS commands fails, send this
command. When connecting to Tumbleweed's Secure Transport server over FTPS
@@ -506,7 +504,7 @@ currently exist on the server, the standard behavior of curl is to
fail. Using this option, curl will instead attempt to create missing
directories.
.IP "--ftp-method [method]"
(FTP) Control what method curl should use to reach a file on a FTP(S)
(FTP) Control what method curl should use to reach a file on an FTP(S)
server. The method argument should be one of the following alternatives:
.RS
.IP multicwd
@@ -527,9 +525,9 @@ compliant than 'nocwd' but without the full penalty of 'multicwd'.
behavior, but using this option can be used to override a previous
\fI-P/-ftp-port\fP option. (Added in 7.11.0)
If this option is used several times, the following occurrences make no
difference. Undoing an enforced passive really isn't doable but you must then
instead enforce the correct \fI-P, --ftp-port\fP again.
If this option is used several times, only the first one is used. Undoing an
enforced passive really isn't doable but you must then instead enforce the
correct \fI-P, --ftp-port\fP again.
Passive mode means that curl will try the EPSV command first and then PASV,
unless \fI--disable-epsv\fP is used.
@@ -550,7 +548,7 @@ directory listings as well as up and downloads in PASV mode.
Shuts down the SSL/TLS layer after authenticating. The rest of the
control channel communication will be unencrypted. This allows
NAT routers to follow the FTP transaction. The default mode is
passive. See --ftp-ssl-ccc-mode for other modes.
passive. See \fI--ftp-ssl-ccc-mode\fP for other modes.
(Added in 7.16.1)
.IP "--ftp-ssl-ccc-mode [active/passive]"
(FTP) Use CCC (Clear Command Channel)
@@ -577,16 +575,16 @@ interpreted by curl itself. Note that these letters are not normal legal URL
contents but they should be encoded according to the URI standard.
.IP "-G, --get"
When used, this option will make all data specified with \fI-d, --data\fP or
\fI--data-binary\fP to be used in a HTTP GET request instead of the POST
\fI--data-binary\fP to be used in an HTTP GET request instead of the POST
request that otherwise would be used. The data will be appended to the URL
with a '?' separator.
If used in combination with -I, the POST data will instead be appended to the
URL with a HEAD request.
If this option is used several times, the following occurrences make no
difference. This is because undoing a GET doesn't make sense, but you should
then instead enforce the alternative method you prefer.
If this option is used several times, only the first one is used. This is
because undoing a GET doesn't make sense, but you should then instead enforce
the alternative method you prefer.
.IP "-H, --header <header>"
(HTTP) Extra header to use when getting a web page. You may specify any number
of extra headers. Note that if you should add a custom header that has the
@@ -595,9 +593,9 @@ header will be used instead of the internal one. This allows you to make even
trickier stuff than curl would normally do. You should not replace internally
set headers without knowing perfectly well what you're doing. Remove an
internal header by giving a replacement without content on the right side of
the colon, as in: -H \&"Host:". If you send the custom header with no-value then
its header must be terminated with a semicolon, such as \-H "X-Custom-Header;"
to send "X-Custom-Header:".
the colon, as in: -H \&"Host:". If you send the custom header with no-value
then its header must be terminated with a semicolon, such as \-H
\&"X-Custom-Header;" to send "X-Custom-Header:".
curl will make sure that each header you add/replace is sent with the proper
end-of-line marker, you should thus \fBnot\fP add that as a part of the header
@@ -608,10 +606,9 @@ See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
This option can be used multiple times to add/replace/remove multiple headers.
.IP "--hostpubmd5 <md5>"
Pass a string containing 32 hexadecimal digits. The string should be the 128
bit MD5 checksum of the remote host's public key, curl will refuse the
connection with the host unless the md5sums match. This option is only for SCP
and SFTP transfers. (Added in 7.17.1)
(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
be the 128 bit MD5 checksum of the remote host's public key, curl will refuse
the connection with the host unless the md5sums match. (Added in 7.17.1)
.IP "--ignore-content-length"
(HTTP)
Ignore the Content-Length header. This is particularly useful for servers
@@ -624,7 +621,7 @@ like server-name, date of the document, HTTP-version and more...
(HTTP/FTP/FILE)
Fetch the HTTP-header only! HTTP-servers feature the command HEAD
which this uses to get nothing but the header of a document. When used
on a FTP or FILE file, curl displays the file size and last modification
on an FTP or FILE file, curl displays the file size and last modification
time only.
.IP "--interface <name>"
Perform an operation using a specified interface. You can enter interface
@@ -639,8 +636,9 @@ make it discard all "session cookies". This will basically have the same effect
as if a new session is started. Typical browsers always discard session
cookies when they're closed down.
.IP "-J, --remote-header-name"
(HTTP) This option tells the -O, --remote-name option to use the server-specified
Content-Disposition filename instead of extracting a filename from the URL.
(HTTP) This option tells the \fI-O, --remote-name\fP option to use the
server-specified Content-Disposition filename instead of extracting a filename
from the URL.
.IP "-k, --insecure"
(SSL) This option explicitly allows curl to perform "insecure" SSL connections
and transfers. All SSL connections are attempted to be made secure by using
@@ -711,7 +709,7 @@ currently effective on operating systems offering the TCP_KEEPIDLE and
TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0)
If this option is used multiple times, the last occurrence sets the amount. If
If this option is used several times, the last one will be used. If
unspecified, the option defaults to 60 seconds.
.IP "--key <key>"
(SSL/SSH) Private key file name. Allows you to provide your private key in this
@@ -817,9 +815,9 @@ Specify the maximum size (in bytes) of a file to download. If the file
requested is larger than this value, the transfer will not start and curl will
return with exit code 63.
\fBNOTE:\fP The file size is not always known prior to download, and for such files
this option has no effect even if the file transfer ends up being larger than
this given limit. This concerns both FTP and HTTP transfers.
\fBNOTE:\fP The file size is not always known prior to download, and for such
files this option has no effect even if the file transfer ends up being larger
than this given limit. This concerns both FTP and HTTP transfers.
.IP "--mail-rcpt <address>"
(SMTP) Specify a single address that the given mail should get sent to. This
option can be used multiple times to specify many recipients.
@@ -832,6 +830,31 @@ is used, this option can be used to prevent curl from following redirections
option to -1 to make it limitless.
If this option is used several times, the last one will be used.
.IP "--metalink"
This option can tell curl to parse and process a given URI as Metalink file
(both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors
listed within for failover if there are errors (such as the file or server not
being available). It will also verify the hash of the file after the download
completes. The Metalink file itself is downloaded and processed in memory and
not stored in the local file system.
Example to use a remote Metalink file:
\fBcurl\fP --metalink http://www.example.com/example.metalink
To use a Metalink file in the local file system, use FILE protocol
(file://):
\fBcurl\fP --metalink file://example.metalink
Please note that if FILE protocol is disabled, there is no way to use
a local Metalink file at the time of this writing. Also note that if
\fI--metalink\fP and \fI--include\fP are used together, \fI--include\fP will be
ignored. This is because including headers in the response will break
Metalink parser and if the headers are included in the file described
in Metalink file, hash check will fail.
(Added in 7.27.0, if built against the libmetalink library.)
.IP "-n, --netrc"
Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
home directory for login name and password. This is typically used for FTP on
@@ -865,7 +888,7 @@ You can only specify one netrc file per invocation. If several
(Added in 7.21.5)
This option overrides any use of \fI--netrc\fP as they are mutually exclusive.
It will also abide by --netrc-optional if specified.
It will also abide by \fI--netrc-optional\fP if specified.
.IP "--netrc-optional"
Very similar to \fI--netrc\fP, but this option makes the .netrc usage
@@ -885,12 +908,11 @@ This option requires a library built with GSSAPI support. This is
not very common. Use \fI-V, --version\fP to see if your version supports
GSS-Negotiate.
When using this option, you must also provide a fake -u, --user option to
When using this option, you must also provide a fake \fI-u, --user\fP option to
activate the authentication code properly. Sending a '-u :' is enough as the
user name and password from the -u option aren't actually used.
user name and password from the \fI-u\fP option aren't actually used.
If this option is used several times, the following occurrences make no
difference.
If this option is used several times, only the first one is used.
.IP "--no-keepalive"
Disables the use of keepalive messages on the TCP connection, as by default
curl enables them.
@@ -927,8 +949,7 @@ If you want to enable NTLM for your proxy authentication, then use
This option requires a library built with SSL support. Use
\fI-V, --version\fP to see if your curl supports NTLM.
If this option is used several times, the following occurrences make no
difference.
If this option is used several times, only the first one is used.
.IP "-o, --output <file>"
Write output to <file> instead of stdout. If you are using {} or [] to fetch
multiple documents, you can use '#' followed by a number in the <file>
@@ -996,16 +1017,16 @@ available.
If this option is used several times, the last one will be used.
.IP "--post301"
Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET
requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
in web browsers, so curl does the conversion by default to maintain
(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests
into GET requests when following a 301 redirection. The non-RFC behaviour is
ubiquitous in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using \fI-L, --location\fP
(Added in 7.17.1)
.IP "--post302"
Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET
requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
in web browsers, so curl does the conversion by default to maintain
(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests
into GET requests when following a 302 redirection. The non-RFC behaviour is
ubiquitous in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using \fI-L, --location\fP
(Added in 7.19.1)
@@ -1094,24 +1115,24 @@ default config file search path.
commands are sent BEFORE the transfer takes place (just after the initial PWD
command in an FTP transfer, to be exact). To make commands take place after a
successful transfer, prefix them with a dash '-'. To make commands be sent
after libcurl has changed the working directory, just before the transfer
after curl has changed the working directory, just before the transfer
command(s), prefix the command with a '+' (this is only supported for
FTP). You may specify any number of commands. If the server returns failure
for one of the commands, the entire operation will be aborted. You must send
syntactically correct FTP commands as RFC 959 defines to FTP servers, or one
of the commands listed below to SFTP servers. This option can be used
multiple times. When speaking to a FTP server, prefix the command with an
asterisk (*) to make libcurl continue even if the command fails as by default
multiple times. When speaking to an FTP server, prefix the command with an
asterisk (*) to make curl continue even if the command fails as by default
curl will stop at first failure.
SFTP is a binary protocol. Unlike for FTP, libcurl interprets SFTP quote
commands itself before sending them to the server. File names may be quoted
SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands
itself before sending them to the server. File names may be quoted
shell-style to embed spaces or special characters. Following is the list of
all supported SFTP quote commands:
.RS
.IP "chgrp group file"
The chgrp command sets the group ID of the file named by the file operand to the
group ID specified by the group operand. The group operand is a decimal
The chgrp command sets the group ID of the file named by the file operand to
the group ID specified by the group operand. The group operand is a decimal
integer group ID.
.IP "chmod mode file"
The chmod command modifies the file mode bits of the specified file. The
@@ -1169,9 +1190,10 @@ specifies two separate 100-byte ranges(*)(H)
(*) = NOTE that this will cause the server to reply with a multipart
response!
Only digit characters (0-9) are valid in the 'start' and 'stop' fields of
the \&'start-stop' range syntax. If a non-digit character is given in the range, the server's
response will be unspecified, depending on the server's configuration.
Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the
\&'start-stop' range syntax. If a non-digit character is given in the range,
the server's response will be unspecified, depending on the server's
configuration.
You should also be aware that many HTTP/1.1 servers do not have this feature
enabled, so that when you attempt to get a range, you'll instead get the whole
@@ -1183,7 +1205,7 @@ FTP command SIZE.
If this option is used several times, the last one will be used.
.IP "-R, --remote-time"
When used, this will make libcurl attempt to figure out the timestamp of the
When used, this will make curl attempt to figure out the timestamp of the
remote file, and if that is available make the local file get that same
timestamp.
.IP "--random-file <file>"
@@ -1191,7 +1213,7 @@ timestamp.
random data. The data is used to seed the random engine for SSL connections.
See also the \fI--egd-file\fP option.
.IP "--raw"
When used, it disables all internal HTTP decoding of content or transfer
(HTTP) When used, it disables all internal HTTP decoding of content or transfer
encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2)
.IP "--remote-name-all"
This option changes the default action for all given URLs to be dealt with as
@@ -1223,7 +1245,7 @@ using \fI--retry-delay\fP you disable this exponential backoff algorithm. See
also \fI--retry-max-time\fP to limit the total time allowed for
retries. (Added in 7.12.3)
If this option is used multiple times, the last occurrence decide the amount.
If this option is used several times, the last one will be used.
.IP "--retry-delay <seconds>"
Make curl sleep this amount of time before each retry when a transfer has
failed with a transient error (it changes the default backoff time algorithm
@@ -1231,7 +1253,7 @@ between retries). This option is only interesting if \fI--retry\fP is also
used. Setting this delay to zero will make curl use the default backoff time.
(Added in 7.12.3)
If this option is used multiple times, the last occurrence determines the amount.
If this option is used several times, the last one will be used.
.IP "--retry-max-time <seconds>"
The retry timer is reset before the first transfer attempt. Retries will be
done as usual (see \fI--retry\fP) as long as the timer hasn't reached this
@@ -1240,13 +1262,12 @@ will be made and while performing, it may take longer than this given time
period. To limit a single request\'s maximum time, use \fI-m, --max-time\fP.
Set this option to zero to not timeout retries. (Added in 7.12.3)
If this option is used multiple times, the last occurrence determines the
amount.
If this option is used several times, the last one will be used.
.IP "-s, --silent"
Silent or quiet mode. Don't show progress meter or error messages. Makes
Curl mute.
.IP "-S, --show-error"
When used with -s it makes curl show an error message if it fails.
When used with \fI-s\fP it makes curl show an error message if it fails.
.IP "--ssl"
(FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection. Reverts to a
non-secure connection if the server doesn't support SSL/TLS. See also
@@ -1350,7 +1371,7 @@ part in the specified URL, Curl will append the local file name. NOTE that you
must use a trailing / on the last directory to really prove to Curl that there
is no file name or curl will think that your last directory name is the remote
file name to use. That will most likely cause the upload operation to fail. If
this is used on a HTTP(S) server, the PUT command will be used.
this is used on an HTTP(S) server, the PUT command will be used.
Use the file name "-" (a single dash) to use stdin instead of a given file.
Alternately, the file name "." (a single period) may be specified instead
@@ -1393,7 +1414,7 @@ Set password for use with the TLS authentication method specified with
7.21.4)
.IP "--tr-encoding"
(HTTP) Request a compressed Transfer-Encoding response using one of the
algorithms libcurl supports, and uncompress the data while receiving it.
algorithms curl supports, and uncompress the data while receiving it.
(Added in 7.21.6)
.IP "--trace <file>"
@@ -1478,17 +1499,21 @@ space with \\t.
The %-symbol is a special symbol in the win32-environment, where all
occurrences of % must be doubled when using this option.
The variables available at this point are:
The variables available are:
.RS
.TP 15
.B url_effective
The URL that was fetched last. This is most meaningful if you've told curl
to follow location: headers.
.B content_type
The Content-Type of the requested document, if there was any.
.TP
.B filename_effective
The ultimate filename that curl writes out to. This is only meaningful if curl
is told to write to a file with the --remote-name or --output option. It's most
useful in combination with the --remote-header-name option. (Added in 7.25.1)
is told to write to a file with the \fI--remote-name\fP or \fI--output\fP
option. It's most useful in combination with the \fI--remote-header-name\fP
option. (Added in 7.25.1)
.TP
.B ftp_entry_path
The initial path curl ended up in when logging on to the remote FTP
server. (Added in 7.15.4)
.TP
.B http_code
The numerical response code that was found in the last retrieved HTTP(S) or
@@ -1499,21 +1524,51 @@ same info.
The numerical code that was found in the last response (from a proxy) to a
curl CONNECT request. (Added in 7.12.4)
.TP
.B time_total
The total time, in seconds, that the full operation lasted. The time will be
displayed with millisecond resolution.
.B num_connects
Number of new connects made in the recent transfer. (Added in 7.12.3)
.TP
.B time_namelookup
The time, in seconds, it took from the start until the name resolving was
completed.
.B num_redirects
Number of redirects that were followed in the request. (Added in 7.12.3)
.TP
.B redirect_url
When an HTTP request was made without -L to follow redirects, this variable
will show the actual URL a redirect \fIwould\fP take you to. (Added in 7.18.2)
.TP
.B size_download
The total amount of bytes that were downloaded.
.TP
.B size_header
The total amount of bytes of the downloaded headers.
.TP
.B size_request
The total amount of bytes that were sent in the HTTP request.
.TP
.B size_upload
The total amount of bytes that were uploaded.
.TP
.B speed_download
The average download speed that curl measured for the complete download. Bytes
per second.
.TP
.B speed_upload
The average upload speed that curl measured for the complete upload. Bytes per
second.
.TP
.B ssl_verify_result
The result of the SSL peer certificate verification that was requested. 0
means the verification was successful. (Added in 7.19.0)
.TP
.B time_appconnect
The time, in seconds, it took from the start until the SSL/SSH/etc
connect/handshake to the remote host was completed. (Added in 7.19.0)
.TP
.B time_connect
The time, in seconds, it took from the start until the TCP connect to the
remote host (or proxy) was completed.
.TP
.B time_appconnect
The time, in seconds, it took from the start until the SSL/SSH/etc
connect/handshake to the remote host was completed. (Added in 7.19.0)
.B time_namelookup
The time, in seconds, it took from the start until the name resolving was
completed.
.TP
.B time_pretransfer
The time, in seconds, it took from the start until the file transfer was just
@@ -1527,50 +1582,17 @@ started. time_redirect shows the complete execution time for multiple
redirections. (Added in 7.12.3)
.TP
.B time_starttransfer
The time, in seconds, it took from the start until the first byte was just about
to be transferred. This includes time_pretransfer and also the time the
The time, in seconds, it took from the start until the first byte was just
about to be transferred. This includes time_pretransfer and also the time the
server needed to calculate the result.
.TP
.B size_download
The total amount of bytes that were downloaded.
.B time_total
The total time, in seconds, that the full operation lasted. The time will be
displayed with millisecond resolution.
.TP
.B size_upload
The total amount of bytes that were uploaded.
.TP
.B size_header
The total amount of bytes of the downloaded headers.
.TP
.B size_request
The total amount of bytes that were sent in the HTTP request.
.TP
.B speed_download
The average download speed that curl measured for the complete download. Bytes
per second.
.TP
.B speed_upload
The average upload speed that curl measured for the complete upload. Bytes per
second.
.TP
.B content_type
The Content-Type of the requested document, if there was any.
.TP
.B num_connects
Number of new connects made in the recent transfer. (Added in 7.12.3)
.TP
.B num_redirects
Number of redirects that were followed in the request. (Added in 7.12.3)
.TP
.B redirect_url
When a HTTP request was made without -L to follow redirects, this variable
will show the actual URL a redirect \fIwould\fP take you to. (Added in 7.18.2)
.TP
.B ftp_entry_path
The initial path libcurl ended up in when logging on to the remote FTP
server. (Added in 7.15.4)
.TP
.B ssl_verify_result
The result of the SSL peer certificate verification that was requested. 0
means the verification was successful. (Added in 7.19.0)
.B url_effective
The URL that was fetched last. This is most meaningful if you've told curl
to follow location: headers.
.RE
If this option is used several times, the last one will be used.
@@ -1582,14 +1604,14 @@ This option overrides existing environment variables that set the proxy to
use. If there's an environment variable setting a proxy, you can set proxy to
\&"" to override it.
All operations that are performed over a HTTP proxy will transparently be
All operations that are performed over an HTTP proxy will transparently be
converted to HTTP. It means that certain protocol specific operations might
not be available. This is not the case if you can tunnel through the proxy, as
one with the \fI-p, --proxytunnel\fP option.
User and password that might be provided in the proxy string are URL decoded
by libcurl. This allows you to pass in special characters such as @ by using
%40 or pass in a colon with %3a.
by curl. This allows you to pass in special characters such as @ by using %40
or pass in a colon with %3a.
The proxy host can be specified the exact same way as the proxy environment
variables, including the protocol prefix (http://) and the embedded user +
@@ -1625,7 +1647,7 @@ attributes, a warning is issued.
.IP "-y, --speed-time <time>"
If a download is slower than speed-limit bytes per second during a speed-time
period, the download gets aborted. If speed-time is used, the default
speed-limit will be 1 unless set with -Y.
speed-limit will be 1 unless set with \fI-Y\fP.
This option controls transfers and thus will not affect slow connects etc. If
this is a concern for you, try the \fI--connect-timeout\fP option.
@@ -1633,16 +1655,17 @@ this is a concern for you, try the \fI--connect-timeout\fP option.
If this option is used several times, the last one will be used.
.IP "-Y, --speed-limit <speed>"
If a download is slower than this given speed (in bytes per second) for
speed-time seconds it gets aborted. speed-time is set with -y and is 30 if
not set.
speed-time seconds it gets aborted. speed-time is set with \fI-y\fP and is 30
if not set.
If this option is used several times, the last one will be used.
.IP "-z/--time-cond <date expression>|<file>"
(HTTP/FTP) Request a file that has been modified later than the given time and
date, or one that has been modified before that time. The <date expression> can
be all sorts of date strings or if it doesn't match any internal ones, it is
taken as a filename and tries to get the modification date (mtime) from <file>
instead. See the \fIcurl_getdate(3)\fP man pages for date expression details.
date, or one that has been modified before that time. The <date expression>
can be all sorts of date strings or if it doesn't match any internal ones, it
is taken as a filename and tries to get the modification date (mtime) from
<file> instead. See the \fIcurl_getdate(3)\fP man pages for date expression
details.
Start the date expression with a dash (-) to make it request for a document
that is older than the given date/time, default is a document that is newer
@@ -1693,6 +1716,10 @@ SSPI is supported. If you use NTLM and set a blank user name, curl will
authenticate with your current user and password.
.IP "TLS-SRP"
SRP (Secure Remote Password) authentication is supported for TLS.
.IP "Metalink"
This curl supports Metalink (both version 3 and 4 (RFC 5854)), which
describes mirrors and hashes. curl will use mirrors for failover if
there are errors (such as the file or server not being available).
.RE
.SH FILES
.I ~/.curlrc
@@ -1724,7 +1751,7 @@ Since curl version 7.21.7, the proxy string may be specified with a
protocol:// prefix to specify alternative proxy protocols.
If no protocol is specified in the proxy string or if the string doesn't match
a supported one, the proxy will be treated as a HTTP proxy.
a supported one, the proxy will be treated as an HTTP proxy.
The supported proxy protocol prefixes are as follows:
.IP "socks4://"

View File

@@ -11,6 +11,7 @@ ftp-wildcard
ftpget
ftpgetinfo
ftpgetresp
ftpsget
ftpupload
getinfo
getinmemory
@@ -34,6 +35,7 @@ resolve
rtsp
sendrecv
sepheaders
sftpget
simple
simplepost
simplesmtp

View File

@@ -5,7 +5,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
persistant post-callback postit2 sepheaders simple simplepost simplessl \
sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard \
smtp-multi simplesmtp smtp-tls rtsp externalsocket resolve \
progressfunc pop3s pop3slist imap url2file
progressfunc pop3s pop3slist imap url2file sftpget ftpsget
# These examples require external dependencies that may not be commonly
# available on POSIX systems, so don't bother attempting to compile them here.

View File

@@ -40,12 +40,6 @@ endif
ifndef OPENSSL_PATH
OPENSSL_PATH = ../../../openssl-0.9.8x
endif
ifndef OPENSSL_LIBPATH
OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
endif
ifndef OPENSSL_LIBS
OPENSSL_LIBS = -leay32 -lssl32
endif
# Edit the path below to point to the base of your LibSSH2 package.
ifndef LIBSSH2_PATH
LIBSSH2_PATH = ../../../libssh2-1.4.2
@@ -81,7 +75,7 @@ ifndef ARCH
ARCH = w32
endif
CC = gcc
CC = $(CROSSPREFIX)gcc
CFLAGS = -g -O2 -Wall
CFLAGS += -fno-strict-aliasing
ifeq ($(ARCH),w64)
@@ -89,11 +83,36 @@ CFLAGS += -D_AMD64_
endif
# comment LDFLAGS below to keep debug info
LDFLAGS = -s
RC = windres
RC = $(CROSSPREFIX)windres
RCFLAGS = --include-dir=$(PROOT)/include -O COFF -i
RM = del /q /f 2>NUL
CP = copy
# Platform-dependent helper tool macros
ifeq ($(findstring /sh,$(SHELL)),/sh)
DEL = rm -f $1
RMDIR = rm -fr $1
MKDIR = mkdir -p $1
COPY = -cp -afv $1 $2
#COPYR = -cp -afr $1/* $2
COPYR = -rsync -aC $1/* $2
TOUCH = touch $1
CAT = cat
ECHONL = echo ""
DL = '
else
ifeq "$(OS)" "Windows_NT"
DEL = -del 2>NUL /q /f $(subst /,\,$1)
RMDIR = -rd 2>NUL /q /s $(subst /,\,$1)
else
DEL = -del 2>NUL $(subst /,\,$1)
RMDIR = -deltree 2>NUL /y $(subst /,\,$1)
endif
MKDIR = -md 2>NUL $(subst /,\,$1)
COPY = -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
COPYR = -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
TOUCH = copy 2>&1>NUL /b $(subst /,\,$1) +,,
CAT = type
ECHONL = $(ComSpec) /c echo.
endif
########################################################
## Nothing more to do below this line!
@@ -138,6 +157,13 @@ endif
ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
IPV6 = 1
endif
ifeq ($(findstring -metalink,$(CFG)),-metalink)
METALINK = 1
endif
ifeq ($(findstring -winssl,$(CFG)),-winssl)
SCHANNEL = 1
SSPI = 1
endif
INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib
@@ -148,6 +174,7 @@ else
curl_DEPENDENCIES = $(PROOT)/lib/libcurl.a
curl_LDADD = -L$(PROOT)/lib -lcurl
CFLAGS += -DCURL_STATICLIB
LDFLAGS += -static
endif
ifdef ARES
ifndef DYN
@@ -165,7 +192,22 @@ ifdef SSH2
curl_LDADD += -L"$(LIBSSH2_PATH)/win32" -lssh2
endif
ifdef SSL
CFLAGS += -DUSE_SSLEAY -DHAVE_OPENSSL_ENGINE_H
ifndef OPENSSL_LIBPATH
OPENSSL_LIBS = -lssl -lcrypto
ifeq "$(wildcard $(OPENSSL_PATH)/out)" "$(OPENSSL_PATH)/out"
OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
ifdef DYN
OPENSSL_LIBS = -lssl32 -leay32
endif
endif
ifeq "$(wildcard $(OPENSSL_PATH)/lib)" "$(OPENSSL_PATH)/lib"
OPENSSL_LIBPATH = $(OPENSSL_PATH)/lib
endif
endif
ifndef DYN
OPENSSL_LIBS += -lgdi32 -lcrypt32
endif
CFLAGS += -DUSE_SSLEAY
curl_LDADD += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
endif
ifdef ZLIB
@@ -184,6 +226,9 @@ endif
endif
ifdef SSPI
CFLAGS += -DUSE_WINDOWS_SSPI
ifdef SCHANNEL
CFLAGS += -DUSE_SCHANNEL
endif
endif
ifdef SPNEGO
CFLAGS += -DHAVE_SPNEGO
@@ -215,6 +260,8 @@ include Makefile.inc
check_PROGRAMS := $(patsubst %,%.exe,$(strip $(check_PROGRAMS)))
check_PROGRAMS += ftpuploadresume.exe synctime.exe
.PRECIOUS: %.o
all: $(check_PROGRAMS)
@@ -228,8 +275,8 @@ all: $(check_PROGRAMS)
$(RC) $(RCFLAGS) $< -o $@
clean:
-$(RM) $(check_PROGRAMS:.exe=.o)
@$(call DEL, $(check_PROGRAMS:.exe=.o))
distclean vclean: clean
-$(RM) $(check_PROGRAMS)
@$(call DEL, $(check_PROGRAMS))

View File

@@ -162,6 +162,10 @@ int main(int argc, char **argv)
/* Now run off and do what you've been told! */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -132,6 +132,10 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -64,7 +64,13 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK) {
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
}
else {
/* now extract transfer info */
curl_easy_getinfo(curl, CURLINFO_SPEED_UPLOAD, &speed_upload);
curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &total_time);
@@ -72,6 +78,7 @@ int main(void)
fprintf(stderr, "Speed: %.3f bytes/sec during %.3f seconds\n",
speed_upload, total_time);
}
/* always cleanup */
curl_easy_cleanup(curl);
}

View File

@@ -60,6 +60,10 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, write_response);
curl_easy_setopt(curl, CURLOPT_WRITEHEADER, respfile);
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

101
docs/examples/ftpsget.c Normal file
View File

@@ -0,0 +1,101 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/*
* This is an example showing how to get a single file from an FTPS server.
* It delays the actual destination file creation until the first write
* callback so that it won't create an empty file in case the remote file
* doesn't exist or something else fails.
*/
struct FtpFile {
const char *filename;
FILE *stream;
};
static size_t my_fwrite(void *buffer, size_t size, size_t nmemb,
void *stream)
{
struct FtpFile *out=(struct FtpFile *)stream;
if(out && !out->stream) {
/* open file for writing */
out->stream=fopen(out->filename, "wb");
if(!out->stream)
return -1; /* failure, can't open file to write */
}
return fwrite(buffer, size, nmemb, out->stream);
}
int main(void)
{
CURL *curl;
CURLcode res;
struct FtpFile ftpfile={
"yourfile.bin", /* name to store the file as if succesful */
NULL
};
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(curl) {
/*
* You better replace the URL with one that works! Note that we use an
* FTP:// URL with standard explicit FTPS. You can also do FTPS:// URLs if
* you want to do the rarer kind of transfers: implicit.
*/
curl_easy_setopt(curl, CURLOPT_URL,
"ftp://user@server/home/user/file.txt");
/* Define our callback to get called when there's data to be written */
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite);
/* Set a pointer to our struct to pass to the callback */
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile);
/* We activate SSL and we require it for both control and data */
curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
/* Switch on full protocol/debug output */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
if(CURLE_OK != res) {
/* we failed */
fprintf(stderr, "curl told us %d\n", res);
}
}
if(ftpfile.stream)
fclose(ftpfile.stream); /* close the local file */
curl_global_cleanup();
return 0;
}

View File

@@ -122,6 +122,10 @@ int main(void)
/* Now run off and do what you've been told! */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* clean up the FTP commands list */
curl_slist_free_all (headerlist);

View File

@@ -27,6 +27,10 @@ int main(void)
CURL *curl;
CURLcode res;
/* In windows, this will init the winsock stuff */
curl_global_init(CURL_GLOBAL_ALL);
/* get a curl handle */
curl = curl_easy_init();
if(curl) {
/* First set the URL that is about to receive our POST. This URL can
@@ -38,9 +42,14 @@ int main(void)
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);
}
curl_global_cleanup();
return 0;
}

View File

@@ -38,10 +38,18 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_URL, "localhost");
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* redo request with our own custom Accept: */
res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -110,6 +110,10 @@ int main(int argc, char **argv)
/* Now run off and do what you've been told! */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -27,6 +27,8 @@ int main(void)
CURL *curl;
CURLcode res;
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
@@ -45,7 +47,7 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
#endif
#ifdef SKIP_HOSTNAME_VERFICATION
#ifdef SKIP_HOSTNAME_VERIFICATION
/*
* If the site you're connecting to uses a different host name that what
* they have mentioned in their server certificate's commonName (or
@@ -55,10 +57,18 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);
}
curl_global_cleanup();
return 0;
}

View File

@@ -70,7 +70,7 @@ int main(void)
/* we start some action by calling perform right away */
curl_multi_perform(multi_handle, &still_running);
while(still_running) {
do {
struct timeval timeout;
int rc; /* select() return code */
@@ -118,7 +118,7 @@ int main(void)
curl_multi_perform(multi_handle, &still_running);
break;
}
}
} while(still_running);
/* See how the transfers went */
while ((msg = curl_multi_info_read(multi_handle, &msgs_left))) {

View File

@@ -144,7 +144,7 @@ int main(void)
/* we start some action by calling perform right away */
curl_multi_perform(multi_handle, &still_running);
while(still_running) {
do {
struct timeval timeout;
int rc; /* select() return code */
@@ -195,7 +195,7 @@ int main(void)
curl_multi_perform(multi_handle, &still_running);
break;
}
}
} while(still_running);
curl_multi_cleanup(multi_handle);

View File

@@ -59,7 +59,7 @@ int main(void)
/* we start some action by calling perform right away */
curl_multi_perform(multi_handle, &still_running);
while(still_running) {
do {
struct timeval timeout;
int rc; /* select() return code */
@@ -108,7 +108,7 @@ int main(void)
curl_multi_perform(multi_handle, &still_running);
break;
}
}
} while(still_running);
curl_multi_cleanup(multi_handle);

View File

@@ -80,7 +80,7 @@ int main(void)
curl_multi_perform(multi_handle, &still_running);
while(still_running) {
do {
struct timeval timeout;
int rc; /* select() return code */
@@ -131,7 +131,7 @@ int main(void)
printf("running: %d!\n", still_running);
break;
}
}
} while(still_running);
curl_multi_cleanup(multi_handle);

View File

@@ -55,7 +55,7 @@ int main(void)
/* we start some action by calling perform right away */
curl_multi_perform(multi_handle, &still_running);
while(still_running) {
do {
struct timeval timeout;
int rc; /* select() return code */
@@ -106,7 +106,7 @@ int main(void)
curl_multi_perform(multi_handle, &still_running);
break;
}
}
} while(still_running);
curl_multi_cleanup(multi_handle);

View File

@@ -37,12 +37,24 @@ int main(void)
/* get the first document */
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* get another document from the same server using the same
connection */
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/docs/");
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -59,7 +59,12 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -59,7 +59,12 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -60,6 +60,16 @@ int main(void)
pooh.readptr = data;
pooh.sizeleft = strlen(data);
/* In windows, this will init the winsock stuff */
res = curl_global_init(CURL_GLOBAL_DEFAULT);
/* Check for errors */
if(res != CURLE_OK) {
fprintf(stderr, "curl_global_init() failed: %s\n",
curl_easy_strerror(res));
return 1;
}
/* get a curl handle */
curl = curl_easy_init();
if(curl) {
/* First set the URL that is about to receive our POST. */
@@ -120,9 +130,14 @@ int main(void)
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);
}
curl_global_cleanup();
return 0;
}

View File

@@ -83,7 +83,13 @@ int main(int argc, char *argv[])
/* only disable 100-continue header if explicitly requested */
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist);
curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost);
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

106
docs/examples/sftpget.c Normal file
View File

@@ -0,0 +1,106 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* define this to switch off the use of ssh-agent in this program */
#undef DISABLE_SSH_AGENT
/*
* This is an example showing how to get a single file from an SFTP server.
* It delays the actual destination file creation until the first write
* callback so that it won't create an empty file in case the remote file
* doesn't exist or something else fails.
*/
struct FtpFile {
const char *filename;
FILE *stream;
};
static size_t my_fwrite(void *buffer, size_t size, size_t nmemb,
void *stream)
{
struct FtpFile *out=(struct FtpFile *)stream;
if(out && !out->stream) {
/* open file for writing */
out->stream=fopen(out->filename, "wb");
if(!out->stream)
return -1; /* failure, can't open file to write */
}
return fwrite(buffer, size, nmemb, out->stream);
}
int main(void)
{
CURL *curl;
CURLcode res;
struct FtpFile ftpfile={
"yourfile.bin", /* name to store the file as if succesful */
NULL
};
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(curl) {
/*
* You better replace the URL with one that works!
*/
curl_easy_setopt(curl, CURLOPT_URL,
"sftp://user@server/home/user/file.txt");
/* Define our callback to get called when there's data to be written */
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite);
/* Set a pointer to our struct to pass to the callback */
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile);
#ifndef DISABLE_SSH_AGENT
/* We activate ssh agent. For this to work you need
to have ssh-agent running (type set | grep SSH_AGENT to check) or
pageant on Windows (there is an icon in systray if so) */
curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_AGENT);
#endif
/* Switch on full protocol/debug output */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
if(CURLE_OK != res) {
/* we failed */
fprintf(stderr, "curl told us %d\n", res);
}
}
if(ftpfile.stream)
fclose(ftpfile.stream); /* close the local file */
curl_global_cleanup();
return 0;
}

View File

@@ -30,7 +30,13 @@ int main(void)
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -39,7 +39,12 @@ int main(void)
itself */
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)strlen(postthis));
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
curl_easy_cleanup(curl);

View File

@@ -65,6 +65,10 @@ int main(void)
/* send the message (including headers) */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* free the list of recipients */
curl_slist_free_all(recipients);

View File

@@ -118,7 +118,13 @@ int main(void)
/* disconnect if we can't validate server's cert */
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1L);
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
break; /* we are done... */
}
/* always cleanup */

View File

@@ -96,7 +96,6 @@ int main(void)
CURLM *mcurl;
int still_running = 1;
struct timeval mp_start;
char mp_timedout = 0;
struct WriteThis pooh;
struct curl_slist* rcpt_list = NULL;
@@ -132,7 +131,6 @@ int main(void)
curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0L);
curl_multi_add_handle(mcurl, curl);
mp_timedout = 0;
mp_start = tvnow();
/* we start some action by calling perform right away */

View File

@@ -139,6 +139,10 @@ int main(void)
/* send the message (including headers) */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* free the list of recipients and clean up */
curl_slist_free_all(recipients);

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -38,7 +38,7 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3 \
curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3 \
curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 \
curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 \
curl_multi_socket_action.3
curl_multi_socket_action.3 curl_multi_wait.3
HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \
curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html \
@@ -58,7 +58,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \
curl_easy_unescape.html curl_multi_setopt.html curl_multi_socket.html \
curl_multi_timeout.html curl_formget.html curl_multi_assign.html \
curl_easy_pause.html curl_easy_recv.html curl_easy_send.html \
curl_multi_socket_action.html
curl_multi_socket_action.html curl_multi_wait.html
PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \
curl_easy_init.pdf curl_easy_perform.pdf curl_easy_setopt.pdf \
@@ -77,7 +77,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \
curl_easy_escape.pdf curl_easy_unescape.pdf curl_multi_setopt.pdf \
curl_multi_socket.pdf curl_multi_timeout.pdf curl_formget.pdf \
curl_multi_assign.pdf curl_easy_pause.pdf curl_easy_recv.pdf \
curl_easy_send.pdf curl_multi_socket_action.pdf
curl_easy_send.pdf curl_multi_socket_action.pdf curl_multi_wait.pdf
CLEANFILES = $(HTMLPAGES) $(PDFPAGES)

View File

@@ -69,7 +69,7 @@ output. This is only relevant for protocols that actually have headers
preceding the data (like HTTP).
.IP CURLOPT_NOPROGRESS
Pass a long. If set to 1, it tells the library to shut off the progress meter
completely. It will also present the \fICURLOPT_PROGRESSFUNCTION\fP from
completely. It will also prevent the \fICURLOPT_PROGRESSFUNCTION\fP from
getting called.
Future versions of libcurl are likely to not have any built-in progress meter
@@ -147,10 +147,10 @@ Using the rules above, a file name pattern can be constructed:
(This was added in 7.21.0)
.SH CALLBACK OPTIONS
.IP CURLOPT_WRITEFUNCTION
Function pointer that should match the following prototype: \fBsize_t
function( char *ptr, size_t size, size_t nmemb, void *userdata);\fP This
function gets called by libcurl as soon as there is data received that needs
to be saved. The size of the data pointed to by \fIptr\fP is \fIsize\fP
Pass a pointer to a function that matches the following prototype:
\fBsize_t function( char *ptr, size_t size, size_t nmemb, void *userdata);\fP
This function gets called by libcurl as soon as there is data received that
needs to be saved. The size of the data pointed to by \fIptr\fP is \fIsize\fP
multiplied with \fInmemb\fP, it will not be zero terminated. Return the number
of bytes actually taken care of. If that amount differs from the amount passed
to your function, it'll signal an error to the library. This will abort the
@@ -193,11 +193,11 @@ crashes.
This option is also known with the older name \fICURLOPT_FILE\fP, the name
\fICURLOPT_WRITEDATA\fP was introduced in 7.9.7.
.IP CURLOPT_READFUNCTION
Function pointer that should match the following prototype: \fBsize_t
function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP This
function gets called by libcurl as soon as it needs to read data in order to
send it to the peer. The data area pointed at by the pointer \fIptr\fP may be
filled with at most \fIsize\fP multiplied with \fInmemb\fP number of
Pass a pointer to a function that matches the following prototype:
\fBsize_t function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP
This function gets called by libcurl as soon as it needs to read data in order
to send it to the peer. The data area pointed at by the pointer \fIptr\fP may
be filled with at most \fIsize\fP multiplied with \fInmemb\fP number of
bytes. Your function must return the actual number of bytes that you stored in
that memory area. Returning 0 will signal end-of-file to the library and cause
it to stop the current transfer.
@@ -234,13 +234,13 @@ If you're using libcurl as a win32 DLL, you MUST use a
This option was also known by the older name \fICURLOPT_INFILE\fP, the name
\fICURLOPT_READDATA\fP was introduced in 7.9.7.
.IP CURLOPT_IOCTLFUNCTION
Function pointer that should match the \fIcurl_ioctl_callback\fP prototype
found in \fI<curl/curl.h>\fP. This function gets called by libcurl when
something special I/O-related needs to be done that the library can't do by
itself. For now, rewinding the read data stream is the only action it can
request. The rewinding of the read data stream may be necessary when doing a
HTTP PUT or POST with a multi-pass authentication method. (Option added in
7.12.3).
Pass a pointer to a function that matches the following prototype:
\fBcurlioerr function(CURL *handle, int cmd, void *clientp);\fP. This function
gets called by libcurl when something special I/O-related needs to be done
that the library can't do by itself. For now, rewinding the read data stream
is the only action it can request. The rewinding of the read data stream may
be necessary when doing a HTTP PUT or POST with a multi-pass authentication
method. (Option added in 7.12.3).
Use \fICURLOPT_SEEKFUNCTION\fP instead to provide seeking!
.IP CURLOPT_IOCTLDATA
@@ -248,7 +248,7 @@ Pass a pointer that will be untouched by libcurl and passed as the 3rd
argument in the ioctl callback set with \fICURLOPT_IOCTLFUNCTION\fP. (Option
added in 7.12.3)
.IP CURLOPT_SEEKFUNCTION
Function pointer that should match the following prototype: \fIint
Pass a pointer to a function that matches the following prototype: \fBint
function(void *instream, curl_off_t offset, int origin);\fP This function gets
called by libcurl to seek to a certain position in the input stream and can be
used to fast forward a file in a resumed upload (instead of reading all
@@ -270,18 +270,22 @@ Data pointer to pass to the file seek function. If you use the
\fICURLOPT_SEEKFUNCTION\fP option, this is the pointer you'll get as input. If
you don't specify a seek callback, NULL is passed. (Option added in 7.18.0)
.IP CURLOPT_SOCKOPTFUNCTION
Function pointer that should match the \fIcurl_sockopt_callback\fP prototype
found in \fI<curl/curl.h>\fP. This function gets called by libcurl after the
socket() call but before the connect() call. The callback's \fIpurpose\fP
argument identifies the exact purpose for this particular socket, and
currently only one value is supported: \fICURLSOCKTYPE_IPCXN\fP for the
primary connection (meaning the control connection in the FTP case). Future
versions of libcurl may support more purposes. It passes the newly created
socket descriptor so additional setsockopt() calls can be done at the user's
discretion. Return 0 (zero) from the callback on success. Return 1 from the
callback function to signal an unrecoverable error to the library and it will
close the socket and return \fICURLE_COULDNT_CONNECT\fP. (Option added in
7.16.0)
Pass a pointer to a function that matches the following prototype: \fBint
function(void *clientp, curl_socket_t curlfd, curlsocktype purpose);\fP. This
function gets called by libcurl after the socket() call but before the
connect() call. The callback's \fIpurpose\fP argument identifies the exact
purpose for this particular socket:
\fICURLSOCKTYPE_IPCXN\fP for actively created connections or since 7.28.0
\fICURLSOCKTYPE_ACCEPT\fP for FTP when the connection was setup with PORT/EPSV
(in earlier versions these sockets weren't passed to this callback).
Future versions of libcurl may support more purposes. It passes the newly
created socket descriptor so additional setsockopt() calls can be done at the
user's discretion. Return 0 (zero) from the callback on success. Return 1
from the callback function to signal an unrecoverable error to the library and
it will close the socket and return \fICURLE_COULDNT_CONNECT\fP. (Option
added in 7.16.0)
Added in 7.21.5, the callback function may return
\fICURL_SOCKOPT_ALREADY_CONNECTED\fP, which tells libcurl that the socket is
@@ -291,20 +295,21 @@ Pass a pointer that will be untouched by libcurl and passed as the first
argument in the sockopt callback set with \fICURLOPT_SOCKOPTFUNCTION\fP.
(Option added in 7.16.0)
.IP CURLOPT_OPENSOCKETFUNCTION
Function pointer that should match the \fIcurl_opensocket_callback\fP
prototype found in \fI<curl/curl.h>\fP. This function gets called by libcurl
instead of the \fIsocket(2)\fP call. The callback's \fIpurpose\fP argument
identifies the exact purpose for this particular socket:
\fICURLSOCKTYPE_IPCXN\fP is for IP based connections. Future versions of
libcurl may support more purposes. It passes the resolved peer address as a
\fIaddress\fP argument so the callback can modify the address or refuse to
connect at all. The callback function should return the socket or
\fICURL_SOCKET_BAD\fP in case no connection should be established or any error
detected. Any additional \fIsetsockopt(2)\fP calls can be done on the socket
at the user's discretion. \fICURL_SOCKET_BAD\fP return value from the
callback function will signal an unrecoverable error to the library and it
will return \fICURLE_COULDNT_CONNECT\fP. This return code can be used for IP
address blacklisting. The default behavior is:
Pass a pointer to a function that matches the following prototype:
\fBcurl_socket_t function(void *clientp, curlsocktype purpose, struct
curl_sockaddr *address);\fP. This function gets called by libcurl instead of
the \fIsocket(2)\fP call. The callback's \fIpurpose\fP argument identifies the
exact purpose for this particular socket: \fICURLSOCKTYPE_IPCXN\fP is for IP
based connections. Future versions of libcurl may support more purposes. It
passes the resolved peer address as a \fIaddress\fP argument so the callback
can modify the address or refuse to connect at all. The callback function
should return the socket or \fICURL_SOCKET_BAD\fP in case no connection could
be established or another error was detected. Any additional
\fIsetsockopt(2)\fP calls can be done on the socket at the user's discretion.
\fICURL_SOCKET_BAD\fP return value from the callback function will signal an
unrecoverable error to the library and it will return
\fICURLE_COULDNT_CONNECT\fP. This return code can be used for IP address
blacklisting. The default behavior is:
.nf
return socket(addr->family, addr->socktype, addr->protocol);
.fi
@@ -314,25 +319,26 @@ Pass a pointer that will be untouched by libcurl and passed as the first
argument in the opensocket callback set with \fICURLOPT_OPENSOCKETFUNCTION\fP.
(Option added in 7.17.1.)
.IP CURLOPT_CLOSESOCKETFUNCTION
Function pointer that should match the \fIcurl_closesocket_callback\fP
prototype found in \fI<curl/curl.h>\fP. This function gets called by libcurl
instead of the \fIclose(3)\fP or \fIclosesocket(3)\fP call when sockets are
closed (not for any other file descriptors). This is pretty much the reverse
to the \fICURLOPT_OPENSOCKETFUNCTION\fP option. Return 0 to signal success and
1 if there was an error. (Option added in 7.21.7)
Pass a pointer to a function that matches the following prototype: \fBint
function(void *clientp, curl_socket_t item);\fP. This function gets called by
libcurl instead of the \fIclose(3)\fP or \fIclosesocket(3)\fP call when
sockets are closed (not for any other file descriptors). This is pretty much
the reverse to the \fICURLOPT_OPENSOCKETFUNCTION\fP option. Return 0 to signal
success and 1 if there was an error. (Option added in 7.21.7)
.IP CURLOPT_CLOSESOCKETDATA
Pass a pointer that will be untouched by libcurl and passed as the first
argument in the closesocket callback set with
\fICURLOPT_CLOSESOCKETFUNCTION\fP. (Option added in 7.21.7)
.IP CURLOPT_PROGRESSFUNCTION
Function pointer that should match the \fIcurl_progress_callback\fP prototype
found in \fI<curl/curl.h>\fP. This function gets called by libcurl instead of
its internal equivalent with a frequent interval during operation (roughly
once per second or sooner) no matter if data is being transfered or not.
Unknown/unused argument values passed to the callback will be set to zero
(like if you only download data, the upload size will remain 0). Returning a
non-zero value from this callback will cause libcurl to abort the transfer and
return \fICURLE_ABORTED_BY_CALLBACK\fP.
Pass a pointer to a function that matches the following prototype: \fBint
function(void *clientp, double dltotal, double dlnow, double ultotal, double
ulnow); \fP. This function gets called by libcurl instead of its internal
equivalent with a frequent interval during operation (roughly once per second
or sooner) no matter if data is being transferred or not. Unknown/unused
argument values passed to the callback will be set to zero (like if you only
download data, the upload size will remain 0). Returning a non-zero value from
this callback will cause libcurl to abort the transfer and return
\fICURLE_ABORTED_BY_CALLBACK\fP.
If you transfer data with the multi interface, this function will not be
called during periods of idleness unless you call the appropriate libcurl
@@ -344,14 +350,14 @@ get called.
Pass a pointer that will be untouched by libcurl and passed as the first
argument in the progress callback set with \fICURLOPT_PROGRESSFUNCTION\fP.
.IP CURLOPT_HEADERFUNCTION
Function pointer that should match the following prototype: \fIsize_t
function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP. This
function gets called by libcurl as soon as it has received header data. The
header callback will be called once for each header and only complete header
lines are passed on to the callback. Parsing headers is very easy using
this. The size of the data pointed to by \fIptr\fP is \fIsize\fP multiplied
with \fInmemb\fP. Do not assume that the header line is zero terminated! The
pointer named \fIuserdata\fP is the one you set with the
Pass a pointer to a function that matches the following prototype:
\fBsize_t function( void *ptr, size_t size, size_t nmemb, void
*userdata);\fP. This function gets called by libcurl as soon as it has
received header data. The header callback will be called once for each header
and only complete header lines are passed on to the callback. Parsing headers
is very easy using this. The size of the data pointed to by \fIptr\fP is
\fIsize\fP multiplied with \fInmemb\fP. Do not assume that the header line is
zero terminated! The pointer named \fIuserdata\fP is the one you set with the
\fICURLOPT_WRITEHEADER\fP option. The callback function must return the number
of bytes actually taken care of. If that amount differs from the amount passed
to your function, it'll signal an error to the library. This will abort the
@@ -391,7 +397,7 @@ the writing, this must be a valid FILE * as the internal default will then be
a plain fwrite(). See also the \fICURLOPT_HEADERFUNCTION\fP option above on
how to set a custom get-all-headers callback.
.IP CURLOPT_DEBUGFUNCTION
Function pointer that should match the following prototype: \fIint
Pass a pointer to a function that matches the following prototype: \fBint
curl_debug_callback (CURL *, curl_infotype, char *, size_t, void *);\fP
\fICURLOPT_DEBUGFUNCTION\fP replaces the standard debug function used when
\fICURLOPT_VERBOSE \fP is in effect. This callback receives debug information,
@@ -420,11 +426,11 @@ used by libcurl, it is only passed to the callback.
This option does only function for libcurl powered by OpenSSL. If libcurl was
built against another SSL library, this functionality is absent.
Function pointer that should match the following prototype: \fBCURLcode
sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function gets called
by libcurl just before the initialization of a SSL connection after having
processed all other SSL related options to give a last chance to an
application to modify the behaviour of openssl's ssl initialization. The
Pass a pointer to a function that matches the following prototype:
\fBCURLcode sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function
gets called by libcurl just before the initialization of a SSL connection
after having processed all other SSL related options to give a last chance to
an application to modify the behaviour of openssl's ssl initialization. The
\fIsslctx\fP parameter is actually a pointer to an openssl \fISSL_CTX\fP. If
an error is returned no attempt to establish a connection is made and the
perform operation will return the error code from this callback function. Set
@@ -447,8 +453,8 @@ parameter, otherwise \fBNULL\fP. (Added in 7.11.0)
.IP CURLOPT_CONV_TO_NETWORK_FUNCTION
.IP CURLOPT_CONV_FROM_NETWORK_FUNCTION
.IP CURLOPT_CONV_FROM_UTF8_FUNCTION
Function pointers that should match the following prototype: CURLcode
function(char *ptr, size_t length);
Pass a pointer to a function that matches the following prototype:
\fBCURLcode function(char *ptr, size_t length);\fP
These three options apply to non-ASCII platforms only. They are available
only if \fBCURL_DOES_CONVERSIONS\fP was defined when libcurl was built. When
@@ -490,18 +496,19 @@ follows:
You will need to override these definitions if they are different on your
system.
.IP CURLOPT_INTERLEAVEFUNCTION
Function pointer that should match the following prototype: \fIsize_t
function( void *ptr, size_t size, size_t nmemb, void *userdata)\fP. This
function gets called by libcurl as soon as it has received interleaved RTP
data. This function gets called for each $ block and therefore contains
exactly one upper-layer protocol unit (e.g. one RTP packet). Curl writes the
interleaved header as well as the included data for each call. The first byte
is always an ASCII dollar sign. The dollar sign is followed by a one byte
channel identifier and then a 2 byte integer length in network byte order. See
\fIRFC 2326 Section 10.12\fP for more information on how RTP interleaving
behaves. If unset or set to NULL, curl will use the default write function.
Pass a pointer to a function that matches the following prototype:
\fBsize_t function( void *ptr, size_t size, size_t nmemb, void
*userdata)\fP. This function gets called by libcurl as soon as it has received
interleaved RTP data. This function gets called for each $ block and therefore
contains exactly one upper-layer protocol unit (e.g. one RTP packet). Curl
writes the interleaved header as well as the included data for each call. The
first byte is always an ASCII dollar sign. The dollar sign is followed by a
one byte channel identifier and then a 2 byte integer length in network byte
order. See \fIRFC2326 Section 10.12\fP for more information on how RTP
interleaving behaves. If unset or set to NULL, curl will use the default write
function.
Interleaved RTP poses some challeneges for the client application. Since the
Interleaved RTP poses some challenges for the client application. Since the
stream data is sharing the RTSP control connection, it is critical to service
the RTP in a timely fashion. If the RTP data is not handled quickly,
subsequent response processing may become unreasonably delayed and the
@@ -515,10 +522,10 @@ This is the userdata pointer that will be passed to
\fICURLOPT_INTERLEAVEFUNCTION\fP when interleaved RTP data is received. (Added
in 7.20.0)
.IP CURLOPT_CHUNK_BGN_FUNCTION
Function pointer that should match the following prototype: \fBlong function
(const void *transfer_info, void *ptr, int remains)\fP. This function gets
called by libcurl before a part of the stream is going to be transferred (if
the transfer supports chunks).
Pass a pointer to a function that matches the following prototype:
\fBlong function (const void *transfer_info, void *ptr, int remains)\fP. This
function gets called by libcurl before a part of the stream is going to be
transferred (if the transfer supports chunks).
This callback makes sense only when using the \fICURLOPT_WILDCARDMATCH\fP
option for now.
@@ -535,9 +542,9 @@ Return \fICURL_CHUNK_BGN_FUNC_OK\fP if everything is fine,
\fICURL_CHUNK_BGN_FUNC_FAIL\fP to tell libcurl to stop if some error occurred.
(This was added in 7.21.0)
.IP CURLOPT_CHUNK_END_FUNCTION
Function pointer that should match the following prototype: \fBlong
function(void *ptr)\fP. This function gets called by libcurl as soon as a part
of the stream has been transferred (or skipped).
Pass a pointer to a function that matches the following prototype:
\fBlong function(void *ptr)\fP. This function gets called by libcurl as soon
as a part of the stream has been transferred (or skipped).
Return \fICURL_CHUNK_END_FUNC_OK\fP if everything is fine or
\fBCURL_CHUNK_END_FUNC_FAIL\fP to tell the lib to stop if some error occurred.
@@ -547,9 +554,9 @@ Pass a pointer that will be untouched by libcurl and passed as the ptr
argument to the \fICURL_CHUNK_BGN_FUNTION\fP and \fICURL_CHUNK_END_FUNTION\fP.
(This was added in 7.21.0)
.IP CURLOPT_FNMATCH_FUNCTION
Function pointer that should match \fBint function(void *ptr, const char
*pattern, const char *string)\fP prototype (see \fIcurl/curl.h\fP). It is used
internally for the wildcard matching feature.
Pass a pointer to a function that matches the following prototype: \fBint
function(void *ptr, const char *pattern, const char *string)\fP prototype (see
\fIcurl/curl.h\fP). It is used internally for the wildcard matching feature.
Return \fICURL_FNMATCHFUNC_MATCH\fP if pattern matches the string,
\fICURL_FNMATCHFUNC_NOMATCH\fP if not or \fICURL_FNMATCHFUNC_FAIL\fP if an
@@ -563,11 +570,11 @@ Pass a char * to a buffer that the libcurl may store human readable error
messages in. This may be more helpful than just the return code from
\fIcurl_easy_perform\fP. The buffer must be at least CURL_ERROR_SIZE big.
Although this argument is a 'char *', it does not describe an input string.
Therefore the (probably undefined) contents of the buffer is NOT copied
by the library. You should keep the associated storage available until
libcurl no longer needs it. Failing to do so will cause very odd behavior
or even crashes. libcurl will need it until you call \fIcurl_easy_cleanup(3)\fP
or you set the same option again to use a different pointer.
Therefore the (probably undefined) contents of the buffer is NOT copied by the
library. You must keep the associated storage available until libcurl no
longer needs it. Failing to do so will cause very odd behavior or even
crashes. libcurl will need it until you call \fIcurl_easy_cleanup(3)\fP or you
set the same option again to use a different pointer.
Use \fICURLOPT_VERBOSE\fP and \fICURLOPT_DEBUGFUNCTION\fP to better
debug/trace why errors happen.
@@ -592,13 +599,13 @@ detected, like when a "100-continue" is received as a response to a
POST/PUT and a 401 or 407 is received immediately afterwards.
.SH NETWORK OPTIONS
.IP CURLOPT_URL
The actual URL to deal with. The parameter should be a char * to a zero
terminated string which must be URL-encoded in the following format:
Pass in a pointer to the actual URL to deal with. The parameter should be a
char * to a zero terminated string which must be URL-encoded in the following
format:
scheme://host:port/path
For a greater explanation of the format please see RFC 3986
(http://curl.haxx.se/rfc/rfc3986.txt).
For a greater explanation of the format please see RFC3986.
If the given URL lacks the scheme, or protocol, part ("http://" or "ftp://"
etc), libcurl will attempt to resolve which protocol to use based on the
@@ -626,18 +633,20 @@ authentication.
For example the following types of authentication support this:
http://user:password@www.domain.com
ftp://user:password@ftp.domain.com
pop3://user:password@mail.domain.com
http://user:password@www.example.com
ftp://user:password@ftp.example.com
pop3://user:password@mail.example.com
The port is optional and when not specified libcurl will use the default port
based on the determined or specified protocol: 80 for http, 21 for ftp and 25
for smtp, etc. The following examples show how to specify the port:
based on the determined or specified protocol: 80 for HTTP, 21 for FTP and 25
for SMTP, etc. The following examples show how to specify the port:
http://www.weirdserver.com:8080/ - This will connect to a web server using
port 8080.
http://www.example.com:8080/ - This will connect to a web server using port
8080 rather than 80.
smtp://mail.domain.com:587/ - This will connect to a smtp server on the
smtp://mail.example.com:587/ - This will connect to a SMTP server on the
alternative mail port.
The path part of the URL is protocol specific and whilst some examples are
@@ -652,13 +661,12 @@ retrieved for either the directory specified or the root directory. The
exact resource returned for each URL is entirely dependent on the server's
configuration.
http://www.netscape.com - This gets the main page (index.html in this
example) from Netscape's web server.
http://www.example.com - This gets the main page from the web server.
http://www.netscape.com/index.html - This returns the main page from Netscape
by specifying the page to get.
http://www.example.com/index.html - This returns the main page by explicitly
requesting it.
http://www.netscape.com/contactus/ - This returns the default document from
http://www.example.com/contactus/ - This returns the default document from
the contactus directory.
.B FTP
@@ -668,15 +676,16 @@ directory. If the file part is omitted then libcurl downloads the directory
listing for the directory specified. If the directory is omitted then
the directory listing for the root / home directory will be returned.
ftp://cool.haxx.se - This retrieves the directory listing for our FTP server.
ftp://ftp.example.com - This retrieves the directory listing for the root
directory.
ftp://cool.haxx.se/readme.txt - This downloads the file readme.txt from the
ftp://ftp.example.com/readme.txt - This downloads the file readme.txt from the
root directory.
ftp://cool.haxx.se/libcurl/readme.txt - This downloads readme.txt from the
ftp://ftp.example.com/libcurl/readme.txt - This downloads readme.txt from the
libcurl directory.
ftp://user:password@my.example.com/readme.txt - This retrieves the readme.txt
ftp://user:password@ftp.example.com/readme.txt - This retrieves the readme.txt
file from the user's home directory. When a username and password is
specified, everything that is specified in the path part is relative to the
user's home directory. To retrieve files from the root directory or a
@@ -684,7 +693,7 @@ directory underneath the root directory then the absolute path must be
specified by prepending an additional forward slash to the beginning of the
path.
ftp://user:password@my.example.com//readme.txt - This retrieves the readme.txt
ftp://user:password@ftp.example.com//readme.txt - This retrieves the readme.txt
from the root directory when logging in as a specified user.
.B SMTP
@@ -697,11 +706,11 @@ and specifying this path allows you to set an alternative name, such as
your machine's fully qualified domain name, which you might have obtained
from an external function such as gethostname or getaddrinfo.
smtp://mail.domain.com - This connects to the mail server at domain.com and
smtp://mail.example.com - This connects to the mail server at example.com and
sends your local computer's host name in the HELO / EHLO command.
smtp://mail.domain.com/client.domain.com - This will send client.domain.com in
the HELO / EHLO command to the mail server at domain.com.
smtp://mail.example.com/client.example.com - This will send client.example.com in
the HELO / EHLO command to the mail server at example.com.
.B POP3
@@ -709,8 +718,8 @@ The path part of a POP3 request specifies the mailbox (message) to retrieve.
If the mailbox is not specified then a list of waiting messages is returned
instead.
pop3://user:password@mail.domain.com - This lists the available messages
pop3://user:password@mail.domain.com/1 - This retrieves the first message
pop3://user:password@mail.example.com - This lists the available messages
pop3://user:password@mail.example.com/1 - This retrieves the first message
.B SCP
@@ -745,6 +754,26 @@ user's home directory
sftp://ssh.example.com/~/Documents/ - This requests a directory listing
of the Documents directory under the user's home directory
.B LDAP
The path part of a LDAP request can be used to specify the: Distinguished
Name, Attributes, Scope, Filter and Extension for a LDAP search. Each field
is separated by a question mark and when that field is not required an empty
string with the question mark separator should be included.
ldap://ldap.example.com/o=My%20Organisation - This will perform a LDAP search
with the DN as My Organisation.
ldap://ldap.example.com/o=My%20Organisation?postalAddress - This will perform
the same search but will only return postalAddress attributes.
ldap://ldap.example.com/?rootDomainNamingContext - This specifies an empty DN
and requests information about the rootDomainNamingContext attribute for an
Active Directory server.
For more information about the individual components of a LDAP URL please
see RFC4516.
.B NOTES
Starting with version 7.20.0, the fragment part of the URI will not be sent as
@@ -820,13 +849,14 @@ affect how libcurl speaks to a proxy when CONNECT is used. The HTTP version
used for "regular" HTTP requests is instead controlled with
\fICURLOPT_HTTP_VERSION\fP.
.IP CURLOPT_NOPROXY
Pass a pointer to a zero terminated string. This should be a comma separated
list of hosts which do not use a proxy, if one is specified. The only
wildcard is a single * character, which matches all hosts, and effectively
disables the proxy. Each name in this list is matched as either a domain which
contains the hostname, or the hostname itself. For example, local.com would
match local.com, local.com:80, and www.local.com, but not www.notlocal.com.
(Added in 7.19.4)
Pass a pointer to a zero terminated string. The string consists of a comma
separated list of host names that do not require a proxy to get reached, even
if one is specified. The only wildcard available is a single * character,
which matches all hosts, and effectively disables the proxy. Each name in this
list is matched as either a domain which contains the hostname, or the
hostname itself. For example, example.com would match example.com,
example.com:80, and www.example.com, but not www.notanexample.com. (Added in
7.19.4)
.IP CURLOPT_HTTPPROXYTUNNEL
Set the parameter to 1 to make the library tunnel all operations through a
given HTTP proxy. There is a big difference between using a proxy and to
@@ -838,7 +868,7 @@ default service name for a SOCKS5 server is rcmd/server-fqdn. This option
allows you to change it. (Added in 7.19.4)
.IP CURLOPT_SOCKS5_GSSAPI_NEC
Pass a long set to 1 to enable or 0 to disable. As part of the gssapi
negotiation a protection mode is negotiated. The rfc1961 says in section
negotiation a protection mode is negotiated. The RFC1961 says in section
4.3/4.4 it should be protected, but the NEC reference implementation does not.
If enabled, this option allows the unprotected exchange of the protection mode
negotiation. (Added in 7.19.4).
@@ -861,7 +891,7 @@ connection. This can be used in combination with \fICURLOPT_INTERFACE\fP and
you are recommended to use \fICURLOPT_LOCALPORTRANGE\fP as well when this is
set. Valid port numbers are 1 - 65535. (Added in 7.15.2)
.IP CURLOPT_LOCALPORTRANGE
Pass a long. This is the number of attempts libcurl should make to find a
Pass a long. This is the number of attempts libcurl will make to find a
working local port number. It starts with the given \fICURLOPT_LOCALPORT\fP
and adds one to the number for each retry. Setting this to 1 or below will
make libcurl do only one try for the exact port number. Port numbers by nature
@@ -900,21 +930,20 @@ only makes sense to use this option if you want it smaller.
Pass a long specifying what remote port number to connect to, instead of the
one specified in the URL or the default port for the used protocol.
.IP CURLOPT_TCP_NODELAY
Pass a long specifying whether the TCP_NODELAY option should be set or
cleared (1 = set, 0 = clear). The option is cleared by default. This
will have no effect after the connection has been established.
Pass a long specifying whether the TCP_NODELAY option is to be set or cleared
(1 = set, 0 = clear). The option is cleared by default. This will have no
effect after the connection has been established.
Setting this option will disable TCP's Nagle algorithm. The purpose of
this algorithm is to try to minimize the number of small packets on
the network (where "small packets" means TCP segments less than the
Maximum Segment Size (MSS) for the network).
Setting this option will disable TCP's Nagle algorithm. The purpose of this
algorithm is to try to minimize the number of small packets on the network
(where "small packets" means TCP segments less than the Maximum Segment Size
(MSS) for the network).
Maximizing the amount of data sent per TCP segment is good because it
amortizes the overhead of the send. However, in some cases (most
notably telnet or rlogin) small segments may need to be sent
without delay. This is less efficient than sending larger amounts of
data at a time, and can contribute to congestion on the network if
overdone.
amortizes the overhead of the send. However, in some cases (most notably
telnet or rlogin) small segments may need to be sent without delay. This is
less efficient than sending larger amounts of data at a time, and can
contribute to congestion on the network if overdone.
.IP CURLOPT_ADDRESS_SCOPE
Pass a long specifying the scope_id value to use when connecting to IPv6
link-local or site-local addresses. (Added in 7.19.0)
@@ -1148,8 +1177,8 @@ the server is ignored. See the special file lib/README.encoding for details.
.IP CURLOPT_TRANSFER_ENCODING
Adds a request for compressed Transfer Encoding in the outgoing HTTP
request. If the server supports this and so desires, it can respond with the
HTTP resonse sent using a compressed Transfer-Encoding that will be
automatically uncompressed by libcurl on receival.
HTTP response sent using a compressed Transfer-Encoding that will be
automatically uncompressed by libcurl on reception.
Transfer-Encoding differs slightly from the Content-Encoding you ask for with
\fBCURLOPT_ACCEPT_ENCODING\fP in that a Transfer-Encoding is strictly meant to
@@ -1184,19 +1213,19 @@ an infinite number of redirects (which is the default)
.IP CURLOPT_POSTREDIR
Pass a bitmask to control how libcurl acts on redirects after POSTs that get a
301, 302 or 303 response back. A parameter with bit 0 set (value
\fBCURL_REDIR_POST_301\fP) tells the library to respect RFC 2616/10.3.2 and
not convert POST requests into GET requests when following a 301
redirection. Setting bit 1 (value CURL_REDIR_POST_302) makes libcurl maintain
the request method after a 302 redirect. Setting bit 2 (value
\fBCURL_REDIR_POST_303) makes libcurl maintain the request method after a 302
redirect. CURL_REDIR_POST_ALL is a convenience define that sets both bits.
\fBCURL_REDIR_POST_301\fP) tells the library to respect RFC2616/10.3.2 and not
convert POST requests into GET requests when following a 301 redirection.
Setting bit 1 (value \fBCURL_REDIR_POST_302\fP) makes libcurl maintain the
request method after a 302 redirect whilst setting bit 2 (value
\fBCURL_REDIR_POST_303\fP) makes libcurl maintain the request method after a
303 redirect. The value \fBCURL_REDIR_POST_ALL\fP is a convenience define that
sets all three bits.
The non-RFC behaviour is ubiquitous in web browsers, so the library does the
conversion by default to maintain consistency. However, a server may require a
POST to remain a POST after such a redirection. This option is meaningful only
when setting \fICURLOPT_FOLLOWLOCATION\fP. (Added in 7.17.1) (This option was
known as CURLOPT_POST301 up to 7.19.0 as it only supported the 301 way before
then)
known as CURLOPT_POST301 up to 7.19.0 as it only supported the 301 then)
.IP CURLOPT_PUT
A parameter set to 1 tells the library to use HTTP PUT to transfer data. The
data should be set with \fICURLOPT_READDATA\fP and \fICURLOPT_INFILESIZE\fP.
@@ -1487,16 +1516,16 @@ should be used for this parameter.
Unlike CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT, the address should not be
specified within a pair of angled brackets (<>). However, if an empty string
is used then a pair of brackets will be sent by libcurl as required by
RFC-2554.
RFC2554.
(Added in 7.24.0)
(Added in 7.25.0)
.SH TFTP OPTIONS
.IP CURLOPT_TFTP_BLKSIZE
Specify block size to use for TFTP data transmission. Valid range as per RFC
2348 is 8-65464 bytes. The default of 512 bytes will be used if this option is
not specified. The specified block size will only be used pending support by
the remote server. If the server does not return an option acknowledgement or
returns an option acknowledgement with no blksize, the default of 512 bytes
Specify block size to use for TFTP data transmission. Valid range as per
RFC2348 is 8-65464 bytes. The default of 512 bytes will be used if this option
is not specified. The specified block size will only be used pending support
by the remote server. If the server does not return an option acknowledgement
or returns an option acknowledgement with no blksize, the default of 512 bytes
will be used. (added in 7.19.4)
.SH FTP OPTIONS
.IP CURLOPT_FTPPORT
@@ -1611,7 +1640,7 @@ already exists or lack of permissions prevents creation. (Added in 7.16.3)
Starting with 7.19.4, you can also set this value to 2, which will make
libcurl retry the CWD command again if the subsequent MKD command fails. This
is especially useful if you're doing many simultanoes connections against the
is especially useful if you're doing many simultaneous connections against the
same server and they all have this option enabled, as then CWD may first fail
but then another connection does MKD before this connection and thus MKD fails
but trying CWD works! 7.19.4 also introduced the \fICURLFTP_CREATE_DIR\fP and
@@ -1698,7 +1727,7 @@ initialized. (Added in 7.20.0)
.RS
.IP CURL_RTSPREQ_OPTIONS
Used to retrieve the available methods of the server. The application is
responsbile for parsing and obeying the response. \fB(The session ID is not
responsible for parsing and obeying the response. \fB(The session ID is not
needed for this method.)\fP (Added in 7.20.0)
.IP CURL_RTSPREQ_DESCRIBE
Used to get the low level description of a stream. The application should note
@@ -1858,12 +1887,18 @@ something, you don't actually change how libcurl behaves or acts in regards
to the particular request method, it will only change the actual string sent
in the request.
For example: if you tell libcurl to do a HEAD request, but then change the
request to a "GET" with \fBCURLOPT_CUSTOMREQUEST\fP you'll still see libcurl
act as if it sent a HEAD even when it does send a GET.
For example:
To switch to a proper HEAD, use \fICURLOPT_NOBODY\fP, to switch to a proper
POST, use \fICURLOPT_POST\fP or \fICURLOPT_POSTFIELDS\fP and so on.
With the HTTP protocol when you tell libcurl to do a HEAD request, but then
specify a GET though a custom request libcurl will still act as if it sent a
HEAD. To switch to a proper HEAD use \fICURLOPT_NOBODY\fP, to switch to a
proper POST use \fICURLOPT_POST\fP or \fICURLOPT_POSTFIELDS\fP and to switch
to a proper GET use CURLOPT_HTTPGET.
With the POP3 protocol when you tell libcurl to use a custom request it will
behave like a LIST or RETR command was sent where it expects data to be
returned by the server. As such \fICURLOPT_NOBODY\fP should be used when
specifying commands such as DELE and NOOP for example.
Restore to the internal default by setting this to NULL.
@@ -2336,7 +2371,7 @@ this option then all known ciphers are disabled and only those passed in
are enabled.
You'll find more details about the NSS cipher lists on this URL:
\fIhttp://directory.fedora.redhat.com/docs/mod_nss.html#Directives\fP
\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
.IP CURLOPT_SSL_SESSIONID_CACHE
Pass a long set to 0 to disable libcurl's use of SSL session-ID caching. Set
@@ -2348,7 +2383,7 @@ require you to disable this in order for you to succeed. (Added in 7.16.0)
Pass a long with a bitmask to tell libcurl about specific SSL behaviors.
CURLSSLOPT_ALLOW_BEAST is the only supported bit and by setting this the user
will tell libcurl to not attempt to use any work-arounds for a security flaw
will tell libcurl to not attempt to use any workarounds for a security flaw
in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is
set to 0, the SSL layer libcurl uses may use a work-around for this flaw
although it might cause interoperability problems with some (older) SSL
@@ -2374,8 +2409,11 @@ GSS_C_DELEG_POLICY_FLAG was available at compile-time.
.IP CURLOPT_SSH_AUTH_TYPES
Pass a long set to a bitmask consisting of one or more of
CURLSSH_AUTH_PUBLICKEY, CURLSSH_AUTH_PASSWORD, CURLSSH_AUTH_HOST,
CURLSSH_AUTH_KEYBOARD. Set CURLSSH_AUTH_ANY to let libcurl pick one. Currently
CURLSSH_AUTH_HOST has no effect. (Added in 7.16.1)
CURLSSH_AUTH_KEYBOARD and CURLSSH_AUTH_AGENT. Set CURLSSH_AUTH_ANY to let
libcurl pick a suitable one. Currently CURLSSH_AUTH_HOST has no effect. (Added
in 7.16.1) If CURLSSH_AUTH_AGENT is used, libcurl attempts to connect to
ssh-agent or pageant and let the agent attempt the authentication. (Added in
7.28.0)
.IP CURLOPT_SSH_HOST_PUBLIC_KEY_MD5
Pass a char * pointing to a string containing 32 hexadecimal digits. The
string should be the 128 bit MD5 checksum of the remote host's public key, and

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -66,6 +66,10 @@ Initialize the Win32 socket libraries.
.TP
.B CURL_GLOBAL_NOTHING
Initialise nothing extra. This sets no bit.
.TP
.B CURL_GLOBAL_DEFAULT
A sensible default. It will init both SSL and Win32. Right now, this equals
the functionality of the \fBCURL_GLOBAL_ALL\fP mask.
.SH RETURN VALUE
If this function returns non-zero, something went wrong and you cannot use the
other curl functions.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,21 +28,24 @@ curl_multi_perform - reads/writes available data from each easy handle
CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles);
.ad
.SH DESCRIPTION
When the app thinks there's data available for the multi_handle, it should
call this function to read/write whatever there is to read or write right
now. curl_multi_perform() returns as soon as the reads/writes are done. This
This function handles transfers on all the added handles that need attention
in an non-blocking fashion.
When an application has found out there's data available for the multi_handle
or a timeout has elapsed, the application should call this function to
read/write whatever there is to read or write right now etc.
curl_multi_perform() returns as soon as the reads/writes are done. This
function does not require that there actually is any data available for
reading or that data can be written, it can be called just in case. It will
write the number of handles that still transfer data in the second argument's
integer-pointer.
When you call curl_multi_perform() and the amount of \fIrunning_handles\fP is
changed from the previous call (or is less than the amount of easy handles
you've added to the multi handle), you know that there is one or more
transfers less "running". You can then call \fIcurl_multi_info_read(3)\fP to
get information about each individual completed transfer, and that returned
info includes CURLcode and more. If an added handle fails very quickly, it may
never be counted as a running_handle.
If the amount of \fIrunning_handles\fP is changed from the previous call (or
is less than the amount of easy handles you've added to the multi handle), you
know that there is one or more transfers less "running". You can then call
\fIcurl_multi_info_read(3)\fP to get information about each individual
completed transfer, and that returned info includes CURLcode and more. If an
added handle fails very quickly, it may never be counted as a running_handle.
When \fIrunning_handles\fP is set to zero (0) on the return of this function,
there is no longer any transfers in progress.
@@ -61,12 +64,14 @@ need to wait for \&"action" and then call this function again.
This function only returns errors etc regarding the whole multi stack.
Problems still might have occurred on individual transfers even when this
function returns \fICURLM_OK\fP.
function returns \fICURLM_OK\fP. Use \fIcurl_multi_info_read(3)\fP to figure
out how individual transfers did.
.SH "TYPICAL USAGE"
Most applications will use \fIcurl_multi_fdset(3)\fP to get the multi_handle's
file descriptors, then it'll wait for action on them using \fBselect(3)\fP and
as soon as one or more of them are ready, \fIcurl_multi_perform(3)\fP gets
called.
file descriptors, and \fIcurl_multi_timeout(3)\fP to get a suitable timeout
period, then it'll wait for action on the file descriptors using
\fBselect(3)\fP. As soon as one or more file descriptor is ready,
\fIcurl_multi_perform(3)\fP gets called.
.SH "SEE ALSO"
.BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
.BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -132,8 +132,8 @@ timeout value to use when waiting for socket activities.
them for activity. This can be done through your application code, or by way
of an external library such as libevent or glib.
6. Call curl_multi_socket_action() to kickstart everything. To get one or more
callbacks called.
6. Call curl_multi_socket_action(...CURL_SOCKET_TIMEOUT...) to kickstart
everything. To get one or more callbacks called.
7. Wait for activity on any of libcurl's sockets, use the timeout value your
callback has been told

View File

@@ -0,0 +1,75 @@
.\" **************************************************************************
.\" * _ _ ____ _
.\" * Project ___| | | | _ \| |
.\" * / __| | | | |_) | |
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
.\" * are also available at http://curl.haxx.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" * furnished to do so, under the terms of the COPYING file.
.\" *
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
.\" * KIND, either express or implied.
.\" *
.\" **************************************************************************
.TH curl_multi_wait 3 "12 Jul 2012" "libcurl 7.28.0" "libcurl Manual"
.SH NAME
curl_multi_wait - polls on all easy handles in a multi handle
.SH SYNOPSIS
.nf
#include <curl/curl.h>
CURLMcode curl_multi_wait(CURLM *multi_handle,
struct curl_waitfd extra_fds[],
unsigned int extra_nfds,
int timeout_ms,
int *numfds);
.ad
.SH DESCRIPTION
This function polls on all file descriptors used by the curl easy handles
contained in the given multi handle set. It will block until activity is
detected on at least one of the handles or \fItimeout_ms\fP has passed.
The calling application may pass additional curl_waitfd structures which are
similar to \fIpoll(2)\fP's pollfd structure to be waited on in the same call.
On completion, if \fInumfds\fP is supplied, it will be populated with the
number of file descriptors on which interesting events occured.
If no extra file descriptors are provided and libcurl has no file descriptor
to offer to wait for, this function will return immediately.
This function is encouraged to be used instead of select(3) when using the
multi interface to allow applications to easier circumvent the common problem
with 1024 maximum file descriptors.
.SH curl_waitfd
.nf
struct curl_waitfd {
curl_socket_t fd;
short events;
short revents;
};
.fi
.IP CURL_WAIT_POLLIN
Bit flag to curl_waitfd.events indicating the socket should poll on read
events such as new data received.
.IP CURL_WAIT_POLLPRI
Bit flag to curl_waitfd.events indicating the socket should poll on high
priority read events such as out of band data.
.IP CURL_WAIT_POLLOUT
Bit flag to curl_waitfd.events indicating the socket should poll on write
events such as the socket being clear to write without blocking.
.SH RETURN VALUE
CURLMcode type, general libcurl multi interface error code. See
\fIlibcurl-errors(3)\fP
.SH AVAILABILITY
This function was added in libcurl 7.28.0.
.SH "SEE ALSO"
.BR curl_multi_fdset "(3), " curl_multi_perform "(3)"

View File

@@ -65,7 +65,7 @@ object. Note that when you use the multi interface, all easy handles added to
the same multi handle will share DNS cache by default without this having to
be used!
.IP CURL_LOCK_DATA_SSL_SESSION
SSL session IDs will be shared accross the easy handles using this shared
SSL session IDs will be shared across the easy handles using this shared
object. This will reduce the time spent in the SSL handshake when reconnecting
to the same server. Note SSL session IDs are reused within the same easy handle
by default.

View File

@@ -248,7 +248,10 @@ This is the generic return code used by functions in the libcurl multi
interface. Also consider \fIcurl_multi_strerror(3)\fP.
.IP "CURLM_CALL_MULTI_PERFORM (-1)"
This is not really an error. It means you should call
\fIcurl_multi_perform(3)\fP again without doing select() or similar in between.
\fIcurl_multi_perform(3)\fP again without doing select() or similar in
between. Before version 7.20.0 this could be returned by
\fIcurl_multi_perform(3)\fP, but in later versions this return code is never
used.
.IP "CURLM_OK (0)"
Things are fine.
.IP "CURLM_BAD_HANDLE (1)"
@@ -282,5 +285,5 @@ An invalid share object was passed to the function.
Not enough memory was available.
(Added in 7.12.0)
.IP "CURLSHE_NOT_BUILT_IN (5)"
The requsted sharing could not be done because the library you use don't have
The requested sharing could not be done because the library you use don't have
that particular feature enabled. (Added in 7.23.0)

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -41,8 +41,7 @@ You create a shared object with \fIcurl_share_init(3)\fP. It returns a handle
for a newly created one.
You tell the shared object what data you want it to share by using
\fIcurl_share_setopt(3)\fP. Currently you can only share DNS and/or COOKIE
data.
\fIcurl_share_setopt(3)\fP.
Since you can use this share from multiple threads, and libcurl has no
internal thread synchronization, you must provide mutex callbacks if you're

View File

@@ -567,7 +567,9 @@ CURLSHOPT_SHARE 7.10.3
CURLSHOPT_UNLOCKFUNC 7.10.3
CURLSHOPT_UNSHARE 7.10.3
CURLSHOPT_USERDATA 7.10.3
CURLSOCKTYPE_ACCEPT 7.28.0
CURLSOCKTYPE_IPCXN 7.16.0
CURLSSH_AUTH_AGENT 7.28.0
CURLSSH_AUTH_ANY 7.16.1
CURLSSH_AUTH_DEFAULT 7.16.1
CURLSSH_AUTH_HOST 7.16.1
@@ -697,4 +699,7 @@ CURL_VERSION_SPNEGO 7.10.8
CURL_VERSION_SSL 7.10
CURL_VERSION_SSPI 7.13.2
CURL_VERSION_TLSAUTH_SRP 7.21.4
CURL_WAIT_POLLIN 7.28.0
CURL_WAIT_POLLOUT 7.28.0
CURL_WAIT_POLLPRI 7.28.0
CURL_WRITEFUNC_PAUSE 7.18.0

View File

@@ -310,6 +310,7 @@ typedef size_t (*curl_read_callback)(char *buffer,
typedef enum {
CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */
CURLSOCKTYPE_ACCEPT, /* socket created by accept() call */
CURLSOCKTYPE_LAST /* never use */
} curlsocktype;
@@ -631,6 +632,7 @@ typedef enum {
#define CURLSSH_AUTH_PASSWORD (1<<1) /* password */
#define CURLSSH_AUTH_HOST (1<<2) /* host key files */
#define CURLSSH_AUTH_KEYBOARD (1<<3) /* keyboard interactive */
#define CURLSSH_AUTH_AGENT (1<<4) /* agent (ssh-agent, pageant...) */
#define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY
#define CURLGSSAPI_DELEGATION_NONE 0 /* no delegation (default) */
@@ -1045,9 +1047,8 @@ typedef enum {
/* Set to the Entropy Gathering Daemon socket pathname */
CINIT(EGDSOCKET, OBJECTPOINT, 77),
/* Time-out connect operations after this amount of seconds, if connects
are OK within this time, then fine... This only aborts the connect
phase. [Only works on unix-style/SIGALRM operating systems] */
/* Time-out connect operations after this amount of seconds, if connects are
OK within this time, then fine... This only aborts the connect phase. */
CINIT(CONNECTTIMEOUT, LONG, 78),
/* Function that will be called to store headers (instead of fwrite). The
@@ -1221,9 +1222,9 @@ typedef enum {
CINIT(NETRC_FILE, OBJECTPOINT, 118),
/* Enable SSL/TLS for FTP, pick one of:
CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
CURLFTPSSL_CONTROL - SSL for the control connection or fail
CURLFTPSSL_ALL - SSL for all communication or fail
CURLUSESSL_TRY - try using SSL, proceed anyway otherwise
CURLUSESSL_CONTROL - SSL for the control connection or fail
CURLUSESSL_ALL - SSL for all communication or fail
*/
CINIT(USE_SSL, LONG, 119),

View File

@@ -30,12 +30,12 @@
/* This is the version number of the libcurl package from which this header
file origins: */
#define LIBCURL_VERSION "7.26.0-DEV"
#define LIBCURL_VERSION "7.28.0-DEV"
/* The numeric version number is also available "in parts" by using these
defines: */
#define LIBCURL_VERSION_MAJOR 7
#define LIBCURL_VERSION_MINOR 26
#define LIBCURL_VERSION_MINOR 28
#define LIBCURL_VERSION_PATCH 0
/* This is the numeric version of the libcurl version number, meant for easier
@@ -53,7 +53,7 @@
and it is always a greater number in a more recent release. It makes
comparisons with greater than and less than work.
*/
#define LIBCURL_VERSION_NUM 0x071A00
#define LIBCURL_VERSION_NUM 0x071c00
/*
* This is the date and time when the full source package was created. The

View File

@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -89,6 +89,19 @@ struct CURLMsg {
};
typedef struct CURLMsg CURLMsg;
/* Based on poll(2) structure and values.
* We don't use pollfd and POLL* constants explicitly
* to cover platforms without poll(). */
#define CURL_WAIT_POLLIN 0x0001
#define CURL_WAIT_POLLPRI 0x0002
#define CURL_WAIT_POLLOUT 0x0004
struct curl_waitfd {
curl_socket_t fd;
short events;
short revents; /* not supported yet */
};
/*
* Name: curl_multi_init()
*
@@ -133,6 +146,20 @@ CURL_EXTERN CURLMcode curl_multi_fdset(CURLM *multi_handle,
fd_set *exc_fd_set,
int *max_fd);
/*
* Name: curl_multi_wait()
*
* Desc: Poll on all fds within a CURLM set as well as any
* additional fds passed to the function.
*
* Returns: CURLMcode type, general multi error code.
*/
CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle,
struct curl_waitfd extra_fds[],
unsigned int extra_nfds,
int timeout_ms,
int *ret);
/*
* Name: curl_multi_perform()
*

4
lib/.gitignore vendored
View File

@@ -11,3 +11,7 @@ libcurl.vcproj
vc6libcurl.dsp
Makefile.vc10.dist
libcurl.vers
*.a
*.res
*.imp
*.nlm

View File

@@ -34,7 +34,7 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 $(DSP) \
vc6libcurl.dsw config-win32.h config-win32ce.h config-riscos.h \
config-mac.h curl_config.h.in makefile.dj config-dos.h libcurl.plist \
libcurl.rc config-amigaos.h makefile.amiga \
Makefile.netware nwlib.c nwos.c libcurl.imp msvcproj.head msvcproj.foot \
Makefile.netware nwlib.c nwos.c msvcproj.head msvcproj.foot \
config-win32ce.h config-os400.h setup-os400.h config-symbian.h \
Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl \
mk-ca-bundle.vbs firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h \

View File

@@ -23,7 +23,8 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
curl_rtmp.c openldap.c curl_gethostname.c gopher.c axtls.c \
idn_win32.c http_negotiate_sspi.c cyassl.c http_proxy.c non-ascii.c \
asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \
curl_ntlm_core.c curl_ntlm_msgs.c
curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_schannel.c \
curl_multibyte.c curl_darwinssl.c
HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \
progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h \
@@ -39,4 +40,5 @@ HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h \
curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h \
warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h \
gopher.h axtls.h cyassl.h http_proxy.h non-ascii.h asyn.h curl_ntlm.h \
curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h curl_ntlm_msgs.h
curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h curl_ntlm_msgs.h \
curl_sasl.h curl_schannel.h curl_multibyte.h curl_darwinssl.h

View File

@@ -20,15 +20,6 @@ endif
ifndef OPENSSL_PATH
OPENSSL_PATH = ../../openssl-0.9.8x
endif
ifndef OPENSSL_INCLUDE
OPENSSL_INCLUDE = $(OPENSSL_PATH)/outinc
endif
ifndef OPENSSL_LIBPATH
OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
endif
ifndef OPENSSL_LIBS
OPENSSL_LIBS = -leay32 -lssl32
endif
# Edit the path below to point to the base of your LibSSH2 package.
ifndef LIBSSH2_PATH
LIBSSH2_PATH = ../../libssh2-1.4.2
@@ -64,7 +55,7 @@ ifndef ARCH
ARCH = w32
endif
CC = gcc
CC = $(CROSSPREFIX)gcc
CFLAGS = -g -O2 -Wall
CFLAGS += -fno-strict-aliasing
ifeq ($(ARCH),w64)
@@ -72,14 +63,39 @@ CFLAGS += -D_AMD64_
endif
# comment LDFLAGS below to keep debug info
LDFLAGS = -s
AR = ar
RANLIB = ranlib
RC = windres
AR = $(CROSSPREFIX)ar
RANLIB = $(CROSSPREFIX)ranlib
RC = $(CROSSPREFIX)windres
RCFLAGS = --include-dir=$(PROOT)/include -DDEBUGBUILD=0 -O COFF -i
STRIP = strip -g
STRIP = $(CROSSPREFIX)strip -g
RM = del /q /f 2>NUL
CP = copy
# Platform-dependent helper tool macros
ifeq ($(findstring /sh,$(SHELL)),/sh)
DEL = rm -f $1
RMDIR = rm -fr $1
MKDIR = mkdir -p $1
COPY = -cp -afv $1 $2
#COPYR = -cp -afr $1/* $2
COPYR = -rsync -aC $1/* $2
TOUCH = touch $1
CAT = cat
ECHONL = echo ""
DL = '
else
ifeq "$(OS)" "Windows_NT"
DEL = -del 2>NUL /q /f $(subst /,\,$1)
RMDIR = -rd 2>NUL /q /s $(subst /,\,$1)
else
DEL = -del 2>NUL $(subst /,\,$1)
RMDIR = -deltree 2>NUL /y $(subst /,\,$1)
endif
MKDIR = -md 2>NUL $(subst /,\,$1)
COPY = -copy 2>NUL /y $(subst /,\,$1) $(subst /,\,$2)
COPYR = -xcopy 2>NUL /q /y /e $(subst /,\,$1) $(subst /,\,$2)
TOUCH = copy 2>&1>NUL /b $(subst /,\,$1) +,,
CAT = type
ECHONL = $(ComSpec) /c echo.
endif
########################################################
## Nothing more to do below this line!
@@ -103,6 +119,9 @@ endif
ifeq ($(findstring -ssl,$(CFG)),-ssl)
SSL = 1
endif
ifeq ($(findstring -srp,$(CFG)),-srp)
SRP = 1
endif
ifeq ($(findstring -zlib,$(CFG)),-zlib)
ZLIB = 1
endif
@@ -124,6 +143,10 @@ endif
ifeq ($(findstring -ipv6,$(CFG)),-ipv6)
IPV6 = 1
endif
ifeq ($(findstring -winssl,$(CFG)),-winssl)
WINSSL = 1
SSPI = 1
endif
INCLUDES = -I. -I../include
CFLAGS += -DBUILDING_LIBCURL
@@ -145,11 +168,37 @@ ifdef SSH2
DLL_LIBS += -L"$(LIBSSH2_PATH)/win32" -lssh2
endif
ifdef SSL
ifndef OPENSSL_INCLUDE
ifeq "$(wildcard $(OPENSSL_PATH)/outinc)" "$(OPENSSL_PATH)/outinc"
OPENSSL_INCLUDE = $(OPENSSL_PATH)/outinc
endif
ifeq "$(wildcard $(OPENSSL_PATH)/include)" "$(OPENSSL_PATH)/include"
OPENSSL_INCLUDE = $(OPENSSL_PATH)/include
endif
endif
ifneq "$(wildcard $(OPENSSL_INCLUDE)/openssl/opensslv.h)" "$(OPENSSL_INCLUDE)/openssl/opensslv.h"
$(error Invalid path to OpenSSL package: $(OPENSSL_PATH))
endif
ifndef OPENSSL_LIBPATH
ifeq "$(wildcard $(OPENSSL_PATH)/out)" "$(OPENSSL_PATH)/out"
OPENSSL_LIBPATH = $(OPENSSL_PATH)/out
OPENSSL_LIBS = -leay32 -lssl32
endif
ifeq "$(wildcard $(OPENSSL_PATH)/lib)" "$(OPENSSL_PATH)/lib"
OPENSSL_LIBPATH = $(OPENSSL_PATH)/lib
OPENSSL_LIBS = -lcrypto -lssl
endif
endif
INCLUDES += -I"$(OPENSSL_INCLUDE)"
CFLAGS += -DUSE_SSLEAY -DUSE_OPENSSL -DHAVE_OPENSSL_ENGINE_H -DHAVE_OPENSSL_PKCS12_H \
-DHAVE_ENGINE_LOAD_BUILTIN_ENGINES -DOPENSSL_NO_KRB5 \
-DCURL_WANTS_CA_BUNDLE_ENV
DLL_LIBS += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS)
ifdef SRP
ifeq "$(wildcard $(OPENSSL_INCLUDE)/openssl/srp.h)" "$(OPENSSL_INCLUDE)/openssl/srp.h"
CFLAGS += -DHAVE_SSLEAY_SRP -DUSE_TLS_SRP
endif
endif
endif
ifdef ZLIB
INCLUDES += -I"$(ZLIB_PATH)"
@@ -169,6 +218,9 @@ endif
endif
ifdef SSPI
CFLAGS += -DUSE_WINDOWS_SSPI
ifdef WINSSL
CFLAGS += -DUSE_SCHANNEL
endif
endif
ifdef SPNEGO
CFLAGS += -DHAVE_SPNEGO
@@ -212,7 +264,7 @@ RESOURCE = libcurl.res
all: $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY)
$(libcurl_a_LIBRARY): $(libcurl_a_OBJECTS) $(libcurl_a_DEPENDENCIES)
-$(RM) $@
@$(call DEL, $@)
$(AR) cru $@ $(libcurl_a_OBJECTS)
$(RANLIB) $@
$(STRIP) $@
@@ -220,7 +272,7 @@ $(libcurl_a_LIBRARY): $(libcurl_a_OBJECTS) $(libcurl_a_DEPENDENCIES)
# remove the last line above to keep debug info
$(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE) $(libcurl_dll_DEPENDENCIES)
-$(RM) $@
@$(call DEL, $@)
$(CC) $(LDFLAGS) -shared -Wl,--out-implib,$(libcurl_dll_a_LIBRARY) \
-o $@ $(libcurl_a_OBJECTS) $(RESOURCE) $(DLL_LIBS)
@@ -232,17 +284,18 @@ $(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE) $(libcurl_dll_DEPENDENC
clean:
ifeq "$(wildcard $(PROOT)/include/curl/curlbuild.h.dist)" "$(PROOT)/include/curl/curlbuild.h.dist"
-$(RM) $(subst /,\,$(PROOT)/include/curl/curlbuild.h)
@$(call DEL, $(PROOT)/include/curl/curlbuild.h)
endif
-$(RM) $(libcurl_a_OBJECTS) $(RESOURCE)
@$(call DEL, $(libcurl_a_OBJECTS) $(RESOURCE))
distclean vclean: clean
-$(RM) $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY) $(libcurl_dll_a_LIBRARY)
@$(call DEL, $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY) $(libcurl_dll_a_LIBRARY))
$(PROOT)/include/curl/curlbuild.h:
@echo Creating $@
@$(call COPY, $@.dist, $@)
$(LIBCARES_PATH)/libcares.a:
$(MAKE) -C $(LIBCARES_PATH) -f Makefile.m32
$(PROOT)/include/curl/curlbuild.h:
@echo Creating $@
@$(CP) $(subst /,\,$@).dist $(subst /,\,$@)

View File

@@ -64,7 +64,8 @@ DESCR = cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
MTSAFE = YES
STACK = 64000
SCREEN = none
EXPORTS = @libcurl.imp
EXPORTF = $(TARGET).imp
EXPORTS = @$(EXPORTF)
# Uncomment the next line to enable linking with POSIX semantics.
# POSIXFL = 1
@@ -330,7 +331,7 @@ $(OBJDIR)/%.o: %.c
# @echo Compiling $<
$(CC) $(CFLAGS) -c $< -o $@
$(OBJDIR)/version.inc: ../include/curl/curlver.h $(OBJDIR)
$(OBJDIR)/version.inc: $(CURL_INC)/curl/curlver.h $(OBJDIR)
@echo Creating $@
@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
@@ -350,7 +351,7 @@ clean:
-$(RM) -r $(OBJDIR)
distclean vclean: clean
-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm
-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm $(TARGET).imp
-$(RM) certdata.txt ca-bundle.crt
$(OBJDIR) $(INSTDIR):
@@ -364,7 +365,7 @@ ifdef RANLIB
@$(RANLIB) $@
endif
$(TARGET).nlm: $(OBJDIR)/$(TARGET).def $(OBJL) $(XDCDATA)
$(TARGET).nlm: $(OBJDIR)/$(TARGET).def $(OBJL) $(EXPORTF) $(XDCDATA)
@echo Linking $@
@-$(RM) $@
@$(LD) $(LDFLAGS) $<
@@ -660,6 +661,10 @@ else
@echo $(DL)#define CURL_CA_BUNDLE getenv("CURL_CA_BUNDLE")$(DL) >> $@
endif
$(EXPORTF): $(CURL_INC)/curl/curl.h $(CURL_INC)/curl/easy.h $(CURL_INC)/curl/multi.h $(CURL_INC)/curl/mprintf.h
@echo Creating $@
@$(AWK) -f ../packages/NetWare/get_exp.awk $^ > $@
FORCE: ;
info: $(OBJDIR)/version.inc
@@ -696,13 +701,6 @@ else
@echo ipv6 support: no
endif
$(LIBCARES_PATH)/libcares.$(LIBEXT):
$(MAKE) -C $(LIBCARES_PATH) -f Makefile.netware lib
ca-bundle.crt: mk-ca-bundle.pl
@echo Creating $@
@-$(PERL) $< -b -n $@
$(CURL_INC)/curl/curlbuild.h: Makefile.netware FORCE
@echo Creating $@
@echo $(DL)/* $@ intended for NetWare target.$(DL) > $@
@@ -741,3 +739,10 @@ endif
@echo $(DL)typedef CURL_TYPEOF_CURL_OFF_T curl_off_t;$(DL) >> $@
@echo $(DL)#endif /* __CURL_CURLBUILD_H */$(DL) >> $@
$(LIBCARES_PATH)/libcares.$(LIBEXT):
$(MAKE) -C $(LIBCARES_PATH) -f Makefile.netware lib
ca-bundle.crt: mk-ca-bundle.pl
@echo Creating $@
@-$(PERL) $< -b -n $@

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1999 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1999 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -22,7 +22,7 @@
# All files in the Makefile.vc* series are generated automatically from the
# one made for MSVC version 6. Alas, if you want to do changes to any of the
# fiels and send back to the project, edit the version six, make your diff and
# files and send back to the project, edit the version six, make your diff and
# mail curl-library.
###########################################################################
@@ -105,7 +105,7 @@ WINDOWS_SDK_PATH = "$(PROGRAMFILES)\Microsoft SDK"
CCNODBG = cl.exe /O2 /DNDEBUG
CCDEBUG = cl.exe /Od /Gm /Zi /D_DEBUG /GZ
CFLAGSSSL = /DUSE_SSLEAY /I "$(OPENSSL_PATH)/inc32" /I "$(OPENSSL_PATH)/inc32/openssl"
CFLAGSSSL = /DUSE_SSLEAY /DUSE_OPENSSL /I "$(OPENSSL_PATH)/inc32" /I "$(OPENSSL_PATH)/inc32/openssl"
CFLAGSSSH2 = /DUSE_LIBSSH2 /DCURL_DISABLE_LDAP /DHAVE_LIBSSH2 /DHAVE_LIBSSH2_H /DLIBSSH2_WIN32 /DLIBSSH2_LIBRARY /I "$(LIBSSH2_PATH)/include"
CFLAGSZLIB = /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I "$(ZLIB_PATH)"
CFLAGS = /I. /I../include /nologo /W3 /GX /DWIN32 /YX /FD /c /DBUILDING_LIBCURL /D_BIND_TO_CURRENT_VCLIBS_VERSION=1
@@ -116,7 +116,7 @@ LFLAGS = /nologo /machine:$(MACHINE)
SSLLIBS = libeay32.lib ssleay32.lib
ZLIBLIBSDLL= zdll.lib
ZLIBLIBS = zlib.lib
WINLIBS = ws2_32.lib wldap32.lib
WINLIBS = ws2_32.lib wldap32.lib advapi32.lib
CFLAGS = $(CFLAGS)
CFGSET = FALSE
@@ -189,6 +189,20 @@ CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
!ENDIF
######################
# release-ssl-ssh2-zlib
!IF "$(CFG)" == "release-ssl-ssh2-zlib"
TARGET = $(LIBCURL_STA_LIB_REL)
DIROBJ = $(CFG)
LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
LNK = $(LNKLIB) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
!ENDIF
######################
# release-ssl-dll
@@ -226,36 +240,6 @@ CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
!ENDIF
######################
# release-ssl-ssh2-zlib
!IF "$(CFG)" == "release-ssl-ssh2-zlib"
TARGET = $(LIB_NAME).lib
DIROBJ = $(CFG)
LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
LNK = $(LNKLIB) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
CC = $(CCNODBG) $(RTLIB) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
RESOURCE = $(LIBSSH2_PATH)/Release/src/libssh2.lib $(ZLIB_PATH)/zlib.lib
!ENDIF
######################
# debug-ssl-ssh2-zlib
!IF "$(CFG)" == "debug-ssl-ssh2-zlib"
TARGET = $(LIB_NAME_DEBUG).lib
DIROBJ = $(CFG)
LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
RESOURCE = $(LIBSSH2_PATH)/Release/src/libssh2.lib $(ZLIB_PATH)/zlib.lib
!ENDIF
######################
# release-dll
@@ -356,6 +340,20 @@ CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
!ENDIF
######################
# debug-ssl-ssh2-zlib
!IF "$(CFG)" == "debug-ssl-ssh2-zlib"
TARGET = $(LIBCURL_STA_LIB_DBG)
DIROBJ = $(CFG)
LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
LFLAGSSSH2 = "/LIBPATH:$(LIBSSH2_PATH)"
LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32"
LNK = $(LNKLIB) $(ZLIBLIBS) $(LFLAGSSSL) $(LFLAGSSSH2) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET)
CC = $(CCDEBUG) $(RTLIBD) $(CFLAGSSSL) $(CFLAGSSSH2) $(CFLAGSZLIB) $(CFLAGSLIB)
CFGSET = TRUE
!ENDIF
######################
# debug-ssl-dll
@@ -463,11 +461,11 @@ RESOURCE = $(DIROBJ)\libcurl.res
!MESSAGE release-dll-ssl-dll - release dynamic library with dynamic ssl
!MESSAGE release-dll-zlib-dll - release dynamic library with dynamic zlib
!MESSAGE release-dll-ssl-dll-zlib-dll - release dynamic library with dynamic ssl and dynamic zlib
!MESSAGE debug-ssl-ssh2-zlib - debug static library with ssl, ssh2 and zlib
!MESSAGE debug - debug static library
!MESSAGE debug-ssl - debug static library with ssl
!MESSAGE debug-zlib - debug static library with zlib
!MESSAGE debug-ssl-zlib - debug static library with ssl and zlib
!MESSAGE debug-ssl-ssh2-zlib - debug static library with ssl, ssh2 and zlib
!MESSAGE debug-ssl-dll - debug static library with dynamic ssl
!MESSAGE debug-zlib-dll - debug static library with dynamic zlib
!MESSAGE debug-ssl-dll-zlib-dll - debug static library with dynamic ssl and dynamic zlib
@@ -503,25 +501,29 @@ X_OBJS= \
$(DIROBJ)\content_encoding.obj \
$(DIROBJ)\cookie.obj \
$(DIROBJ)\curl_addrinfo.obj \
$(DIROBJ)\curl_darwinssl.obj \
$(DIROBJ)\curl_fnmatch.obj \
$(DIROBJ)\curl_gethostname.obj \
$(DIROBJ)\curl_memrchr.obj \
$(DIROBJ)\curl_multibyte.obj \
$(DIROBJ)\curl_ntlm.obj \
$(DIROBJ)\curl_ntlm_core.obj \
$(DIROBJ)\curl_ntlm_msgs.obj \
$(DIROBJ)\curl_ntlm_wb.obj \
$(DIROBJ)\curl_rand.obj \
$(DIROBJ)\curl_rtmp.obj \
$(DIROBJ)\curl_sasl.obj \
$(DIROBJ)\curl_schannel.obj \
$(DIROBJ)\curl_sspi.obj \
$(DIROBJ)\curl_threads.obj \
$(DIROBJ)\dict.obj \
$(DIROBJ)\easy.obj \
$(DIROBJ)\escape.obj \
$(DIROBJ)\fileinfo.obj \
$(DIROBJ)\file.obj \
$(DIROBJ)\fileinfo.obj \
$(DIROBJ)\formdata.obj \
$(DIROBJ)\ftplistparser.obj \
$(DIROBJ)\ftp.obj \
$(DIROBJ)\ftplistparser.obj \
$(DIROBJ)\getenv.obj \
$(DIROBJ)\getinfo.obj \
$(DIROBJ)\gopher.obj \
@@ -529,15 +531,15 @@ X_OBJS= \
$(DIROBJ)\hash.obj \
$(DIROBJ)\hmac.obj \
$(DIROBJ)\hostasyn.obj \
$(DIROBJ)\hostip.obj \
$(DIROBJ)\hostip4.obj \
$(DIROBJ)\hostip6.obj \
$(DIROBJ)\hostip.obj \
$(DIROBJ)\hostsyn.obj \
$(DIROBJ)\http.obj \
$(DIROBJ)\http_chunks.obj \
$(DIROBJ)\http_digest.obj \
$(DIROBJ)\http_negotiate.obj \
$(DIROBJ)\http_negotiate_sspi.obj \
$(DIROBJ)\http.obj \
$(DIROBJ)\http_proxy.obj \
$(DIROBJ)\if2ip.obj \
$(DIROBJ)\imap.obj \
@@ -565,8 +567,8 @@ X_OBJS= \
$(DIROBJ)\share.obj \
$(DIROBJ)\slist.obj \
$(DIROBJ)\smtp.obj \
$(DIROBJ)\socks_gssapi.obj \
$(DIROBJ)\socks.obj \
$(DIROBJ)\socks_gssapi.obj \
$(DIROBJ)\socks_sspi.obj \
$(DIROBJ)\speedcheck.obj \
$(DIROBJ)\splay.obj \

View File

@@ -1,5 +1,5 @@
#ifndef __LIB_CONFIG_WIN32CE_H
#define __LIB_CONFIG_WIN32CE_H
#ifndef HEADER_CURL_CONFIG_WIN32CE_H
#define HEADER_CURL_CONFIG_WIN32CE_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -79,7 +79,7 @@
#define HAVE_STDLIB_H 1
/* Define if you have the <process.h> header file. */
#define HAVE_PROCESS_H 1
/* #define HAVE_PROCESS_H 1 */
/* Define if you have the <sys/param.h> header file. */
/* #define HAVE_SYS_PARAM_H 1 */
@@ -427,6 +427,14 @@
/* WinCE */
/* ---------------------------------------------------------------- */
#ifndef UNICODE
# define UNICODE
#endif
#ifndef _UNICODE
# define _UNICODE
#endif
#define CURL_DISABLE_FILE 1
#define CURL_DISABLE_TELNET 1
#define CURL_DISABLE_LDAP 1
@@ -437,4 +445,4 @@
extern int stat(const char *path,struct stat *buffer );
#endif /* __LIB_CONFIG_WIN32CE_H */
#endif /* HEADER_CURL_CONFIG_WIN32CE_H */

View File

@@ -91,6 +91,13 @@
static bool verifyconnect(curl_socket_t sockfd, int *error);
#ifdef __DragonFly__
/* DragonFlyBSD uses millisecond as KEEPIDLE and KEEPINTVL units */
#define KEEPALIVE_FACTOR(x) (x *= 1000)
#else
#define KEEPALIVE_FACTOR(x)
#endif
static void
tcpkeepalive(struct SessionHandle *data,
curl_socket_t sockfd)
@@ -105,6 +112,7 @@ tcpkeepalive(struct SessionHandle *data,
else {
#ifdef TCP_KEEPIDLE
optval = curlx_sltosi(data->set.tcp_keepidle);
KEEPALIVE_FACTOR(optval);
if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPIDLE,
(void *)&optval, sizeof(optval)) < 0) {
infof(data, "Failed to set TCP_KEEPIDLE on fd %d\n", sockfd);
@@ -112,6 +120,7 @@ tcpkeepalive(struct SessionHandle *data,
#endif
#ifdef TCP_KEEPINTVL
optval = curlx_sltosi(data->set.tcp_keepintvl);
KEEPALIVE_FACTOR(optval);
if(setsockopt(sockfd, IPPROTO_TCP, TCP_KEEPINTVL,
(void *)&optval, sizeof(optval)) < 0) {
infof(data, "Failed to set TCP_KEEPINTVL on fd %d\n", sockfd);

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -882,7 +882,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
for(i=0; co; co = co->next)
array[i++] = co;
/* now sort the cookie pointers in path lenth order */
/* now sort the cookie pointers in path length order */
qsort(array, matches, sizeof(struct Cookie *), cookie_sort);
/* remake the linked list order according to the new order */
@@ -1069,7 +1069,7 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere)
char *format_ptr;
fputs("# Netscape HTTP Cookie File\n"
"# http://curl.haxx.se/rfc/cookie_spec.html\n"
"# http://curl.haxx.se/docs/http-cookies.html\n"
"# This file was generated by libcurl! Edit at your own risk.\n\n",
out);
co = c->cookies;

1324
lib/curl_darwinssl.c Normal file

File diff suppressed because it is too large Load Diff

73
lib/curl_darwinssl.h Normal file
View File

@@ -0,0 +1,73 @@
#ifndef HEADER_CURL_DARWINSSL_H
#define HEADER_CURL_DARWINSSL_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Nick Zitzmann, <nickzman@gmail.com>.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "setup.h"
#ifdef USE_DARWINSSL
CURLcode Curl_darwinssl_connect(struct connectdata *conn, int sockindex);
CURLcode Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
int sockindex,
bool *done);
/* this function doesn't actually do anything */
void Curl_darwinssl_close_all(struct SessionHandle *data);
/* close a SSL connection */
void Curl_darwinssl_close(struct connectdata *conn, int sockindex);
size_t Curl_darwinssl_version(char *buffer, size_t size);
int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex);
int Curl_darwinssl_check_cxn(struct connectdata *conn);
bool Curl_darwinssl_data_pending(const struct connectdata *conn,
int connindex);
void Curl_darwinssl_random(struct SessionHandle *data,
unsigned char *entropy,
size_t length);
void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
size_t tmplen,
unsigned char *md5sum, /* output */
size_t md5len);
/* API setup for SecureTransport */
#define curlssl_init() (1)
#define curlssl_cleanup() Curl_nop_stmt
#define curlssl_connect Curl_darwinssl_connect
#define curlssl_connect_nonblocking Curl_darwinssl_connect_nonblocking
#define curlssl_session_free(x) Curl_nop_stmt
#define curlssl_close_all Curl_darwinssl_close_all
#define curlssl_close Curl_darwinssl_close
#define curlssl_shutdown(x,y) 0
#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_NOT_BUILT_IN)
#define curlssl_set_engine_default(x) (x=x, CURLE_NOT_BUILT_IN)
#define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL)
#define curlssl_version Curl_darwinssl_version
#define curlssl_check_cxn Curl_darwinssl_check_cxn
#define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y)
#define curlssl_random(x,y,z) Curl_darwinssl_random(x,y,z)
#define curlssl_md5sum(a,b,c,d) Curl_darwinssl_md5sum(a,b,c,d)
#endif /* USE_DARWINSSL */
#endif /* HEADER_CURL_DARWINSSL_H */

82
lib/curl_multibyte.c Normal file
View File

@@ -0,0 +1,82 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "setup.h"
#if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
/*
* MultiByte conversions using Windows kernel32 library.
*/
#include "curl_multibyte.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
#include "curl_memory.h"
/* The last #include file should be: */
#include "memdebug.h"
wchar_t *Curl_convert_UTF8_to_wchar(const char *str_utf8)
{
wchar_t *str_w = NULL;
if(str_utf8) {
int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
str_utf8, -1, NULL, 0);
if(str_w_len > 0) {
str_w = malloc(str_w_len * sizeof(wchar_t));
if(str_w) {
if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
str_w_len) == 0) {
Curl_safefree(str_w);
}
}
}
}
return str_w;
}
char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w)
{
char *str_utf8 = NULL;
if(str_w) {
int str_utf8_len = WideCharToMultiByte(CP_UTF8, 0, str_w, -1, NULL,
0, NULL, NULL);
if(str_utf8_len > 0) {
str_utf8 = malloc(str_utf8_len * sizeof(wchar_t));
if(str_utf8) {
if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, str_utf8_len,
NULL, FALSE) == 0) {
Curl_safefree(str_utf8);
}
}
}
}
return str_utf8;
}
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && UNICODE) */

90
lib/curl_multibyte.h Normal file
View File

@@ -0,0 +1,90 @@
#ifndef HEADER_CURL_MULTIBYTE_H
#define HEADER_CURL_MULTIBYTE_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "setup.h"
#if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
/*
* MultiByte conversions using Windows kernel32 library.
*/
wchar_t *Curl_convert_UTF8_to_wchar(const char *str_utf8);
char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w);
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && UNICODE) */
#if defined(USE_WIN32_IDN) || defined(USE_WINDOWS_SSPI)
/*
* Macros Curl_convert_UTF8_to_tchar(), Curl_convert_tchar_to_UTF8()
* and Curl_unicodefree() main purpose is to minimize the number of
* preprocessor conditional directives needed by code using these
* to differentiate UNICODE from non-UNICODE builds.
*
* When building with UNICODE defined, this two macros
* Curl_convert_UTF8_to_tchar() and Curl_convert_tchar_to_UTF8()
* return a pointer to a newly allocated memory area holding result.
* When the result is no longer needed, allocated memory is intended
* to be free'ed with Curl_unicodefree().
*
* When building without UNICODE defined, this macros
* Curl_convert_UTF8_to_tchar() and Curl_convert_tchar_to_UTF8()
* return the pointer received as argument. Curl_unicodefree() does
* no actual free'ing of this pointer it is simply set to NULL.
*/
#ifdef UNICODE
#define Curl_convert_UTF8_to_tchar(ptr) Curl_convert_UTF8_to_wchar((ptr))
#define Curl_convert_tchar_to_UTF8(ptr) Curl_convert_wchar_to_UTF8((ptr))
#define Curl_unicodefree(ptr) \
do {if((ptr)) {free((ptr)); (ptr) = NULL;}} WHILE_FALSE
typedef union {
unsigned short *tchar_ptr;
const unsigned short *const_tchar_ptr;
unsigned short *tbyte_ptr;
const unsigned short *const_tbyte_ptr;
} xcharp_u;
#else
#define Curl_convert_UTF8_to_tchar(ptr) (ptr)
#define Curl_convert_tchar_to_UTF8(ptr) (ptr)
#define Curl_unicodefree(ptr) \
do {(ptr) = NULL;} WHILE_FALSE
typedef union {
char *tchar_ptr;
const char *const_tchar_ptr;
unsigned char *tbyte_ptr;
const unsigned char *const_tbyte_ptr;
} xcharp_u;
#endif /* UNICODE */
#endif /* USE_WIN32_IDN || USE_WINDOWS_SSPI */
#endif /* HEADER_CURL_MULTIBYTE_H */

View File

@@ -95,7 +95,13 @@ CURLcode Curl_input_ntlm(struct connectdata *conn,
ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */
}
else {
if(ntlm->state >= NTLMSTATE_TYPE1) {
if(ntlm->state == NTLMSTATE_TYPE3) {
infof(conn->data, "NTLM handshake rejected\n");
Curl_http_ntlm_cleanup(conn);
ntlm->state = NTLMSTATE_NONE;
return CURLE_REMOTE_ACCESS_DENIED;
}
else if(ntlm->state >= NTLMSTATE_TYPE1) {
infof(conn->data, "NTLM handshake failure (internal error)\n");
return CURLE_REMOTE_ACCESS_DENIED;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -82,6 +82,11 @@
# include "curl_md4.h"
# define MD5_DIGEST_LENGTH MD5_LENGTH
#elif defined(USE_DARWINSSL)
# include <CommonCrypto/CommonCryptor.h>
# include <CommonCrypto/CommonDigest.h>
#else
# error "Can't compile NTLM support without a crypto library."
#endif
@@ -221,7 +226,23 @@ fail:
return rv;
}
#endif /* defined(USE_NSS) */
#elif defined(USE_DARWINSSL)
static bool encrypt_des(const unsigned char *in, unsigned char *out,
const unsigned char *key_56)
{
char key[8];
size_t out_len;
CCCryptorStatus err;
extend_key_56_to_64(key_56, key);
err = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode, key,
kCCKeySizeDES, NULL, in, 8 /* inbuflen */, out,
8 /* outbuflen */, &out_len);
return err == kCCSuccess;
}
#endif /* defined(USE_DARWINSSL) */
#endif /* defined(USE_SSLEAY) */
@@ -273,7 +294,7 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys,
setup_des_key(keys + 14, &des);
gcry_cipher_encrypt(des, results + 16, 8, plaintext, 8);
gcry_cipher_close(des);
#elif defined(USE_NSS)
#elif defined(USE_NSS) || defined(USE_DARWINSSL)
encrypt_des(plaintext, results, keys);
encrypt_des(plaintext, results + 8, keys + 7);
encrypt_des(plaintext, results + 16, keys + 14);
@@ -336,7 +357,7 @@ void Curl_ntlm_core_mk_lm_hash(struct SessionHandle *data,
setup_des_key(pw + 7, &des);
gcry_cipher_encrypt(des, lmbuffer + 8, 8, magic, 8);
gcry_cipher_close(des);
#elif defined(USE_NSS)
#elif defined(USE_NSS) || defined(USE_DARWINSSL)
encrypt_des(magic, lmbuffer, pw);
encrypt_des(magic, lmbuffer + 8, pw + 7);
#endif
@@ -399,6 +420,8 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct SessionHandle *data,
gcry_md_close(MD4pw);
#elif defined(USE_NSS)
Curl_md4it(ntbuffer, pw, 2 * len);
#elif defined(USE_DARWINSSL)
(void)CC_MD4(pw, 2 * len, ntbuffer);
#endif
memset(ntbuffer + 16, 0, 21 - 16);

View File

@@ -33,64 +33,22 @@
#define DEBUG_ME 0
#ifdef USE_SSLEAY
# ifdef USE_OPENSSL
# include <openssl/des.h>
# ifndef OPENSSL_NO_MD4
# include <openssl/md4.h>
# endif
# include <openssl/md5.h>
# include <openssl/ssl.h>
# include <openssl/rand.h>
# else
# include <des.h>
# ifndef OPENSSL_NO_MD4
# include <md4.h>
# endif
# include <md5.h>
# include <ssl.h>
# include <rand.h>
# endif
# include "ssluse.h"
#elif defined(USE_GNUTLS_NETTLE)
# include <nettle/md5.h>
# include <gnutls/gnutls.h>
# include <gnutls/crypto.h>
# define MD5_DIGEST_LENGTH 16
#elif defined(USE_GNUTLS)
# include <gcrypt.h>
# include "gtls.h"
# define MD5_DIGEST_LENGTH 16
# define MD4_DIGEST_LENGTH 16
#elif defined(USE_NSS)
# include <nss.h>
# include <pk11pub.h>
# include <hasht.h>
# include "nssg.h"
# include "curl_md4.h"
# define MD5_DIGEST_LENGTH MD5_LENGTH
#elif defined(USE_WINDOWS_SSPI)
# include "curl_sspi.h"
#else
# error "Can't compile NTLM support without a crypto library."
#endif
#include "urldata.h"
#include "non-ascii.h"
#include "sendf.h"
#include "curl_base64.h"
#include "curl_ntlm_core.h"
#include "curl_gethostname.h"
#include "curl_multibyte.h"
#include "warnless.h"
#include "curl_memory.h"
#ifdef USE_WINDOWS_SSPI
# include "curl_sspi.h"
#endif
#include "sslgen.h"
#define BUILDING_CURL_NTLM_MSGS_C
#include "curl_ntlm_msgs.h"
@@ -281,7 +239,7 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
free(buffer);
return CURLE_OUT_OF_MEMORY;
}
ntlm->n_type_2 = (unsigned long)size;
ntlm->n_type_2 = curlx_uztoul(size);
memcpy(ntlm->type_2, buffer, size);
#else
ntlm->flags = 0;
@@ -315,19 +273,16 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
#ifdef USE_WINDOWS_SSPI
void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
{
if(ntlm->type_2) {
free(ntlm->type_2);
ntlm->type_2 = NULL;
}
Curl_safefree(ntlm->type_2);
if(ntlm->has_handles) {
s_pSecFn->DeleteSecurityContext(&ntlm->c_handle);
s_pSecFn->FreeCredentialsHandle(&ntlm->handle);
ntlm->has_handles = 0;
}
if(ntlm->p_identity) {
if(ntlm->identity.User) free(ntlm->identity.User);
if(ntlm->identity.Password) free(ntlm->identity.Password);
if(ntlm->identity.Domain) free(ntlm->identity.Domain);
Curl_safefree(ntlm->identity.User);
Curl_safefree(ntlm->identity.Password);
Curl_safefree(ntlm->identity.Domain);
ntlm->p_identity = NULL;
}
}
@@ -359,7 +314,7 @@ static void unicodecpy(unsigned char *dest,
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The adress where a pointer to newly allocated memory
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
@@ -393,64 +348,91 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
SecBuffer buf;
SecBufferDesc desc;
SECURITY_STATUS status;
ULONG attrs;
const char *dest = "";
const char *user;
const char *domain = "";
size_t userlen = 0;
unsigned long attrs;
xcharp_u useranddomain;
xcharp_u user, dup_user;
xcharp_u domain, dup_domain;
xcharp_u passwd, dup_passwd;
size_t domlen = 0;
size_t passwdlen = 0;
TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */
domain.const_tchar_ptr = TEXT("");
Curl_ntlm_sspi_cleanup(ntlm);
user = strchr(userp, '\\');
if(!user)
user = strchr(userp, '/');
if(userp && *userp) {
if(user) {
domain = userp;
domlen = user - userp;
user++;
/* null initialize ntlm identity's data to allow proper cleanup */
ntlm->p_identity = &ntlm->identity;
memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity));
useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp);
if(!useranddomain.tchar_ptr)
return CURLE_OUT_OF_MEMORY;
user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\'));
if(!user.const_tchar_ptr)
user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/'));
if(user.tchar_ptr) {
domain.tchar_ptr = useranddomain.tchar_ptr;
domlen = user.tchar_ptr - useranddomain.tchar_ptr;
user.tchar_ptr++;
}
else {
user = userp;
domain = "";
user.tchar_ptr = useranddomain.tchar_ptr;
domain.const_tchar_ptr = TEXT("");
domlen = 0;
}
if(user)
userlen = strlen(user);
if(passwdp)
passwdlen = strlen(passwdp);
if(userlen > 0) {
/* note: initialize all of this before doing the mallocs so that
* it can be cleaned up later without leaking memory.
*/
ntlm->p_identity = &ntlm->identity;
memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity));
if((ntlm->identity.User = (unsigned char *)strdup(user)) == NULL)
/* setup ntlm identity's user and length */
dup_user.tchar_ptr = _tcsdup(user.tchar_ptr);
if(!dup_user.tchar_ptr) {
Curl_unicodefree(useranddomain.tchar_ptr);
return CURLE_OUT_OF_MEMORY;
}
ntlm->identity.User = dup_user.tbyte_ptr;
ntlm->identity.UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
dup_user.tchar_ptr = NULL;
ntlm->identity.UserLength = (unsigned long)userlen;
if((ntlm->identity.Password = (unsigned char *)strdup(passwdp)) == NULL)
/* setup ntlm identity's domain and length */
dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));
if(!dup_domain.tchar_ptr) {
Curl_unicodefree(useranddomain.tchar_ptr);
return CURLE_OUT_OF_MEMORY;
}
_tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
*(dup_domain.tchar_ptr + domlen) = TEXT('\0');
ntlm->identity.Domain = dup_domain.tbyte_ptr;
ntlm->identity.DomainLength = curlx_uztoul(domlen);
dup_domain.tchar_ptr = NULL;
ntlm->identity.PasswordLength = (unsigned long)strlen(passwdp);
if((ntlm->identity.Domain = malloc(domlen + 1)) == NULL)
Curl_unicodefree(useranddomain.tchar_ptr);
/* setup ntlm identity's password and length */
passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp);
if(!passwd.tchar_ptr)
return CURLE_OUT_OF_MEMORY;
dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr);
if(!dup_passwd.tchar_ptr) {
Curl_unicodefree(passwd.tchar_ptr);
return CURLE_OUT_OF_MEMORY;
}
ntlm->identity.Password = dup_passwd.tbyte_ptr;
ntlm->identity.PasswordLength =
curlx_uztoul(_tcslen(dup_passwd.tchar_ptr));
dup_passwd.tchar_ptr = NULL;
strncpy((char *)ntlm->identity.Domain, domain, domlen);
ntlm->identity.Domain[domlen] = '\0';
ntlm->identity.DomainLength = (unsigned long)domlen;
ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
Curl_unicodefree(passwd.tchar_ptr);
/* setup ntlm identity's flags */
ntlm->identity.Flags = SECFLAG_WINNT_AUTH_IDENTITY;
}
else
ntlm->p_identity = NULL;
status = s_pSecFn->AcquireCredentialsHandleA(NULL, (void *)"NTLM",
status = s_pSecFn->AcquireCredentialsHandle(NULL,
(TCHAR *) TEXT("NTLM"),
SECPKG_CRED_OUTBOUND, NULL,
ntlm->p_identity, NULL, NULL,
&ntlm->handle, &tsDummy);
@@ -464,8 +446,8 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
buf.BufferType = SECBUFFER_TOKEN;
buf.pvBuffer = ntlmbuf;
status = s_pSecFn->InitializeSecurityContextA(&ntlm->handle, NULL,
(void *)dest,
status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL,
(TCHAR *) TEXT(""),
ISC_REQ_CONFIDENTIALITY |
ISC_REQ_REPLAY_DETECT |
ISC_REQ_CONNECTION,
@@ -580,7 +562,7 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The adress where a pointer to newly allocated memory
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
@@ -615,13 +597,12 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
size_t size;
#ifdef USE_WINDOWS_SSPI
const char *dest = "";
SecBuffer type_2;
SecBuffer type_3;
SecBufferDesc type_2_desc;
SecBufferDesc type_3_desc;
SECURITY_STATUS status;
ULONG attrs;
unsigned long attrs;
TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */
(void)passwdp;
@@ -640,9 +621,9 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
type_3.pvBuffer = ntlmbuf;
type_3.cbBuffer = NTLM_BUFSIZE;
status = s_pSecFn->InitializeSecurityContextA(&ntlm->handle,
status = s_pSecFn->InitializeSecurityContext(&ntlm->handle,
&ntlm->c_handle,
(void *)dest,
(TCHAR *) TEXT(""),
ISC_REQ_CONFIDENTIALITY |
ISC_REQ_REPLAY_DETECT |
ISC_REQ_CONNECTION,
@@ -717,23 +698,7 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
unsigned char entropy[8];
/* Need to create 8 bytes random data */
#ifdef USE_SSLEAY
MD5_CTX MD5pw;
Curl_ossl_seed(data); /* Initiate the seed if not already done */
RAND_bytes(entropy, 8);
#elif defined(USE_GNUTLS_NETTLE)
struct md5_ctx MD5pw;
gnutls_rnd(GNUTLS_RND_RANDOM, entropy, 8);
#elif defined(USE_GNUTLS)
gcry_md_hd_t MD5pw;
Curl_gtls_seed(data); /* Initiate the seed if not already done */
gcry_randomize(entropy, 8, GCRY_STRONG_RANDOM);
#elif defined(USE_NSS)
PK11Context *MD5pw;
unsigned int MD5len;
Curl_nss_seed(data); /* Initiate the seed if not already done */
PK11_GenerateRandom(entropy, 8);
#endif
Curl_ssl_random(data, entropy, sizeof(entropy));
/* 8 bytes random data as challenge in lmresp */
memcpy(lmresp, entropy, 8);
@@ -745,25 +710,7 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
memcpy(tmp, &ntlm->nonce[0], 8);
memcpy(tmp + 8, entropy, 8);
#ifdef USE_SSLEAY
MD5_Init(&MD5pw);
MD5_Update(&MD5pw, tmp, 16);
MD5_Final(md5sum, &MD5pw);
#elif defined(USE_GNUTLS_NETTLE)
md5_init(&MD5pw);
md5_update(&MD5pw, 16, tmp);
md5_digest(&MD5pw, 16, md5sum);
#elif defined(USE_GNUTLS)
gcry_md_open(&MD5pw, GCRY_MD_MD5, 0);
gcry_md_write(MD5pw, tmp, MD5_DIGEST_LENGTH);
memcpy(md5sum, gcry_md_read (MD5pw, 0), MD5_DIGEST_LENGTH);
gcry_md_close(MD5pw);
#elif defined(USE_NSS)
MD5pw = PK11_CreateDigestContext(SEC_OID_MD5);
PK11_DigestOp(MD5pw, tmp, 16);
PK11_DigestFinal(MD5pw, md5sum, &MD5len, MD5_DIGEST_LENGTH);
PK11_DestroyContext(MD5pw, PR_TRUE);
#endif
Curl_ssl_md5sum(tmp, 16, md5sum, MD5_DIGEST_LENGTH);
/* We shall only use the first 8 bytes of md5sum, but the des
code in Curl_ntlm_core_lm_resp only encrypt the first 8 bytes */

View File

@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -163,6 +163,14 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
#define NTLMFLAG_NEGOTIATE_56 (1<<31)
/* Indicates that 56-bit encryption is supported. */
#ifdef UNICODE
# define SECFLAG_WINNT_AUTH_IDENTITY \
(unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
#else
# define SECFLAG_WINNT_AUTH_IDENTITY \
(unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
#endif
#endif /* BUILDING_CURL_NTLM_MSGS_C */
#endif /* USE_NTLM */

View File

@@ -28,6 +28,7 @@
#include "nonblock.h" /* for curlx_nonblock */
#include "progress.h" /* for Curl_pgrsSetUploadSize */
#include "transfer.h"
#include "warnless.h"
#include <curl/curl.h>
#include <librtmp/rtmp.h>
@@ -279,7 +280,7 @@ static ssize_t rtmp_recv(struct connectdata *conn, int sockindex, char *buf,
(void)sockindex; /* unused */
nread = RTMP_Read(r, buf, len);
nread = RTMP_Read(r, buf, curlx_uztosi(len));
if(nread < 0) {
if(r->m_read.status == RTMP_READ_COMPLETE ||
r->m_read.status == RTMP_READ_EOF) {
@@ -300,7 +301,7 @@ static ssize_t rtmp_send(struct connectdata *conn, int sockindex,
(void)sockindex; /* unused */
num = RTMP_Write(r, (char *)buf, len);
num = RTMP_Write(r, (char *)buf, curlx_uztosi(len));
if(num < 0)
*err = CURLE_SEND_ERROR;

504
lib/curl_sasl.c Normal file
View File

@@ -0,0 +1,504 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* RFC2195 CRAM-MD5 authentication
* RFC2831 DIGEST-MD5 authentication
* RFC4616 PLAIN authentication
*
***************************************************************************/
#include "setup.h"
#include <curl/curl.h>
#include "urldata.h"
#include "curl_base64.h"
#include "curl_md5.h"
#include "curl_rand.h"
#include "curl_hmac.h"
#include "curl_ntlm_msgs.h"
#include "curl_sasl.h"
#include "warnless.h"
#include "curl_memory.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
/* The last #include file should be: */
#include "memdebug.h"
#ifndef CURL_DISABLE_CRYPTO_AUTH
/* Retrieves the value for a corresponding key from the challenge string
* returns TRUE if the key could be found, FALSE if it does not exists
*/
static bool sasl_digest_get_key_value(const unsigned char *chlg,
const char *key,
char *value,
size_t max_val_len,
char end_char)
{
char *find_pos;
size_t i;
find_pos = strstr((const char *) chlg, key);
if(!find_pos)
return FALSE;
find_pos += strlen(key);
for(i = 0; *find_pos && *find_pos != end_char && i < max_val_len - 1; ++i)
value[i] = *find_pos++;
value[i] = '\0';
return TRUE;
}
#endif
/*
* Curl_sasl_create_plain_message()
*
* This is used to generate an already encoded PLAIN message ready
* for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* userp [in] - The user name.
* passdwp [in] - The user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
const char* userp,
const char* passwdp,
char **outptr, size_t *outlen)
{
char plainauth[2 * MAX_CURL_USER_LENGTH + MAX_CURL_PASSWORD_LENGTH];
size_t ulen;
size_t plen;
ulen = strlen(userp);
plen = strlen(passwdp);
if(2 * ulen + plen + 2 > sizeof(plainauth)) {
*outlen = 0;
*outptr = NULL;
/* Plainauth too small */
return CURLE_OUT_OF_MEMORY;
}
/* Calculate the reply */
memcpy(plainauth, userp, ulen);
plainauth[ulen] = '\0';
memcpy(plainauth + ulen + 1, userp, ulen);
plainauth[2 * ulen + 1] = '\0';
memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
/* Base64 encode the reply */
return Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
outlen);
}
/*
* Curl_sasl_create_login_message()
*
* This is used to generate an already encoded LOGIN message containing the
* user name or password ready for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* valuep [in] - The user name or user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
const char* valuep, char **outptr,
size_t *outlen)
{
size_t vlen = strlen(valuep);
if(!vlen) {
/* Calculate an empty reply */
*outptr = strdup("=");
if(*outptr) {
*outlen = (size_t) 1;
return CURLE_OK;
}
*outlen = 0;
return CURLE_OUT_OF_MEMORY;
}
/* Base64 encode the value */
return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
}
#ifndef CURL_DISABLE_CRYPTO_AUTH
/*
* Curl_sasl_create_cram_md5_message()
*
* This is used to generate an already encoded CRAM-MD5 response message ready
* for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* chlg64 [in] - Pointer to the base64 encoded challenge buffer.
* userp [in] - The user name.
* passdwp [in] - The user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
const char* chlg64,
const char* userp,
const char* passwdp,
char **outptr, size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlg64len = strlen(chlg64);
unsigned char *chlg = (unsigned char *) NULL;
size_t chlglen = 0;
HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
char response[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
return result;
}
/* Compute the digest using the password as the key */
ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
(const unsigned char *) passwdp,
curlx_uztoui(strlen(passwdp)));
if(!ctxt) {
Curl_safefree(chlg);
return CURLE_OUT_OF_MEMORY;
}
/* Update the digest with the given challenge */
if(chlglen > 0)
Curl_HMAC_update(ctxt, chlg, curlx_uztoui(chlglen));
Curl_safefree(chlg);
/* Finalise the digest */
Curl_HMAC_final(ctxt, digest);
/* Prepare the response */
snprintf(response, sizeof(response),
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
userp, digest[0], digest[1], digest[2], digest[3], digest[4],
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
digest[11], digest[12], digest[13], digest[14], digest[15]);
/* Base64 encode the reply */
return Curl_base64_encode(data, response, 0, outptr, outlen);
}
/*
* Curl_sasl_create_digest_md5_message()
*
* This is used to generate an already encoded DIGEST-MD5 response message
* ready for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* chlg64 [in] - Pointer to the base64 encoded challenge buffer.
* userp [in] - The user name.
* passdwp [in] - The user's password.
* service [in] - The service type such as www, smtp or pop
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
const char* chlg64,
const char* userp,
const char* passwdp,
const char* service,
char **outptr, size_t *outlen)
{
static const char table16[] = "0123456789abcdef";
CURLcode result = CURLE_OK;
unsigned char *chlg = (unsigned char *) NULL;
size_t chlglen = 0;
size_t i;
MD5_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
char HA1_hex[2 * MD5_DIGEST_LEN + 1];
char HA2_hex[2 * MD5_DIGEST_LEN + 1];
char resp_hash_hex[2 * MD5_DIGEST_LEN + 1];
char nonce[64];
char realm[128];
char alg[64];
char nonceCount[] = "00000001";
char cnonce[] = "12345678"; /* will be changed */
char method[] = "AUTHENTICATE";
char qop[] = "auth";
char uri[128];
char response[512];
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
return result;
/* Retrieve nonce string from the challenge */
if(!sasl_digest_get_key_value(chlg, "nonce=\"", nonce,
sizeof(nonce), '\"')) {
Curl_safefree(chlg);
return CURLE_LOGIN_DENIED;
}
/* Retrieve realm string from the challenge */
if(!sasl_digest_get_key_value(chlg, "realm=\"", realm,
sizeof(realm), '\"')) {
/* Challenge does not have a realm, set empty string [RFC2831] page 6 */
strcpy(realm, "");
}
/* Retrieve algorithm string from the challenge */
if(!sasl_digest_get_key_value(chlg, "algorithm=", alg, sizeof(alg), ',')) {
Curl_safefree(chlg);
return CURLE_LOGIN_DENIED;
}
Curl_safefree(chlg);
/* We do not support other algorithms */
if(strcmp(alg, "md5-sess") != 0)
return CURLE_LOGIN_DENIED;
/* Generate 64 bits of random data */
for(i = 0; i < 8; i++)
cnonce[i] = table16[Curl_rand()%16];
/* So far so good, now calculate A1 and H(A1) according to RFC 2831 */
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
Curl_MD5_update(ctxt, (const unsigned char *) userp,
curlx_uztoui(strlen(userp)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) realm,
curlx_uztoui(strlen(realm)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) passwdp,
curlx_uztoui(strlen(passwdp)));
Curl_MD5_final(ctxt, digest);
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
Curl_MD5_update(ctxt, (const unsigned char *) digest, MD5_DIGEST_LEN);
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) nonce,
curlx_uztoui(strlen(nonce)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) cnonce,
curlx_uztoui(strlen(cnonce)));
Curl_MD5_final(ctxt, digest);
/* Convert calculated 16 octet hex into 32 bytes string */
for(i = 0; i < MD5_DIGEST_LEN; i++)
snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]);
/* Prepare the URL string */
strcpy(uri, service);
strcat(uri, "/");
strcat(uri, realm);
/* Calculate H(A2) */
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
Curl_MD5_update(ctxt, (const unsigned char *) method,
curlx_uztoui(strlen(method)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) uri,
curlx_uztoui(strlen(uri)));
Curl_MD5_final(ctxt, digest);
for(i = 0; i < MD5_DIGEST_LEN; i++)
snprintf(&HA2_hex[2 * i], 3, "%02x", digest[i]);
/* Now calculate the response hash */
ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
Curl_MD5_update(ctxt, (const unsigned char *) HA1_hex, 2 * MD5_DIGEST_LEN);
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) nonce,
curlx_uztoui(strlen(nonce)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) nonceCount,
curlx_uztoui(strlen(nonceCount)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) cnonce,
curlx_uztoui(strlen(cnonce)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) qop,
curlx_uztoui(strlen(qop)));
Curl_MD5_update(ctxt, (const unsigned char *) ":", 1);
Curl_MD5_update(ctxt, (const unsigned char *) HA2_hex, 2 * MD5_DIGEST_LEN);
Curl_MD5_final(ctxt, digest);
for(i = 0; i < MD5_DIGEST_LEN; i++)
snprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]);
strcpy(response, "username=\"");
strcat(response, userp);
strcat(response, "\",realm=\"");
strcat(response, realm);
strcat(response, "\",nonce=\"");
strcat(response, nonce);
strcat(response, "\",cnonce=\"");
strcat(response, cnonce);
strcat(response, "\",nc=");
strcat(response, nonceCount);
strcat(response, ",digest-uri=\"");
strcat(response, uri);
strcat(response, "\",response=");
strcat(response, resp_hash_hex);
/* Base64 encode the reply */
return Curl_base64_encode(data, response, 0, outptr, outlen);
}
#endif
#ifdef USE_NTLM
/*
* Curl_sasl_create_ntlm_type1_message()
*
* This is used to generate an already encoded NTLM type-1 message ready for
* sending to the recipient.
*
* Note: This is a simple wrapper of the NTLM function which means that any
* SASL based protocols don't have to include the NTLM functions directly.
*
* Parameters:
*
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen)
{
return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr,
outlen);
}
/*
* Curl_sasl_create_ntlm_type3_message()
*
* This is used to generate an already encoded NTLM type-3 message ready for
* sending to the recipient.
*
* Parameters:
*
* data [in] - Pointer to session handle.
* header [in] - Pointer to the base64 encoded type-2 message buffer.
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data,
const char *header,
const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen)
{
CURLcode result = Curl_ntlm_decode_type2_message(data, header, ntlm);
if(!result)
result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm,
outptr, outlen);
return result;
}
#endif /* USE_NTLM */
/*
* Curl_sasl_cleanup()
*
* This is used to cleanup any libraries or curl modules used by the sasl
* functions.
*
* Parameters:
*
* conn [in] - Pointer to the connection data.
* authused [in] - The authentication mechanism used.
*/
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused)
{
#ifdef USE_NTLM
/* Cleanup the ntlm structure */
if(authused == SASL_MECH_NTLM) {
Curl_ntlm_sspi_cleanup(&conn->ntlm);
}
(void)conn;
#else
/* Reserved for future use */
(void)conn;
(void)authused;
#endif
}

88
lib/curl_sasl.h Normal file
View File

@@ -0,0 +1,88 @@
#ifndef HEADER_CURL_SASL_H
#define HEADER_CURL_SASL_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "pingpong.h"
/* Authentication mechanism flags */
#define SASL_MECH_LOGIN 0x0001
#define SASL_MECH_PLAIN 0x0002
#define SASL_MECH_CRAM_MD5 0x0004
#define SASL_MECH_DIGEST_MD5 0x0008
#define SASL_MECH_GSSAPI 0x0010
#define SASL_MECH_EXTERNAL 0x0020
#define SASL_MECH_NTLM 0x0040
/* This is used to generate a base64 encoded PLAIN authentication message */
CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
const char* userp,
const char* passwdp,
char **outptr, size_t *outlen);
/* This is used to generate a base64 encoded LOGIN authentication message
containing either the user name or password details */
CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
const char* valuep, char **outptr,
size_t *outlen);
#ifndef CURL_DISABLE_CRYPTO_AUTH
/* This is used to generate a base64 encoded CRAM-MD5 response message */
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
const char* chlg64,
const char* user,
const char* passwdp,
char **outptr, size_t *outlen);
/* This is used to generate a base64 encoded DIGEST-MD5 response message */
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
const char* chlg64,
const char* user,
const char* passwdp,
const char* service,
char **outptr, size_t *outlen);
#endif
#ifdef USE_NTLM
/* This is used to generate a base64 encoded NTLM type-1 message */
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr,
size_t *outlen);
/* This is used to decode an incoming NTLM type-2 message and generate a
base64 encoded type-3 response */
CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data,
const char *header,
const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen);
#endif /* USE_NTLM */
/* This is used to cleanup any libraries or curl modules used by the sasl
functions */
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);
#endif /* HEADER_CURL_SASL_H */

1293
lib/curl_schannel.c Normal file

File diff suppressed because it is too large Load Diff

132
lib/curl_schannel.h Normal file
View File

@@ -0,0 +1,132 @@
#ifndef HEADER_CURL_SCHANNEL_H
#define HEADER_CURL_SCHANNEL_H
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Marc Hoersken, <info@marc-hoersken.de>, et al.
* Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "setup.h"
#ifdef USE_SCHANNEL
#include "urldata.h"
#ifndef UNISP_NAME_A
#define UNISP_NAME_A "Microsoft Unified Security Protocol Provider"
#endif
#ifndef UNISP_NAME_W
#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
#endif
#ifndef UNISP_NAME
#ifdef UNICODE
#define UNISP_NAME UNISP_NAME_W
#else
#define UNISP_NAME UNISP_NAME_A
#endif
#endif
#ifndef SP_PROT_SSL2_CLIENT
#define SP_PROT_SSL2_CLIENT 0x00000008
#endif
#ifndef SP_PROT_SSL3_CLIENT
#define SP_PROT_SSL3_CLIENT 0x00000008
#endif
#ifndef SP_PROT_TLS1_CLIENT
#define SP_PROT_TLS1_CLIENT 0x00000080
#endif
#ifndef SP_PROT_TLS1_0_CLIENT
#define SP_PROT_TLS1_0_CLIENT SP_PROT_TLS1_CLIENT
#endif
#ifndef SP_PROT_TLS1_1_CLIENT
#define SP_PROT_TLS1_1_CLIENT 0x00000200
#endif
#ifndef SP_PROT_TLS1_2_CLIENT
#define SP_PROT_TLS1_2_CLIENT 0x00000800
#endif
#ifndef SECBUFFER_ALERT
#define SECBUFFER_ALERT 17
#endif
#ifndef ISC_RET_REPLAY_DETECT
#define ISC_RET_REPLAY_DETECT 0x00000004
#endif
#ifndef ISC_RET_SEQUENCE_DETECT
#define ISC_RET_SEQUENCE_DETECT 0x00000008
#endif
#ifndef ISC_RET_CONFIDENTIALITY
#define ISC_RET_CONFIDENTIALITY 0x00000010
#endif
#ifndef ISC_RET_ALLOCATED_MEMORY
#define ISC_RET_ALLOCATED_MEMORY 0x00000100
#endif
#ifndef ISC_RET_STREAM
#define ISC_RET_STREAM 0x00008000
#endif
#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096
#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024
#define CURL_SCHANNEL_BUFFER_STEP_FACTOR 2
CURLcode Curl_schannel_connect(struct connectdata *conn, int sockindex);
CURLcode Curl_schannel_connect_nonblocking(struct connectdata *conn,
int sockindex,
bool *done);
bool Curl_schannel_data_pending(const struct connectdata *conn, int sockindex);
void Curl_schannel_close(struct connectdata *conn, int sockindex);
int Curl_schannel_shutdown(struct connectdata *conn, int sockindex);
void Curl_schannel_session_free(void *ptr);
int Curl_schannel_init(void);
void Curl_schannel_cleanup(void);
size_t Curl_schannel_version(char *buffer, size_t size);
/* API setup for Schannel */
#define curlssl_init Curl_schannel_init
#define curlssl_cleanup Curl_schannel_cleanup
#define curlssl_connect Curl_schannel_connect
#define curlssl_connect_nonblocking Curl_schannel_connect_nonblocking
#define curlssl_session_free Curl_schannel_session_free
#define curlssl_close_all(x) (x=x, CURLE_NOT_BUILT_IN)
#define curlssl_close Curl_schannel_close
#define curlssl_shutdown Curl_schannel_shutdown
#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_NOT_BUILT_IN)
#define curlssl_set_engine_default(x) (x=x, CURLE_NOT_BUILT_IN)
#define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL)
#define curlssl_version Curl_schannel_version
#define curlssl_check_cxn(x) (x=x, -1)
#define curlssl_data_pending Curl_schannel_data_pending
#endif /* USE_SCHANNEL */
#endif /* HEADER_CURL_SCHANNEL_H */

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -35,16 +35,25 @@
/* The last #include file should be: */
#include "memdebug.h"
/* We use our own typedef here since some headers might lack these */
typedef PSecurityFunctionTableA (APIENTRY *INITSECURITYINTERFACE_FN_A)(VOID);
typedef PSecurityFunctionTable (APIENTRY *INITSECURITYINTERFACE_FN)(VOID);
/* See definition of SECURITY_ENTRYPOINT in sspi.h */
#ifdef UNICODE
# ifdef _WIN32_WCE
# define SECURITYENTRYPOINT L"InitSecurityInterfaceW"
# else
# define SECURITYENTRYPOINT "InitSecurityInterfaceW"
# endif
#else
# define SECURITYENTRYPOINT "InitSecurityInterfaceA"
#endif
/* Handle of security.dll or secur32.dll, depending on Windows version */
HMODULE s_hSecDll = NULL;
/* Pointer to SSPI dispatch table */
PSecurityFunctionTableA s_pSecFn = NULL;
PSecurityFunctionTable s_pSecFn = NULL;
/*
* Curl_sspi_global_init()
@@ -57,15 +66,13 @@ PSecurityFunctionTableA s_pSecFn = NULL;
* Once this function has been executed, Windows SSPI functions can be
* called through the Security Service Provider Interface dispatch table.
*/
CURLcode
Curl_sspi_global_init(void)
CURLcode Curl_sspi_global_init(void)
{
OSVERSIONINFO osver;
INITSECURITYINTERFACE_FN_A pInitSecurityInterface;
INITSECURITYINTERFACE_FN pInitSecurityInterface;
/* If security interface is not yet initialized try to do this */
if(s_hSecDll == NULL) {
if(!s_hSecDll) {
/* Find out Windows version */
memset(&osver, 0, sizeof(osver));
@@ -80,15 +87,15 @@ Curl_sspi_global_init(void)
/* Load SSPI dll into the address space of the calling process */
if(osver.dwPlatformId == VER_PLATFORM_WIN32_NT
&& osver.dwMajorVersion == 4)
s_hSecDll = LoadLibrary("security.dll");
s_hSecDll = LoadLibrary(TEXT("security.dll"));
else
s_hSecDll = LoadLibrary("secur32.dll");
s_hSecDll = LoadLibrary(TEXT("secur32.dll"));
if(!s_hSecDll)
return CURLE_FAILED_INIT;
/* Get address of the InitSecurityInterfaceA function from the SSPI dll */
pInitSecurityInterface = (INITSECURITYINTERFACE_FN_A)
GetProcAddress(s_hSecDll, "InitSecurityInterfaceA");
pInitSecurityInterface = (INITSECURITYINTERFACE_FN)
GetProcAddress(s_hSecDll, SECURITYENTRYPOINT);
if(!pInitSecurityInterface)
return CURLE_FAILED_INIT;
@@ -96,20 +103,18 @@ Curl_sspi_global_init(void)
s_pSecFn = pInitSecurityInterface();
if(!s_pSecFn)
return CURLE_FAILED_INIT;
}
return CURLE_OK;
}
/*
* Curl_sspi_global_cleanup()
*
* This deinitializes the Security Service Provider Interface from libcurl.
*/
void
Curl_sspi_global_cleanup(void)
void Curl_sspi_global_cleanup(void)
{
if(s_hSecDll) {
FreeLibrary(s_hSecDll);

View File

@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -40,19 +40,60 @@
#include <sspi.h>
#include <rpc.h>
/* Provide some definitions missing in MinGW's headers */
CURLcode Curl_sspi_global_init(void);
void Curl_sspi_global_cleanup(void);
#ifndef SEC_I_CONTEXT_EXPIRED
# define SEC_I_CONTEXT_EXPIRED ((HRESULT)0x00090317L)
/* Forward-declaration of global variables defined in curl_sspi.c */
extern HMODULE s_hSecDll;
extern PSecurityFunctionTable s_pSecFn;
/* Provide some definitions missing in old headers */
#ifndef SEC_E_INSUFFICIENT_MEMORY
# define SEC_E_INSUFFICIENT_MEMORY ((HRESULT)0x80090300L)
#endif
#ifndef SEC_E_BUFFER_TOO_SMALL
# define SEC_E_BUFFER_TOO_SMALL ((HRESULT)0x80090321L)
#ifndef SEC_E_INVALID_HANDLE
# define SEC_E_INVALID_HANDLE ((HRESULT)0x80090301L)
#endif
#ifndef SEC_E_CONTEXT_EXPIRED
# define SEC_E_CONTEXT_EXPIRED ((HRESULT)0x80090317L)
#ifndef SEC_E_UNSUPPORTED_FUNCTION
# define SEC_E_UNSUPPORTED_FUNCTION ((HRESULT)0x80090302L)
#endif
#ifndef SEC_E_CRYPTO_SYSTEM_INVALID
# define SEC_E_CRYPTO_SYSTEM_INVALID ((HRESULT)0x80090337L)
#ifndef SEC_E_TARGET_UNKNOWN
# define SEC_E_TARGET_UNKNOWN ((HRESULT)0x80090303L)
#endif
#ifndef SEC_E_INTERNAL_ERROR
# define SEC_E_INTERNAL_ERROR ((HRESULT)0x80090304L)
#endif
#ifndef SEC_E_SECPKG_NOT_FOUND
# define SEC_E_SECPKG_NOT_FOUND ((HRESULT)0x80090305L)
#endif
#ifndef SEC_E_NOT_OWNER
# define SEC_E_NOT_OWNER ((HRESULT)0x80090306L)
#endif
#ifndef SEC_E_CANNOT_INSTALL
# define SEC_E_CANNOT_INSTALL ((HRESULT)0x80090307L)
#endif
#ifndef SEC_E_INVALID_TOKEN
# define SEC_E_INVALID_TOKEN ((HRESULT)0x80090308L)
#endif
#ifndef SEC_E_CANNOT_PACK
# define SEC_E_CANNOT_PACK ((HRESULT)0x80090309L)
#endif
#ifndef SEC_E_QOP_NOT_SUPPORTED
# define SEC_E_QOP_NOT_SUPPORTED ((HRESULT)0x8009030AL)
#endif
#ifndef SEC_E_NO_IMPERSONATION
# define SEC_E_NO_IMPERSONATION ((HRESULT)0x8009030BL)
#endif
#ifndef SEC_E_LOGON_DENIED
# define SEC_E_LOGON_DENIED ((HRESULT)0x8009030CL)
#endif
#ifndef SEC_E_UNKNOWN_CREDENTIALS
# define SEC_E_UNKNOWN_CREDENTIALS ((HRESULT)0x8009030DL)
#endif
#ifndef SEC_E_NO_CREDENTIALS
# define SEC_E_NO_CREDENTIALS ((HRESULT)0x8009030EL)
#endif
#ifndef SEC_E_MESSAGE_ALTERED
# define SEC_E_MESSAGE_ALTERED ((HRESULT)0x8009030FL)
@@ -60,14 +101,193 @@
#ifndef SEC_E_OUT_OF_SEQUENCE
# define SEC_E_OUT_OF_SEQUENCE ((HRESULT)0x80090310L)
#endif
#ifndef SEC_E_NO_AUTHENTICATING_AUTHORITY
# define SEC_E_NO_AUTHENTICATING_AUTHORITY ((HRESULT)0x80090311L)
#endif
#ifndef SEC_E_BAD_PKGID
# define SEC_E_BAD_PKGID ((HRESULT)0x80090316L)
#endif
#ifndef SEC_E_CONTEXT_EXPIRED
# define SEC_E_CONTEXT_EXPIRED ((HRESULT)0x80090317L)
#endif
#ifndef SEC_E_INCOMPLETE_MESSAGE
# define SEC_E_INCOMPLETE_MESSAGE ((HRESULT)0x80090318L)
#endif
#ifndef SEC_E_INCOMPLETE_CREDENTIALS
# define SEC_E_INCOMPLETE_CREDENTIALS ((HRESULT)0x80090320L)
#endif
#ifndef SEC_E_BUFFER_TOO_SMALL
# define SEC_E_BUFFER_TOO_SMALL ((HRESULT)0x80090321L)
#endif
#ifndef SEC_E_WRONG_PRINCIPAL
# define SEC_E_WRONG_PRINCIPAL ((HRESULT)0x80090322L)
#endif
#ifndef SEC_E_TIME_SKEW
# define SEC_E_TIME_SKEW ((HRESULT)0x80090324L)
#endif
#ifndef SEC_E_UNTRUSTED_ROOT
# define SEC_E_UNTRUSTED_ROOT ((HRESULT)0x80090325L)
#endif
#ifndef SEC_E_ILLEGAL_MESSAGE
# define SEC_E_ILLEGAL_MESSAGE ((HRESULT)0x80090326L)
#endif
#ifndef SEC_E_CERT_UNKNOWN
# define SEC_E_CERT_UNKNOWN ((HRESULT)0x80090327L)
#endif
#ifndef SEC_E_CERT_EXPIRED
# define SEC_E_CERT_EXPIRED ((HRESULT)0x80090328L)
#endif
#ifndef SEC_E_ENCRYPT_FAILURE
# define SEC_E_ENCRYPT_FAILURE ((HRESULT)0x80090329L)
#endif
#ifndef SEC_E_DECRYPT_FAILURE
# define SEC_E_DECRYPT_FAILURE ((HRESULT)0x80090330L)
#endif
#ifndef SEC_E_ALGORITHM_MISMATCH
# define SEC_E_ALGORITHM_MISMATCH ((HRESULT)0x80090331L)
#endif
#ifndef SEC_E_SECURITY_QOS_FAILED
# define SEC_E_SECURITY_QOS_FAILED ((HRESULT)0x80090332L)
#endif
#ifndef SEC_E_UNFINISHED_CONTEXT_DELETED
# define SEC_E_UNFINISHED_CONTEXT_DELETED ((HRESULT)0x80090333L)
#endif
#ifndef SEC_E_NO_TGT_REPLY
# define SEC_E_NO_TGT_REPLY ((HRESULT)0x80090334L)
#endif
#ifndef SEC_E_NO_IP_ADDRESSES
# define SEC_E_NO_IP_ADDRESSES ((HRESULT)0x80090335L)
#endif
#ifndef SEC_E_WRONG_CREDENTIAL_HANDLE
# define SEC_E_WRONG_CREDENTIAL_HANDLE ((HRESULT)0x80090336L)
#endif
#ifndef SEC_E_CRYPTO_SYSTEM_INVALID
# define SEC_E_CRYPTO_SYSTEM_INVALID ((HRESULT)0x80090337L)
#endif
#ifndef SEC_E_MAX_REFERRALS_EXCEEDED
# define SEC_E_MAX_REFERRALS_EXCEEDED ((HRESULT)0x80090338L)
#endif
#ifndef SEC_E_MUST_BE_KDC
# define SEC_E_MUST_BE_KDC ((HRESULT)0x80090339L)
#endif
#ifndef SEC_E_STRONG_CRYPTO_NOT_SUPPORTED
# define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED ((HRESULT)0x8009033AL)
#endif
#ifndef SEC_E_TOO_MANY_PRINCIPALS
# define SEC_E_TOO_MANY_PRINCIPALS ((HRESULT)0x8009033BL)
#endif
#ifndef SEC_E_NO_PA_DATA
# define SEC_E_NO_PA_DATA ((HRESULT)0x8009033CL)
#endif
#ifndef SEC_E_PKINIT_NAME_MISMATCH
# define SEC_E_PKINIT_NAME_MISMATCH ((HRESULT)0x8009033DL)
#endif
#ifndef SEC_E_SMARTCARD_LOGON_REQUIRED
# define SEC_E_SMARTCARD_LOGON_REQUIRED ((HRESULT)0x8009033EL)
#endif
#ifndef SEC_E_SHUTDOWN_IN_PROGRESS
# define SEC_E_SHUTDOWN_IN_PROGRESS ((HRESULT)0x8009033FL)
#endif
#ifndef SEC_E_KDC_INVALID_REQUEST
# define SEC_E_KDC_INVALID_REQUEST ((HRESULT)0x80090340L)
#endif
#ifndef SEC_E_KDC_UNABLE_TO_REFER
# define SEC_E_KDC_UNABLE_TO_REFER ((HRESULT)0x80090341L)
#endif
#ifndef SEC_E_KDC_UNKNOWN_ETYPE
# define SEC_E_KDC_UNKNOWN_ETYPE ((HRESULT)0x80090342L)
#endif
#ifndef SEC_E_UNSUPPORTED_PREAUTH
# define SEC_E_UNSUPPORTED_PREAUTH ((HRESULT)0x80090343L)
#endif
#ifndef SEC_E_DELEGATION_REQUIRED
# define SEC_E_DELEGATION_REQUIRED ((HRESULT)0x80090345L)
#endif
#ifndef SEC_E_BAD_BINDINGS
# define SEC_E_BAD_BINDINGS ((HRESULT)0x80090346L)
#endif
#ifndef SEC_E_MULTIPLE_ACCOUNTS
# define SEC_E_MULTIPLE_ACCOUNTS ((HRESULT)0x80090347L)
#endif
#ifndef SEC_E_NO_KERB_KEY
# define SEC_E_NO_KERB_KEY ((HRESULT)0x80090348L)
#endif
#ifndef SEC_E_CERT_WRONG_USAGE
# define SEC_E_CERT_WRONG_USAGE ((HRESULT)0x80090349L)
#endif
#ifndef SEC_E_DOWNGRADE_DETECTED
# define SEC_E_DOWNGRADE_DETECTED ((HRESULT)0x80090350L)
#endif
#ifndef SEC_E_SMARTCARD_CERT_REVOKED
# define SEC_E_SMARTCARD_CERT_REVOKED ((HRESULT)0x80090351L)
#endif
#ifndef SEC_E_ISSUING_CA_UNTRUSTED
# define SEC_E_ISSUING_CA_UNTRUSTED ((HRESULT)0x80090352L)
#endif
#ifndef SEC_E_REVOCATION_OFFLINE_C
# define SEC_E_REVOCATION_OFFLINE_C ((HRESULT)0x80090353L)
#endif
#ifndef SEC_E_PKINIT_CLIENT_FAILURE
# define SEC_E_PKINIT_CLIENT_FAILURE ((HRESULT)0x80090354L)
#endif
#ifndef SEC_E_SMARTCARD_CERT_EXPIRED
# define SEC_E_SMARTCARD_CERT_EXPIRED ((HRESULT)0x80090355L)
#endif
#ifndef SEC_E_NO_S4U_PROT_SUPPORT
# define SEC_E_NO_S4U_PROT_SUPPORT ((HRESULT)0x80090356L)
#endif
#ifndef SEC_E_CROSSREALM_DELEGATION_FAILURE
# define SEC_E_CROSSREALM_DELEGATION_FAILURE ((HRESULT)0x80090357L)
#endif
#ifndef SEC_E_REVOCATION_OFFLINE_KDC
# define SEC_E_REVOCATION_OFFLINE_KDC ((HRESULT)0x80090358L)
#endif
#ifndef SEC_E_ISSUING_CA_UNTRUSTED_KDC
# define SEC_E_ISSUING_CA_UNTRUSTED_KDC ((HRESULT)0x80090359L)
#endif
#ifndef SEC_E_KDC_CERT_EXPIRED
# define SEC_E_KDC_CERT_EXPIRED ((HRESULT)0x8009035AL)
#endif
#ifndef SEC_E_KDC_CERT_REVOKED
# define SEC_E_KDC_CERT_REVOKED ((HRESULT)0x8009035BL)
#endif
#ifndef SEC_E_INVALID_PARAMETER
# define SEC_E_INVALID_PARAMETER ((HRESULT)0x8009035DL)
#endif
#ifndef SEC_E_DELEGATION_POLICY
# define SEC_E_DELEGATION_POLICY ((HRESULT)0x8009035EL)
#endif
#ifndef SEC_E_POLICY_NLTM_ONLY
# define SEC_E_POLICY_NLTM_ONLY ((HRESULT)0x8009035FL)
#endif
CURLcode Curl_sspi_global_init(void);
void Curl_sspi_global_cleanup(void);
/* Forward-declaration of global variables defined in curl_sspi.c */
extern HMODULE s_hSecDll;
extern PSecurityFunctionTableA s_pSecFn;
#ifndef SEC_I_CONTINUE_NEEDED
# define SEC_I_CONTINUE_NEEDED ((HRESULT)0x00090312L)
#endif
#ifndef SEC_I_COMPLETE_NEEDED
# define SEC_I_COMPLETE_NEEDED ((HRESULT)0x00090313L)
#endif
#ifndef SEC_I_COMPLETE_AND_CONTINUE
# define SEC_I_COMPLETE_AND_CONTINUE ((HRESULT)0x00090314L)
#endif
#ifndef SEC_I_LOCAL_LOGON
# define SEC_I_LOCAL_LOGON ((HRESULT)0x00090315L)
#endif
#ifndef SEC_I_CONTEXT_EXPIRED
# define SEC_I_CONTEXT_EXPIRED ((HRESULT)0x00090317L)
#endif
#ifndef SEC_I_INCOMPLETE_CREDENTIALS
# define SEC_I_INCOMPLETE_CREDENTIALS ((HRESULT)0x00090320L)
#endif
#ifndef SEC_I_RENEGOTIATE
# define SEC_I_RENEGOTIATE ((HRESULT)0x00090321L)
#endif
#ifndef SEC_I_NO_LSA_CONTEXT
# define SEC_I_NO_LSA_CONTEXT ((HRESULT)0x00090323L)
#endif
#ifndef SEC_I_SIGNATURE_NEEDED
# define SEC_I_SIGNATURE_NEEDED ((HRESULT)0x0009035CL)
#endif
#endif /* USE_WINDOWS_SSPI */
#endif /* HEADER_CURL_SSPI_H */

View File

@@ -132,7 +132,7 @@ cyassl_connect_step1(struct connectdata *conn,
if(data->set.ssl.verifypeer) {
/* Fail if we insiste on successfully verifying the server. */
failf(data,"error setting certificate verify locations:\n"
" CAfile: %s\n CApath: %s\n",
" CAfile: %s\n CApath: %s",
data->set.str[STRING_SSL_CAFILE]?
data->set.str[STRING_SSL_CAFILE]: "none",
data->set.str[STRING_SSL_CAPATH]?

View File

@@ -351,8 +351,12 @@ static CURLcode file_upload(struct connectdata *conn)
failf(data, "Can't open %s for writing", file->path);
return CURLE_WRITE_ERROR;
}
#ifdef HAVE_FDOPEN
fp = fdopen(fd, "wb");
#else
close(fd);
fp = fopen(file->path, "wb");
#endif
}
if(!fp) {

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -1239,7 +1239,7 @@ CURLcode Curl_getformdata(struct SessionHandle *data,
}
else {
if(data)
failf(data, "couldn't open file \"%s\"\n", file->contents);
failf(data, "couldn't open file \"%s\"", file->contents);
*finalform = NULL;
result = CURLE_READ_ERROR;
}

View File

@@ -351,6 +351,22 @@ static CURLcode AcceptServerConnect(struct connectdata *conn)
conn->sock[SECONDARYSOCKET] = s;
curlx_nonblock(s, TRUE); /* enable non-blocking */
conn->sock_accepted[SECONDARYSOCKET] = TRUE;
if(data->set.fsockopt) {
int error = 0;
/* activate callback for setting socket options */
error = data->set.fsockopt(data->set.sockopt_client,
s,
CURLSOCKTYPE_ACCEPT);
if(error) {
Curl_closesocket(conn, s); /* close the socket and bail out */
conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD;
return CURLE_ABORTED_BY_CALLBACK;
}
}
return CURLE_OK;
}
@@ -3674,8 +3690,11 @@ static CURLcode ftp_do_more(struct connectdata *conn, bool *complete)
/* It looks data connection is established */
result = AcceptServerConnect(conn);
ftpc->wait_data_conn = FALSE;
if(result == CURLE_OK)
if(!result)
result = InitiateTransfer(conn);
if(result)
return result;
}
}
else if(data->set.upload) {

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -37,16 +37,18 @@
#include "setup.h"
#include "ftplistparser.h"
#include "curl_fnmatch.h"
#ifndef CURL_DISABLE_FTP
#include <curl/curl.h>
#include "urldata.h"
#include "ftp.h"
#include "fileinfo.h"
#include "llist.h"
#include "strtoofft.h"
#include "rawstr.h"
#include "ftp.h"
#include "ftplistparser.h"
#include "curl_fnmatch.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
@@ -1044,3 +1046,5 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
return bufflen;
}
#endif /* CURL_DISABLE_FTP */

View File

@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -21,8 +21,9 @@
* KIND, either express or implied.
*
***************************************************************************/
#include "setup.h"
#include <curl/curl.h>
#ifndef CURL_DISABLE_FTP
/* WRITEFUNCTION callback for parsing LIST responses */
size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
@@ -36,4 +37,5 @@ struct ftp_parselist_data *Curl_ftp_parselist_data_alloc(void);
void Curl_ftp_parselist_data_free(struct ftp_parselist_data **pl_data);
#endif /* CURL_DISABLE_FTP */
#endif /* HEADER_CURL_FTPLISTPARSER_H */

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -42,7 +42,7 @@ char *GetEnv(const char *variable)
char *temp = getenv(variable);
env[0] = '\0';
if(temp != NULL)
ExpandEnvironmentStrings(temp, env, sizeof(env));
ExpandEnvironmentStringsA(temp, env, sizeof(env));
return (env[0] != '\0')?strdup(env):NULL;
#else
char *env = getenv(variable);

Some files were not shown because too many files have changed in this diff Show More