Compare commits

...

1638 Commits

Author SHA1 Message Date
Daniel Stenberg
3fed9acaef THANKS: 18 new contributors for 7.37.0 2014-05-20 23:42:47 +02:00
Daniel Stenberg
ae931b9998 RELEASE-NOTES: synced with 85f4075bdb
Possibly the final update before release...
2014-05-20 23:10:58 +02:00
Steve Holme
85f4075bdb README: Added some outstanding tasks to the TODO list
Added a couple of outstanding tasks to the TODO section that we didn't
get time to do before the release.
2014-05-20 20:02:21 +01:00
Daniel Stenberg
99114faf82 http2: make connection re-use work
Http2 connections would wrongly get closed after each individual
request.

Co-authored-by: Tatsuhiro Tsujikawa
Bug: http://curl.haxx.se/bug/view.cgi?id=1374
2014-05-20 16:50:24 +02:00
Fabian Frank
316f79cef2 ALPN: fix typo in http/1.1 identifier
According to https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05
it is "http/1.1" and not "http/1.0".
2014-05-20 12:57:56 +02:00
Steve Holme
274f932311 build-openssl.bat: Added check for OpenSSL source directory 2014-05-20 00:46:28 +01:00
Steve Holme
0c467c9cc7 build-openssl.bat: Added default source directory when not specified
Added a default source directory so the user doesn't have to specify
one - the same as that, which the Visual Studio project files expect
the OpenSSL dependencies to be in.
2014-05-20 00:22:52 +01:00
Steve Holme
f5e73640f0 Makefile.am: Fixed missing / in VC10+ project file generation 2014-05-19 23:45:54 +01:00
Steve Holme
905b63e433 INSTALL: Updated MSVC 6 caveats
To use an up to date download link as well as remove duplicate
information.
2014-05-19 10:34:05 +01:00
Steve Holme
9f170ed091 INSTALL: Updated for new Visual Studio project files 2014-05-19 10:34:03 +01:00
Steve Holme
6f6646d6e9 build: Slight rename of new LIB_* makefile file variables
In order to try and be consistent between curl and libcurl renamed the
recently introduced LIB_* makefile file variables.
2014-05-18 22:16:54 +01:00
Steve Holme
29d790fe60 build: Removed old Visual Studio project files 2014-05-18 21:27:44 +01:00
Daniel Stenberg
f01e7e08d8 maketgz: two more CRLF
grrr, missed them in my previous fix
2014-05-18 19:04:32 +02:00
Daniel Stenberg
71ea31ae74 test1014: GSS-API is only in curl-config. not in curl
Follow-up to commit 121bcfee5d. curl-config --features now lists
GSS-API but it is not a listed feature in curl -V. This should probably
be synchronized.
2014-05-18 17:07:29 +02:00
Daniel Stenberg
313b274b9d test1134: verify CREDSPERREQUEST for HTTP
Verifies that the change in 68f0166a92 works as intended and that
different HTTP auth credentials to the same host still re-uses the
connection properly.
2014-05-18 16:55:03 +02:00
Daniel Stenberg
7c0e67c8c2 maketgz: remove CRLF newlines 2014-05-18 12:51:24 +02:00
Steve Holme
6cfeeb3bb0 Makefile.am: Corrected a couple of grammar errors 2014-05-18 00:13:00 +01:00
Steve Holme
c346df065e Makefile.am: Added new Visual Studio project file generation for curl tool 2014-05-18 00:10:44 +01:00
Steve Holme
b93759291d Makefile.inc: Added resource file to assist Visual Studio project generation 2014-05-17 23:34:02 +01:00
Daniel Stenberg
8e6f42a7bd maketgz: run make vc-ide before make dist
To get the VC project files generated before packaging!
2014-05-17 22:49:39 +01:00
Steve Holme
c8224d7ede Makefile.am: Added new Visual Studio project file generation for libcurl 2014-05-17 22:49:29 +01:00
Steve Holme
b121de9d7f Makefile.am: Removed old Visual Studio project file generation 2014-05-17 22:38:53 +01:00
Daniel Stenberg
751971b2c3 RELEASE-NOTES: synced with 831f6dd1d9 2014-05-17 23:00:09 +02:00
Steve Holme
831f6dd1d9 build: Fixed another tabulation issue in the Visual Studio file generator 2014-05-17 20:56:47 +01:00
Dan Fandrich
5a067c4b39 axtls: Fixed too long source line 2014-05-17 11:54:48 +02:00
Daniel Stenberg
121bcfee5d configure: add GSS-API to supported features
Bug: http://curl.haxx.se/bug/view.cgi?id=1344
Reported-by: Michael Osipov
2014-05-17 10:24:47 +02:00
Daniel Stenberg
21aae1ec86 configure: add SPNEGO to supported features
Bug: http://curl.haxx.se/bug/view.cgi?id=1343
Reported-by: Michael Osipov
2014-05-17 10:24:47 +02:00
Dan Fandrich
c9ea1d341a axtls: Add a TODO to a potential blocking call with no timeout 2014-05-16 23:27:07 +02:00
Daniel Stenberg
4550a00a3e curl_easy_getinfo.3: clarify CURLINFO_SIZE_DOWNLOAD
It counts "body" data only, no meta data, no headers.
2014-05-16 09:28:28 +02:00
Daniel Stenberg
077366d0c6 curl_easy_setopt.3: prefer XFERINFOFUNCTION to PROGRESSFUNCTION 2014-05-16 08:52:06 +02:00
Daniel Stenberg
68f0166a92 HTTP: CREDSPERREQUEST is for HTTP too
Commit 517b06d657 (in 7.36.0) that brought the CREDSPERREQUEST flag
only set it for HTTPS, making HTTP less good at doing connection re-use
than it should be. Now set it for HTTP as well.

Simple test case

"curl -v -u foo:bar localhost --next -u bar:foo localhos"

Bug: http://curl.haxx.se/mail/lib-2014-05/0127.html
Reported-by: Kamil Dudka
2014-05-15 23:28:31 +02:00
Daniel Stenberg
a481f5b308 RELEASE-NOTES: synced with 53a5b95c21 2014-05-15 22:15:39 +02:00
Daniel Stenberg
53a5b95c21 CURLINFO_SSL_VERIFYRESULT: assign at first connect call
The variable wasn't assigned at all until step3 which would lead to a
failed connect never assigning the variable and thus returning a bad
value.

Reported-by: Larry Lin
Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
2014-05-15 22:02:00 +02:00
Daniel Stenberg
84bd19ffd4 timers: fix timer regression involving redirects / reconnects
In commit 0b3750b5c2 (released in 7.36.0) we fixed a timeout issue
but instead broke the timings.

To fix this, I introduce a new timestamp to use for the timeouts and
restored the previous timestamp and timestamp position so that the old
timer functionality is restored.

In addition to that, that change also broke connection timeouts for when
more than one connect was used (as it would then count the total time
from the first connect and not for the most recent one). Now
Curl_timeleft() has been modified so that it checks against different
start times depending on which timeout it checks.

Test 1303 is updated accordingly.

Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html
Reported-by: Ryan Braud
2014-05-15 21:28:19 +02:00
Steve Holme
678239df54 darwinssl: Updated copyright following recent changes 2014-05-15 18:38:42 +01:00
Nick Zitzmann
69cdc95932 darwinssl: fix potential crash when attempting to copy an identity
from a P12 file

This could've happened if SecPKCS12Import() returned noErr _and_ no
identity.
2014-05-14 17:48:14 -05:00
Steve Holme
4167498f74 RELEASE-NOTES: Synced with 52d16c84d2 2014-05-12 23:09:46 +01:00
Daniel Stenberg
52d16c84d2 openssl: unbreak PKCS12 support
Regression introduced in ce362e8eb9 (7.31.0)

Bug: http://curl.haxx.se/bug/view.cgi?id=1371
Reported-by: Dmitry
2014-05-12 13:06:50 +02:00
Steve Holme
b4c81b6cee Makefile.inc: Added resource file to assist Visual Studio project generation 2014-05-11 20:52:56 +01:00
Steve Holme
63f7e64218 build: Fixed some tabulation issues in the Visual Studio file generator 2014-05-11 18:21:07 +01:00
Steve Holme
18e4cd1e20 tests: Fixed up DIGEST-MD5 tests following commit 8342b6e1dc 2014-05-11 16:20:52 +01:00
Steve Holme
8342b6e1dc sasl: Fixed missing qop in the client's challenge-response message
Whilst the qop directive isn't required to be present in a client's
response, as servers should assume a qop of "auth" if it isn't
specified, some may return authentication failure if it is missing.
2014-05-11 14:48:28 +01:00
Steve Holme
ba704878bd tool_operate.c: Fixed compilation warning
An enumerated type is mixed with another type.
2014-05-10 09:20:49 +01:00
Steve Holme
fdb2d32144 Makefile.inc: Separated the lib and lib/vtls source file variables
To cater for the automatic generation of the new Visual Studio project
files, moved the lib file list into a separated variable so that lib
and lib/vtls can be referenced independently.
2014-05-09 23:07:32 +01:00
Steve Holme
d041b8d33e RELEASE-NOTES: Synced with 0ab2c444b5 2014-05-09 21:24:47 +01:00
Steve Holme
0ab2c444b5 Makefile.b32: Fixed for vtls changes
Follow up fix to commits a47c142a88, 11e8066ef9 and 92b9ae5c5d.

Bug: http://curl.haxx.se/mail/lib-2014-05/0025.html
Reported and assisted by: Jon Torrey
2014-05-09 21:09:51 +01:00
Daniel Stenberg
22ee67a1ca lib1506: make sure the transfers are not within the same ms
Just to make sure the test is properly repeatable.

Bug: http://curl.haxx.se/mail/lib-2014-05/0081.html
Reported-by: Henrik
2014-05-09 16:50:42 +02:00
Daniel Stenberg
9e4f6c5809 libtests: add a wait_ms() function
This allows a libcurl test to portably sleep for a given number of
milliseconds.
2014-05-09 16:50:42 +02:00
Steve Holme
5376ed2474 tool_operate.c: Fixed TAB is white space from commit 5b8ae0a985 2014-05-09 15:14:51 +01:00
Steve Holme
952b54095a tool_urlglob.c: Fixed compilation warning
An enumerated type is mixed with another type.
2014-05-09 13:18:57 +01:00
Steve Holme
5b8ae0a985 tool_operate.c: Fixed compilation warnings
An enumerated type is mixed with another type.
2014-05-09 13:18:56 +01:00
Steve Holme
65bb4a0d38 getinfo.c: Fixed compilation warning
The indicated statement is not reachable.
2014-05-09 13:18:55 +01:00
Daniel Stenberg
4e0d1d60dc CONTRIBUTE: mention our Bug/Reported-by commit style 2014-05-09 13:49:22 +02:00
Kamil Dudka
ec5fde24de http: avoid auth failure on a duplicated header
... 'WWW-Authenticate: Negotiate' received from server

Reported by: David Woodhouse
Bug: https://bugzilla.redhat.com/1093348
2014-05-09 13:44:04 +02:00
Daniel Stenberg
1343756742 cacertinmem: fix memory leak
While "just" an example it still isn't nice to leak memory.

Bug: http://curl.haxx.se/bug/view.cgi?id=1368
Fixed-by: Marko
2014-05-09 13:33:21 +02:00
Daniel Stenberg
ec9fa4f6b3 TODO: firefox will soon support SSL (HTTPS) to proxy 2014-05-09 11:36:11 +02:00
Dan Fandrich
f0b2d27f7d test87: Get rid of extraneous square brackets in tag 2014-05-09 11:04:30 +02:00
Patrick Watson
94898303d2 mk-ca-bundle: added -p
-p takes a list of Mozilla trust purposes and levels for certificates to
include in output.  Takes the form of a comma separated list of
purposes, a colon, and a comma separated list of levels.
2014-05-08 11:37:45 +02:00
Daniel Stenberg
1495f42138 FAQ: Added 5.18 Does libcurl use threads? 2014-05-08 09:30:35 +02:00
Dan Fandrich
ba06278e97 RELEASE-NOTES: Added contributor 2014-05-07 22:46:06 +02:00
Aaro Koskinen
e48a821ed5 configure: Don't set LD_LIBRARY_PATH when cross-compiling
Most of LD_LIBRARY_PATH adjustments are already guarded, but not all.

The patch fixes cross-compilation failure when libidn is present.
2014-05-07 22:37:26 +02:00
Tatsuhiro Tsujikawa
6404896d8c http2: Compile with latest nghttp2
Now nghttp2_submit_request returns assigned stream ID, we don't have
to check stream ID using before_stream_send_callback.  The
adjust_priority_callback was removed.
2014-05-07 20:51:51 +01:00
Steve Holme
fa083980c5 curl.1: Added missing --login-options option
...and removed ;OPTIONS from --user as that functionality was removed
in 7.34.0.
2014-05-07 19:47:22 +01:00
Steve Holme
5f68fa4897 tool_help: Fixed missing --login-options option
...and removed ;OPTIONS from --user as that functionality was removed
in 7.34.0.
2014-05-07 17:27:47 +01:00
Steve Holme
6f8085ca77 url.c: Fixed compilation warning/error
Depending on compiler line 3505 could generate the following warning or
error:

* warning: ISO C90 forbids mixed declarations and code
* A declaration cannot appear after an executable statement in a block
* error C2275: 'size_t' : illegal use of this type as an expression
2014-05-07 10:55:19 +01:00
Steve Holme
3b59753c11 TODO: Fixed some spelling mistakes 2014-05-06 22:23:50 +01:00
Steve Holme
3400148768 TODO: Add support for concurrent connections in ftpserver.pl 2014-05-06 22:19:24 +01:00
Steve Holme
6a0b405177 build: Fixed file format version number in VC12 solution files
Unlike previous versions of Visual Studio the VC12 solution file format
does not increment the format version number, but instead, only changes
the version comment text.

This incorrectly set version number would cause problems for any third
party piece of software that would read the solution file expecting the
version number to be 12.00 and found it to be 13.00, such as some build
accelerators.

Verified against a freshly created solution file which was generated
with VC12.
2014-05-06 22:10:39 +01:00
Ivo Bellin Salarin
f07fa85bc7 build-openssl.bat: Corrected use of angled brackets in help output
Angled brackets were used in the help output to indicate that the
compiler and platform arguments are mandatory. Unfortunately this
caused a "< was unexpected at this time" error as the characters are
interpreted as re-direction characters when not escaped.
2014-05-06 13:48:00 +01:00
Dan Fandrich
34cdc77076 RELEASE-NOTES: changed encoding to UTF-8 2014-05-06 14:08:13 +02:00
Daniel Stenberg
55a8d40fa0 RELEASE-NOTES: synced with 5de8d84098 2014-05-06 10:39:31 +02:00
Daniel Stenberg
5de8d84098 fix_hostname: strip off a single trailing dot from host name
Primarily for SNI, we need the host name without a trailing dot.
"https://www.example.com." resolves fine but fails on SNI unless the dot
is removed.

Reported-by: Leon Winter
Bug: http://curl.haxx.se/mail/lib-2014-04/0161.html
2014-05-06 08:44:11 +02:00
Daniel Stenberg
47d760714f curl: bail on cookie use when built with disabled cookies 2014-05-06 08:34:16 +02:00
Daniel Johnson
5fe879555d Enable poll on darwin13
Poll has long been broken on Mac OS X. Starting with 10.9 (darwin13) it
now works correctly so this patch enables it there.
2014-05-06 08:31:10 +02:00
Daniel Stenberg
9987106f53 curl_easy_setopt.3: added the proto for CURLOPT_SSH_KNOWNHOSTS 2014-05-05 16:01:03 +02:00
Dan Fandrich
e673f55c45 tests: Use standard libtest return codes when relevant 2014-05-05 15:30:05 +02:00
Dan Fandrich
40e6af893b test1513: Don't return an uninitialized variable on init failure 2014-05-05 15:29:23 +02:00
Jeff King
37f484276d curl_multi_cleanup: ignore SIGPIPE better
When looping and closing each individual connection left open, the
SIGPIPE ignoring was not done and could thus lead to death by signal 13.

Bug: http://thread.gmane.org/gmane.comp.version-control.git/238242
2014-05-05 12:47:46 +02:00
Daniel Stenberg
1f93471bda TODO: the FTP HOST command is now in RFC 7151 2014-05-05 09:57:39 +02:00
Daniel Stenberg
981bf6999d TODO: Update date and version in man pages
Mentioned in bug #1342
2014-05-05 09:54:00 +02:00
Daniel Stenberg
a18a2ba0bb schannel: don't use the connect-timeout during send
As there's a default connection timeout and this wrongly used the
connection timeout during a transfer after the connection is completed,
this function would trigger timeouts during transfers erroneously.

Bug: http://curl.haxx.se/bug/view.cgi?id=1352
Figured-out-by: Radu Simionescu
2014-05-05 00:10:37 +02:00
Daniel Stenberg
812da4190f mprintf: allow %.s with data not being zero terminated
If the precision is indeed shorter than the string, don't strlen() to
find the end because that's not how the precision operator works.

I also added a unit test for curl_msnprintf to make sure this works and
that the fix doesn't a few other basic use cases. I found a POSIX
compliance problem that I marked TODO in the unit test, and I figure we
need to add more tests in the future.

Reported-by: Török Edwin
2014-05-04 23:39:52 +02:00
Steve Holme
312f36d453 RELEASE-NOTES: Synced with 4febbedc5a 2014-05-04 20:44:08 +01:00
Steve Holme
4febbedc5a curl_ntlm_core: Fixed use of long long for VC6 and VC7
Commit 07b66cbfa4 unfortunately broke native NTLM message support in
compilers, such as VC6, VC7 and others, that don't support long long
type declarations. This commit fixes VC6 and VC7 as they support the
__int64 extension, however, we should consider an additional fix for
other compilers that don't support this.
2014-05-04 19:07:17 +01:00
Steve Holme
6ebc0d3bd8 config-win32.h: Fixed HAVE_LONGLONG for Visual Studio .NET 2003 and up
Fixed the HAVE_LONGLONG declaration as long long is supported in Visual
Studio .NET 2003 (VC7.1) onwards.
2014-05-04 19:05:06 +01:00
Daniel Stenberg
21aafd09f6 openssl: biomem->data is not zero terminated
So printf(%s) on it or reading before bounds checking is wrong, fixing
it. Could previously lead to reading out of boundary.

Reported-by: Török Edwin
2014-05-04 00:50:10 +02:00
Daniel Stenberg
45c037a127 BUILD.WINDOWS: update URL for windows prereqs 2014-05-04 00:48:06 +02:00
Daniel Stenberg
947bb79c08 easy_perform: spelling mistake in error message 2014-05-03 23:09:26 +02:00
Steve Holme
4b60db7e50 Makefile.am: Added build-openssl.bat as README file references it
Missed in commit dce748d3f1.
2014-05-01 23:56:53 +01:00
Steve Holme
96876b371b build: Fixed Visual Studio project file generator missing some files
As of commit 6cdd88f22c the Visual Studio project file generator would
skip the first and last file from each group of files.
2014-05-01 23:23:50 +01:00
Steve Holme
dce748d3f1 build: Added OpenSSL VC build helper for side-by-side compilations 2014-05-01 23:23:48 +01:00
Steve Holme
50b3111b63 build: Added Visual Studio 2003 .NET (VC7.1) project files
Carrying on from commit 11025613b9 added VC7.1 project files which are
capable of supporting side-by-side compilation, as well as support for
some of the third-party libraries curl uses.
2014-05-01 20:33:22 +01:00
Dan Fandrich
c303107345 test585: Fixed NULL pointer dereference in fopen 2014-05-01 11:00:30 +02:00
Steve Holme
3d77d013e1 build: Fixed generation when source file names contain spaces
This shouldn't happen with the source files in the repository, but
fixed the output when there are spurious files lying around that
contain spaces. For example "pop3 - Copy.c"

By including the offending source file in the project files the user
can then see the file and remove it if necessary.
2014-04-30 23:26:05 +01:00
Steve Holme
637438f259 build: Added VC7 and VC7.1 support to the project file generator
Note: VC7.1 templates are currently not available.
2014-04-29 22:30:21 +01:00
Steve Holme
6cdd88f22c build: Added VC6 and VC12 support to the project file generator 2014-04-29 22:30:18 +01:00
Steve Holme
925c11b545 build: Added VC11 support to the project file generator 2014-04-29 22:30:16 +01:00
Steve Holme
c64370dccd build: Added VC9 and VC10 support to the project file generator 2014-04-29 22:30:14 +01:00
Steve Holme
9bd13a9d2e build: Added Visual Studio project file generator
Added a batch file for generating the Visual Studio project files from
the new template files.
2014-04-29 22:30:12 +01:00
Steve Holme
78ca3c6830 copyright: Updated following recent edits 2014-04-28 23:20:52 +01:00
Dan Fandrich
a917f30c6b runtests.pl: Improved the check for a crash during torture tests 2014-04-29 00:06:32 +02:00
Dan Fandrich
ef1322df67 Added a few more const where possible 2014-04-29 00:05:19 +02:00
Dan Fandrich
970ce28c12 unit1395: Fixed null pointer dereference on torture test 2014-04-28 17:14:46 +02:00
Tatsuhiro Tsujikawa
b8a220d255 http2: Compile with latest nghttp2
commit 6d5f40238028f2d8c (Apr 27) or later nghttp2 is now required
2014-04-27 19:15:08 +02:00
Steve Holme
2c239ba233 build: Added other VC6 output files to the .gitignore list 2014-04-27 18:14:17 +01:00
Steve Holme
eb4dd494a9 build: Corrected libcurl PDB file name for x64 builds in VC8 through VC12 2014-04-27 18:04:59 +01:00
Steve Holme
0d854de5f0 build: Added Visual Studio .NET (VC7) project files
Carrying on from commit 11025613b9 added VC7 project files which are
capable of supporting side-by-side compilation, as well as support for
some of the third-party libraries curl uses.
2014-04-27 17:58:18 +01:00
Steve Holme
c506e03f54 build: Added Visual Studio 6.0 (VC6) project files
Carrying on from commit 11025613b9 added a more thorough version of
the VC6 project files which are capable of supporting side-by-side
compilation, as well as support for some of the third-party libraries
curl uses.
2014-04-27 13:37:09 +01:00
Daniel Stenberg
d5ec44ca4c INFILESIZE: fields in UserDefined must not be changed run-time
set.infilesize in this case was modified in several places, which could
lead to repeated requests using the same handle to get unintendent/wrong
consequences based on what the previous request did!
2014-04-26 18:17:10 +02:00
Kamil Dudka
9c941e92c4 nss: propagate blocking direction from NSPR I/O
... during the non-blocking SSL handshake
2014-04-25 15:08:12 +02:00
Daniel Stenberg
2e57c7e0fc test325: verify --proto-redir https=>http 2014-04-23 22:36:01 +02:00
Daniel Stenberg
710f14edba handler: make 'protocol' always specified as a single bit
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.

This fixes --proto and --proto-redir for most SSL protocols.

This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.

Bug: https://github.com/bagder/curl/pull/97
Reported-by: drizzt
2014-04-23 22:36:01 +02:00
Steve Holme
cf9342e275 build: Added Visual Studio 2013 (VC12) project files
Carrying on from commit 11025613b9 added VC12 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-23 20:49:01 +01:00
Dan Fandrich
0204e17bc6 cyassl: Use error-ssl.h when available
Versions since at least 2.9.4 renamed error.h to error-ssl.h, so use
whichever one is available.
2014-04-23 11:01:30 +02:00
Steve Holme
f4ec8ffee2 RELEASE-NOTES: Synced with 386ed2d590 2014-04-22 22:57:40 +01:00
Daniel Stenberg
386ed2d590 gtls: fix NULL pointer dereference
gnutls_x509_crt_import() must not be called with a NULL certificate

Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
2014-04-22 23:24:31 +02:00
Daniel Stenberg
5b463e97fa curl_global_init_mem: bump initialized even if already initialized
As this makes curl_global_init_mem() behave the same way as
curl_global_init() already does in that aspect - the same number of
curl_global_cleanup() calls is then required to again decrease the
counter and then eventually do the cleanup.

Bug: http://curl.haxx.se/bug/view.cgi?id=1362
Reported-by: Tristan
2014-04-22 23:08:14 +02:00
Kamil Dudka
8868a226cd nss: implement non-blocking SSL handshake 2014-04-22 22:56:14 +02:00
Kamil Dudka
a43bba3a34 nss: split Curl_nss_connect() into 4 functions 2014-04-22 22:56:14 +02:00
Dan Fandrich
c1d6158789 tests: Fixed torture test for tests 1526 & 1527 2014-04-22 22:43:57 +02:00
Marc Hoersken
42c04eb1d1 sockfilt.c: clean up threaded approach and add documentation 2014-04-22 17:22:42 +02:00
Marc Hoersken
6fd97fca88 sockfilt.c: zero initialize variable 2014-04-22 17:22:42 +02:00
Marc Hoersken
6a03f6368f sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe 2014-04-22 17:22:41 +02:00
Daniel Stenberg
a5d7ec1848 configure: use the nghttp2 path correctly with pkg-config
When --with-nghttp2 was used (without a given path), the
PKG_CONFIG_LIBDIR varialbe could get clobbered and ruin a proper
detection of the library.

Reported-by: Dilyan Palauzov
Bug: http://curl.haxx.se/mail/lib-2014-04/0159.html
2014-04-22 00:24:44 +02:00
Dilyan Palauzov
11ce2f2182 configure: fix wrong comment
copy and paste error
2014-04-21 20:12:20 +02:00
Steve Holme
4b87029113 build: Fixed output name for Release builds in VC10 and VC11 2014-04-21 17:40:50 +01:00
Marc Hoersken
8ce852a279 sockfilt.c: properly handle disk files, pipes and character input 2014-04-20 22:15:36 +02:00
Marc Hoersken
fe1c0176c1 sockfilt.c: ignore non-key-events and continue waiting for input 2014-04-20 18:26:24 +02:00
Marc Hoersken
eb01947e1d sockfilt.c: free memory in case of memory allocation errors 2014-04-20 18:22:28 +02:00
Marc Hoersken
ee6791128f multi.c: fix possible invalid memory access in case nfds overflows
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
2014-04-19 16:02:14 +02:00
Marc Hoersken
549b4a659a netrc.c: fix multiple possible dereferences of null pointers 2014-04-19 16:00:43 +02:00
Marc Hoersken
9146f37973 parsedate.c: check sscanf result before passing it to strlen 2014-04-19 15:47:07 +02:00
Marc Hoersken
662fc62517 telnet.c: check sscanf results before passing them to snprintf 2014-04-19 15:23:04 +02:00
Marc Hoersken
f9ffbfce90 telnet.c: fix possible use of uninitialized variable 2014-04-19 15:18:19 +02:00
Marc Hoersken
aa0fbe3537 telnet.c: fix possible use of non-null-terminated strings 2014-04-19 14:26:02 +02:00
Marc Hoersken
c48b996cf2 url.c: fix possible use of non-null-terminated string with strlen
Follow up on b0e742544b
2014-04-19 14:25:32 +02:00
Marc Hoersken
89390f35f8 tool_writeout.c: initialize string pointer variable 2014-04-19 00:24:25 +02:00
Marc Hoersken
da900ca970 tool_formparse.c: fix possible use of non-null-terminated strings 2014-04-19 00:17:47 +02:00
Marc Hoersken
b0e742544b url.c: fix possible use of non-null-terminated string with strlen 2014-04-19 00:17:21 +02:00
Marc Hoersken
7296fc9e7e connect.c: fix multiple possible dereferences of null pointers
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
2014-04-18 23:56:54 +02:00
Marc Hoersken
3f74e149f8 tftp.c: fix possible dereference of null pointer 2014-04-18 23:53:48 +02:00
Marc Hoersken
667d133dab tool_urlglob.c: added some comments to clarify for loop conditions
I was tempted to change those to >= 0 until I saw that this is
actually a for loop that terminates once i underflows.
2014-04-18 23:28:26 +02:00
Marc Hoersken
e81bdab13e socks_sspi.c: added pointer guards to FreeContextBuffer calls
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
2014-04-18 23:24:41 +02:00
Marc Hoersken
54df616729 md5.c: fix use of uninitialized variable 2014-04-18 22:59:25 +02:00
Marc Hoersken
6f72c2fe31 curl_schannel.c: added explicit cast of structure pointers 2014-04-18 22:38:42 +02:00
Marc Hoersken
a703914e60 curl_schannel.c: fix possible dereference of null pointer 2014-04-18 22:36:12 +02:00
Steve Holme
0115ec2f13 RELEASE-NOTES: Synced with 33e0cba8f1 2014-04-18 20:35:01 +01:00
Steve Holme
33e0cba8f1 curl_easy_setopt: Updated CURLOPT_URL to include IMAP PARTIAL FETCH example 2014-04-18 20:23:45 +01:00
Steve Holme
d7ed8da43e imap: Extended FETCH support to include PARTIAL URL specifier 2014-04-18 20:14:09 +01:00
Steve Holme
e2c14bde22 url.c: Fixed typo in comment 2014-04-18 17:51:26 +01:00
Steve Holme
0d4af92aeb curl_easy_setopt: Updated CURLOPT_URL to include IMAP query string examples 2014-04-18 17:51:24 +01:00
Steve Holme
4c8c3da6e2 test810: Updated to use new IMAP URL query string functionality 2014-04-18 16:51:50 +01:00
Steve Holme
84c0aabe65 imap: Expanded mailbox SEARCH support to use URL query strings 2014-04-18 16:51:48 +01:00
Steve Holme
ca63d4feba imap: Added support for parsing URL query strings
Added support for parsing query strings from the URL as defined by
RFC-5092.
2014-04-18 16:43:57 +01:00
Steve Holme
f804378d16 imap: Introduced the SEARCH state 2014-04-18 15:32:13 +01:00
Steve Holme
2c6b41e98a imap: Fixed untagged response detection when no data after command
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
2014-04-18 15:01:57 +01:00
Steve Holme
0160cb2e19 build: Added Visual Studio 2012 (VC11) project files
Carrying on from commit 11025613b9 added VC11 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-18 10:28:11 +01:00
Steve Holme
cd1f746b86 build: Corrected Visual Studio solutions for DLL Release x64 2014-04-17 21:04:19 +01:00
Daniel Stenberg
b166117c60 README.http2: mention some alt-svc thoughts 2014-04-17 19:23:39 +02:00
Steve Holme
5a23aeb00d Makefile.am: Missed separator in commit fbaa2f8660 2014-04-16 23:50:17 +01:00
Steve Holme
fbaa2f8660 build: Added Visual Studio 2010 (VC10) project files
Carrying on from commit 11025613b9 added VC10 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-16 21:24:33 +01:00
Dan Fandrich
263ed02da6 url: only use if_nametoindex() if IFNAMSIZ is available 2014-04-14 08:02:06 +02:00
Dan Fandrich
b2e9c17a19 symbian: fixed typo in comment 2014-04-09 22:12:47 +02:00
Steve Holme
78e3844a4a build: Added Visual Studio 2008 (VC9) project files
Carrying on from commit 11025613b9, added VC9 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-09 00:20:44 +01:00
Steve Holme
b574e83079 sas: Added DIGEST-MD5 qop-option validation in native challange handling
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
2014-04-08 21:24:34 +01:00
Daniel Stenberg
a700f9002c dist: include the projects/ files in releases
... the recent MSVC project files added by Steve Holme
2014-04-08 10:17:03 +02:00
Daniel Stenberg
73b7a03c3f strerror: fix comment about vxworks' strerror_r buffer size
Bug: http://curl.haxx.se/mail/lib-2014-04/0063.html
Reported-by: Jeroen Koekkoek
2014-04-06 23:13:08 +02:00
Steve Holme
64381f5091 sasl: Added forward declaration of structures following recent changes
To avoid urldata.h being included from the header file or that the
source file has the correct include order as highlighted by one of
the auto builds recently.
2014-04-06 17:20:08 +01:00
Steve Holme
28d005cc9b RELEASE-NOTES: Synced with 5cdb61abb2 2014-04-06 16:57:37 +01:00
Steve Holme
5cdb61abb2 tests: Disabled DIGEST-MD5 tests when running with SSPI enabled 2014-04-06 16:32:59 +01:00
Steve Holme
537b571c90 sasl: Fixed compilation warning
warning: no previous prototype for 'Curl_sasl_create_digest_md5_message'
2014-04-06 16:32:28 +01:00
Steve Holme
fe15ea67cc sasl: Added curl_memory.h include as per test 1132 2014-04-06 16:09:19 +01:00
Steve Holme
2af28a147b sasl: Fixed compilation warning in SSPI builds
warning: 'sasl_digest_get_key_value' defined but not used
2014-04-06 16:01:55 +01:00
Steve Holme
f700eb7d9a sasl: Corrected missing free of decoded challenge message from 607883f13c 2014-04-06 14:18:31 +01:00
Steve Holme
175b605331 sasl: Corrected add of Curl_sasl_decode_digest_md5_message() from 2c49e96092 2014-04-06 14:02:10 +01:00
Steve Holme
ee40136f6c sasl: Post DIGEST-MD5 SSPI code tidy up
* Added comments to SSPI NTLM message generation
* Added comments to native DIGEST-MD5 code
* Removed redundant identity pointer
2014-04-06 13:30:52 +01:00
Steve Holme
19a514237d sasl: Corrected pre-processor inclusion of SSPI based DIGEST-MD5 code
When CURL_DISABLE_CRYPTO_AUTH is defined the DIGEST-MD5 code should not
be included, regardless of whether USE__WINDOWS_SSPI is defined or not.
This is indicated by the definition of USE_HTTP_NEGOTIATE and USE_NTLM
in curl_setup.h.
2014-04-06 13:01:14 +01:00
Steve Holme
607883f13c sasl: Added support for DIGEST-MD5 via Windows SSPI 2014-04-06 12:49:32 +01:00
Steve Holme
d4150c317c http_negotiate_sspi: Fixed compilation when USE_HTTP_NEGOTIATE not defined 2014-04-06 01:46:53 +01:00
Steve Holme
0bc14c9faf Makefile.vc6: Added curl_sasl_sspi.c 2014-04-06 00:57:23 +01:00
Steve Holme
4991c13784 Makefile.vc6: Follow up fix to commit 45d3f00803 2014-04-06 00:53:47 +01:00
Steve Holme
c469941293 ntlm: Moved the identity generation into shared SSPI code 2014-04-06 00:35:22 +01:00
Steve Holme
ff853960bd sasl: Renamed SSPI module following short name clash 2014-04-06 00:35:01 +01:00
Steve Holme
2c49e96092 sasl: Added initial stub functions for SSPI DIGEST-MD support 2014-04-05 23:16:51 +01:00
Steve Holme
3a92de5636 sasl: Combined DIGEST-MD5 message decoding and generation 2014-04-05 23:09:04 +01:00
Marc Hoersken
45d3f00803 Makefile.vc6: added warnless.c to fix build 2014-04-05 21:45:39 +02:00
Steve Holme
0b8977ac6f winbuild: Updated the VC++ make instructions following commit 11025613b9
* Added information regarding the February 2003 Platform SDK for VC6
* Updated the introduction to be similar to the IDE projects README
2014-04-05 18:52:09 +01:00
Tatsuhiro Tsujikawa
9e86209d04 http2: Compile with current nghttp2, which supports h2-11 2014-04-05 19:30:12 +02:00
Steve Holme
11025613b9 winbuild: Added Visual Studio 2005 (VC8) project files
Added a more thorough version of the VC8 project files that exist in
the "vs" folder with the intention to add support for other versions of
Visual Studio. These files support side-by-side compilation, 32-bit and
64-bit builds as well as support for some of the third-party libraries
curl uses.
2014-04-05 18:16:40 +01:00
Daniel Stenberg
c877c50e13 curl_easy_setopt: fix wrong version number references 2014-04-04 17:20:55 +02:00
Daniel Stenberg
109e94c51c docs: this is for 7.37.0
And clarify for curl that --proxy-header now must be used for headers
that are meant for a proxy, and they will not be included if the request
is not for a proxy.
2014-04-04 17:10:47 +02:00
Daniel Stenberg
74851340bd PROXYHEADER: send these headers in "normal" proxy requests too
Updated the docs to clarify and the code accordingly, with test 1528 to
verify:

When CURLHEADER_SEPARATE is set and libcurl is asked to send a request
to a proxy but it isn't CONNECT, then _both_ header lists
(CURLOPT_HTTPHEADER and CURLOPT_PROXYHEADER) will be used since the
single request is then made for both the proxy and the server.
2014-04-04 17:03:43 +02:00
Daniel Stenberg
d3d27551e7 test1428: verify --proxy-header 2014-04-04 17:03:43 +02:00
Daniel Stenberg
20f61cd12c curl.1: documented --proxy-header 2014-04-04 17:03:43 +02:00
Maciej Puzio
4946ea05e2 curl: add --proxy-header 2014-04-04 17:03:43 +02:00
Daniel Stenberg
fa0a5e6812 symbols-in-versions: Added CURLHEADER_*
... and sorted the list
2014-04-04 17:03:43 +02:00
Daniel Stenberg
ef6be35bae CURLOPT_HEADEROPT: added
Modified the logic so that CURLOPT_HEADEROPT now controls if PROXYHEADER
is actually used or not.
2014-04-04 17:03:43 +02:00
Daniel Stenberg
ac887eedbc CURLOPT_PROXYHEADER: set headers for proxy-only
Includes docs and new test cases: 1525, 1526 and 1527

Co-written-by: Vijay Panghal
2014-04-04 17:03:43 +02:00
Daniel Stenberg
42937f87e6 HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue
Without request body there's no point in asking for 100-continue.

Bug: http://curl.haxx.se/bug/view.cgi?id=1349
Reported-by: JimS
2014-04-04 15:46:35 +02:00
Daniel Stenberg
c81021f747 ftp: in passive data connect wait for happy eyeballs sockets
When doing passive FTP, the multi state function needs to extract and
use the happy eyeballs sockets to wait for to check for completion!

Bug: http://curl.haxx.se/mail/lib-2014-02/0135.html (ruined)
Reported-by: Alan
2014-04-03 20:38:19 +02:00
Daniel Stenberg
97f214d0c9 http2+openssl: fix compiler warnings in ALPN using code 2014-04-03 17:03:02 +02:00
Dan Fandrich
c57166b575 tests: unified use of some keywords 2014-04-03 11:49:49 +02:00
Dan Fandrich
ff35e74bcd tests: added some missing closing tags 2014-04-03 11:49:48 +02:00
Daniel Stenberg
d73d633885 runtests: insist on a <keywords> section
Since all present tests now have <keywords> listed, this script will now
refuse to run a given test case if no such section is provided.
Hopefully this will help us make sure new test cases get keywords added
at start.
2014-04-03 11:33:41 +02:00
Daniel Stenberg
1432b22e62 tests: add keywords to the last 7 tests lacking them 2014-04-03 11:06:24 +02:00
Steve Holme
dd9ce1b86c smtp: Fixed login denied with a RFC-821 based server
In addition to commit fe260b75e7 fixed the same issue for RFC-821 based
SMTP servers and allow the credientials to be given to curl even though
they are not used with the server.
2014-04-01 07:20:19 +01:00
Steve Holme
b201d9adb8 tests: Added SMTP with credientials test when not supported by server 2014-04-01 07:19:29 +01:00
Daniel Stenberg
8a0385c1ad urldata: spellfix comment
Reported-by: Melissa
2014-04-01 08:00:34 +02:00
Steve Holme
c524ca35f5 RELEASE-NOTES: Synced with dd07e79023 2014-03-31 21:23:14 +01:00
Steve Holme
dd07e79023 tests: Added SMTP with credentials test for RFC-821 based server
Added SMTP (RFC-821 only) based test case as a reference for the fix
provided by commit fe260b75e7.
2014-03-31 20:55:58 +01:00
Daniel Stenberg
13682d1a24 ipv6: strip off zone identifiers in redirects too
Follow up to 9317eced98 makes test 1056 work again.
2014-03-31 09:35:32 +02:00
Dan Fandrich
ed4972ffdb docs: Removed mention of -g hack when using IPv6 literals
This limitation was removed in commit 0bc4938e
2014-03-31 09:06:09 +02:00
Daniel Stenberg
6448946ac3 http2: let openssl mention the exact protocol negotiated
Remove a superfluous "negotiated http2" info line
2014-03-31 09:00:58 +02:00
Daniel Stenberg
ef813c7097 http2: remove _DRAFT09 from the NPN_HTTP2 enum
We're progressing throught drafts so there's no point in having a fixed
one in a symbol that'll survive.
2014-03-31 08:40:24 +02:00
Till Maas
9317eced98 URL parser: IPv6 zone identifiers are now supported 2014-03-31 07:58:25 +02:00
Paul Marks
0bc4938eec curl: stop interpreting IPv6 literals as glob patterns.
This makes it possible to fetch from an IPv6 literal without specifying
the -g option.  Globbing remains available elsehwere in the URL.

For example:
  curl http://[::1]/file[1-3].txt

This creates no ambiguity, because there is no overlap between the
syntax of valid globs and valid IPv6 literals.  Globs contain hyphens
and at most 1 colon, while IPv6 literals have no hyphens, and at least 2
colons.

The peek_ipv6() parser simply whitelists a set of characters and counts
colons, because the real validation happens later on.  The character set
includes A-Z, in case someone decides to implement support for scopes
like [fe80::1%25eth0] in the future.

Signed-off-by: Paul Marks <pmarks@google.com>
2014-03-30 23:45:29 +02:00
Steve Holme
4043d7b67b test938: Updated to use file input for upload
As the second URL won't be passed input from stdin.
2014-03-30 22:40:34 +01:00
Steve Holme
7dd494c6e7 test836: Fixed incorrect username in expected output 2014-03-30 22:40:21 +01:00
Daniel Stenberg
fbb6e0478b DISABLED: 836, 882 and 938 hang 2014-03-30 23:36:57 +02:00
Daniel Stenberg
c1f7da1570 runtests: check protocol before data
When the protocol part fails, the data usually does too but the protocol
part is often more fundamental and often provide the clues you need to
fix the test case.
2014-03-30 23:16:21 +02:00
Steve Holme
acefed139f ftpserver.pl: Extended the full text reply regular expression
Extended the regex to include other valid characters such as those used
in the reply text of Test 836.
2014-03-30 22:00:04 +01:00
Daniel Stenberg
8fdb87d0df keywords: sort case insensitive 2014-03-30 17:09:11 +02:00
Daniel Stenberg
c38b573ff5 tests: remove trailing CRs from keywords 2014-03-30 17:05:22 +02:00
Daniel Stenberg
c09f6c72e9 keywords: sort keywords alphabetically 2014-03-30 17:04:56 +02:00
Daniel Stenberg
7dbed6a2f5 keywords: don't use STDERR for good info 2014-03-30 17:00:32 +02:00
Steve Holme
afbcfc4f46 tests: Added email unit tests to verify login credential connection re-use 2014-03-30 15:13:31 +01:00
Steve Holme
b3e55bf989 tests: Corrected "APOP" authentication keyword 2014-03-30 12:00:33 +01:00
Steve Holme
6876b35ad6 tests: Replaced email authentication keywords with SASL based keywords
As the email protocols implement SASL authentication rather than IMAP,
POP3 and SMTP specific authentication, updated the authentication
keywords to reflect this.
2014-03-30 11:56:42 +01:00
Steve Holme
82bcc7c615 tests: Added "Clear Text" authentication keyword 2014-03-30 11:34:23 +01:00
Steve Holme
dfa481a7c5 tests: Added "SASL" authentication keyword 2014-03-30 11:31:38 +01:00
Steve Holme
0c4589f0c0 imap-append.c: Fixed compilation errors on some platforms
In the initializer for len, there is no prototype for "strlen".
In this statement, there is no prototype for "memcpy".
2014-03-30 10:56:51 +01:00
Steve Holme
54ef196db8 ftpserver.pl: Removed some unused variables 2014-03-30 10:37:45 +01:00
Steve Holme
5b773658a8 ftpserver.pl: Reworked some variable names to be more meaningful 2014-03-30 00:12:38 +00:00
Steve Holme
f559611aa1 ftpserver.pl: Corrected some indentation in senddata() 2014-03-29 23:17:16 +00:00
Daniel Stenberg
713402982f lib1513: fix callback proto to silence warning 2014-03-29 23:14:42 +01:00
Steve Holme
2baf38f7c3 ftpserver.pl: Added fallback to <data> support when using multiple URLs
Added support for falling back to <data> when <data1>, <data2>, etc...
don't exist in the <reply> section of a unit test.
2014-03-29 20:50:27 +00:00
Steve Holme
8293691b88 ftpserver.pl: Updated email based get reply data code to use new method 2014-03-29 17:30:19 +00:00
Steve Holme
fdb13d885a ftpserver.pl: Fixed syntax error from commit 3a29ee41 2014-03-29 12:32:03 +00:00
Steve Holme
8541f2d39d ftpserver.pl: Updated argument code in STATUS_imap() to be more meaningful 2014-03-29 11:15:19 +00:00
Steve Holme
3a29ee41ef ftpserver.pl: Introduced common method for getting a test's reply data 2014-03-29 10:29:17 +00:00
Steve Holme
fe260b75e7 smtp: Fixed login denied when server doesn't support AUTH capability
Specifying user credentials when the SMTP server doesn't support
authentication would cause curl to display "No known authentication
mechanisms supported!" and return CURLE_LOGIN_DENIED.

Reported-by: Tom Sparrow
Bug: http://curl.haxx.se/mail/lib-2014-03/0173.html
2014-03-28 18:21:27 +00:00
Cody Mack
2dc63c72dc winbuild: added warnless.c to fix build 2014-03-28 15:12:12 +01:00
Dan Fandrich
a8c7cf6281 hostcheck: added a system include to define struct in_addr 2014-03-26 22:29:00 +01:00
Dan Fandrich
7cb763cf57 test1397: Fixed compilation with some SSL backends
The test is only valid when one of four SSL backends is in use,
and must otherwise return success.
2014-03-26 22:08:53 +01:00
Dan Fandrich
f82e0edc17 test815/816: Use authentication for both URLs
The improved connection reuse logic would otherwise create a new
connection for each one, which isn't supported by the test
server, nor expected by the test.
2014-03-26 22:06:26 +01:00
Daniel Stenberg
38d582ff54 mkhelp: generate code for --disable-manual as well
This allows configure --disable-manual to run and build without having
to regenerate the src/tool_hugehelp.c file which otherwise is necessary
since we ship tarballs with that file present.

Reported-by: Remi Gacogne
Bug: http://curl.haxx.se/bug/view.cgi?id=1350
2014-03-26 13:22:10 +01:00
Daniel Stenberg
5a327f39d5 bump: start the 7.37.0 race 2014-03-26 08:29:29 +01:00
Daniel Stenberg
4f041c9d6e RELEASE-NOTES: 7.36.0 2014-03-26 00:29:43 +01:00
Richard J. Moore
4d06b27921 test1397: unit test for certificate name wildcard handling 2014-03-25 23:01:37 +01:00
Daniel Stenberg
965690f67e Curl_cert_hostcheck: strip trailing dots in host name and wildcard
Reported-by: Richard Moore
2014-03-25 23:01:37 +01:00
Daniel Stenberg
5019c78095 Curl_cert_hostcheck: reject IP address wildcard matches
There are server certificates used with IP address in the CN field, but
we MUST not allow wild cart certs for hostnames given as IP addresses
only. Therefore we must make Curl_cert_hostcheck() fail such attempts.

Bug: http://curl.haxx.se/docs/adv_20140326B.html
Reported-by: Richard Moore
2014-03-25 23:01:37 +01:00
Steve Holme
517b06d657 url: Fixed connection re-use when using different log-in credentials
In addition to FTP, other connection based protocols such as IMAP, POP3,
SMTP, SCP, SFTP and LDAP require a new connection when different log-in
credentials are specified. Fixed the detection logic to include these
other protocols.

Bug: http://curl.haxx.se/docs/adv_20140326A.html
2014-03-25 23:01:37 +01:00
Daniel Stenberg
e798e6759b THANKS: 14 new friends from the 7.36.0 announcement 2014-03-25 22:40:46 +01:00
Daniel Stenberg
b877494a27 RELEASE-NOTES: synced with 3ebfaf6a03 2014-03-25 14:54:11 +01:00
Steve Holme
3ebfaf6a03 tool_operate: Fixed uninitialised variable under some error situations
For example when a URL is not specified or the headers file fails to
open.
2014-03-23 11:04:15 +00:00
Steve Holme
ed02f0abca tool_parsecfg: Reworked error handling from commit fc59a9e1 2014-03-22 16:50:47 +00:00
Steve Holme
5e097583f7 tool_getparam: Removed "dead assignment" code introduced in commit 1a9b58fc 2014-03-22 16:31:13 +00:00
Gisle Vanem
196140dcaf polarssl: avoid extra newlines in debug messages
The debug messages printed inside PolarSSL always seems to end with a
newline. So 'infof()' should not add one. Besides the trace 'line'
should be 'const'.
2014-03-22 16:55:39 +01:00
Daniel Stenberg
4ff71183b9 rtsp: parse "Session:" header properly
The parser skipped the initial letter, which presumably often is
whitespace but doesn't have to be.

Reported-by: Mike Hasselberg
Bug: http://curl.haxx.se/mail/lib-2014-03/0134.html
2014-03-20 11:52:27 +01:00
Daniel Stenberg
2fc31dcf74 runtests.pl: verify specified test cases
To better allow arguments like "1 to 9999" without flooding the terminal
with error messages, the given test cases range is now checked and only
test numbers with existing files are actually run.
2014-03-19 23:28:28 +01:00
Dan Fandrich
715125e790 RELEASE-NOTES: fixed typo 2014-03-19 23:10:56 +01:00
Daniel Stenberg
930b81387b trynextip: don't store 'ai' on failed connects...
It leads to the "next family" tries starting from the wrong point and thus
fails!

Bug: http://curl.haxx.se/bug/view.cgi?id=1337
Reported-by: ricker
2014-03-19 16:34:12 +01:00
Daniel Stenberg
ec0079a99d RELEASE-NOTES: synced with 47f8e99e78 2014-03-19 16:18:21 +01:00
Gaël PORTAY
47f8e99e78 polarssl: fix possible handshake timeout issue in multi.
Because of the socket is unblocking, PolarSSL does need call to getsock to
get the action to perform in multi environment.

In some cases, it might happen we have not received yet all data to perform
the handshake. ssh_handshake returns POLARSSL_ERR_NET_WANT_READ, the state
is updated but because of the getsock has not the proper #define macro to,
the library never prevents to select socket for input thus the socket will
never be awaken when last data is available. Thus it leads to timeout.
2014-03-19 16:10:18 +01:00
Gaël PORTAY
ff25f437a5 polarssl: break compatibility with version older than 1.3.
Remove all #ifdef/else/endif macros that ensure compatibility with polarssl
version previous than 1.3.
2014-03-18 21:01:11 +01:00
Gaël PORTAY
31265376bc polarssl: drop use of 1.2 compatibility header.
API has changed since version 1.3. A compatibility header has been created
to ensure forward compatibility for code using old API:
 * x509 certificate structure has been renamed to from x509_cert to
   x509_crt
 * new dedicated setter for RSA certificates ssl_set_own_cert_rsa,
   ssl_set_own_cert is for generic keys
 * ssl_default_ciphersuites has been replaced by function
   ssl_list_ciphersuites()

This patch drops the use of the compatibly header.
2014-03-18 21:01:11 +01:00
Daniel Stenberg
7a1fb8e816 polarssl: added missing end-of-comment from previous commit 2014-03-18 08:03:45 +01:00
Daniel Stenberg
5017d5ada8 polarssl: now require 1.3.0+
Also fixed a function name change in the version requirement bump
2014-03-17 20:48:06 +01:00
hasufell
4d6108315b polarssl: fix compilation
Rename x509_cert to x509_crt and add "compat-1.2.h"
include.
This would still need some more thorough conversion
in order to drop "compat-1.2.h" include.
2014-03-17 20:08:45 +01:00
Kamil Dudka
67061e3f4e nss: allow to enable/disable new AES GCM cipher-suites
... if built against a new enough version of NSS
2014-03-15 13:07:55 +01:00
Kamil Dudka
c864d81289 nss: allow to enable/disable new HMAC-SHA256 cipher-suites
... if built against a new enough version of NSS
2014-03-15 13:07:55 +01:00
Kamil Dudka
b4f6cd46eb nss: do not enable AES cipher-suites by default
... but allow them to be enabled/disabled explicitly.  The default
policy should be maintained at the NSS level.
2014-03-15 13:07:55 +01:00
Dan Fandrich
4c599b9d2d tests: made the SASL modes separate keywords 2014-03-15 11:13:13 +01:00
Dan Fandrich
c03243576a tests: added missing HTTP NTLM auth keywords
Also, removed an unneeded strippart
2014-03-15 10:54:49 +01:00
Dan Fandrich
02bba0ce7d tests: disable valgrind on the remaining scp/sftp tests 2014-03-15 10:41:40 +01:00
Dan Fandrich
e8aff0c588 valgrind.supp: added another test 165 suppression
This one seems to come and go as the optimizer decides how best
to inline some functions.
2014-03-15 10:41:40 +01:00
Dan Fandrich
9b5b6a2b1a ssh: prevent a logic error that could result in an infinite loop 2014-03-15 10:26:29 +01:00
Dan Fandrich
ca7d1de69c docs: fixed a bunch of typos 2014-03-14 23:38:00 +01:00
Dan Fandrich
61591eee68 test640/1: add tests for --head with sftp and scp
This option is currently rather useless with these protocols
when no quote command is given, but it is valid.
2014-03-14 23:38:00 +01:00
Dan Fandrich
596800378d ssh: removed a redundant close state transition 2014-03-14 23:38:00 +01:00
Dan Fandrich
8c4d6ceec0 ssh: abort immediately on a header callback error 2014-03-14 23:37:59 +01:00
Daniel Stenberg
891ef341b3 chunked-encoding: provide a readable error string for chunked errors 2014-03-14 15:44:18 +01:00
Daniel Stenberg
2465ee7573 TODO: remove http2, we now have it 2014-03-11 14:10:20 +01:00
Tatsuhiro Tsujikawa
9787b8e9d4 http2: free resources on disconnect
... and use Curl_safefree() instead of free()
2014-03-10 18:35:59 +01:00
Daniel Stenberg
dcdbac2568 openssl: info massage with SSL version used
Patch-by: byte_bucket
2014-03-10 17:13:11 +01:00
Steve Holme
ac7118319e RELEASE-NOTES: Synced with 8ddda0e999 2014-03-09 19:44:12 +00:00
Daniel Stenberg
8ddda0e999 README.http2: clarify the build prerequisites 2014-03-09 16:39:46 +00:00
Daniel Stenberg
74ad0221cc SSL-PROBLEMS: add "missing intermediate certificates" piece 2014-03-09 15:55:13 +00:00
Daniel Stenberg
a55e7f0abd SSL-PROBLEMS: describes common curl+SSL problems 2014-03-08 22:21:41 +00:00
Nick Zitzmann
63e3e03dae docs: remove documentation on setting up krb4 support
The information about building with Kerberos4 support was half a year out
of date. We dropped support for that.
2014-03-08 11:58:06 -06:00
Daniel Stenberg
6da4085e48 ssh: fix compiler warning converting ssize_t to int 2014-03-06 13:25:59 +00:00
Dan Fandrich
e591165f94 ssh: Fixed a style warning
Also, combined a couple of #ifdef sections
2014-03-06 13:39:22 +01:00
Dan Fandrich
e84d0b41f6 ssh: Pass errors from libssh2_sftp_read up the stack 2014-03-06 12:48:33 +01:00
Daniel Stenberg
539412851c parse_remote_port: error out on illegal port numbers better 2014-03-06 00:06:45 +00:00
Daniel Stenberg
219a0fbe76 remote_port: allow connect to port 0
Port number zero is perfectly allowed to connect to. I moved to storing
the remote port number in an int so that -1 means undefined and 0-65535
can be used for legitimate port numbers.
2014-03-05 17:38:05 +00:00
Daniel Stenberg
0b3750b5c2 multi_runsingle: move timestamp into INIT
Setting the TIMER_STARTSINGLE timestamp first in CONNECT has the
drawback that for actions that go back to the CONNECT state, the time
stamp is reset and for the multi_socket API there's no corresponding
Curl_expire() then so the timeout logic gets wrong!

Reported-by: Brad Spencer
Bug: http://curl.haxx.se/mail/lib-2014-02/0036.html
2014-03-03 16:35:04 +01:00
Daniel Stenberg
a21c04f391 hostcheck: update comment after previous change 2014-03-03 13:41:48 +01:00
Daniel Stenberg
c01467b753 hostcheck: Curl_cert_hostcheck is not used by NSS builds 2014-03-03 13:39:06 +01:00
Michael Osipov
778e4bb276 configure: call it GSS-API
... since that’s how the RFC calls it.
2014-03-03 11:06:38 +01:00
Daniel Stenberg
9cb7802cfd x509asn: moved out Curl_verifyhost from NSS builds
... as it isn't used then!
2014-03-03 08:44:25 +01:00
Daniel Stenberg
6f416fa462 NSS: avoid compiler warnings when built without http2 support 2014-03-03 08:39:25 +01:00
Jiri Malak
420d9ff3eb Rework Open Watcom make files to use standard Wmake features
Remove slash/backslash problem, now only slashes are used,
Wmake automaticaly translate slash/backslash to proper version or tools are not sensitive for it.
Enable spaces in path.
Use internal rm command for all host platforms
Add error message if old Open Watcom version is used. Some old versions exhibit build problems for Curl latest version. Now only versions 1.8, 1.9 and 2.O beta are supported
2014-03-03 08:19:05 +01:00
Jiri Malak
85484355b3 parsedate: Fixed compilation warning
Remove compilation message for platforms where size of long type
is equal size of int type.
2014-03-02 16:36:05 +01:00
Steve Holme
d8073db304 RELEASE-NOTES: Synced with 7fef4016de 2014-03-02 10:48:40 +00:00
Steve Holme
7fef4016de tool: Do not output libcurl source for the information only parameters
Ensure a source file isn't generated for the following informational
command line parameters when --libcurl is specified:

--help, --manual, --version and --engine list

As the output would only include a fairly empty looking main() function
and a call to curl_easy_init() and curl_easy_cleanup() when performed
with --engine list.
2014-03-02 10:42:53 +00:00
Steve Holme
68920b6c11 tool: Fixed libcurl source output for multiple operations
Correctly output libcurl source code that includes multiply operations
as specified by --next. Note that each operation evaluates to a single
curl_easy_perform() in source code form.

Also note that the output could be optimised a little so global config
options are only output once rather than per operation as is presently
the case.
2014-03-02 09:44:18 +00:00
Steve Holme
46b1d0a047 tool_metalink.h: Fixed compilation warning
warning: declaration of 'struct GlobalConfig' will not be visible
outside of this function
2014-03-01 20:16:33 +00:00
Steve Holme
eba197161a tool: Moved internal variable isatty to the global config 2014-03-01 18:30:16 +00:00
Steve Holme
36802d6e0c tool_operate.c: Fixed compilation error
incompatible types - from 'OperationConfig *' to 'GlobalConfig *'
2014-03-01 18:14:16 +00:00
Steve Holme
f1a9e6858e tool: Moved --libcurl to the global config 2014-03-01 17:23:14 +00:00
Steve Holme
75e996f29f tool: Moved --progress-bar to the global config 2014-03-01 13:20:35 +00:00
Steve Holme
5513bbd5c3 tool: Moved --stderr to the global config 2014-03-01 13:03:20 +00:00
Steve Holme
1f07718123 transfer.c: Fixed non-HTTP2 builds from commit cde0cf7c5e 2014-02-28 23:21:36 +00:00
Tatsuhiro Tsujikawa
cde0cf7c5e Fix bug that HTTP/2 hangs if whole response body is read with headers
For HTTP/2, we may read up everything including responde body with
header fields in Curl_http_readwrite_headers. If no content-length is
provided, curl waits for the connection close, which we emulate it
using conn->proto.httpc.closed = TRUE. The thing is if we read
everything, then http2_recv won't be called and we cannot signal the
HTTP/2 stream has closed. As a workaround, we return nonzero from
data_pending to call http2_recv.
2014-02-28 23:28:39 +01:00
Daniel Stenberg
53f1f4a18e http2: build with current nghttp2 version
nghttp2 has yet again extended its callback struct and this is an
attempt to make curl compile with nghttp2 from current git
2014-02-28 23:26:43 +01:00
Dan Fandrich
bd248a0b80 tool_main: Fixed a memory leak on main_init error 2014-02-28 21:58:12 +01:00
Steve Holme
219d19a401 test96: Updated accordly for recent changes 2014-02-28 09:45:38 +00:00
Steve Holme
78f26394dc tool_cfgable: Code policing of structure pointers 2014-02-27 21:11:37 +00:00
Steve Holme
4efa1d29e2 tool: Moved --trace and --verbose to the global config 2014-02-27 21:01:08 +00:00
Steve Holme
fd97c17bb7 tool_main: Forgot to initialise the first operation's global pointer 2014-02-27 20:49:28 +00:00
Steve Holme
5577540ad5 tool: Moved --silient to the global config
Other global options such as --libcurl, --trace and --verbose to
follow.
2014-02-27 20:31:27 +00:00
Steve Holme
17df2d8f8e tool_cfgable: Added GlobalConfig pointer to OperationConfig
In order to ease the moving of global options such as the error stream,
updated the OperationConfig structure to point to the GlobalConfig.
2014-02-27 20:20:17 +00:00
Steve Holme
fc59a9e18f tool: Added support to .curlrc for URL specific options
In addition to adding support for URL specific options via the command
line with --next it is now possible to specify "next" in .curlrc.
2014-02-26 22:05:37 +00:00
Steve Holme
07d7603b45 tool: Reworked argument parsing to use --next/-:
Follow up to commit 1a9b58fcb2 to replace the : command line option
with --next and -:.
2014-02-26 20:53:23 +00:00
Steve Holme
1a9b58fcb2 tool_getparam: Added initial support for --next/-:
Added initial support for --next/-: which will be used to replace the
rather confusing : command line operation what was used for the URL
specific options prototype.
2014-02-26 20:42:30 +00:00
Dan Fandrich
3228deff40 valgrind.supp: tweaked a test 165 suppression
A recent change seems to have slightly changed the call stack
produced by the gcc optimizer.
2014-02-26 08:25:47 +01:00
nickzman
e9665e9658 Merge pull request #93 from d235j/darwinssl_ip_address_fix
darwinssl: don't omit CN verification when an IP address is used
2014-02-25 17:36:44 -06:00
Daniel Stenberg
d48eb1dd69 parse_args: fix a too long source code line 2014-02-25 23:36:13 +01:00
naota
4548e0fe71 configure: Tiny fix to honor POSIX
Change "==" to "=" to honor POSIX test construction.
2014-02-25 23:29:13 +01:00
Steve Holme
70052836d1 tool_help: Moved --no-alpn and --no-npn to be listed alphabetically
...and added the HTTP suffix as these options are only used for HTTP2
based connections.
2014-02-25 21:38:36 +00:00
Steve Holme
249dc83571 tool: Moved --showerror to the global config
Other global options such as --libcurl, --trace and --verbose to
follow.
2014-02-25 20:52:36 +00:00
Steve Holme
0704dd770d tool_getparam: Added global config to getparameter()
In preparation for parsing global options added the GlobalConfig
structure to the getparameter() function.
2014-02-25 19:38:17 +00:00
Steve Holme
ad388a7d37 tool_getparam.h: Fixed compilation warning
warning: declaration of 'struct GlobalConfig' will not be visible
outside of this function
2014-02-25 07:16:51 +00:00
Marc Hoersken
87683d4b76 RELEASE-NOTES: Updated for 63fc8ee7 2014-02-24 22:29:25 +01:00
Steve Holme
f35668985e tool_cfgable: Added support for knowing the current operation 2014-02-24 21:25:36 +00:00
Marc Hoersken
e904b15f21 curl_schannel.c: Updated copyright years 2014-02-24 22:12:55 +01:00
David Ryskalczyk
63fc8ee7be winssl: Enable hostname verification of IP address using SAN or CN
Original commit message was:
 Don't omit CN verification in SChannel when an IP address is used.

Side-effect of this change:
 SChannel and CryptoAPI do not support the iPAddress subjectAltName
 according to RFC 2818. If present, SChannel will first compare the
 IP address to the dNSName subjectAltNames and then fallback to the
 most specific Common Name in the Subject field of the certificate.

 This means that after this change curl will not connect to SSL/TLS
 hosts as long as the IP address is not specified in the SAN or CN
 of the server certificate or the verifyhost option is disabled.
2014-02-24 22:12:55 +01:00
Steve Holme
c27cc68815 tool_operate: Moved easy handle cleanup into tool_main 2014-02-24 20:35:48 +00:00
Marc Hoersken
0af2322bc6 tool_hugehelp: partially reverted 24e22e10
Compilation was not possible if manuel is disabled due this error:
 error: macro "hugehelp" passed 1 arguments, but takes just 0
  void hugehelp(void) {}
2014-02-24 21:30:36 +01:00
Steve Holme
59b5ef444e tool_main: Moved easy handle into global config structure 2014-02-24 20:01:37 +00:00
David Ryskalczyk
afc6e5004f Don't omit CN verification in DarwinSSL when an IP address is used. 2014-02-23 12:37:27 -05:00
Steve Holme
0d9ddf91ca tool: Fixed line longer than 79 characters from commit 705a4cb549 2014-02-23 16:13:09 +00:00
Steve Holme
cc31a4a645 tool_main: Corrected typo from commit d6b9f054e9 in Symbian code 2014-02-23 14:10:05 +00:00
Steve Holme
665096e24c tool_main: Moved OperateConfig cleanup into main_free() 2014-02-23 13:44:59 +00:00
Steve Holme
d6b9f054e9 tool_main: Moved initial OperateConfig creation into main_init() 2014-02-23 13:35:51 +00:00
Steve Holme
2249f7fe70 tool_cfgable: Added global config structure 2014-02-23 13:12:47 +00:00
Steve Holme
705a4cb549 tool_cfgable: Renamed Configurable structure to OperationConfig
To allow for the addition of a global config structure and prevent
confusion between the two.
2014-02-23 13:09:20 +00:00
Steve Holme
6512e93be1 tool: Fixed incorrect return code with --version from commit c10bf9bb36 2014-02-23 12:13:39 +00:00
Steve Holme
3674f2021d RELEASE-NOTES: Synced with 8c80840d01 2014-02-23 11:24:46 +00:00
Steve Holme
8c80840d01 tool_getparam: Moved tool_help() call into operate() 2014-02-23 11:16:05 +00:00
Steve Holme
24e22e1078 tool_getparam: Moved hugehelp() call into operate() 2014-02-23 11:12:03 +00:00
Steve Holme
c10bf9bb36 tool_getparam: Moved tool_version_info() call into operate() 2014-02-23 11:10:01 +00:00
Steve Holme
e6e8b14405 tool_cfgable: Removed list_engine flag from config structure
In preparation for separating the global config options from the per
operation config options, reworked the list engines code to not use a
member variable in the Configurable structure.
2014-02-22 21:00:03 +00:00
Steve Holme
b914e7ed02 tool_operate: Start to use CURLcode rather than int for return codes
To help assist with the detection of incorrect return codes, as per
commits ee23d13a79, 33b8960dc8 and aba98991a5, updated the operate
based functions to return CURLcode error codes.
2014-02-22 18:57:02 +00:00
Steve Holme
ee23d13a79 tool: Fixed incorrect return code when setting HTTP request fails
During initialisation SetHTTPrequest() may fail and cURL would return
PARAM_BAD_USE, which is equivalent to CURLE_NOT_BUILT_IN in cURL error
terms.

Instead, return CURLE_FAILED_INIT as we do for other functions that may
fail during initialisation.
2014-02-22 18:14:33 +00:00
Steve Holme
dcbae71812 tool_getparam: Moved version information into separate function in tool_help 2014-02-22 17:47:13 +00:00
Steve Holme
67f051051f tool_operhlp.h: Fixed compilation warning
warning: 'struct Configurable' declared inside parameter list
2014-02-22 17:13:02 +00:00
Steve Holme
b98c74b67e tool_operhlp: Consolidated engine output code into tool_help 2014-02-22 16:50:29 +00:00
Steve Holme
6969e24aee tool_operate: Moved list engines into separate function in tool_help 2014-02-22 16:47:59 +00:00
Marc Hoersken
e08d0662b7 RELEASE-NOTES: added note about impact of changes to WinSSL defaults 2014-02-22 16:57:29 +01:00
Marc Hoersken
b5486adc9b stunnel: regenerated self-signed test certificate with SHA1 hash
The previous test certificate contained a MD5 hash which is not
supported using TLSv1.2 with Schannel on Windows 7 or newer.

See the update to this blog post on IEInternals / MSDN:
http://blogs.msdn.com/b/ieinternals/archive/2011/03/25/
misbehaving-https-servers-impair-tls-1.1-and-tls-1.2.aspx

"Update: If the server negotiates a TLS1.2 connection with a
Windows 7 or 8 schannel.dll-using client application, and it
provides a certificate chain which uses the (weak) MD5 hash
algorithm, the client will abort the connection (TCP/IP FIN)
upon receipt of the certificate."
2014-02-22 16:49:09 +01:00
Dan Fandrich
a660c0dbe6 easy: Fixed a memory leak on OOM condition 2014-02-22 15:41:59 +01:00
Steve Holme
3521e4e40d tool_paramhlp: Fixed compilation warnings
declaration of 'index' shadows a global declaration
2014-02-20 23:18:48 +00:00
Steve Holme
873178a657 lib1515.c: Fixed #include path in commit 647f83e809 2014-02-19 20:36:36 +00:00
Maks Naumov
647f83e809 test1515: fix compilation with msvc
... or any other systems lacking a native snprintf
2014-02-19 13:50:17 +01:00
Daniel Stenberg
0d6225ad0d SFTP: skip reading the dir when NOBODY=1
When asking for an SFTP directory with NOBODY set, no directory contents
should be retrieved.

Bug: http://curl.haxx.se/mail/lib-2014-02/0155.html
2014-02-19 10:40:28 +01:00
Dan Fandrich
8749bbe7fd axtls: comment the call ssl_read repeatedly loop 2014-02-18 21:14:09 +01:00
Kamil Dudka
03c288202e curl.1: update the description of --tlsv1
... and mention the --tlsv1.[0-2] options in the --tslv1 entry

Reported-by: Hubert Kario
2014-02-18 10:35:41 +01:00
Daniel Stenberg
938f93549f curl_version.3: recommend using curl_version_info() instead 2014-02-18 08:59:56 +01:00
Daniel Stenberg
911a5c3646 curl_version_info.3: added *HTTP2
... and edited language slightly
2014-02-18 08:59:38 +01:00
Daniel Stenberg
f207f7e427 curl_multi_assign.3: updated language 2014-02-18 08:51:03 +01:00
Daniel Stenberg
b1096d2352 libcurl.3: edited slightly to improve readability 2014-02-18 08:46:46 +01:00
Daniel Stenberg
452a4d90a4 curl_easy_perform.3: extended and clarified 2014-02-18 08:30:59 +01:00
Daniel Stenberg
860424bb06 curl_multi_add_handle.3: clarify multi vs easy use
it is only WHILE added to a multi handle that it can't be used with the
easy interface
2014-02-18 08:29:39 +01:00
Tatsuhiro Tsujikawa
035b91a26c http2: Support HTTP POST/PUT
This patch enables HTTP POST/PUT in HTTP2.
We disabled Expect header field and  chunked transfer encoding
since HTTP2 forbids them.
In HTTP1, Curl sends small upload data with request headers, but
HTTP2 requires upload data must be in DATA frame separately.
So we added some conditionals to achieve this.
2014-02-17 23:45:58 +01:00
Daniel Stenberg
e9dfdef411 RELEASE-NOTES: synced with 854aca5420 2014-02-17 11:16:41 +01:00
Daniel Stenberg
854aca5420 multi: ignore sigpipe internally
When the multi API is used we must also ignore SIGPIPE signals when
caused by things we do, like they can easily be generated by OpenSSL.
2014-02-17 10:35:21 +01:00
Dan Fandrich
4b4e8a5853 tests: Made the crypto test feature usable
This feature specifies the availability of cryptographic
authentication, which can be disabled at compile-time
2014-02-17 09:50:46 +01:00
Dan Fandrich
184c3e2d37 configure: Fix the --disable-crypto-auth option
It now disables NTLM and GSS authentication methods, and produces
compilable code when SSL is enabled.
2014-02-17 09:50:46 +01:00
Daniel Stenberg
b04c158adf curl_multi_setopt.3: clarify CURLMOPT_MAXCONNECTS 2014-02-17 09:29:25 +01:00
Shao Shuchao
2111c2ed07 ConnectionDone: default maxconnects to 4 x number of easy handles
... as documented!
2014-02-17 09:29:25 +01:00
Daniel Stenberg
1f60728f81 examples: remove all use of CURLM_CALL_MULTI_PERFORM
... since it is never returned since a long while back.
2014-02-17 08:25:39 +01:00
Colin Hogben
0d94640c9b curl_easy_setopt.3: Add another non-matching hostname
For the avoidance of doubt, show a domain which contains the no-proxy
pattern but not at the top level.
2014-02-16 23:32:24 +01:00
Daniel Stenberg
575a2b684b axtls: bump copyright year 2014-02-16 23:31:47 +01:00
Fabian Frank
86f266b004 axtls: call ssl_read repeatedly
Perform more work in between sleeps. This is work around the
fact that axtls does not expose any knowledge about when work needs
to be performed. Depending on connection and how often perform is
being called this can save ~25% of time on SSL handshakes (measured
on 20ms latency connection calling perform roughly every 10ms).
2014-02-16 23:30:21 +01:00
Yehezkel Horowitz
79a9f8c942 url_easy_setopt.3: Add undocumented values of curl_infotype
... for debug function
2014-02-16 23:27:16 +01:00
Daniel Stenberg
d765099813 ConnectionExists: re-use connections better
When allowing NTLM, the re-use connection logic was too focused on
finding an existing NTLM connection to use and didn't properly allow
re-use of other ones. This made the logic not re-use perfectly re-usable
connections.

Added test case 1418 and 1419 to verify.

Regression brought in 8ae35102c (curl 7.35.0)

Reported-by: Jeff King
Bug: http://thread.gmane.org/gmane.comp.version-control.git/242213
2014-02-16 14:30:02 +01:00
Steve Holme
f3bae6ed73 tool_paramhlp: Added URL index to password prompt for multiple operations 2014-02-16 11:13:16 +00:00
Marc Hoersken
013e9a11ff sockfilt.c: add undefs which are required after 6239146e 2014-02-16 11:52:48 +01:00
Steve Holme
77a51364a4 warnless: Updated copyright year for recent changes 2014-02-16 10:39:46 +00:00
Marc Hoersken
6239146e93 warnless: add wrapper function for read and write on Windows 2014-02-16 11:03:22 +01:00
Steve Holme
dc0f8c04ec examples: Added IMAP LSUB example 2014-02-16 00:09:22 +00:00
Steve Holme
2de045ff7c tool_operate: Changed the required argument check/get to be upfront
Rather than check for required arguments, and prompt for any host and
proxy passwords, as each operation is performed, changed the code so
all configurations are checked before any operations are performed.

This allows the user to input all the required passwords, for example,
upfront rather than wait for each operation.
2014-02-15 18:59:12 +00:00
Steve Holme
f80ca7a05a tool_operate: Moved required argument getting into separate function 2014-02-15 16:31:32 +00:00
Dan Fandrich
89070d0e68 valgrind: added another test 165 suppression
This one is needed with the gcc options -fstack-protector-all -O2
That brings the number of suppressions for test 165 to four, and I
suspect I could find another two missing without trying very hard. I'm
beginning to think suppressions isn't the best way to handle these
kinds of cases.
2014-02-15 09:27:21 +01:00
Marc Hoersken
779afe3bbf testsuite: more Windows line-endings fixes 2014-02-15 09:19:27 +01:00
Marc Hoersken
f3ce1af9fc test1114: fix line-endings checks on Windows after 75f00de 2014-02-15 09:14:36 +01:00
Marc Hoersken
3c2c1f9876 test1113: fix line-endings checks on Windows after 75f00de5 2014-02-15 09:12:59 +01:00
Marc Hoersken
8451623b45 lib1515.c: Added support for Windows using the Sleep function 2014-02-14 22:17:54 +01:00
Marc Hoersken
0a568867c0 HTTP tests: use CRLF as header seperator according to RFC 2616
Updates the test suite to handle binary-mode header output.
2014-02-14 20:12:28 +01:00
Marc Hoersken
91c13d759a curl: output protocol headers using binary mode
Since protocol headers contain explicit line-endings there should
be no automatic conversion to ASCII text or CRLF line-endings.

This might break third party tools that already depend on this
behaviour. We might need to introduce an option to make this optional.
2014-02-14 20:12:28 +01:00
Marc Hoersken
89c29aa70f HTTP tests: use CRLF as header seperator according to RFC 2616
Changes LF to CRLF and disables automatic output conversion.
2014-02-14 20:12:27 +01:00
Marc Hoersken
75f00de55c testsuite: use binary output mode for custom curl test tools
Do not try to convert line-endings to CRLF on Windows by setting stdout
to binary mode, just like the curl tool does if --ascii is not specified.

This should prevent corrupted stdout line-ending output like CRCRLF.

In order to make the previously naive text-aware tests work with
binary mode on Windows, text-mode is disabled for them if it is not
actually part of the test case and line-endings are corrected.
2014-02-14 20:12:27 +01:00
Marc Hoersken
69745aaa45 testsuite: changed HTTP and RTSP header line-endings to CRLF
According to RFC 2616 and RFC 2326 individual protocol elements, like
headers and except the actual content, are terminated by using CRLF.

Therefore the test data files for these protocols need to contain
mixed line-endings if the actual protocol elements use CRLF while
the file uses LF.
2014-02-14 20:12:26 +01:00
Colin Hogben
01844658df curl_easy_setopt.3: Fix word order of CURLOPT_PROXY section
The word CURLOPT_PROXYPORT became detached from its sentence when the
note about the default was added.
2014-02-14 16:16:46 +01:00
Patrick Monnerat
38a56a9d94 OS400: Add new options to RPG binding. 2014-02-14 11:13:01 +01:00
Dan Fandrich
25600bdf75 valgrind: added suppression on optimized code
gcc 4.7.2 with -O2 will optimize Curl_connect by inlining some
functions two levels deep, which makes the valgrind suppression
fail to match. The underlying reason for these idna suppressions is
a gcc strlen optimization when compiling libidn; compiling it with
-fno-builtin-strlen makes this suppression unnecessary.
2014-02-14 08:48:23 +01:00
Arvid Norberg
1813a77b02 dict: fix memory leak in OOM exit path
Bug: https://github.com/bagder/curl/pull/90
2014-02-14 08:21:41 +01:00
Daniel Stenberg
d3d871cb4f Curl_urldecode: don't allow NULL as receiver
For a function that returns a decoded version of a string, it seems
really strange to allow a NULL pointer to get passed in which then
prevents the decoded data from being returned!

This functionality was not documented anywhere either.

If anyone would use it that way, that memory would've been leaked.

Bug: https://github.com/bagder/curl/pull/90
Reported-by: Arvid Norberg
2014-02-13 23:57:40 +01:00
Daniel Stenberg
db981b7b30 RELEASE-NOTES: synced with 378af08c99 2014-02-13 23:35:32 +01:00
Daniel Stenberg
378af08c99 ConnectionExists: reusing possible HTTP+NTLM connections better
Make sure that the special NTLM magic we do is for HTTP+NTLM only since
that's where the authenticated connection is a weird non-standard
paradigm.

Regression brought in 8ae35102c (curl 7.35.0)

Bug: http://curl.haxx.se/mail/lib-2014-02/0100.html
Reported-by: Dan Fandrich
2014-02-13 23:25:38 +01:00
Tiit Pikma
c021a60bcc transfer: make Expect: 100-continue timeout configurable.
Replaced the #define CURL_TIMEOUT_EXPECT_100 in transfer.c with the
CURLOPT_EXPECT_100_TIMEOUT_MS option to make the timeout configurable.
2014-02-13 16:05:17 +01:00
Thomas Braun
bcb32e915e Fix compilation with make mingw32
The source files from lib/vtls where generated in lib instead of lib/vtls.

Verified-by: Thomas Braun <thomas.braun@virtuell-zuhause.de>
2014-02-12 14:39:08 +01:00
Daniel Stenberg
0ab97ba009 chunked decoder: track overflows correctly
The code didn't properly check the return codes to detect overflows so
it could trigger incorrectly. Like on mingw32.

Regression introduced in 345891edba (curl 7.35.0)

Bug: http://curl.haxx.se/mail/lib-2014-02/0097.html
Reported-by: LM
2014-02-12 14:35:46 +01:00
Fabian Frank
bff7398942 curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0 2014-02-11 22:55:49 +01:00
Fabian Frank
ec9476052d openssl: honor --[no-]alpn|npn command line switch
Disable ALPN or NPN if requested by the user.
2014-02-11 22:55:23 +01:00
Fabian Frank
8f5a9147be gtls: honor --[no-]alpn command line switch
Disable ALPN if requested by the user.
2014-02-11 22:54:37 +01:00
Dan Fandrich
82a4d537c3 tests: Disabled broken test 1316
See http://curl.haxx.se/mail/lib-2014-02/0004.html for a
discussion on the problem.
2014-02-11 21:31:46 +01:00
Daniel Stenberg
87e873c6d0 version: next release will become 7.36.0 2014-02-11 11:30:15 +01:00
Daniel Stenberg
33224f9bcd curl_easy_setopt.3: add CURLOPT_SSL_ENABLE_ALPN/NPN 2014-02-11 07:44:27 +01:00
Steve Holme
c8d1733d12 tool_cfgable: Moved easy handle cleanup to fix pingpong logout issues
Commmit c5f8e2f5f4 removed the easy handle clean-up from tool_operate,
letting the code that was already present in free_config_fields()
perform the task. Unfortunately, this wasn't the correct place to do
this as it broke protocols, that would perform a logout, as the main
clean-up in tool_main had already been called.
2014-02-10 22:23:52 +00:00
Dan Fandrich
3a0d1bebba secureserver: Only set stunnel FIPS option when available
It seems the fips config option causes an error if FIPS mode was
not enabled at stunnel compile-time.  FIPS support was disabled
by default in stunnel 5.00, so this is probably really only needed
on versions between 4.32 and 5.00.
2014-02-10 21:56:20 +01:00
Fabian Frank
909a68c121 NPN/ALPN: allow disabling via command line
when using --http2 one can now selectively disable NPN or ALPN with
--no-alpn and --no-npn. for now honored with NSS only.

TODO: honor this option with GnuTLS and OpenSSL
2014-02-10 13:06:17 +01:00
Fabian Frank
70bd9784de nss: use correct preprocessor macro
SSL_ENABLE_ALPN can be used for preprocessor ALPN feature detection,
but not SSL_NEXT_PROTO_SELECTED, since it is an enum value and not a
preprocessor macro.
2014-02-10 08:09:02 +01:00
Steve Holme
daa182afa6 tests: Added test for IMAP LSUB command 2014-02-09 21:21:10 +00:00
Steve Holme
230e872dbd tests: Removed test 807 as it has been superseded by tests 815 and 816 2014-02-09 21:07:02 +00:00
Steve Holme
5a997d97fd tests: Updated the titles of tests 815 and 816 2014-02-09 21:00:17 +00:00
Daniel Stenberg
1861a1de67 tool_metalink: fix compiler warning when built without metalink 2014-02-09 20:08:13 +01:00
Steve Holme
86a40f5d1a tool_operate: Move the trace and error file closure to tool_cfgable 2014-02-09 17:16:15 +00:00
Steve Holme
ae363075e6 TODO: Removed url-specific options 2014-02-09 15:20:53 +00:00
Steve Holme
ea3828e0c7 tests: Re-enabled IMAP tests that require URL specific option support 2014-02-09 14:49:38 +00:00
Steve Holme
cc0da321de RELEASE-NOTES: Synced with 8e62f7a650 2014-02-09 13:15:56 +00:00
Marc Hoersken
8e62f7a650 secureserver: FIPS option is only supported since stunnel 5.00 2014-02-09 13:39:43 +01:00
Steve Holme
8cf63f88c2 tool_operate: Added support for performing URL specific operations 2014-02-09 11:03:57 +00:00
Steve Holme
c5f8e2f5f4 tool_operate: Let curl handle cleanup take place in config_free() 2014-02-09 10:57:56 +00:00
Dan Fandrich
6374ab2a36 formdata: Must use Curl_safefree instead of free 2014-02-09 10:10:22 +01:00
Daniel Stenberg
6b9a3c1865 test96: updated according to recent changes 2014-02-08 23:20:10 +01:00
Daniel Stenberg
1f148c103c runtests: allow <strippart> to remove lines
For verify file, if the strippart condition removes the line completely
it is now removed from the array.
2014-02-08 23:19:10 +01:00
Steve Holme
132f5edfbd tool_getparam: Added support for parsing of specific URL options 2014-02-08 11:18:25 +00:00
Dan Fandrich
2d8623e85d secureserver: Disable FIPS mode for stunnel
It's unnecessary for curl testing, and it can otherwise cause
stunnel to fail to start if OpenSSL doesn't support FIPS mode.
2014-02-08 11:51:28 +01:00
Dan Fandrich
85a4df8b79 formdata: Fixed memory leak on OOM condition 2014-02-08 11:33:43 +01:00
Dan Fandrich
e2dae8a7c2 runtests: Disable valgrind when debugging
This was already mostly being done, except that analysis after the
test still assumed that the valgrind log files would be available. An
alternative way to handle the valgrind + gdb combination could be to
enable one of the valgrind debugger hooks.
2014-02-07 22:43:34 +01:00
Steve Holme
a3a6b03c30 tool_cfgable: For consistency renamed init_config() to config_init() 2014-02-07 21:27:12 +00:00
Steve Holme
3b929b6a65 tool_cfgable: Introduced config_free() function 2014-02-07 21:22:46 +00:00
Daniel Stenberg
67d14ab98f --help: add missing --tlsv1.x options 2014-02-07 20:29:13 +01:00
Steve Holme
6c492f34e5 lib1515.c: Fixed various compilation warnings
lib1515.c:38:26 warning: unused parameter 'curl'
lib1515.c:38:81 warning: unused parameter 'ptr'
lib1515.c:38:5 warning: no previous prototype for 'debug_callback'
lib1515.c:46:5 warning: no previous prototype for 'do_one_request'
lib1515.c:120:3  warning: ISO C90 forbids mixed declarations and code

As well as some code policing such as white space and braces.
2014-02-07 15:15:17 +00:00
Daniel Stenberg
fa8d7ce4fe http2: updated README after NSS addition
Changed the support to a little matrix and added brief explanation of
what ALPN and NPN are for.
2014-02-07 15:50:31 +01:00
Daniel Stenberg
09d907ee68 nss: support pre-ALPN versions 2014-02-07 15:38:45 +01:00
Fabian Frank
f3a12460ad nss: ALPN and NPN support
Add ALPN and NPN support for NSS. This allows cURL to negotiate
HTTP/2.0 connections when built with NSS.
2014-02-07 15:35:23 +01:00
Daniel Stenberg
9597f7dfbc formpost: use semicolon in multipart/mixed
Not comma, which is an inconsistency and a mistake probably inherited
from the examples section of RFC1867.

This bug has been present since the day curl started to support
multipart formposts, back in the 90s.

Reported-by: Rob Davies
Bug: http://curl.haxx.se/bug/view.cgi?id=1333
2014-02-07 09:43:36 +01:00
Dan Fandrich
7969a77735 tests: Document use of the MEMDEBUG_LOG_SYNC macro 2014-02-06 23:56:47 +01:00
Dan Fandrich
4a8c877273 ssh: Fixed a NULL pointer dereference on OOM condition 2014-02-06 23:56:47 +01:00
Steve Holme
265f2e9ed7 nss: Updated copyright year for recent edits 2014-02-06 22:32:56 +00:00
Remi Gacogne
1ebf22cc0e 100-continue: fix timeout condition
When using the multi socket interface, libcurl calls the
curl_multi_timer_callback asking to be woken up after
CURL_TIMEOUT_EXPECT_100 milliseconds.

After the timeout has expired, calling curl_multi_socket_action with
CURL_SOCKET_TIMEOUT as sockfd leads libcurl to check expired
timeouts. When handling the 100-continue one, the following check in
Curl_readwrite() fails if exactly CURL_TIMEOUT_EXPECT_100 milliseconds
passed since the timeout has been set!

It seems logical to consider that having waited for exactly
CURL_TIMEOUT_EXPECT_100 ms is enough.

Bug: http://curl.haxx.se/bug/view.cgi?id=1334
2014-02-06 23:21:42 +01:00
Fabian Frank
ff92fcfb90 nss: prefer highest available TLS version
Offer TLSv1.0 to 1.2 by default, still fall back to SSLv3
if --tlsv1[.N] was not specified on the command line.
2014-02-06 23:09:56 +01:00
Romulo A. Ceccon
8d1377282e tests: add test for bug #1327 (dns cache timeout)
Fix for bug #1303 (030a2b8cb) was not complete.
libcurl still pruned DNS entries added manually
after detecting a dead connection. This test
checks such behavior.
2014-02-06 23:03:34 +01:00
Romulo A. Ceccon
1505e4612b tests: add test for bug #1303 (dns cache timeout)
Test-case 1515 reproduces bug #1303, where libcurl
would incorrectly prune DNS entries added via
CURLOPT_RESOLVE after the DNS_CACHE_TIMEOUT had
expired.
2014-02-06 23:03:34 +01:00
Daniel Stenberg
b93755df37 http2: spell fixed README and added version requirement 2014-02-06 22:27:04 +01:00
Steve Holme
d10065c05a tool_operate: Removed unused argument parameters from operate_do() 2014-02-06 20:52:12 +00:00
Steve Holme
456169f9e5 tool_operate: Moved list SSL engines code into operate() 2014-02-06 19:50:32 +00:00
Steve Holme
dd97828df7 tool_operate: Moved argument parsing into operate() 2014-02-06 19:40:41 +00:00
Daniel Stenberg
5204b45ff9 runtests: add suppression generator help
Leave the valgrind --gen-suppressions option in there, commented, to
make it easier for next update.
2014-02-05 23:48:44 +01:00
Daniel Stenberg
225ec4312f valgrind: updated suppressions file
The call stack was modified in 2dc7ad23 so the supressions didn't work
anymore.
2014-02-05 23:46:31 +01:00
Daniel Stenberg
18b540f9d1 runtests: detect 'ares' better
... caused false detections of the threaded resolver otherwise
2014-02-05 23:36:16 +01:00
Steve Holme
f8abd56450 tool_operate: Moved .curlrc parsing code into operate() 2014-02-05 20:49:57 +00:00
Steve Holme
61ba1daba0 tool_operate: Moved locale setup code into operate_init() 2014-02-05 20:38:57 +00:00
Daniel Stenberg
06b4275c0d http2: minor update of the README 2014-02-05 15:31:29 +01:00
Fabian Frank
133cdd29ea http2: rely on content-encoding header
A server might respond with a content-encoding header and a response
that was encoded accordingly in HTTP-draft-09/2.0 mode, even if the
client did not send an accept-encoding header earlier. The server might
not send a content-encoding header if the identity encoding was used to
encode the response.

See:
http://tools.ietf.org/html/draft-ietf-httpbis-http2-09#section-9.3
2014-02-05 10:26:12 +01:00
Dan Fandrich
ff0547e70e tool_operate: shortened too-long source line 2014-02-04 21:49:40 +01:00
Steve Holme
7d242658ac tool_operate: Introduced operate_free() function 2014-02-04 20:15:50 +00:00
Steve Holme
dde3081085 tool_operate: Introduced operate_init() function 2014-02-04 20:14:39 +00:00
Steve Holme
2dc7ad23fd tool_operate: Introduced new operate() function 2014-02-04 20:07:35 +00:00
Daniel Stenberg
e5524b7b25 http2: enforce gzip auto-decompress
As this is mandated by the http2 spec draft-09
2014-02-04 15:07:08 +01:00
Tatsuhiro Tsujikawa
0ea9f70049 http2: handle incoming data larger than remaining buffer 2014-02-04 14:57:29 +01:00
Tatsuhiro Tsujikawa
4082dc9de6 http2: Check stream ID we are interested in 2014-02-04 14:55:29 +01:00
Tatsuhiro Tsujikawa
dbccf497da http2: store response header in temporary buffer 2014-02-04 14:54:42 +01:00
Tatsuhiro Tsujikawa
63b26d889f HTTP2: add layer between existing http and socket(TLS) layer
This patch chooses different approach to integrate HTTP2 into HTTP curl
stack. The idea is that we insert HTTP2 layer between HTTP code and
socket(TLS) layer. When HTTP2 is initialized (either in NPN or Upgrade),
we replace the Curl_recv/Curl_send callbacks with HTTP2's, but keep the
original callbacks in http_conn struct. When sending serialized data by
nghttp2, we use original Curl_send callback. Likewise, when reading data
from network, we use original Curl_recv callback. In this way we can
treat both TLS and non-TLS connections.

With this patch, one can transfer contents from https://twitter.com and
from nghttp2 test server in plain HTTP as well.

The code still has rough edges. The notable one is I could not figure
out how to call nghttp2_session_send() when underlying socket is
writable.
2014-02-04 14:49:49 +01:00
Fabian Frank
4d8db595ca gtls: add ALPN support
Add ALPN support when using GnuTLS >= 3.2.0. This allows
libcurl to negotiate HTTP/2.0 for https connections when
built with GnuTLS.

See:
http://www.gnutls.org/manual/gnutls.html#Application-Layer-Protocol-Negotiation-_0028ALPN_0029
http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2014-02-04 09:48:27 +01:00
Steve Holme
6127e54f40 tool_operate: Moved libcurl information gathering to tool_main 2014-02-03 22:56:58 +00:00
Fabian Frank
8b6654224b openssl: add ALPN support
Add ALPN support when using OpenSSL. This will offer ALPN and NPN to the
server, who can respond with either one or none of the two. OpenSSL >=
1.0.2 is required, which means as of today obtaining a snapshot from
ftp://ftp.openssl.org/snapshot/.

See:
http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
ba168244a1/ssl/ssl_lib.c (L1787)
2014-02-03 23:46:06 +01:00
Steve Holme
c35d05aa62 tool_operate: Moved command line argument parsing into separate function 2014-02-03 18:38:14 +00:00
Steve Holme
8034b08e0e tool_operate: Simplified parse .curlrc decision logic 2014-02-03 16:16:17 +00:00
Steve Holme
b811200f64 tool_operate: Moved main initialisation and cleanup code into tool_main 2014-02-03 12:31:16 +00:00
Steve Holme
c1daf6c0cd tool_main: Fixed compilation warning from commit 0104678c79
no previous prototype for function 'memory_tracking_init'
2014-02-03 12:16:22 +00:00
Steve Holme
cf80b85b66 tool_main: Changed stack based config struct to be heap based 2014-02-03 10:54:40 +00:00
Dan Fandrich
2f89a61cc0 tests: Moved some comments so the test data files parse as XML 2014-02-03 00:23:34 +01:00
Steve Holme
0104678c79 tool_operate: Moved memory tracking initialisation into tool_main 2014-02-02 13:48:36 +00:00
Steve Holme
ffb8a21d85 tests: Fixed test172 cookie expiry
The test contains a cookie jar file where one of the cookies has an
expiry date of 1391252187 -- Sat, 1 Feb 2014 10:56:27 GMT which has
now expired. Updated to Wed, 14 Oct 2037 16:36:33 GMT as per test
179.

Reported-by: Adam Sampson
Bug: http://curl.haxx.se/bug/view.cgi?id=1330
2014-02-02 11:01:10 +00:00
Steve Holme
9ab0dc618f tool_operate: Moved initial config setup into new init_config() function 2014-02-02 10:18:21 +00:00
Steve Holme
83dbd06936 tool_main: Moved config struct initialisation into a separate function
In preparation for adding URL specific options moved the initialisation
of the Configurable structure into a separate function in tool_cfgable.
2014-02-01 13:44:00 +00:00
Marc Hoersken
e5acae0052 test 500: workaround low timer resolution on Windows
Since the timer resolution is lower, there are actually cases that
the compared values are equal. Therefore we check for previous
timestamps being greater than the current one instead.
2014-02-01 14:04:47 +01:00
Marc Hoersken
efc112079c test suite: stop conversion of valid output to CRLF on Windows
Since the output isn't actually being written in text-mode and it
was rather used as a workaround, disable text-mode for these tests.
2014-02-01 13:49:58 +01:00
Marc Hoersken
2c49f2e3db HTTP tests: use CRLF as header seperator according to RFC 2616 2014-02-01 13:47:00 +01:00
Marc Hoersken
9f42205dcc FTP tests: enable text-mode for more datacheck sections 2014-02-01 13:43:19 +01:00
Marc Hoersken
4ea2d5579b FTP tests: enable text-mode for data and datacheck sections 2014-01-31 20:05:21 +01:00
Marc Hoersken
9f132f9f39 runtests.pl: added support for text-mode within datacheck section 2014-01-31 20:05:17 +01:00
Marc Hoersken
ca9ab24ed5 ftpserver.pl: directory LISTings use [CR][LF] for ASCII transfer
According to section 2.2 of RFC959 the End-of-Line is defined as:
 The end-of-line sequence defines the separation of printing
 lines.  The sequence is Carriage Return, followed by Line Feed.

Verified by sniffing traffic between a Windows FTP client (FileZilla)
and Unix-hosted FTP server (ProFTPD).
2014-01-31 20:05:14 +01:00
Marc Hoersken
480ca49ecb runtests.pl: reverse line-ending conversion on Windows
It makes more sense to convert the expected output to [CR][LF] on
Windows than to force the actual, probably correct, output to [LF].

This way it is actually possible to see if curl outputs the correct
line-ending excepted by a text-aware test case.
2014-01-31 20:05:09 +01:00
Marc Hoersken
82f558366f winssl: improved default SSL/TLS protocol selection
For some reason Windows 7 SP1 chooses TLS 1.0 instead of TLS 1.2
if it is not explicitly enabled within grbitEnabledProtocols.

More information can be found on MSDN:
http://msdn.microsoft.com/library/windows/desktop/aa379810.aspx
2014-01-31 20:01:25 +01:00
Steve Holme
6fb34ea6c6 INSTALL: Corrected mentioned version number as release 7.34.1 became 7.35.0 2014-01-31 00:57:02 +00:00
Steve Holme
a738bb1c9f RELEASE-NOTES: Synced with 0f213fdca1 2014-01-31 00:48:22 +00:00
Dan Fandrich
0f213fdca1 pipeline: Fixed a NULL pointer dereference on OOM 2014-01-31 00:05:36 +01:00
Dan Fandrich
be9cc620b5 tests: make the authorization retry tests pass the torture tests 2014-01-30 23:18:20 +01:00
Dan Fandrich
c631a54bb6 ftp: fixed a memory leak on wildcard error path 2014-01-30 22:15:03 +01:00
Dan Fandrich
768151449b netrc: Fixed a memory leak in an OOM condition 2014-01-30 22:15:03 +01:00
Steve Holme
97857de80e ntlm: Fixed a memory leak when using NTLM with a proxy server 2014-01-30 20:59:26 +00:00
Steve Holme
784f225266 tests: Missed updating a type-3 message in commit 1c9aaa0bac 2014-01-30 20:51:34 +00:00
Daniel Stenberg
b58b87e76e http2: fix size check in on_data_chunk_recv 2014-01-30 20:24:15 +01:00
Daniel Stenberg
48c3bed43b http2: add CRLF when first data arrives 2014-01-30 20:24:15 +01:00
Steve Holme
1c9aaa0bac tests: Updated NTLM tests for NTLMv2 type-3 message 2014-01-30 19:14:04 +00:00
Tatsuhiro Tsujikawa
c5165b8458 http2_recv: Return written length on CURLE_AGAIN 2014-01-30 17:49:35 +01:00
Tatsuhiro Tsujikawa
88705ef80e http2: Use nghttp2_session_mem_recv and nghttp2_session_upgrade 2014-01-30 17:45:53 +01:00
Daniel Stenberg
0952c9abcc http2: call it "HTTP 2" and not 2.0
The minor version will be dropped for HTTP 2 so it will make sense to
avoid using it in option names etc.
2014-01-30 16:59:35 +01:00
Daniel Stenberg
83f52a455f http2: basic version of receiving DATA 2014-01-30 16:09:36 +01:00
Daniel Stenberg
a7affd637f http2: convert HEADER frames to HTTP1-like headers
... and then go through the "normal" HTTP engine.
2014-01-30 15:58:07 +01:00
Daniel Stenberg
93f473c78a http2: fix EWOULDBLOCK in recv_callback() 2014-01-30 14:31:05 +01:00
Daniel Stenberg
a878cb3056 http2: do the POST Upgrade dance properly 2014-01-30 14:26:00 +01:00
Steve Holme
0e11307057 ntlm: Use static client nonce for the test suite 2014-01-30 11:39:08 +00:00
Daniel Stenberg
0f23662af7 http2.h: provide empty macros for non-http2 builds 2014-01-30 11:46:59 +01:00
Fabian Frank
dd011df9e1 http2: switch into http2 mode if NPN indicates
Check the NPN result before preparing an HTTP request and switch into
HTTP/2.0 mode if necessary. This is a work in progress, the actual code
to prepare and send the request using nghttp2 is still missing from
Curl_http2_send_request().
2014-01-30 11:34:37 +01:00
Daniel Stenberg
8e778887b5 http2: s/Curl_http2_request/Curl_http2_request_upgrade
To better reflect its purpose
2014-01-30 11:33:37 +01:00
Daniel Stenberg
99b4ff8b6f http2-openssl: verify that NPN functionality is present 2014-01-30 11:24:15 +01:00
Fabian Frank
22c198fa89 openssl: set up hooks with to perform NPN
NPN is what is available in the wild today to negotiate SPDY or HTTP/2.0
connections. It is expected to be replaced by ALPN in the future. If
HTTP/2.0 is negotiated, this is indicated for the entire connection and
http.c is expected to initialize itself for HTTP/2.0 instead of
HTTP/1.1.

see:
http://technotes.googlecode.com/git/nextprotoneg.html
http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2014-01-30 11:13:28 +01:00
Daniel Stenberg
c3fe3d9926 http2: added stubs for all nghttp2 callbacks
This makes it easier to trace what's happening.
2014-01-30 00:11:56 +01:00
Daniel Stenberg
62e3d66cc6 http2: use FIRSTSOCKET instead of 0 to index the sockets array 2014-01-29 23:47:24 +01:00
Daniel Stenberg
b451c10d1e http2: receive and log the received header frames 2014-01-29 23:46:20 +01:00
Daniel Stenberg
be84524cc2 http2_recv: log nghttp2 return codes for debugging purposes 2014-01-29 23:20:46 +01:00
Daniel Stenberg
803581d3e0 HTTP2: reject nghttp2 versions before 0.3.0 2014-01-29 22:53:08 +01:00
Gisle Vanem
341d09bc2b http2: adjusted to newer nghttp2_session_callbacks struct
the number of elements in the 'nghttp2_session_callbacks' structure is
now reduced by 2 in version 0.3.0 (I'm not sure when the change
happened, but checking for ver 0.3.0 work for me).
2014-01-29 22:52:22 +01:00
Gisle Vanem
0070f7a09d HTTP2: Wrong NgHTTP2 user-data
Something is wrong in 'userp' for the HTTP2 recv_callback().  The
session is created using bogus user-data; '&conn' and not 'conn'.

I noticed this since the socket-value in Curl_read_plain() was set to a
impossible high value.
2014-01-29 22:50:25 +01:00
Daniel Stenberg
220bcba93d NTLM: error: conversion to 'int' from 'long int' may alter its value
Fixed two compiler nits
2014-01-29 22:42:34 +01:00
Steve Holme
eb91e1a58f ntlm: Coding style policing dating back to 2011 2014-01-29 20:51:04 +00:00
Steve Holme
2319221c83 ntlm: Use a timestamp of 01/01/1970 for the test suite 2014-01-29 20:24:32 +00:00
Steve Holme
914b60c827 ntlm: Updated Curl_ntlm_core_mk_ntlmv2_resp() to use local variables
...until the function is successful when it returns them in the out
parameters.
2014-01-29 20:24:16 +00:00
Steve Holme
07b66cbfa4 ntlm: Added cross platform support for writing NTLMv2 timestamp in buffer
Added conversion functions write32_le() and write64_le() to ensure the
NTLMv2 timestamp is always written in little-endian.
2014-01-29 20:22:10 +00:00
Prash Dush
86724581b6 ntlm: Added support for NTLMv2 2014-01-29 20:17:11 +00:00
Kamil Dudka
665c160f0a nss: do not use the NSS_ENABLE_ECC define
It is not provided by NSS public headers.

Bug: https://bugzilla.redhat.com/1058776
2014-01-29 13:57:21 +01:00
Kamil Dudka
e15e73b741 nss: do not fail if NSS does not implement a cipher
... that the user does not ask for
2014-01-29 13:46:17 +01:00
Daniel Stenberg
53940f8834 http2: switch recv/send functions to http2 ones after 101 2014-01-29 10:24:05 +01:00
Daniel Stenberg
8d3608f2ad http2: handle 101 responses and switch to HTTP2 2014-01-29 10:24:05 +01:00
Daniel Stenberg
8bcf677a30 examples: gitignore more binaries 2014-01-29 10:22:40 +01:00
Daniel Stenberg
5e7fe58698 bump: start working on 7.35.1 2014-01-29 08:35:58 +01:00
Daniel Stenberg
c3678f3bf6 THANKS: 19 new contributors from the 7.35.0 release notes 2014-01-29 08:35:04 +01:00
Daniel Stenberg
2bf90d0710 RELEASE-NOTES: done for 7.35.0 2014-01-29 07:59:01 +01:00
Dan Fandrich
9873fd5317 tests: make a few lib15?? tests pass the OOM torture tests 2014-01-29 00:40:33 +01:00
Dan Fandrich
d735d3e803 lib1900: make the test pass the OOM torture tests 2014-01-29 00:19:34 +01:00
Dan Fandrich
1a20f59237 oauth2: Fixed a memory leak in an OOM condition 2014-01-28 23:55:04 +01:00
Dan Fandrich
f00899d73e unit1304: make the test pass the OOM torture tests 2014-01-28 23:47:20 +01:00
Dan Fandrich
00b1e52823 unit1396: make the test pass the OOM torture tests 2014-01-28 23:27:22 +01:00
Romulo A. Ceccon
31860ab8c8 hostip: don't remove DNS entries that are in use
hostcache_timestamp_remove() should remove old *unused* entries from the
host cache, but it never checked whether the entry was actually in
use. This complements commit 030a2b8cb.

Bug: http://curl.haxx.se/bug/view.cgi?id=1327
2014-01-28 22:25:48 +01:00
Dan Fandrich
2070a140fd RELEASE-NOTES: changed encoding to UTF-8 like previous releases 2014-01-28 22:23:31 +01:00
Daniel Stenberg
bcb19883a8 TFTP: fix crash on time-out
tftp_done() can get called with its TFTP state pointer still being NULL
on an early time-out, which caused a segfault when dereferenced.

Reported-by: Glenn Sheridan
Bug: http://curl.haxx.se/mail/lib-2014-01/0246.html
2014-01-28 22:17:16 +01:00
Steve Holme
f2e42dd056 RELEASE-NOTES: Synced with 5a47062cad 2014-01-28 13:52:06 +00:00
Maks Naumov
5a47062cad getpass: fix password parsing from console
Incorrect password if use backspace while entered the password.

Regression from f7bfdbabf2

The '?:' operator has lower priority than the '-' operator
2014-01-28 13:28:00 +01:00
Dan Fandrich
0f46b3b3dd docs/INSTALL: Updated example minimal binary sizes 2014-01-26 10:53:06 +01:00
Marc Hoersken
23a04863aa testsuite: visualize line-endings in output comparison diffs 2014-01-26 10:00:14 +01:00
Marc Hoersken
33f9c05082 sockfilt.c: follow up cleanup commit on 49b63cf3 2014-01-26 09:44:16 +01:00
Marc Hoersken
00787f94b2 http-pipe tests: use text as output data mode to support Windows 2014-01-26 09:19:32 +01:00
Marc Hoersken
49b63cf30d sockfilt.c: fixed and simplified Windows select function
Since the previous complex select function with initial support for
non-socket file descriptors, did not actually work correctly for
Console handles, this change simplifies the whole procedure by using
an internal waiting thread for the stdin console handle.

The previous implementation made it continuously trigger for the stdin
handle if it was being redirected to a parent process instead of
an actual Console input window.

This approach supports actual Console input handles as well as
anonymous Pipe handles which are used during input redirection.

It depends on the fact that ReadFile supports trying to read zero bytes
which makes it wait for the handle to become ready for reading.
2014-01-26 00:58:30 +01:00
Marc Hoersken
f55f8d4c18 http_pipe.py: replaced epoll with select to support Windows
Removed Unix-specific functionality in order to support Windows:
- select.epoll replaced with select.select
- SocketServer.ForkingMixIn replaced with SocketServer.ForkingMixIn
- socket.MSG_DONTWAIT replaced with socket.setblocking(False)

Even though epoll has a better performance and improved socket handling
than select, this change should not affect the actual test case.
2014-01-25 20:52:42 +01:00
Dan Fandrich
88b074df3f tests: Added missing HTTP proxy keywords 2014-01-25 16:55:05 +01:00
Dan Fandrich
f5860fd5fc tests: added missing <features> http to a number of tests 2014-01-25 12:47:04 +01:00
Dan Fandrich
e17446b097 tests: Added a keyword for tests depending on internal info logs 2014-01-24 23:39:05 +01:00
Dan Fandrich
0d959c64b2 runtests: Don't log command every torture iteration in verbose 2014-01-24 23:35:44 +01:00
Dan Fandrich
606e67c812 tests: Added missing http feature to tests 509 & 1513 2014-01-24 23:14:00 +01:00
Dan Fandrich
b4b28c7001 netrc: Fixed a memory and file descriptor leak on OOM 2014-01-24 21:52:48 +01:00
Dan Fandrich
e6130c0310 test1514: Used the macros for host and port number 2014-01-24 08:16:17 +01:00
Dan Fandrich
da9864fb72 multi: Fixed a memory leak on OOM condition 2014-01-24 00:22:08 +01:00
Daniel Stenberg
755dc2f058 curl_easy_setopt.3: remove what auth types that work for CURLOPT_PROXYAUTH
The list was out of date and the paragraph already refers to the
CURLOPT_HTTPAUTH explanation. All the auth bits are explained properly
there.

It also removes the ambiguity for what the "added" phrase refers to.

This change based on pull request #85 on github

URL: https://github.com/bagder/curl/pull/85
Reported-by: gnawhleinad
2014-01-23 23:22:07 +01:00
Dan Fandrich
6c014e4283 test1514: Got rid of a non-const initializer C99ism 2014-01-22 01:49:55 +01:00
Steve Holme
4013a2aa64 RELEASE-NOTES: added another missing bug ref 2014-01-21 21:35:36 +00:00
Daniel Stenberg
0b5b52ff2d RELEASE-NOTES: added missing bug ref 2014-01-21 15:44:04 +01:00
Fabian Frank
251305cd7f axtls: fix compiler warning on conversion ssize_t => int 2014-01-21 08:21:55 +01:00
Fabian Frank
852a018e78 SFTP: stat remote file also when CURLOPT_NOBODY is 1
Make it possible to call
curl_easy_getinfo(curl, CURLINFO_CONTENT_LENGTH_DOWNLOAD, &filesize)
and related functions on remote sftp:// files, without downloading them.

Reported-by: Yingwei Liu
Bug: http://curl.haxx.se/mail/lib-2014-01/0139.html
2014-01-20 22:57:55 +01:00
Daniel Stenberg
82de54dd38 RELEASE-NOTES: synced with 12ecd56da7 2014-01-20 17:08:46 +01:00
Daniel Stenberg
12ecd56da7 contributors.sh: output list RELEASE-NOTES formatted 2014-01-20 17:08:08 +01:00
Cédric Deltheil
6217cf6ba3 test1514: added - no more negative Content-Length (HTTP POST)
This covers changes from commit afd288b2.
2014-01-20 12:52:07 +01:00
Cédric Deltheil
afd288b28f HTTP POST: omit Content-Length if data size is unknown
This prevents sending a `Content-Length: -1` header, e.g this ocurred
with the following combination:

* standard HTTP POST (no chunked encoding),
* user-defined read function set,
* `CURLOPT_POSTFIELDSIZE(_LARGE)` NOT set.

With this fix it now behaves like HTTP PUT.
2014-01-20 12:50:51 +01:00
Fabian Frank
39f7e80a52 disable GnuTLS insecure ciphers
Make GnuTLS old and new consistent, specify the desired protocol, cipher
and certificate type in always in both modes. Disable insecure ciphers
as reported by howsmyssl.com. Honor not only --sslv3, but also the
--tlsv1[.N] switches.

Related Bug: http://curl.haxx.se/bug/view.cgi?id=1323
2014-01-20 11:32:55 +01:00
Daniel Stenberg
b0fa530c98 curl_getdate.3: edited, removed references to pre 7.12.2 functionality 2014-01-20 00:02:33 +01:00
Daniel Stenberg
4f334ba017 gtls: fix compiler warnings on conversions size_t => unsigned int 2014-01-19 23:26:01 +01:00
Steve Holme
33b8960dc8 tool: Fixed incorrect return code if password prompting runs out of memory
Due to the changes in commit 3c929ff9f6 and lack of subsequent
updates, curl could return a CURLE_FTP_ACCEPT_FAILED error if
checkpasswd() ran out of memory in versions 7.33.0 and 7.34.0.

Updated the function declaration and return code to return
CURLE_OUT_OF_MEMORY and CURLE_OK where appropriate.
2014-01-19 16:26:19 +00:00
Steve Holme
de966b403a RELEASE-NOTES: Synced with 2cac75c4e4 2014-01-19 13:57:03 +00:00
Steve Holme
2cac75c4e4 http_chunks.c: Fixed compilation warnings under some 32-bit systems
conversion from 'curl_off_t' to 'size_t', possible loss of data

Where curl_off_t is a 64-bit word and size_t is 32-bit - for example
with 32-bit Windows builds.
2014-01-19 13:10:45 +00:00
Steve Holme
aba98991a5 tool: Fixed incorrect return code if command line parser runs out of memory
In the rare instance where getparameter() may return PARAM_NO_MEM whilst
parsing a URL, cURL would return this error code, which is equivalent to
CURLE_FTP_ACCEPT_FAILED in cURL error codes terms.

Instead, return CURLE_FAILED_INIT and output the failure reason as per
the other usage of getparameter().
2014-01-19 12:31:34 +00:00
Tobias Markus
db1beab1d7 Subject: progress bar: increase update frequency to 10Hz
Increasing the update frequency of the progress bar to 10Hz greatly
improves the visual appearance of the progress bar (at least in my
impression).

Signed-off-by: Tobias Markus <tobias@markus-regensburg.de>
2014-01-18 22:46:32 +01:00
Tobias Markus
93ca1d2065 progress bar: always update when at 100%
Currently, the progress bar is updated at 5Hz. Because it is often not
updated to 100% when the download is finished and curl exits, the bar
is often "stuck" at 90-something, thus irritating the user.

This patch fixes this by always updating the progress bar (instead of
waiting for 200ms to have elapsed) while the download is finished but
curl has not yet exited. This should not greatly affect performance
because that moment is rather short.

Signed-off-by: Tobias Markus <tobias@markus-regensburg.de>
2014-01-18 22:46:32 +01:00
Steve Holme
e35ffda0b3 win32: Added additional preprocessor check for Version Helper API
A follow up patch to commit d2671340a6 as _WIN32_WINNT_WIN2K and
_WIN32_WINNT_WIN2K may not be defined on all systems.
2014-01-18 11:42:48 +00:00
Steve Holme
d2671340a6 win32: Corrected the preprocessor check for Version Helper API
Following some auto build failures after commit c7a76bb056 changed
the preprocessor check to use _WIN32_WINNT.
2014-01-17 22:36:41 +00:00
Daniel Stenberg
ecaf2f02f1 cookie: max-age fixes
1 - allow >31 bit max-age values

2 - don't overflow on extremely large max-age values when we add the
value to the current time

3 - make sure max-age takes precedence over expires as dictated by
RFC6265

Bug: http://curl.haxx.se/mail/lib-2014-01/0130.html
Reported-by: Chen Prog
2014-01-17 08:57:27 +01:00
Daniel Stenberg
d4296f6f06 test1417: verify chunked-encoding transfer without CR
As was introduced in 8f6b4be8af04
2014-01-17 08:37:44 +01:00
Daniel Stenberg
eb02a99c61 chunked parsing: relax the CR strictness
Allow for chunked-encoding data to get parsed with only LF line endings.
This is allowed by browsers.
2014-01-17 08:37:44 +01:00
Daniel Stenberg
3f5546b2be test1416: verify the chunked size overflow detection 2014-01-17 08:37:44 +01:00
Daniel Stenberg
345891edba chunked-parser: abort on overflows, allow 64 bit chunks 2014-01-17 08:37:44 +01:00
Dan Fandrich
821094ba72 Fixed some XML syntax issues in the test data
Also, make the ftp server return a canned response that doesn't
cause XML verification problems.  Although the test file format
isn't technically XML, it's still handy to be able to use XML
tools to verify and manipulate them.
2014-01-17 00:32:02 +01:00
Michael Osipov
7e0c2c47ab configure: fix gssapi linking on HP-UX
The issue is with HP-UX that is comes with HP flavor of MIT
Kerberos. This means that there is no krb5-config and the lib is called
libgss.so

Bug: http://curl.haxx.se/bug/view.cgi?id=1321
2014-01-16 17:19:54 +01:00
Daniel Stenberg
7b774482e7 Curl_cookie_add: remove 'now' from curl_getdate() call
The now argument is unused by curl_getdate()
2014-01-16 09:02:24 +01:00
Steve Holme
27ecc22649 pop3-dele.c: Added missing CURLOPT_NOBODY following feedback 2014-01-15 23:39:46 +00:00
Daniel Stenberg
7f807f394f connect.c:942:84: warning: Longer than 79 columns 2014-01-16 00:27:16 +01:00
Steve Holme
9520c62049 connect.c: Corrected version compare in commit c7a76bb056 2014-01-15 23:22:53 +00:00
Steve Holme
ce82a1be0d RELEASE-NOTES: Synced with c7a76bb056 2014-01-15 21:44:34 +00:00
Steve Holme
c7a76bb056 win32: Fixed use of deprecated function 'GetVersionInfoEx' for VC12
Starting with Visual Studio 2013 (VC12) and Windows 8.1 the
GetVersionInfoEx() function has been marked as deprecated and it's
return value atered. Updated connect.c and curl_sspi.c to use
VerifyVersionInfo() where possible, which has been available since
Windows 2000.
2014-01-15 20:21:01 +00:00
Daniel Stenberg
8b984641f2 curl_easy_setopt.3: mention how to unset CURLOPT_INFILESIZE* 2014-01-14 11:49:09 +01:00
Daniel Stenberg
5b591829b6 TODO: Allow SSL (HTTPS) to proxy 2014-01-14 11:43:36 +01:00
Daniel Stenberg
9d497c6afe TODO: remove FTP proxy and more SSL libraries 2014-01-14 11:41:51 +01:00
Daniel Stenberg
89dbb6a0da TODO: Detect when called from witin callbacks 2014-01-14 07:43:06 +01:00
Marc Hoersken
2d15958711 secureserver.pl: follow up fix for 87ade5f
Since /dev/stdout is not always emulated on Windows,
just skip the output option on Windows.

MinGW/msys support /dev/stdout only from a new login shell.
2014-01-13 21:43:41 +01:00
Colin Hogben
bbc1705fa9 error message: Sensible message on timeout when transfer size unknown
A transfer timeout could result in an error message such as "Operation
timed out after 3000 milliseconds with 19 bytes of -1 received".  This
patch removes the non-sensical "of -1" when the size of the transfer
is unknown, mirroring the logic in lib/transfer.c
2014-01-13 16:54:10 +01:00
Marc Hoersken
87ade5f0eb secureserver.pl: added full support for tstunnel on Windows
tstunnel on Windows does not support the pid option and is unable
to write to an output log that is already being used as a redirection
target for stdout. Therefore it does now output all log data to stdout
by default and secureserver.pl creates a fake pidfile on Windows.
2014-01-13 00:09:46 +01:00
Steve Holme
a33e7edcec examples: Fixed compilation errors
error: 'MULTI_PERFORM_HANG_TIMEOUT' undeclared
2014-01-12 18:43:40 +00:00
Steve Holme
0fea86afe3 imap-multi.c: Corrected typo 2014-01-12 18:27:33 +00:00
Steve Holme
3a4cd2ad8d smtp-multi.c: Minor coding style tidyup following POP3 and IMAP additions 2014-01-12 18:24:48 +00:00
Steve Holme
82c472228e examples: Added IMAP multi example 2014-01-12 18:21:46 +00:00
Steve Holme
0089e65008 pop3-multi.c: Corrected copy/paste typo 2014-01-12 18:11:22 +00:00
Steve Holme
2492fd30e5 examples: Added POP3 multi example 2014-01-12 18:02:22 +00:00
Steve Holme
190e41f840 examples: Added comments to SMTP multi example based on other MAIL examples 2014-01-12 16:45:52 +00:00
Steve Holme
5d25d626b1 examples: Removed user information and TLS setup from SMTP multi example
Simplified the SMTP multi example as this example should demonstrate
the differences the easy and multi interfaces rather than introduce new
concepts such as user authentication and TLS which are shown in the TLS
and SSL examples.
2014-01-12 16:33:19 +00:00
Steve Holme
e473a4d2f3 examples: Updated SMTP MAIL example to return libcurl result code 2014-01-12 15:55:08 +00:00
Steve Holme
7e85964080 examples: Synchronised comments between SMTP MAIL examples 2014-01-12 15:43:07 +00:00
Steve Holme
9bd2fdb8e2 examples: Updated SMTP MAIL example to use a read function for data
Updated to read data from a callback rather than from stdio as this is
more realistic to most use cases.
2014-01-12 15:43:05 +00:00
Daniel Stenberg
3b5c75ef3d OpenSSL: deselect weak ciphers by default
By default even recent versions of OpenSSL support and accept both
"export strength" ciphers, small-bitsize ciphers as well as downright
deprecated ones.

This change sets a default cipher set that avoids the worst ciphers, and
subsequently makes https://www.howsmyssl.com/a/check no longer grade
curl/OpenSSL connects as 'Bad'.

Bug: http://curl.haxx.se/bug/view.cgi?id=1323
Reported-by: Jeff Hodges
2014-01-12 00:14:01 +01:00
Daniel Stenberg
3b183df9cc multi: remove MULTI_TIMEOUT_INACCURACY
With the recently added timeout "reminder" functionality, there's no
reason left for us to execute timeout code before the time is
ripe. Simplifies the handling too.

This will make the *TIMEOUT and *CONNECTTIMEOUT options more accurate
again, which probably is most important when the *_MS versions are used.

In multi_socket, make sure to update 'now' after having handled activity
on a socket.
2014-01-12 00:11:53 +01:00
Steve Holme
7cd45b297e Makefile.dist: Added support for VC7
Currently VC7 and VC7.1 builds have to be ran with the VC variable set
to vc6 which is not only inconsistent with the nmake winbuild system
but also with newer versions of Visual Studio supported by this file.

Note: This doesn't break the build for anyone still running with the
VC variable set to vc6 or not set (which defaults to vc6).
2014-01-11 14:33:42 +00:00
Steve Holme
9362603f05 RELEASE-NOTES: Synced with 980659a2ca 2014-01-10 20:04:27 +00:00
Daniel Stenberg
980659a2ca multi_socket: remind app if timeout didn't run
BACKGROUND:

We have learned that on some systems timeout timers are inaccurate and
might occasionally fire off too early. To make the multi_socket API work
with this, we made libcurl execute timeout actions a bit early too if
they are within our MULTI_TIMEOUT_INACCURACY. (added in commit
2c72732ebf, present since 7.21.0)

Switching everything to the multi API made this inaccuracy problem
slightly more notable as now everyone can be affected.

Recently (commit 21091549c0) we tweaked that inaccuracy value to make
timeouts more accurate and made it platform specific. We also figured
out that we have code at places that check for fixed timeout values so
they MUST NOT run too early as then they will not trigger at all (see
commit be28223f35 and a691e04470) - so there are definitately problems
with running timeouts before they're supposed to run. (We've handled
that so far by adding the inaccuracy margin to those specific timeouts.)

The libcurl multi_socket API tells the application with a callback that
a timeout expires in N milliseconds (and it explicitly will not tell it
again for the same timeout), and the application is then supposed to
call libcurl when that timeout expires. When libcurl subsequently gets
called with curl_multi_socket_action(...CURL_SOCKET_TIMEOUT...), it
knows that the application thinks the timeout expired - and alas, if it
is within the inaccuracy level libcurl will run code handling that
handle.

If the application says CURL_SOCKET_TIMEOUT to libcurl and _isn't_
within the inaccuracy level, libcurl will not consider the timeout
expired and it will not tell the application again since the timeout
value is still the same.

NOW:

This change introduces a modified behavior here. If the application says
CURL_SOCKET_TIMEOUT and libcurl finds no timeout code to run, it will
inform the application about the timeout value - *again* even if it is
the same timeout that it already told about before (although libcurl
will of course tell it the updated time so that it'll still get the
correct remaining time). This way, we will not risk that the application
believes it has done its job and libcurl thinks the time hasn't come yet
to run any code and both just sit waiting. This also allows us to
decrease the MULTI_TIMEOUT_INACCURACY margin, but that will be handled
in a separate commit.

A repeated timeout update to the application risk that the timeout will
then fire again immediately and we have what basically is a busy-loop
until the time is fine even for libcurl. If that becomes a problem, we
need to address it.
2014-01-10 13:57:25 +01:00
Daniel Stenberg
041d1e14d6 threaded-resolver: never use NULL hints with getaddrinfo
The net effect of this bug as it appeared to users, would be that
libcurl would timeout in the connect phase.

When disabling IPv6 use but still using getaddrinfo, libcurl would
wrongly not init the "hints" struct field in init_thread_sync() which
would subsequently lead to a getaddrinfo() invoke with a zeroed hints
with ai_socktype set to 0 instead of SOCK_STREAM. This would lead to
different behaviors on different platforms but basically incorrect
output.

This code was introduced in 483ff1ca75, released in curl 7.20.0.

This bug became a problem now due to the happy eyeballs code and how
libcurl now traverses the getaddrinfo() results differently.

Bug: http://curl.haxx.se/mail/lib-2014-01/0061.html
Reported-by: Fabian Frank
Debugged-by: Fabian Frank
2014-01-10 08:48:40 +01:00
Nick Zitzmann
21aa79f463 darwinssl: un-break Leopard build after PKCS#12 change
It turns out errSecDecode wasn't defined in Leopard's headers. So
we use the enum's value instead.

Bug: http://curl.haxx.se/mail/lib-2013-12/0150.html
Reported by: Abram Pousada
2014-01-09 17:53:29 -06:00
Daniel Stenberg
28933f9d30 Curl_updateconninfo: don't do anything for UDP "connections"
getpeername() doesn't work for UDP sockets since they're not connected

Reported-by: Priyanka Shah
Bug: http://curl.haxx.se/mail/archive-2014-01/0016.html
2014-01-08 23:43:45 +01:00
Daniel Stenberg
5b2342d377 info: remove debug output
Removed some of the infof() calls that were added with the recent
pipeline improvements but they're not useful to the vast majority of
readers and the pipelining seems to fundamentaly work - the debugging
outputs can easily be added there if debugging these functions is needed
again.
2014-01-08 23:19:57 +01:00
Daniel Stenberg
31075a8897 runtests: disable memory tracking with threaded resolver
The built-in memory debug system doesn't work with multi-threaded use so
instead of causing annoying false positives, disable the memory tracking
if the threaded resolver is used.
2014-01-08 13:20:29 +01:00
Daniel Stenberg
2d435c7fb5 trynextip: fix build for non-IPV6 capable systems
AF_INET6 may not exist then

Patched-by: Iida Yosiaki
Bug: http://curl.haxx.se/bug/view.cgi?id=1322
2014-01-08 09:41:38 +01:00
Steve Holme
0151316183 makefile: Added support for VC12 2014-01-08 02:26:42 +00:00
Steve Holme
aa1ee9e7a2 makefile: Added support for VC11 2014-01-08 01:36:33 +00:00
Steve Holme
f61e0a34ea winbuild: Follow up fix for a47c142a88, 11e8066ef9 and 92b9ae5c5d 2014-01-08 01:22:04 +00:00
Daniel Stenberg
e35458bc08 mk-ca-bundle.1: document -d 2014-01-07 23:51:01 +01:00
Steve Holme
e96b67a70f RELEASE-NOTES: Synced with 8ae35102c4 2014-01-07 22:12:57 +00:00
Daniel Stenberg
8ae35102c4 ConnectionExists: fix NTLM check for new connection
When the requested authentication bitmask includes NTLM, we cannot
re-use a connection for another username/password as we then risk
re-using NTLM (connection-based auth).

This has the unfortunate downside that if you include NTLM as a possible
auth, you cannot re-use connections for other usernames/passwords even
if NTLM doesn't end up the auth type used.

Reported-by: Paras S
Patched-by: Paras S
Bug: http://curl.haxx.se/mail/lib-2014-01/0046.html
2014-01-07 09:48:40 +01:00
Steve Holme
fc0b4b0d31 examples: Added required libcurl version information to SMTP examples 2014-01-05 23:00:56 +00:00
Daniel Stenberg
619d1704ae mk-ca-bundle.pl: avoid warnings with -d without parameter 2014-01-05 23:53:26 +01:00
Leif W
d5f1590d5c mk-ca-bundle: introduces -d and warns about using this script 2014-01-05 23:38:32 +01:00
Steve Holme
fca7930dfa Makefile: Added missing WinSSL and x64 configurations 2014-01-05 21:13:12 +00:00
Marc Hoersken
e9c0f1f658 docs/INTERNALS: follow up fix for 11e8066 and 92b9ae5 2014-01-05 20:17:04 +01:00
Marc Hoersken
279c95b5b3 packages: follow up fix for a47c142, 11e8066 and 92b9ae5 2014-01-05 20:13:55 +01:00
Marc Hoersken
61312fe66f multi.c: fix possible dereference of null pointer 2014-01-05 20:01:33 +01:00
Steve Holme
149e0c8d10 Examples: Renamed SMTP MAIL example to match other email examples 2014-01-05 17:51:18 +00:00
Steve Holme
0f4bf77bd3 examples: Added POP3 TLS example 2014-01-05 14:26:51 +00:00
Steve Holme
ecb0dc4c90 examples: Added IMAP NOOP example 2014-01-05 14:22:35 +00:00
Steve Holme
a6742a1c12 examples: Added POP3 NOOP example 2014-01-05 13:59:21 +00:00
Steve Holme
e209d60713 pop3-stat.c: Corrected small typo from commit 91d62e9abd 2014-01-05 13:56:49 +00:00
Steve Holme
91d62e9abd examples: Added POP3 STAT example 2014-01-05 13:29:50 +00:00
Steve Holme
3e17db4882 examples: Added POP3 TOP example 2014-01-05 13:16:41 +00:00
Steve Holme
ef2d7cb44b examples: Added POP3 DELE example 2014-01-05 13:00:25 +00:00
Steve Holme
e948b9c6e3 examples: Added POP3 UIDL example 2014-01-05 12:31:28 +00:00
Steve Holme
afb65c6cf3 examples: Added POP3 RETR example 2014-01-05 12:17:15 +00:00
Steve Holme
5be92d03b0 examples: Added return of error code in POP3 examples 2014-01-05 12:05:02 +00:00
Steve Holme
3bc349b53b runtests.pl: Updated copyright year after edit from d718abd968 2014-01-05 11:32:48 +00:00
Steve Holme
ad39e7ec01 examples: Reworked POP3 examples for additional upcoming POP3 examples 2014-01-05 11:28:24 +00:00
Steve Holme
98b7fc0195 examples: Added SMTP SSL example 2014-01-05 11:27:29 +00:00
Steve Holme
f9797871aa examples: Added IMAP SSL and TLS examples 2014-01-05 11:26:41 +00:00
Marc Hoersken
d718abd968 runtests.pl: check for tstunnel command on Windows
The Windows console version of stunnel is called "tstunnel", while
running "stunnel" on Windows spawns a new console window which
cannot be handled by the testsuite.
2014-01-05 02:22:09 +01:00
Marc Hoersken
190bb785d8 testcurl.pl: always show the last 5 commits even with --nogitpull 2014-01-05 00:09:20 +01:00
Daniel Stenberg
5c0eae136b ftp tests: provide LIST responses in the test file itself
Previously LIST always returned a fixed hardcoded list that the ftp
server code knew about, mostly since the server didn't get any test case
number in the LIST scenario. Starting now, doing a CWD to a directory
named test-[number] will make the test server remember that number and
consider it a test case so that a subsequent LIST command will send the
<data> section of that test case back.

It allows LIST tests to be made more similar to how all other tests
work.

Test 100 was updated to provide its own directory listing.
2014-01-04 23:39:30 +01:00
Steve Holme
5220c1d692 examples: Standardised username and password settings for all email examples
Replaced the use of CURLOPT_USERPWD for the preferred CURLOPT_USERNAME
and CURLOPT_PASSWORD options and used the same username and password for
all email examples which is the same as that used in the test suite.
2014-01-04 18:12:02 +00:00
Steve Holme
84a9f092dc Updated copyright year for recent changes 2014-01-04 17:41:10 +00:00
Marc Hoersken
4fc8d83f5f secureserver.pl: support for stunnel-path with nun-alphanum chars
This is desired to support stunnel installations on Windows.
2014-01-04 17:49:54 +01:00
Marc Hoersken
8fc4abedf1 conncache.c: fix possible dereference of null pointer 2014-01-04 16:34:58 +01:00
Marc Hoersken
c216179af4 docs: primarily refer to schannel as WinSSL 2014-01-04 14:33:27 +01:00
Steve Holme
4c51f2b578 examples: Added IMAP COPY example 2014-01-04 01:11:26 +00:00
Steve Holme
2b026784a8 examples: Added IMAP DELETE example 2014-01-04 01:11:03 +00:00
Steve Holme
3c1519117a examples: Added IMAP CREATE example 2014-01-04 01:05:46 +00:00
Daniel Stenberg
602d28a210 FTP parselist: fix "total" parser
A regression introduced in 7f3b87d878 (present in the 7.21.4 release)
broke the total parser. Now skip the whitespace and the digits.

Reported-by: Justin Maggard
Bug: http://curl.haxx.se/mail/lib-2014-01/0019.html
2014-01-04 00:38:43 +01:00
Daniel Stenberg
404794e97a test1513: fix spelling 2014-01-03 21:01:55 +01:00
Marc Hoersken
3b6420c0a5 Makefile.vc6: follow up fix for 11e8066 and 92b9ae5 2014-01-03 16:55:49 +01:00
Daniel Stenberg
62da1e7458 test1513: added - verify early progress callback return fail
Verify the change brought in commit 8e11731653061. It makes sure that
returning a failure from the progress callback even very early results
in the correct return code.
2014-01-03 14:09:59 +01:00
Daniel Stenberg
bf24b64e83 progresscallback: make CURLE_ABORTED_BY_CALLBACK get returned better
When the progress callback returned 1 at a very early state, the code
would not make CURLE_ABORTED_BY_CALLBACK get returned but the process
would still be interrupted. In the HTTP case, this would then cause a
CURLE_GOT_NOTHING to erroneously get returned instead.

Reported-by: Petr Novak
Bug: http://curl.haxx.se/bug/view.cgi?id=1318
2014-01-03 14:09:59 +01:00
Marc Hoersken
d28b70d152 unittests: do not include curl_memory.h
memdebug.h already contains all required definitions and including
curl_memory.h causes errors like the following:

tests/unit/unit1394.c:119: undefined reference to `Curl_cfree'
tests/unit/unit1394.c:120: undefined reference to `Curl_cfree'
2014-01-03 12:30:23 +01:00
Daniel Stenberg
231b23acbb pipeline: remove print_pipeline()
This is a debug function only and serves no purpose in production code,
it only slows things down. I left the code #ifdef'ed for possible future
pipeline debugging.

Also, this was a global function without proper namespace usage.

Reported-by: He Qin
Bug: http://curl.haxx.se/bug/view.cgi?id=1320
2014-01-03 12:04:14 +01:00
Daniel Stenberg
3529162405 openssl: allow explicit sslv2 selection
If OpenSSL is built to support SSLv2 this brings back the ability to
explicitly select that as a protocol level.

Reported-by: Steve Holme
Bug: http://curl.haxx.se/mail/lib-2014-01/0013.html
2014-01-03 11:52:49 +01:00
Steve Holme
d237828ebc Bumped copyright year to 2014 2014-01-02 23:53:49 +00:00
Steve Holme
c50d3ed075 Updated copyright year for recent changes 2014-01-02 23:53:29 +00:00
Marc Hoersken
61288cbdef vtls/nssg.h: fixed include references to moved file 2014-01-03 00:32:05 +01:00
Christian Weisgerber
42100cdead curl_easy_setopt.3: fix formatting mistakes
This fixes two markup typos I noticed in curl_easy_setopt.3.  (The use
of bold vs. italics seems a bit inconsistent in that page, but it should
at least be valid man syntax.)
2014-01-03 00:01:36 +01:00
Barry Abrahamson
4bb7400529 OpenSSL: Fix forcing SSLv3 connections
Some feedback provided by byte_bucket on IRC pointed out that commit
db11750cfa wasn’t really correct because it allows for “upgrading” to a
newer protocol when it should be only allowing for SSLv3.

This change fixes that.

When SSLv3 connection is forced, don't allow SSL negotiations for newer
versions.  Feedback provided by byte_bucket in #curl.  This behavior is
also consistent with the other force flags like --tlsv1.1 which doesn't
allow for TLSv1.2 negotiation, etc

Feedback-by: byte_bucket
Bug: http://curl.haxx.se/bug/view.cgi?id=1319
2014-01-02 23:41:33 +01:00
Guenter Knauf
303172d220 Trial to fix the nmake Makefile for vtls files. 2014-01-02 22:16:21 +01:00
Steve Holme
0f340f0572 examples: Added IMAP SEARCH example 2014-01-02 20:19:45 +00:00
Steve Holme
f063773b83 examples: Added IMAP EXAMINE mailbox folder example 2014-01-02 20:19:36 +00:00
Guenter Knauf
e9b9e287c1 Fix NetWare build for vtls files. 2014-01-02 20:40:33 +01:00
Daniel Stenberg
030303fa99 CMakeLists.txt: add standard curl source code header 2014-01-01 22:35:59 +01:00
Daniel Stenberg
5f8f512719 CMakeLists.txt: add warning about the cmake build's state 2014-01-01 22:33:26 +01:00
Steve Holme
6bc9e46bf1 examples: Updated SMTP multi example to be more realistic
Updated the contents of the email and payload callback as per the IMAP
and other SMTP examples.
2014-01-01 20:58:04 +00:00
Barry Abrahamson
db11750cfa OpenSSL: Fix forcing SSLv3 connections
Since ad34a2d5c8 (present in 7.34.0 release) forcing
SSLv3 will always return the error "curl: (35) Unsupported SSL protocol
version" Can be replicated with `curl -I -3 https://www.google.com/`.
This fix simply allows for v3 to be forced.
2014-01-01 21:36:47 +01:00
Steve Holme
1f47a77b29 examples: Corrected unescaped backslash in imap-store.c 2014-01-01 19:31:41 +00:00
Steve Holme
0757a9b941 examples: Update SMTP TLS example mail content to be RFC-2821 compliant
...and made some minor coding style changes to better match the curl
coding standards as well as the other email related examples.
2014-01-01 18:44:53 +00:00
Steve Holme
83ae98c6c6 examples: Added IMAP APPEND example 2014-01-01 18:02:06 +00:00
Steve Holme
2658da7604 examples: Added IMAP STORE example 2014-01-01 17:25:12 +00:00
Steve Holme
c16e5dfbc8 RELEASE-NOTES: Synced with 7de2e03258 2013-12-31 16:40:10 +00:00
Steve Holme
7de2e03258 examples: Added IMAP LIST mailbox example 2013-12-31 16:28:37 +00:00
Steve Holme
ab71241c88 examples: Updated IMAP fetch example for libcurl 7.30.0 2013-12-31 16:13:22 +00:00
Steve Holme
e9625c5bc6 examples: Rename before adding additional email examples 2013-12-31 16:01:31 +00:00
Steve Holme
18a6467c8c examples: Added SMTP EXPN command example 2013-12-31 14:37:49 +00:00
Steve Holme
7b368e7f94 examples: Added SMTP email verification example 2013-12-31 13:29:32 +00:00
Steve Holme
34365e4b03 imap: Fixed line length warning 2013-12-31 12:16:33 +00:00
Steve Holme
60bd22620a mprintf: Replaced internal usage of FORMAT_OFF_T and FORMAT_OFF_TU
Following commit 0aafd77fa4, replaced the internal usage of
FORMAT_OFF_T and FORMAT_OFF_TU with the external versions that we
expect API programmers to use.

This negates the need for separate definitions which were subtly
different under different platforms/compilers.
2013-12-31 11:10:42 +00:00
Steve Holme
6e4d4a9b51 examples: Updated copyright year for recent edits 2013-12-31 00:29:14 +00:00
Steve Holme
c68758b621 examples: Corrected incorrect indentation in smtp-multi.c 2013-12-31 00:20:55 +00:00
Steve Holme
73a894170b examples: Updated SMTP examples to set CURLOPT_UPLOAD 2013-12-31 00:19:10 +00:00
Steve Holme
0aafd77fa4 mprintf: Added support for I, I32 and I64 size specifiers
Added support to the built-in printf() replacement functions, for these
non-ANSI extensions when compiling under Visual Studio, Borland, Watcom
and MinGW.

This fixes problems when generating libcurl source code that contains
curl_off_t variables.
2013-12-30 10:07:14 +00:00
Steve Holme
9f96f8a5c5 curl_easy_setopt.3: Added SMTP information to CURLOPT_INFILESIZE_LARGE
Although added to CURLOPT_INFILESIZE in commit ee3d3adc6f it was
never added to CURLOPT_INFILESIZE_LARGE.
2013-12-29 16:59:04 +00:00
Steve Holme
01aaad7442 tests: Disabled NTLM tests when running with SSPI enabled 2013-12-28 20:37:00 +00:00
Steve Holme
610a55388b connect.c: Fixed compilation warning
warning: 'res' may be used uninitialized in this function
2013-12-28 19:44:07 +00:00
Steve Holme
5107d66b2e runtests.pl: Fixed slightly incorrect regex in commit 28dd47d4d4 2013-12-28 16:32:07 +00:00
Björn Stenberg
4e1ece2e44 connect: Try all addresses in first connection attempt
Fixes a bug when all addresses in the first family fail immediately, due
to "Network unreachable" for example, curl would hang and never try the
next address family.

Iterate through all address families when to trying establish the first
connection attempt.

Bug: http://curl.haxx.se/bug/view.cgi?id=1315
Reported-by: Michal Górny and Anthony G. Basile
2013-12-28 13:17:56 +00:00
Steve Holme
28dd47d4d4 runtests.pl: Optimised feature present checking code
...to exclude not present features.
2013-12-28 12:35:51 +00:00
Steve Holme
147b2a546e runtests.pl: Added the ability to run tests when a feature is not present 2013-12-28 11:18:54 +00:00
Steve Holme
95b5036a59 ftpserver.pl: Fixed compilation error
Unmatched right curly bracket at line 758, at end of line
2013-12-27 20:14:06 +00:00
Steve Holme
263616202b ftpserver.pl: Reworked SMTP verified server detection
Following the addition of informational commands to the SMTP protocol,
the test server is no longer required to return the verified server
information in responses that curl only outputs in verbose mode.

Instead, a similar detection mechanism to that used by FTP, IMAP and
POP3 can now be used.
2013-12-27 18:15:04 +00:00
Steve Holme
c9dd4022f4 sendf.c: Fixed compilation warning from f2d234a4dd
sendf.c:450:81: warning: Longer than 79 columns
2013-12-27 12:08:37 +00:00
Steve Holme
f2d234a4dd FILE: Fixed sending of data would always return CURLE_WRITE_ERROR
Introduced in commit 2a4ee0d221 sending of data via the FILE
protocol would always return CURLE_WRITE_ERROR regardless of whether
CURL_WRITEFUNC_PAUSE was returned from the callback function or not.
2013-12-27 10:58:31 +00:00
Daniel Stenberg
2a4ee0d221 FILE: we don't support paused transfers using this protocol
Make sure that we detect such attempts and return a proper error code
instead of silently handling this in problematic ways.

Updated the documentation to mention this limitation.

Bug: http://curl.haxx.se/bug/view.cgi?id=1286
2013-12-26 23:50:34 +01:00
Steve Holme
f88f9bed00 vtls: Updated comments referencing sslgen.c and ssluse.c 2013-12-26 21:42:22 +00:00
Steve Holme
9aa6e4357a vtls: Fixed up include of vtls.h 2013-12-26 21:25:51 +00:00
Daniel Stenberg
7b057f53fd curl_dofree: allow free(NULL)
Previously this memdebug free() replacement didn't properly work with a
NULL argument which has made us write code that avoids calling
free(NULL) - which causes some extra nuisance and unnecessary code.
Starting now, we should allow free(NULL) even when built with the
memdebug system enabled.

free(NULL) is permitted by POSIX
2013-12-25 23:30:25 +01:00
Steve Holme
2dd9bfc5d9 RELEASE-NOTES: Synced with 0ff0a994ad 2013-12-25 00:09:33 +00:00
Daniel Stenberg
0ff0a994ad Curl_thread_create: use Curl_safefree to allow NULL better
free() itself allows a NULL input but our memory debug system requires
Curl_safefree() to be used instead when a "legitimate" NULL may be freed. Like
in the code here.

Pointed-out-by: Steve Holme
2013-12-25 00:53:15 +01:00
Luke Dashjr
e8b57d1e84 threaded resolver: Use pthread_t * for curl_thread_t
... since pthread_t may be non-scalar and/or may represent a real thread
with scalar 0.

Bug: http://curl.haxx.se/bug/view.cgi?id=1314
2013-12-25 00:28:28 +01:00
Steve Holme
7fd490732a imap: Fixed auth preference not being honored when CAPABILITY not supported
If a user indicated they preferred to authenticate using a SASL
mechanism, but SASL authentication wasn't supported by the server, curl
would always fall back to clear text when CAPABILITY wasn't supported,
even though the user didn't want to use this.
2013-12-24 22:50:33 +00:00
Steve Holme
0c762f1c92 pop3: Fixed auth preference not being honored when CAPA not supported
If a user indicated they preferred to authenticate using APOP or a SASL
mechanism, but neither were supported by the server, curl would always
fall back to clear text when CAPA wasn't supported, even though the
user didn't want to use this.

This also fixes the auto build failure caused by commit 6f2d5f0562.
2013-12-24 22:49:36 +00:00
Daniel Stenberg
15bf9389ce TheArtOfHttpScripting: major update, converted layout and more 2013-12-24 23:36:23 +01:00
Daniel Stenberg
2618e4caae Curl_pp_readresp: use memmove not memcpy, possibly overlapping areas
Fixes commit 1deac31eba
2013-12-24 21:29:18 +01:00
Steve Holme
08e57f916c RELEASE-NOTES: Corrected copy/paste typo 2013-12-24 16:53:15 +00:00
Steve Holme
6f2d5f0562 pop3: Fixed APOP being determined by CAPA response rather than by timestamp
This commit replaces that of 9f260b5d66 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3].  Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
2013-12-24 16:34:55 +00:00
Steve Holme
82bf8edff3 tests: Removed APOP timestamp from default server greeting 2013-12-24 15:07:32 +00:00
Steve Holme
cd492a3ba8 test936: Corrected login details from commit 7246255416 2013-12-23 12:25:42 +00:00
Steve Holme
50aac1a37d ftpserver.pl: Updated custom full text REPLY regex
SASL downgrade tests: 833, 835, 879, 881, 935 and 937 would fail as
they contained a minus sign in their authentication mechanism and this
would be missed by the custom reply parser.
2013-12-23 12:24:06 +00:00
Steve Holme
574db1a6fd tests: Corrected syntax error from commit 7246255416 2013-12-23 09:25:50 +00:00
Steve Holme
7246255416 tests: Added SMTP SASL downgrade tests 2013-12-23 07:17:53 +00:00
Steve Holme
f763d1b1bb tests: Added POP3 SASL downgrade tests 2013-12-23 07:17:41 +00:00
Steve Holme
48cd1292e2 tests: Added IMAP SASL downgrade tests 2013-12-23 07:17:31 +00:00
Daniel Stenberg
f718415bc7 docs: mention CURLOPT_MAX_RECV/SEND_SPEED_LARGE don't work for FILE:// 2013-12-22 23:45:10 +01:00
Daniel Stenberg
2715d7f948 FILE: don't wait due to CURLOPT_MAX_RECV_SPEED_LARGE
The FILE:// code doesn't support this option - and it doesn't make sense
to support it as long as it works as it does since then it'd only block
even longer.

But: setting CURLOPT_MAX_RECV_SPEED_LARGE would make the transfer first
get done and then libcurl would wait until the average speed would get
low enough. This happened because the transfer happens completely in the
DO state for FILE:// but then it would still unconditionally continue in
to the PERFORM state where the speed check is made.

Starting now, the code will skip from DO_DONE to DONE immediately if no
socket is set to be recv()ed or send()ed to.

Bug: http://curl.haxx.se/bug/view.cgi?id=1312
Reported-by: Mohammad AlSaleh
2013-12-22 23:44:14 +01:00
Steve Holme
3db1f3dd81 ftpserver.pl: Fixed runtime warning from commit 7da9c95bcf
Use of uninitialized value $FTPARG in concatenation (.) or string at
line 3255.
2013-12-22 21:59:13 +00:00
Steve Holme
7da9c95bcf ftpserver.pl: Added the ability to send custom full text replies 2013-12-22 19:36:07 +00:00
Steve Holme
95ae389e17 ftpserver.pl: Added the ability to specify custom full text replies 2013-12-22 17:16:46 +00:00
Steve Holme
91735102ac ftpserver.pl: Renamed commandreply variable from customreply 2013-12-22 16:09:33 +00:00
Steve Holme
248967e300 tests: Added SASL cancellation keywords
Added SASL CANCELLATION keywords to differentiate these tests from the
upcoming SASL downgrade tests.
2013-12-22 13:06:59 +00:00
Steve Holme
cf2051764c email: Fixed segfault introduced in commit 195b63f99c 2013-12-22 00:16:52 +00:00
Daniel Stenberg
3ce2a3991b code police: fix indent level to silence checksrc complaints 2013-12-22 01:01:19 +01:00
Steve Holme
195b63f99c email: Extended the login options to support multiple auth mechanisms 2013-12-21 23:49:37 +00:00
Daniel Stenberg
1deac31eba Curl_pp_readresp: replace stupid loop with memcpy 2013-12-22 00:29:43 +01:00
Daniel Stenberg
bf468fb589 Curl_pp_readresp: zero terminate line
The comment in the code mentions the zero terminating after having
copied data, but it mistakingly zero terminated the source data and not
the destination! This caused the test 864 problem discussed on the list:

http://curl.haxx.se/mail/lib-2013-12/0113.html
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-22 00:20:13 +01:00
Steve Holme
ca4506b46a Revert "pop3: Added debug information to assist with test864 failure"
This reverts commit 727d798d68.
2013-12-21 12:50:59 +00:00
Steve Holme
727d798d68 pop3: Added debug information to assist with test864 failure 2013-12-21 11:17:30 +00:00
Steve Holme
3917d73b36 RELEASE-NOTES: Synced with 812c5ace75 2013-12-20 20:27:21 +00:00
Steve Holme
812c5ace75 pop3: Fixed APOP timestamp detection from commit 1cfb436a2f 2013-12-20 20:17:59 +00:00
Daniel Stenberg
c3a02c3e54 Makefile.inc: use standard source header 2013-12-20 17:12:42 +01:00
Daniel Stenberg
565c5b3dc3 Makefile.inc: specify the vtls sources+headers separately 2013-12-20 17:12:42 +01:00
Daniel Stenberg
11e8066ef9 vtls: renamed sslgen.[ch] to vtls.[ch] 2013-12-20 17:12:42 +01:00
Daniel Stenberg
92b9ae5c5d openssl: renamed backend files to openssl.[ch] 2013-12-20 17:12:42 +01:00
Daniel Stenberg
a47c142a88 vtls: moved all TLS/SSL source and header files into subdir 2013-12-20 17:12:42 +01:00
Daniel Stenberg
eccf4fb7ee vtls: created subdir, moved sslgen.[ch] there, updated all include lines 2013-12-20 17:12:42 +01:00
Steve Holme
9f260b5d66 pop3: Fixed selection of APOP when server replies with an invalid timestamp
Although highlighted by a bug in commit 1cfb436a2f, APOP
authentication could be chosen if the server was to reply with an empty
or missing timestamp in the server greeting and APOP was given in the
capability list by the server.
2013-12-20 14:51:45 +00:00
Steve Holme
0452976711 pop3: Fixed processing of more than one response when sent in same packet
Added a loop to pop3_statemach_act() in which Curl_pp_readresp() is
called until the cache is drained. Without this multiple responses
received in a single packet could result in a hang or delay.
2013-12-20 07:20:49 +00:00
Steve Holme
94d820b4cb pop3: Moved CAPA response handling to pop3_state_capa_resp()
Similar to the processing of untagged CAPABILITY responses in IMAP and
multi-line EHLO responses in SMTP, moved the processing of multi-line
CAPA responses to pop3_state_capa_resp().
2013-12-19 23:06:42 +00:00
Steve Holme
1cfb436a2f pop3: Moved APOP detection into pop3_state_servergreet_resp()
In an effort to reduce what pop3_endofresp() does and bring the POP3
source back inline with the IMAP and SMTP protocols, moved the APOP
detection into pop3_state_servergreet_resp().
2013-12-19 23:06:33 +00:00
Steve Holme
fae7db8a31 curl_easy_setopt: Fixed OAuth 2.0 Bearer option name
Bug: http://curl.haxx.se/bug/view.cgi?id=1313
Reported-by: Viktor Szakáts
2013-12-19 22:40:56 +00:00
Daniel Stenberg
0a898655e8 curl.1: remove URL encoding phrase from --data description
... it could be misleading a reader into thinking it _has_ to be encoded.
2013-12-18 22:46:38 +01:00
Steve Holme
48043f87b6 imap/pop3/smtp: Added support for SASL authentication downgrades
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
2013-12-18 20:45:17 +00:00
Daniel Stenberg
b7b126ee41 RELEASE-PROCEDURE: new document 2013-12-18 14:37:04 +01:00
Daniel Stenberg
91c8f81d72 gitignore: ignore .dirstamp files 2013-12-18 14:35:56 +01:00
Daniel Stenberg
74476609c3 smtp: fix compiler warning
smtp.c:478:21: error: unused variable 'smtpc' [-Werror=unused-variable]
2013-12-18 13:53:45 +01:00
Steve Holme
6c62d84232 smtp: Moved the calculation of SASL login details into a separate function 2013-12-18 12:44:37 +00:00
Steve Holme
c93bd31336 pop3: Moved the calculation of SASL login details into a separate function 2013-12-18 12:43:57 +00:00
Steve Holme
933e6c9d16 imap: Moved the calculation of SASL login details into a separate function 2013-12-18 12:43:28 +00:00
Steve Holme
da24fbbc00 smtp: Moved the sending of the AUTH command into a separate function 2013-12-18 00:11:25 +00:00
Steve Holme
367648d24a pop3: Moved the sending of the AUTH command into a separate function 2013-12-18 00:11:13 +00:00
Steve Holme
bd3a59ad41 imap: Moved the sending of the AUTHENICATE command into a separate function 2013-12-18 00:10:39 +00:00
Steve Holme
c0245cc591 email: Renamed *_perform_authenticate() functions
In preparation for the upcoming SASL downgrade feature renamed the
imap__perform_authenticate(), pop3__perform_authenticate() and
smtp__perform_authenticate() functions.
2013-12-17 23:08:32 +00:00
Daniel Stenberg
13c696f37f bump: start working on the next release 2013-12-17 16:38:51 +01:00
Daniel Stenberg
0966b324d9 RELEASE-NOTES: synced with c0ef05e67
... for the pending 7.34.0 release

Upped the contributor count
2013-12-16 22:54:00 +01:00
Daniel Stenberg
c0ef05e675 THANKS: add contributors from 7.34.0 release
24 new great friends
2013-12-16 22:53:20 +01:00
Daniel Stenberg
1dc43de0dc gtls: respect *VERIFYHOST independently of *VERIFYPEER
Security flaw CVE-2013-6422

This is conceptually the same problem and fix that 3c3622b6 brought to the
OpenSSL backend and that resulted in CVE-2013-4545.

This version of the problem was independently introduced to the GnuTLS
backend with commit 59cf93cc, present in the code since the libcurl
7.21.4 release.

Advisory: http://curl.haxx.se/docs/adv_20131217.html
Bug: http://curl.haxx.se/mail/lib-2013-11/0214.html
Reported-by: Marc Deslauriers
2013-12-16 22:47:31 +01:00
Daniel Stenberg
8a8f9a5d57 curl.1 document -J doesn't %-decode
...also added as KNOWN_BUG #87 with reference to bug #1294
2013-12-15 23:38:37 +01:00
Daniel Stenberg
be28223f35 multi: add timer inaccuracy margin to timeout/connecttimeout
Since all systems have inaccuracy in the timeout handling it is
imperative that we add an inaccuracy margin to the general timeout and
connecttimeout handling with the multi interface. This way, when the
timeout fires we should be fairly sure that it has passed the timeout
value and will be suitably detected.

For cases where the timeout fire before the actual timeout, we would
otherwise consume the timeout action and still not run the timeout code
since the condition wasn't met.

Reported-by: He Qin
Bug: http://curl.haxx.se/bug/view.cgi?id=1298
2013-12-15 22:53:41 +01:00
Daniel Stenberg
8e2d73bbde RELEASE-NOTES: synced with dd4d9ea542 2013-12-14 23:22:52 +01:00
Daniel Stenberg
dd4d9ea542 curl_easy_setopt: clarify some USERPWD and PROXYUSERPWD details 2013-12-14 23:09:05 +01:00
Daniel Stenberg
169fedbdce login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 22:40:37 +01:00
Steve Holme
32b9c30e67 imap: Fixed exclude of clear text when using auth=* in commit 75cd7fd667
It is not 100% clear whether * should include clear text LOGIN or not
from RFC-5092, however, including it is then consistent with current
POP3 behaviour where clear text, APOP or SASL may be chosen.
2013-12-14 12:24:17 +00:00
Steve Holme
75cd7fd667 imap: Fixed incorrect fallback to clear text authentication
If a specific SASL authentication mechanism was requested by the user
as part of the login options but wasn't supported by the server then
curl would fallback to clear text, when it shouldn't, rather than
reporting "No known authentication mechanisms supported" as the POP3
and SMTP protocols do.
2013-12-13 23:15:43 +00:00
Eric Lubin
7246dffff5 parsedate: avoid integer overflow
In C, signed integer overflow is undefined behavior. Thus, the compiler
is allowed to assume that it will not occur. In the check for an
overflow, the developer assumes that the signed integer of type time_t
will wrap around if it overflows. However, this behavior is undefined in
the C standard. Thus, when the compiler sees this, it simplifies t +
delta < t to delta < 0. Since delta > 0 and delta < 0 can't both be
true, the entire if statement is optimized out under certain
optimization levels. Thus, the parsedate function would return
PARSEDATE_OK with an undefined value in the time, instead of return -1 =
PARSEDATE_FAIL.
2013-12-11 16:32:21 +01:00
Daniel Stenberg
41d21e460f parseconfig: warn if unquoted white spaces are detected
Commit 0db811b6 made some existing config files pass on unexpected
values to libcurl that made it somewhat hard to track down what was
really going on.

This code detects unquoted white spaces in the parameter when parsing a
config file as that would be one symptom and it is generally a bad
syntax anyway.
2013-12-09 23:30:09 +01:00
Daniel Stenberg
aadca7f418 RELEASE-NOTES: recount contributors and libcurl options 2013-12-09 11:56:01 +01:00
Daniel Stenberg
3905bd637d RELEASE-NOTES: synced with c4f46e97ca 2013-12-07 22:52:31 +01:00
James Dury
c4f46e97ca TFTP: let tftp_multi_statemach()'s return codes through
It would otherwise always clobber the return code with new function
calls and it couldn't return timeout etc.

Bug: http://curl.haxx.se/bug/view.cgi?id=1310
2013-12-07 15:53:08 +01:00
Melissa Mears
bd3ca6630a darwinssl: Fix #if 10.6.0 for SecKeychainSearch
The comment here says that SecKeychainSearch causes a deprecation
warning when used with a minimum Mac OS X SDK version of 10.7.0, which
is correct.  However, the #if guard did not match.  It was intended to
only use the code if 10.6.0 support was enabled, but it had 10.7.0
instead.  This caused a warning if the minimum was exactly 10.7.0.
2013-12-07 00:10:04 -06:00
Christian Weisgerber
92e607abfa curl.h: <sys/select.h> for OpenBSD
curl.h should also include <sys/select.h> on OpenBSD to reliably
pull in select().  Typically, including <sys/time.h> will be enough,
but not if strict standards-compliance is requested (e.g. by defining
_XOPEN_SOURCE).
2013-12-06 13:28:27 +01:00
Daniel Stenberg
ef118c13ba digest: fix CURLAUTH_DIGEST_IE
The URI that is passed in as part of the Authorization: header needs to
be cut off at '?' if CURLAUTH_DIGEST_IE is set. Previously the code only
did when calculating the MD5sum.

Bug: http://curl.haxx.se/bug/view.cgi?id=1308
Patched-by: Sergey Tatarincev
2013-12-04 23:08:17 +01:00
Daniel Stenberg
1cf71bd76e Curl_is_connected: use proxy name in error message when proxy is used
(bug introduced in 255826c4, never present in a release)

Reported-by: Dima Tisnek
Bug: http://curl.haxx.se/mail/lib-2013-12/0006.html
2013-12-04 22:51:37 +01:00
Steve Holme
2c0ecac9d3 imap/pop3: Post graceful cancellation consistency changes 2013-12-04 20:19:36 +00:00
Melissa Mears
b0b5b51193 pop3: Fix POP3_TYPE_ANY signed compilation warning
POP3_TYPE_ANY, or ~0, is written to pop3c->preftype in lib/pop3c.c, an
unsigned int variable.  The result of ~0 is -1, which caused a warning
due to writing a negative number to an unsigned variable.  To fix this,
make the expression ~0U so that its value is considered the unsigned
number UINT_MAX which is what SASL_AUTH_ANY does in curl_sasl.h.
2013-12-04 20:18:44 +00:00
Kamil Dudka
ff9b66a8d4 tool_metalink: do not use HAVE_NSS_INITCONTEXT
... no longer provided by the configure script
2013-12-02 17:03:23 +01:00
Kamil Dudka
e221b55f67 nss: make sure that 'sslver' is always initialized 2013-12-02 16:09:12 +01:00
Kamil Dudka
865666afca nss: unconditionally require NSS_InitContext()
... since we depend on NSS 3.14+ because of SSL_VersionRangeSet() anyway
2013-12-02 15:00:13 +01:00
Kamil Dudka
7fc9325a52 nss: allow to use TLS > 1.0 if built against recent NSS
Bug: http://curl.haxx.se/mail/lib-2013-11/0162.html
2013-12-02 15:00:13 +01:00
Kamil Dudka
4fb8241add nss: put SSL version selection into separate fnc 2013-12-02 15:00:13 +01:00
Kamil Dudka
30e7e7552b nss: use a better API for controlling SSL version
This change introduces a dependency on NSS 3.14+.
2013-12-02 15:00:13 +01:00
Patrick Monnerat
f58f843f66 OS400: sync wrappers and RPG binding. 2013-12-02 14:33:51 +01:00
Steve Holme
d92de3a7e9 multi.c: Fixed compilation warning
warning: declaration of 'pipe' shadows a global declaration
2013-12-01 20:22:57 +00:00
Steve Holme
fe7fc61c6e RELEASE-NOTES: Synced with ad3836448e 2013-12-01 16:51:32 +00:00
Steve Holme
ad3836448e base64: Corrected typo from commit f3ee587775 2013-12-01 16:43:57 +00:00
Steve Holme
f3ee587775 base64: Post extended extended validation tidy up
Reduced the separate processing of the last quantum to be performed in
the main decoding loop and renamed some variables for consistency.
2013-12-01 13:59:47 +00:00
Steve Holme
c92c30edbd base64: Extended validation to look for invalid characters
Extended the basic validation in commit e17c1b25bc to return a
failure when invalid base64 characters are included.
2013-12-01 11:12:23 +00:00
Steve Holme
4d10f48629 base64: Post basic validation tidy up
Due to the length checks introduced in commit e17c1b25bc there is no
need to allow for extra space in the output buffer for a non-padded last
quantum.
2013-11-30 19:14:29 +00:00
Steve Holme
dc68120e63 curl_easy_getinfo: Post CURLINFO_TLS_SESSION tidy up
1) Renamed curl_tlsinfo to curl_tlssessioninfo as discussed on the
mailing list.
2) Renamed curl_ssl_backend to curl_sslbackend so it doesn't follow our
function naming convention.
3) Updated sessioninfo.c example accordingly.
2013-11-30 11:08:56 +00:00
Daniel Stenberg
0db811b69b parseconfig: dash options can't specified with colon or equals
Bug: http://curl.haxx.se/bug/view.cgi?id=1297
Reported-by: Michael Osipov
2013-11-29 15:17:08 +01:00
Daniel Stenberg
d81cbbcc2c curl.1: -G also takes --data-urlencode data 2013-11-29 15:10:53 +01:00
Daniel Stenberg
0dd6522036 globbing: curl glob counter mismatch with {} list use
The "fixed string" function wrongly bumped the "urlnum" counter which
made curl output the total number of URLs wrong when using
{one,two,three} lists in globs.

Reported-by: Michael-O
Bug: http://curl.haxx.se/bug/view.cgi?id=1305
2013-11-28 23:31:31 +01:00
Christian Grothoff
889cb9c982 sessioninfo.c: Added sample code for CURLINFO_TLS_SESSION
Added a simple example to show how one can use CURLINFO_TLS_SESSION for
obtaining extensive TLS certificate information.
2013-11-28 07:05:07 +00:00
Steve Holme
26ff1ea6c3 multi.c: Fixed compilation error introduced in commit a900d45489
Systems that define SIGPIPE_VARIABLE as a noop would not compile as
restore_pipe was defined afterwards.
2013-11-27 23:45:45 +00:00
Christian Grothoff
59f1209fad curl_easy_getopt: Handle API violation gracefully
This fixes a NULL dereference in the case where the client asks for
CURLINFO_TLS_SESSION data after the (TLS) session has already been
destroyed (i.e. curl_easy_perform has already completed for this
handle). Instead of crashing, we now return a CURLSSLBACKEND_NONE
error.
2013-11-27 23:35:34 +00:00
Steve Holme
7b9365c65f KNOWN_BUGS: #86: Disconnect commands may not be sent by IMAP, POP3 and SMTP 2013-11-27 22:35:08 +00:00
Jeff King
a900d45489 curl_multi_cleanup: ignore SIGPIPE
This is an extension to the fix in 7d80ed64e4. We may
call Curl_disconnect() while cleaning up the multi handle,
which could lead to openssl sending packets, which could get
a SIGPIPE.

Signed-off-by: Jeff King <peff@peff.net>
2013-11-27 22:47:12 +01:00
Jeff King
e64f91feb7 sigpipe: factor out sigpipe_reset from easy.c
Commit 7d80ed64e4 introduced some helpers to handle
sigpipe in easy.c. However, that fix was incomplete, and we
need to add more callers in other files. The first step is
making the helpers globally accessible.

Since the functions are small and should generally end up
inlined anyway, we simply define them in the header as
static functions.

Signed-off-by: Jeff King <peff@peff.net>
2013-11-27 22:46:55 +01:00
Björn Stenberg
b2a55c8106 connect: Try next ip directly after immediate connect fail
This fixes a rare Happy Eyeballs bug where if the first IP family runs
out of addresses before the second-family-timer fires, and the second
IP family's first connect fails immediately, no further IPs of the
second family are attempted.
2013-11-27 22:26:43 +01:00
Daniel Stenberg
030a2b8cb8 hostip: don't prune DNS cache entries that are in use
When adding entries to the DNS cache with CURLOPT_RESOLVE, they are
marked 'inuse' forever to prevent them from ever being removed in normal
operations. Still, the code that pruned out-of-date DNS entries didn't
care for the 'inuse' struct field and pruned it anyway!

Reported-by: Romulo A. Ceccon
Bug: http://curl.haxx.se/bug/view.cgi?id=1303
2013-11-25 00:10:23 +01:00
Steve Holme
edce855943 RELEASE-NOTES: Synced with 35e476a3f6 2013-11-24 18:05:54 +00:00
Steve Holme
35e476a3f6 tests: Re-ordered test arguments to match other IMAP tests 2013-11-24 17:59:17 +00:00
Steve Holme
0434a19431 tests: Corrected login "username" authentication responses 2013-11-24 16:25:44 +00:00
Steve Holme
2ff0c6f5f3 tests: Added error code explanation comments 2013-11-24 12:35:45 +00:00
Steve Holme
8a94aedbd6 tests: Removed expected QUIT response from graceful cancellation tests
A failure during authentication, which is performed as part of the
CONNECT phrase (for IMAP, POP3 and SMTP) is considered by the multi-
interface as being closed prematurely (aka a dead connection). As such
these protocols cannot issue the relevant QUIT or LOGOUT command.

Temporarily fixed the test cases until we can fix this properly.
2013-11-24 11:03:40 +00:00
Steve Holme
95877cf8ae tests: Added SMTP graceful authentication cancellation tests 2013-11-24 10:37:41 +00:00
Steve Holme
d3325ae40a tests: Added POP3 graceful authentication cancellation tests 2013-11-24 10:37:30 +00:00
Steve Holme
23fabf8dea ftpserver.pl: Reworked fix from commit 7a36b2abc0 2013-11-23 22:14:34 +00:00
Steve Holme
7a36b2abc0 ftpserver.pl: Fixed unknown IMAP command "*" 2013-11-23 19:19:12 +00:00
Steve Holme
e1c255f388 ftpserver.pl: Fixed servercmd REPLY with * detection 2013-11-23 16:28:28 +00:00
Steve Holme
6d3c832a30 tests: Added IMAP graceful authentication cancellation tests 2013-11-23 15:03:18 +00:00
Steve Holme
7935478397 tests: Moved CR LF in URL tests to their respective protocol groups 2013-11-23 14:49:50 +00:00
Steve Holme
5ee64be9c6 smtp: Post SMTP command expansion tidy up
Removed unnecessary SMTP_STOP state changes on failure.

Removed hard return on failure in smtp_state_data_resp().
2013-11-23 09:35:44 +00:00
Steve Holme
9f18cf15d5 symbols-in-versions: Added missing CURLSSLBACKEND_* symbols 2013-11-22 13:22:18 +00:00
Steve Holme
bf05da183e symbols-in-versions: Fixed missing CURLINFO_TLS_SESSION 2013-11-22 07:30:00 +00:00
Christian Grothoff
2c04e8d80c curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
Added new API for returning a SSL backend type and pointer, in order to
allow access to the TLS internals, that may then be used to obtain X509
certificate information for example.
2013-11-21 20:40:04 +00:00
Steve Holme
925df53580 RELEASE-NOTES: Synced with 8191800a0c 2013-11-17 16:55:56 +00:00
Steve Holme
8191800a0c smtp: Fixed space being sent in non --mail-rcpt based requests
Commands such as NOOP, RSET and HELP would be sent with a space at the
end of the command, for example: "NOOP ".
2013-11-17 16:39:02 +00:00
Steve Holme
2165298fe6 tests: Added SMTP NOOP and RSET tests 2013-11-17 12:52:42 +00:00
Steve Holme
e885dc85a1 test928: Corrected typo in expected data from commit df58084695 2013-11-17 12:49:10 +00:00
Steve Holme
df58084695 tests: Added SMTP HELP test 2013-11-17 10:11:27 +00:00
Steve Holme
3c8c9b2779 smtp: Changed the default command to HELP when no options are specified
Otherwise a NOOP operation would be performed which a) only returns a
single line response and not a multiline response where -I needs to be
used, and b) provides an inconsistent user experience compared to that
of the POP3 and IMAP protocols.
2013-11-17 10:09:07 +00:00
Steve Holme
b27dc009cf smtp:Fixed memory leak from commit dac01ff6d7
The buffer allocated by smtp_parse_custom_request() was not freed.
2013-11-17 09:00:21 +00:00
Steve Holme
2c7a5578e1 connect: Close open but unconnected socket in singleipconnect()
singleipconnect() could return the file descriptor of an open socket
even though the function returned a CURLE_COULDNT_CONNECT error code
from commit ed1662c374 and 02fbc26d59.

This could cause tests 19, 704 and 1233 to fail on FreeBSD, AIX and
Solaris.
2013-11-17 00:27:18 +00:00
Steve Holme
b56d7cda74 tests: Added SMTP EXPN command test 2013-11-17 00:20:58 +00:00
Steve Holme
8896b56488 test926: Corrected unknown user reply from commit 0d735c29f9
The error code should not be sent as data as it isn't passed onto the
client as body data, so cannot be compared in the test suite against
expected data.
2013-11-16 20:33:08 +00:00
Steve Holme
0d735c29f9 tests: Corrected missing data reply sections from 3d50e91aee 2013-11-16 17:19:26 +00:00
Steve Holme
3d50e91aee tests: Added SMTP VRFY command tests 2013-11-16 12:20:22 +00:00
Steve Holme
0cbfe5a7d5 ftpserver.pl: Added support for new SMTP commands 2013-11-16 11:17:23 +00:00
Steve Holme
eedca5055e smtp: Fixed broken RCPT TO from commit 0ea4a80bb2 2013-11-15 22:20:56 +00:00
Daniel Stenberg
5d040632ac smtp_state_mail_resp: removed unused variable 'smtp' 2013-11-15 22:43:34 +01:00
Steve Holme
314c3b8480 DOCS: Updated curl_easy_setopt.3 following recent SMTP changes
* Added information about the verify and expand commands to
  CURLOPT_MAIL_RCPT.
* Reworked CURLOPT_CUSTOMREQUEST section, adding information about IMAP
  and SMTP custom commands.
2013-11-15 21:25:26 +00:00
Steve Holme
d630e1f389 DOCS: Updated manpage following recent SMTP modifications
* Added SMTP section to --request
* Expanded --mail-rcpt to describe the usage when using the verify and
  expand commands.
2013-11-15 21:23:56 +00:00
Steve Holme
0ea4a80bb2 smtp: Simplified the next RCPT TO logic 2013-11-15 21:05:45 +00:00
Steve Holme
ed4ce23c23 lib1507.c: Added missing set of CURLOPT_UPLOAD option
Although this option should have already been set, the SMTP module can
now download information from and send instructional commands to, an
SMTP server, requiring the option to be set in order to perform a mail
transfer.
2013-11-15 21:01:10 +00:00
Steve Holme
168aa59705 smtp.c: Fixed trailing whitespace 2013-11-15 20:43:04 +00:00
Steve Holme
f71b1ad908 smtp: Added support for VRFY and EXPN commands 2013-11-15 18:25:29 +00:00
Steve Holme
dac01ff6d7 smtp: Added support for NOOP and RSET commands 2013-11-15 16:14:01 +00:00
Steve Holme
4a9fe26837 smtp: Fixed handling of multiline server greeting responses
Incorrectly processed multiline server greeting responses as "wanted"
continue responses in smtp_endofresp(), from commit f16c0de4e9,
which in turn broke the SMTP server detection in the test suite,
because the EHLO command would not be sent.
2013-11-15 12:50:37 +00:00
Steve Holme
90ec8763a5 smtp.c: Fixed compilation error from commit f16c0de4e9
warning: unused variable 'smtpc'
2013-11-15 12:14:09 +00:00
Steve Holme
796333bc5e smtp: Fixed processing of more than one response when sent in same packet
Added a loop to smtp_statemach_act() in which Curl_pp_readresp() is
called until the cache is drained. Without this multiple responses
received in a single packet could result in a hang or delay.
2013-11-15 10:54:23 +00:00
Steve Holme
f16c0de4e9 smtp: Moved EHLO response handling to smtp_state_ehlo_resp()
Similar to the processing of untagged CAPABILITY responses in IMAP moved
the processing of multiline EHLO responses to smtp_state_ehlo_resp() and
introduced an internal response code of one to differentiate a multiline
continuation from the end of command. This also allows for the separate
processing of multiline responses from commands such as VRFY and EXPN.
2013-11-15 10:49:17 +00:00
Steve Holme
786cba1ada connect: Forgot to correct line endings before push in commit ed1662c374 2013-11-14 20:43:15 +00:00
Björn Stenberg
ed1662c374 connect: Return the socket descriptor even on fail
singleipconnect() did not return the open socket descriptor on some
errors, thereby sometimes causing a socket leak. This patch ensures
the socket is always returned.
2013-11-14 19:56:59 +00:00
Daniel Stenberg
1f0616ea1a configure: Fix test with -Werror=implicit-function-declaration
The ipv6 auto-detect test in configure returns a false negative when
CFLAGS contains -Werror=implicit-function-declaration. (I have been
using this flag to detect code issues that would result in SEGVs on
x86_64-cygwin.)

Patch-by: Yaakov Selkowitz
Bug: http://curl.haxx.se/bug/view.cgi?id=1304
2013-11-13 19:00:22 -08:00
Steve Holme
55250d2d02 test825: Corrected typo from commit b29217d0d6 2013-11-13 17:31:42 +00:00
Steve Holme
c5d73167a6 RELEASE-NOTES: Synced with bde901ad89 2013-11-13 10:12:01 +00:00
Steve Holme
bde901ad89 test922: Corrected title to match other OAuth 2.0 tests 2013-11-13 09:17:50 +00:00
Steve Holme
79c77f7c31 tests: Added IMAP OAuth 2.0 authentication with initial response test 2013-11-13 09:14:30 +00:00
Steve Holme
986c249f2f tests: Added IMAP NTLM authentication with initial response test 2013-11-13 09:14:10 +00:00
Steve Holme
3b8c3eb911 tests: Added IMAP login authentication with initial response test 2013-11-13 09:12:59 +00:00
Steve Holme
b29217d0d6 tests: Added IMAP plain authentication with initial response test 2013-11-13 09:12:32 +00:00
Steve Holme
534f90f9bf test873: Use proper padding in NTLM responses 2013-11-13 09:12:11 +00:00
Nick Zitzmann
dbe228353d darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
Even though this is only a formality (since not many people build on
Mavericks while targeting Leopard), since we still support Leopard
at the earliest, we might as well be pedantic.
2013-11-12 20:26:20 -06:00
Nick Zitzmann
bf77101e5c darwinssl: PKCS#12 import feature now requires Lion or later
It turns out that some of the constants necessary to make this feature
work are missing from Snow Leopard's Security framework even though
they are defined in the headers.

Bug: http://curl.haxx.se/mail/lib-2013-11/0076.html
Reported by: myriachan
2013-11-12 20:18:04 -06:00
Steve Holme
2ea9a125a6 tests: Added POP3 OAuth 2.0 authentication with initial response test 2013-11-13 00:29:05 +00:00
Steve Holme
58a00d6d9f tests: Added POP3 NTLM authentication with initial response test 2013-11-13 00:24:06 +00:00
Steve Holme
57a27528e6 tests: Added POP3 login authentication with initial response test 2013-11-13 00:11:19 +00:00
Steve Holme
632c1edd06 tests: Added POP3 plain authentication with initial response test 2013-11-13 00:07:02 +00:00
Steve Holme
434bc09263 TODO: Added auth= in URLs to the wish list for HTTP 2013-11-12 20:32:25 +00:00
Steve Holme
f2584627c8 curl_easy_setopt: Added the ability to set the login options separately
Rather than set the authentication options as part of the login details
specified in the URL, or via the older CURLOPT_USERPWD option, added a
new libcurl option to allow the login options to be set separately.
2013-11-12 19:08:55 +00:00
Daniel Stenberg
6901861fc9 curl.1: mention that -O does no URL decoding 2013-11-12 09:28:07 -08:00
Tomas Hoger
d7d8a8f922 curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation
- better describe what happens when 1 is specified as parameter
- clarify what "is ignored" means for NSS builds
2013-11-12 17:03:13 +01:00
Steve Holme
c19cfb79db runtests.pl: Added SSPI detection 2013-11-12 12:48:28 +00:00
Steve Holme
65ce9b6d6c multi: Small code tidy up to avoid hard return 2013-11-12 09:59:22 +00:00
Steve Holme
5f34a10445 tests: Updated CRAM-MD5 tests to use test user details 2013-11-12 09:46:30 +00:00
Björn Stenberg
fa1253aee1 multi: Set read socket when returning READSOCK(0)
This patch fixes and issue introduced in commit 7d7df83198, if the
tunnel state was TUNNEL_CONNECT, waitconnect_getsock() would return a
bitmask indicating a readable socket but never stored the socket in the
return array.
2013-11-11 23:41:44 +00:00
Daniel Stenberg
f833f54979 bump: next release will be 7.34.0
Due to all the news and changes.
2013-11-11 08:46:27 +01:00
Björn Stenberg
e7d77fb3ef connect: Close temporary sockets in conn_free()
The temporary sockets used for Happy Eyeballs were not closed properly,
if curl exited prematurely, which this patch fixes.
2013-11-10 22:49:56 +00:00
Steve Holme
c8e63f247a tests: Corrected titles of POP3 and SMTP OAuth 2.0 tests 2013-11-10 20:26:57 +00:00
Steve Holme
7396ad6e09 test823: Fixed expected authentication text from commit e10a26a9d6
Fixed authentication text due to incorrect digest-uri property.
2013-11-10 20:21:18 +00:00
Steve Holme
6d295f8d7d test821: Fixed expected authentication text from commit 2d5455feac 2013-11-10 20:17:30 +00:00
Steve Holme
5bd999d0c5 RELEASE-NOTES: Synced with 0f81fbe5da 2013-11-10 18:16:21 +00:00
Kim Vandry
0f81fbe5da ares: Fixed compilation under Visual Studio 2012 2013-11-10 17:37:32 +00:00
Steve Holme
9b67960421 tests: Added IMAP OAuth 2.0 authentication test 2013-11-10 17:04:32 +00:00
Steve Holme
e10a26a9d6 tests: Added IMAP DIGEST-MD5 authentication test 2013-11-10 16:53:58 +00:00
Steve Holme
7b68b58bc0 tests: Added IMAP NTLM authentication test 2013-11-10 16:44:19 +00:00
Steve Holme
2d5455feac tests: Added IMAP CRAM-MD5 authentication test 2013-11-10 16:42:21 +00:00
Steve Holme
ac05c80f19 test819: Fixed expected authentication text from commit 76f924131c 2013-11-10 16:24:38 +00:00
Steve Holme
460adfef93 ftpserver.pl: Reworked custom reply handling code
1) To fix issues with IMAP custom replies
2) So initial space is not required in IMAP display text
3) To be more readable and understandable
2013-11-10 15:18:04 +00:00
Steve Holme
c876f6ae6d ftpserver.pl: Reworked unrecognised command responses
As the IMAP regex could fail and $1 would not contain the command id
updated the unrecognised command response to be more generic and
realistic (like those used in the command handlers).

Additionally updated the POP3, SMTP and FTP responses.
2013-11-10 10:20:50 +00:00
Steve Holme
f49276bfcb ftpserver.pl: Fixed processing of IMAP authentication strings 2013-11-10 10:08:32 +00:00
Daniel Stenberg
d08ee3c83d cmake: fix Windows build with IPv6 support
Patch-by: "Z98"
2013-11-09 00:07:32 +01:00
Steve Holme
cf7008670b Revert "ftpserver.pl: Corrected logic from commit 27b7b1062f9d97"
This reverts commit 558034ab70 as it appears to break the auto
builds. More thought is required for this!
2013-11-06 12:31:46 +00:00
Steve Holme
558034ab70 ftpserver.pl: Corrected logic from commit 27b7b1062f 2013-11-06 09:52:24 +00:00
Steve Holme
27b7b1062f ftpserver.pl: Fixed IMAP cmdid being sent on custom responses 2013-11-06 07:19:01 +00:00
Steve Holme
af82661dbd tests: Added IMAP login authentication test 2013-11-05 23:48:16 +00:00
Steve Holme
76f924131c tests: Added IMAP plain authentication test 2013-11-05 23:48:01 +00:00
Steve Holme
98a5fdaf29 url.c: Very small amount of policing 2013-11-05 23:30:12 +00:00
Björn Stenberg
1ea05be46d url.c: Remove superfluous for loop
The reason for this loop's existence was removed in commit
02fbc26d59.
2013-11-05 23:15:33 +00:00
Daniel Stenberg
c9d8c00a41 KNOWN_BUGS: STARTTRANSFER for POST requests
added 85. Wrong STARTTRANSFER timer accounting for POST requests
2013-11-05 10:21:30 +01:00
Daniel Stenberg
5aa290f0f2 Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string
Our own printf() replacement clearly can't properly handle %.*s with a
string that isn't zero terminated. Instead of fixing the printf code or
even figuring out what the proper posix behavior is, I reverted this
piece of the code back to the previous version where it does malloc +
memcpy instead.

Regression added in e839446c2a, released in curl 7.32.0.

Reported-by: Felix Yan
Bug: http://curl.haxx.se/bug/view.cgi?id=1295
2013-11-05 09:59:19 +01:00
Steve Holme
f0831f7931 RELEASE-NOTES: Synced with 7fc3b2ce38 2013-11-05 07:17:24 +00:00
Steve Holme
7fc3b2ce38 connect.h: Updated copyright year for last edit 2013-11-05 07:15:01 +00:00
Björn Stenberg
02fbc26d59 connect: Add connection delay to Happy Eyeballs.
This patch adds a 200ms delay between the first and second address
family socket connection attempts.

It also iterates over IP addresses in the order returned by the
system, meaning most dual-stack systems will try IPv6 first.

Additionally, it refactors the connect code, removing most code that
handled synchronous connects. Since all sockets are now non-blocking,
the logic can be made simpler.
2013-11-04 22:38:19 +01:00
Steve Holme
0074c9f5d1 winbind: Fixed ntlm_auth expecting eol following commit e17c1b25bc 2013-11-04 20:12:22 +00:00
Steve Holme
90acbfd52e nss.c: Fixed compilation warnings (Take Two)
nss.c:702: warning: pointer targets in passing argument 3 of
'Curl_extract_certinfo' differ in signedness

nss.c:702: warning: pointer targets in passing argument 4 of
'Curl_extract_certinfo' differ in signedness

Made sure the cast was correctly "unsigned char *" to "char *" and not
"unsigned char *" to "unsigned char *".
2013-11-04 14:17:11 +00:00
Steve Holme
989b28fe97 nss.c: Fixed compilation warnings
nss.c:700: warning: pointer targets in passing argument 3 of
'Curl_extract_certinfo' differ in signedness

nss.c:700: warning: pointer targets in passing argument 4 of
'Curl_extract_certinfo' differ in signedness
2013-11-04 00:38:58 +00:00
Steve Holme
aa61e14dc1 tests: Added test for IMAP NOOP command 2013-11-03 21:36:46 +00:00
Steve Holme
a84a09ad0b tests: Added test for IMAP COPY command 2013-11-03 21:36:11 +00:00
Steve Holme
66b8557aff tests: Disable IMAP CLOSE and EXPUNGE command tests
This is temporary until curl supports either multiple custom commands
or post-quote commands in IMAP.
2013-11-03 20:39:21 +00:00
Steve Holme
63cac69c2a tests: Added tests for IMAP CLOSE and EXPUNGE commands 2013-11-03 20:37:34 +00:00
Steve Holme
f77d9b6584 connect.c: Code policing on commit 5094bb53f4
No need for a rhs condition on a bitwise compare.
2013-11-03 19:53:58 +00:00
Steve Holme
2736b27df7 nss.c: Fixed compilation warnings
warning: implicit declaration of function 'Curl_extract_certinfo'
2013-11-03 16:36:51 +00:00
Steve Holme
297644fa70 x509asn1.c: Fixed compilation warnings
warning: declaration of 'chsize' shadows a global declaration
2013-11-03 16:24:17 +00:00
Steve Holme
0177f28c51 DOCS: Expanded --request description to include POP3 and IMAP details 2013-11-03 14:39:10 +00:00
Steve Holme
732d10ed6c tool_help: Updated --list-only description to include POP3 2013-11-03 13:55:22 +00:00
Steve Holme
526a1c3b45 DOCS: Updated --list-only description to include POP3
Additionally corrected typos in --oauth2-bearer protocol list.
2013-11-03 13:54:49 +00:00
Steve Holme
5b315a273e base64: Fixed compilation warnings when using Curl_base64_decode()
curl_sasl.c:294: warning: dereferencing type-punned pointer will break
strict-aliasing rules

getpart.c:201: warning: dereferencing type-punned pointer will break
strict-aliasing rules
2013-11-03 12:25:07 +00:00
Steve Holme
5094bb53f4 connect: Fixed "Whut?" no server connection failures
Introduced in commit 7d7df83198 curl would loop displaying "Whut?"
if it was trying to connect to an address and port that didn't have
anything listening on it.
2013-11-03 11:27:12 +00:00
Steve Holme
052f24c9b7 http: Post base64 decoding tidy up
Renamed copy_header_value() to Curl_copy_header_value() as this
function is now non static.

Simplified proxy flag in Curl_http_input_auth() when calling
sub-functions.

Removed unnecessary white space removal when using negotiate as it had
been missed in commit cdccb42267.
2013-11-03 10:17:26 +00:00
Daniel Stenberg
bce03fe144 glob_range: pass the closing bracket for a-z ranges
Regression since commit 5ca96cb844 (release in 7.33.0)

Reported-by: Marcin Gryszkalis
2013-11-03 10:08:10 +01:00
Steve Holme
9a1755264f getpart: Fixed base64 encoded parts following commit e17c1b25bc 2013-11-02 17:00:00 +00:00
Steve Holme
3b59696a93 http: Added proxy tunnel authentication message header value extraction
...following recent changes to Curl_base64_decode() rather than trying
to parse a header line for the authentication mechanisms which is CRLF
terminated and inline zero terminate it.
2013-11-02 11:18:39 +00:00
Steve Holme
cdccb42267 http: Added authentication message header value extraction
...following recent changes to Curl_base64_decode() rather than trying
to parse a header line for the authentication mechanisms which is CRLF
terminated and inline zero terminate it.
2013-10-31 19:15:33 +00:00
Daniel Stenberg
753d44fa00 curl_multi_wait: accept 0 from multi_timeout() as valid timeout
The code rejected 0 as a valid timeout while in fact the function could
indeed legitimately return that and it should be respected.

Reported-by: Bjorn Stenberg
2013-10-30 23:48:08 +01:00
Steve Holme
cfdfdcdd9d email: Corrected a couple of typos from commit aa0eaef483 2013-10-30 21:25:15 +00:00
Steve Holme
e232f5f3f9 TODO: Removed the 'Graceful base64 decoding failure' sections
Updated following the recent changes to support graceful failures
during the authentication phrase.
2013-10-30 21:01:26 +00:00
Steve Holme
43400b4086 email: Post graceful SASL authentication cancellation tidy up 2013-10-30 20:58:24 +00:00
Kamil Dudka
8179354c2f tests: use proper padding in NTLM responses 2013-10-30 20:38:01 +00:00
Patrick Monnerat
f6c335d63f NSS: support for CERTINFO feature 2013-10-30 11:12:06 +01:00
Daniel Stenberg
2bd72fa61c base64: removed trailing white space
and updated copyright year
2013-10-30 09:11:10 +01:00
Steve Holme
e17c1b25bc base64: Added basic validation to base64 input string when decoding
A base64 string should be a multiple of 4 characters in length, not
contain any more than 2 padding characters and only contain padding
characters at the end of string. For example: Y3VybA==

Strings such as the following are considered invalid:

Y=   - Invalid length
Y==  - Invalid length
Y=== - More than two padding characters
Y=x= - Padding character contained within string
2013-10-30 07:31:22 +00:00
Daniel Stenberg
7d1eb66cd7 RELEASE-NOTES: synced with 255826c40f 2013-10-29 23:06:04 +01:00
Björn Stenberg
255826c40f bugfix: Don't block waiting for socket1 connect.
This patch fixes a bug in Happy Eyeballs where curl would wait for a
connect response from socket1 before checking socket2.

Also, it updates error messages for failed connections, showing the ip
addresses that failed rather than just the host name repeatedly.

Bug: http://curl.haxx.se/mail/lib-2013-10/0236.html
Reported-by: Paul Marks
2013-10-29 22:52:07 +01:00
Steve Holme
1d0eead969 sasl: Updated create_digest_md5_message() to use a dynamic buffer 2013-10-28 23:48:53 +00:00
Daniel Stenberg
8005e58983 SECURITY: "curl security for developers"
Describes our security process from a project and curl developer's
perspective.
2013-10-28 23:19:55 +01:00
Patrick Monnerat
5d415815df OS400: coding style standards 2013-10-28 12:00:22 +01:00
Steve Holme
f68559c086 email: Added support for cancelling NTLM authentication 2013-10-27 22:25:18 +00:00
Steve Holme
08f97f3b1d sasl: Removed unused variables from commit b87ba2c942 2013-10-27 17:04:56 +00:00
Steve Holme
b87ba2c942 email: Added support for cancelling DIGEST-MD5 authentication 2013-10-27 16:27:38 +00:00
Steve Holme
e7a2ba41e3 email: Corrected a couple of typos from 1e39b95682 2013-10-27 16:24:03 +00:00
Gisle Vanem
6fe619be7a docs/examples/httpput.c: fix build for MSVC
"Dan Fandrich" <dan@coneharvesters.com> wrote:

>> But I'm not sure <unistd.h> is needed at all.
>
> It's needed for close(2). But the only reason that's needed is because fstat
> is used instead of stat(2); if you fix that, then you could remove that
> include altogether.

Okay. I've tested the following with MSVC and MingW. htttput.c now
simply uses stat():
2013-10-27 15:48:57 +01:00
Steve Holme
1e39b95682 email: Added support for canceling CRAM-MD5 authentication 2013-10-27 12:42:30 +00:00
Björn Stenberg
8230af0b94 Typo fix in trynextip(). 2013-10-27 12:49:12 +01:00
Daniel Stenberg
1709e5e966 TODO: remove "Happy Eyeball dual stack connect"
... as it was just merged in commit 7d7df
2013-10-27 11:34:09 +01:00
Björn Stenberg
7d7df83198 Add "Happy Eyeballs" for IPv4/IPv6.
This patch invokes two socket connect()s nearly simultaneously, and
the socket that is first connected "wins" and is subsequently used for
the connection. The other is terminated.

There is a very slight IPv4 preference, in that if both sockets connect
simultaneously IPv4 is checked first and thus will win.
2013-10-27 11:19:53 +01:00
Steve Holme
7de4cc35f8 email: Added initial support for cancelling authentication
Should a client application fail to decode an authentication message
received from a server, or not support any of the parameters given by
the server in the message, then the authentication phrase should be
cancelled gracefully by the client rather than simply terminating the
connection.

The authentication phrase should be cancelled by simply sending a '*'
to the server, in response to erroneous data being received, as per
RFC-3501, RFC-4954 and RFC-5034.

This patch adds the necessary state machine constants and appropriate
response handlers in order to add this functionality for the CRAM-MD5,
DIGEST-MD5 and NTLM authentication mechanisms.
2013-10-27 09:17:03 +00:00
Steve Holme
aa0eaef483 email: Moved authentication message parsing into a separate function
...in preparation for upcoming modifications.
2013-10-27 09:04:59 +00:00
Steve Holme
9f503a254b ftp: Fixed compiler warning
warning: 'result' may be used uninitialized in this function
2013-10-27 00:00:01 +01:00
Daniel Stenberg
d44b014271 FTP: make the data connection work when going through proxy
This is a regression since the switch to always-multi internally
c43127414d.

Test 1316 was modified since we now clearly call the Curl_client_write()
function when doing the LIST transfer part and then the
handler->protocol says FTP and ftpc.transfertype is 'A' which implies
text converting even though that the response is initially a HTTP
CONNECT response in this case.
2013-10-26 23:33:06 +02:00
Steve Holme
469b423350 tool_help: Added login options to --user description 2013-10-26 20:11:48 +01:00
Steve Holme
0adad07690 email: Added references to SASL LOGIN authentication draft proposal 2013-10-26 14:35:27 +01:00
Steve Holme
e4670a1029 tests: Tidy up of SMTP and POP3 tests
Corrected line endings, RFC references and standardised on user names
and passwords used in the tests.
2013-10-26 13:50:08 +01:00
Steve Holme
1f0e50f2b9 tool_help: Added clarity to the --oauth2-bearer option
...as XOAUTH2 is the extended (or non-standard) SASL identifier and
OAuth 2 is the protocol name (and version).
2013-10-26 13:01:33 +01:00
Steve Holme
2766262a68 smtp: Fixed response code parsing for bad AUTH continuation responses
This workaround had been previously been implemented for IMAP and POP3
but not SMTP. Some of the recent test case additions implemented this
behaviour to emulate a bad server and the SMTP code didn't cope with it.
2013-10-26 11:09:31 +01:00
Steve Holme
bdb1f0e53d gskit.c: Code policing following commit 2cc9246477
Corrected 80 character line length error and pointer declarations (some
of which were previously incorrect)
2013-10-26 00:57:45 +01:00
Steve Holme
6e3613e6e6 test907: Corrected DIGEST-MD5 response given in commit 820ed48a00
As the URI, which is contained within the DIGEST-MD5 response, is
constructed from the service and realm, the encoded message differs
from that generated under POP3.
2013-10-26 00:24:45 +01:00
Steve Holme
1cb5150dba RELEASE-NOTES: Synced with d24b7953c2 2013-10-25 20:01:25 +01:00
Steve Holme
d24b7953c2 tests: Added SMTP OAUTH2 authentication with initial response test 2013-10-25 19:44:03 +01:00
Steve Holme
13db74ffc3 tests: Added SMTP NTLM authentication with initial response test 2013-10-25 19:40:23 +01:00
Steve Holme
98905aa2c5 tests: Added SMTP OAUTH2 authentication test 2013-10-25 19:34:05 +01:00
Steve Holme
820ed48a00 tests: Added SMTP DIGEST-MD5 authentication test 2013-10-25 19:31:51 +01:00
Steve Holme
973cc22529 tests: Regrouped SMTP authentication tests 2013-10-25 19:30:52 +01:00
Patrick Monnerat
2cc9246477 OS400: sync RPG wrapper, zlib support, fix header file names, ...
IFS compilation support, SSL GSKit backend by default, TLSv1.[12] support in
  GSKit for OS400 >= V7R1, no more tabs in make scripts.
2013-10-25 18:37:37 +02:00
Steve Holme
650036633f sasl: Fixed memory leak in OAUTH2 message creation 2013-10-24 00:16:59 +01:00
Steve Holme
78aee26be6 ftpserver.pl: Added support for empty pop3 authentication data 2013-10-23 22:19:42 +01:00
Daniel Stenberg
947d431d50 CURLOPT_RESOLVE: mention they don't time-out
Clarify in the documentation that DNS entries added with CURLOPT_RESOLVE
won't time-out.

Bug: http://curl.haxx.se/mail/lib-2013-10/0062.html
Reported-by: Romulo Ceccon
2013-10-23 23:15:36 +02:00
Steve Holme
58bd0148fb tests: Added POP3 OAUTH2 authentication test 2013-10-23 22:12:04 +01:00
Steve Holme
ca5c5be3e4 tests: Added empty response support to custom replies
...and fixed up test869 as DIGEST-MD transcript is as follows:

S: Challenge
C: Authentication String
S: Continue Response
C: Empty String
2013-10-23 22:05:22 +01:00
Daniel Stenberg
9bd37a6d27 sasl: fix compiler warning
error: unused variable 'table16'
2013-10-23 22:28:13 +02:00
Steve Holme
1be69159f3 tests: Added POP3 DIGEST-MD5 authentication test 2013-10-23 18:30:00 +01:00
Daniel Stenberg
a3da0a96e3 configure: check for long long when building with cyassl
cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG

Reported-by: Chris Conlon
2013-10-22 22:55:48 +02:00
Daniel Stenberg
626f8a85f0 test1240: verify 867b52a7ac (glob ranges with text to the right) 2013-10-22 00:10:16 +02:00
Daniel Stenberg
867b52a7ac glob: fix regression from commit 5ca96cb844
Plain strings after glob ranges/lists weren't treated correctly but
caused broken URLs to get used.

Reported-by: Javier Barroso
2013-10-22 00:01:17 +02:00
Rémy Léone
be31924f8c Adding a .travis.yml file to use the travis-ci.org
From wikipedia:

Travis CI is a hosted, distributed continuous integration service used
to build and test projects hosted at GitHub.

Travis CI is configured by adding a file named .travis.yml, which is a
YAML format text file, to the root directory of the GitHub repository.

Travis CI automatically detects when a commit has been made and pushed
to a GitHub repository that is using Travis CI, and each time this
happens, it will try to build the project and run tests. This includes
commits to all branches, not just to the master branch. When that
process has completed, it will notify a developer in the way it has been
configured to do so — for example, by sending an email containing the
test results (showing success or failure), or by posting a message on an
IRC channel. It can be configured to run the tests on a range of
different machines, with different software installed (such as older
versions of a programming language, to test for compatibility).
2013-10-21 23:15:16 +02:00
Kamil Dudka
f70b2c77f4 ssh: initialize per-handle data in ssh_connect()
... if not already initialized.  This fixes a regression introduced by
commit 4ad8e142da, which caused test619
to intermittently fail on certain machines (namely Fedora build hosts).
2013-10-21 19:00:06 +02:00
Gisle Vanem
ae495ffcc3 curl.1: add missing exit-code
I noted a missing text for exit-code 89 in docs/curl.1
2013-10-20 23:57:24 +02:00
Daniel Stenberg
0fdfe82c6a cmake: unbreak for non-Windows platforms
Patch-by: Oliver Kuckertz
Bug: http://curl.haxx.se/bug/view.cgi?id=1292
2013-10-20 17:12:56 +02:00
Steve Holme
dead10b1b8 ftpserver.pl: Fixed syntax error from commit 5b31b38c27 2013-10-20 00:30:03 +01:00
Steve Holme
41d820d2c3 test866: Fixed user response from commit 7f7fbe7fbd 2013-10-19 21:43:20 +01:00
Steve Holme
5b31b38c27 ftpserver.pl: Fixed processing of POP3 authentication strings
...and corrected response when check fails from 500 to -ERR.
2013-10-19 20:39:18 +01:00
Steve Holme
39f4e4fafa tests: Added POP3 NTLM authentication test 2013-10-19 13:17:25 +01:00
Steve Holme
587811c0a6 tests: Added POP3 CRAM-MD5 authentication test 2013-10-19 12:57:25 +01:00
Steve Holme
7f7fbe7fbd tests: Added POP3 login authentication test 2013-10-19 12:42:25 +01:00
Steve Holme
9b1eb2b421 tests: Added POP3 plain authentication test 2013-10-19 12:31:55 +01:00
Steve Holme
1034aa6680 tests: Added POP3 APOP authentication test 2013-10-19 12:20:00 +01:00
Steve Holme
4be0af7f74 ftpserver.pl: Added support for APOP POP3 authentication 2013-10-19 10:38:19 +01:00
Steve Holme
72f850571d tests: Added POP3 RSET test 2013-10-19 00:10:29 +01:00
Steve Holme
e179d0eb12 RELEASE-NOTES: Synced with ce61510127 2013-10-18 19:54:30 +01:00
Steve Holme
ce61510127 email: Fixed QUIT / LOGOUT being sent when SSL connect fails 2013-10-18 19:28:20 +01:00
Kamil Dudka
86c64f3daf curl_sasl: initialize NSS before using crypto 2013-10-18 15:37:18 +02:00
Steve Holme
65e556d0ce SSL: Follow up work to commits 6a1363128f and 87861c9b0e
Changed the failure code when TLS v1.1 and v1.2 is requested but not
supported by older OpenSSL versions, following review from libcurl
peers, and reduced the number of required preprocessor if statements.
2013-10-17 19:57:26 +01:00
Steve Holme
6a1363128f SSL: Added unsupported cipher version check for OpenSSL
...with the use of CURL_SSLVERSION_TLSv1_1 and CURL_SSLVERSION_TLSv1_2
being conditional on OpenSSL v1.0.1 as the appropriate flags are not
supported under earlier versions.
2013-10-16 20:48:24 +01:00
Steve Holme
75b9b26465 DOCS: Added libcurl version number to CURLOPT_SSLVERSION 2013-10-16 20:18:18 +01:00
Steve Holme
2c84ffe154 SSL: Corrected version number for new symbols from commit ad34a2d5c8 2013-10-16 20:06:23 +01:00
Steve Holme
e7452415c5 SSL: Corrected typo from commit 87861c9b0e 2013-10-16 00:57:01 +01:00
Steve Holme
87861c9b0e SSL: Fixed OpenSSL builds prior to v1.0.1
Commit ad34a2d5c8 relies on definitions that are only present in
OpenSSL v1.0.1 and up. This quick fix allows the builds that use
older versions of OpenSSL to continue building.
2013-10-16 00:49:23 +01:00
Steve Holme
4d49ffe165 test906: Fixed failing test on some platforms
Bug: http://sourceforge.net/p/curl/bugs/1291
Reported-by: David Walser
2013-10-15 21:31:14 +01:00
Paul Donohue
f63603dec4 NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option 2013-10-15 21:50:22 +02:00
Tyler Hall
0218a737fe ssh: Handle successful SSH_USERAUTH_NONE
According to the documentation for libssh2_userauth_list(), a NULL
return value is not necessarily an error. You must call
libssh2_userauth_authenticated() to determine if the SSH_USERAUTH_NONE
request was successful.

This fixes a segv when using sftp on a server that allows logins with an
empty password. When NULL was interpreted as an error, it would
free the session but not flag an error since the libssh2 errno would be
clear. This resulted in dereferencing a NULL session pointer.

Signed-off-by: Tyler Hall <tylerwhall@gmail.com>
2013-10-15 20:53:09 +02:00
Ishan SinghLevett
18ca0aa984 usercertinmem: fix memory leaks 2013-10-15 20:48:22 +02:00
Dave Reisner
c4e6c33b13 build: distribute and install libcurl.m4 by default 2013-10-15 20:43:39 +02:00
Dave Reisner
d774802eec tool: use XFERFUNCTION to save some casts 2013-10-15 20:42:05 +02:00
Alessandro Ghedini
69c0d3fbc8 curl.1: fix typo conjuction -> conjunction 2013-10-15 20:37:13 +02:00
Daniel Stenberg
076726f141 curl: document the new --tlsv1.[012] options 2013-10-15 20:31:04 +02:00
Gergely Nagy
ad34a2d5c8 SSL: protocol version can be specified more precisely
CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1,
CURL_SSLVERSION_TLSv1_2 enum values are added to force exact TLS version
(CURL_SSLVERSION_TLSv1 means TLS 1.x).

axTLS:
axTLS only supports TLS 1.0 and 1.1 but it cannot be set that only one
of these should be used, so we don't allow the new enum values.

darwinssl:
Added support for the new enum values.

SChannel:
Added support for the new enum values.

CyaSSL:
Added support for the new enum values.
Bug: The original CURL_SSLVERSION_TLSv1 value enables only TLS 1.0 (it
did the same before this commit), because CyaSSL cannot be configured to
use TLS 1.0-1.2.

GSKit:
GSKit doesn't seem to support TLS 1.1 and TLS 1.2, so we do not allow
those values.
Bugfix: There was a typo that caused wrong SSL versions to be passed to
GSKit.

NSS:
TLS minor version cannot be set, so we don't allow the new enum values.

QsoSSL:
TLS minor version cannot be set, so we don't allow the new enum values.

OpenSSL:
Added support for the new enum values.
Bugfix: The original CURL_SSLVERSION_TLSv1 value enabled only TLS 1.0,
now it enables 1.0-1.2.

Command-line tool:
Added command line options for the new values.
2013-10-15 20:26:47 +02:00
Nick Zitzmann
31e106c01c darwinssl: un-break iOS build after PKCS#12 feature added
SecPKCS12Import() returns a few errors that are enumerated in OS X's
headers but not in iOS' headers for some reason.
2013-10-14 18:03:32 -05:00
Daniel Stenberg
1dcc433661 bump: start working on 7.33.1 2013-10-14 23:11:20 +02:00
Daniel Stenberg
a106abee62 THANKS: added contributors from the 7.33.0 announcement 2013-10-14 23:10:35 +02:00
Daniel Stenberg
f77e89c5d2 RELEASE-NOTES: synced with 92cf6141ed 2013-10-13 23:24:21 +02:00
Daniel Stenberg
92cf6141ed curl: fix --oauth2-bearer in the --help output
After the option rename in 5df04bfafd
2013-10-13 23:21:12 +02:00
Daniel Stenberg
cf12d5b62f OpenSSL: improve the grammar of the language in 39beaa5ffb
Reported-by: Petr Pisar
2013-10-13 23:08:12 +02:00
Andrej E Baranov
39beaa5ffb OpenSSL: use failf() when subjectAltName mismatches
Write to CURLOPT_ERRORBUFFER information about mismatch alternative
certificate subject names.

Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru>
2013-10-13 19:12:58 +02:00
Daniel Stenberg
5df04bfafd curl: rename --bearer to --oauth2-bearer
The option '--bearer' might be slightly ambiguous in name. It doesn't
create any conflict that I am aware of at the moment, however, OAUTH v2
is not the only authentication mechanism which uses "bearer" tokens.

Reported-by: Kyle L. Huff
URL: http://curl.haxx.se/mail/lib-2013-10/0064.html
2013-10-12 23:26:38 +02:00
Kamil Dudka
d015f4ccac ssh: improve the logic for detecting blocking direction
This fixes a regression introduced by commit 0feeab78 limiting the speed
of SCP upload to 16384 B/s on a fast connection (such as localhost).
2013-10-12 23:03:28 +02:00
Dan Fandrich
143d7c13d8 Fixed typo in Makefile.inc that left http2.h out of the tar ball 2013-10-12 21:09:17 +02:00
Heinrich Schaefer
9b33ecfd01 minor fix in doc 2013-10-11 11:57:26 +02:00
Gisle Vanem
ca1b34b887 curl_setup_once: fix errno access for lwip on Windows
lib/curl_setup_once.h assumed lwIP on Windows uses 'SetLastError()' to
set network errors. It doesn't; it uses 'errno'.
2013-10-09 14:45:42 +02:00
Daniel Stenberg
f0f95c97f7 test1239: verify 4cd444e01a and the simulated 304 response 2013-10-07 14:42:21 +02:00
Derek Higgins
4cd444e01a HTTP: Output http response 304 when modified time is too old
When using the -w '%{http_code}' flag and simulating a Not Modified then
304 should be output.
2013-10-07 14:16:39 +02:00
Daniel Stenberg
8264478490 contributors: helper script to dig out contributors from git 2013-10-07 09:47:03 +02:00
Daniel Stenberg
b46491900d RELEASE-NOTES: add twos refs to bug reports 2013-10-07 00:10:59 +02:00
Daniel Stenberg
725288bf2f RELEASE-NOTES: synced with 173160c0d0 2013-10-06 23:36:21 +02:00
Nick Zitzmann
173160c0d0 darwinssl: block TLS_RSA_WITH_NULL_SHA256 cipher
Credit (for catching a cipher I forgot to add to the blocked ciphers list):
https://www.ssllabs.com/ssltest/viewMyClient.html
2013-10-02 21:19:28 -05:00
Daniel Stenberg
3c3622b662 OpenSSL: acknowledge CURLOPT_SSL_VERIFYHOST without VERIFYPEER
Setting only CURLOPT_SSL_VERIFYHOST without CURLOPT_SSL_VERIFYPEER set
should still verify that the host name fields in the server certificate
is fine or return failure.

Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html
Reported-by: Ishan SinghLevett
2013-10-02 15:40:02 +02:00
Daniel Stenberg
a22c478ed7 KNOWN_BUGS: #84: CURLINFO_SSL_VERIFYRESULT
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends and not for any other!
2013-10-02 15:39:47 +02:00
François Charlier
3d43a48781 xattr: add support for FreeBSD xattr API 2013-10-01 22:53:47 +02:00
Daniel Stenberg
c8b05b809e curl_easy_setopt.3: slight clarification of SEEKFUNCTION 2013-09-30 14:58:06 +02:00
Steve Holme
ca995010d0 tests: Fixed typos from commit 25a0c96a49 2013-09-29 20:32:23 +01:00
Steve Holme
25a0c96a49 tests: Updated email addresses in SMTP tests following recent changes 2013-09-29 16:48:02 +01:00
Steve Holme
a8b606b1a6 test909: Removed custom EHLO response after recent changes
...as it is no longer required following capability and authentication
changes and is now causing problems following commit 49341628b5 as
the test number is obtained from the client address in the EHLO.
2013-09-29 16:25:11 +01:00
Steve Holme
20a99a45c0 ftpserver.pl: Fixed compilation error from commit 49341628b5 2013-09-29 13:13:13 +01:00
Steve Holme
49341628b5 ftpserver.pl: Moved specifying the test number from the RCPT address
...to the client address as this frees the RCPT strings to contain
just an email address and by passing the test number into curl as the
client address remains consistent with POP3 and IMAP tests as they are
specified in the URL.
2013-09-29 10:02:00 +01:00
Steve Holme
ab7e6afd44 ftpserver.pl: Added unwanted argument check to SMTP DATA command handler 2013-09-29 09:25:23 +01:00
Daniel Stenberg
4d7bf73fc3 getinmemory: remove a comment
The comment mentioned the need to free the data, but the example already
does that free
2013-09-29 00:16:21 +02:00
Daniel Stenberg
3c34f453fa postinmemory: new example
This is similar to getinmemory.c but with an initial POST.

Combined-by: Ulf Samuelsson
2013-09-29 00:12:30 +02:00
Daniel Stenberg
d5f687ed8f win32: fix Visual Studio 2010 build with WINVER >= 0x600
If no WINVER and/or _WIN32_IWNNT define was set, the Windows platform
SDK often defaults to high value, e.g. 0x601 (whoch may probably depend
on the Windows version being used, in my case Windows 7).

If WINVER >= 0x600 then winsock2.h includes some defines for WSAPoll(),
e.g. POLLIN, POLLPRI, POLLOUT etc. These defines clash with cURL's
lib/select.h.

Make sure HAVE_STRUCT_POLLFD is defined then.

Bug: http://curl.haxx.se/bug/view.cgi?id=1282
Reported-by: "kdekker"
Patch-by: Marcel Raad
2013-09-28 23:18:19 +02:00
Steve Holme
a377fab015 ssluse.c: Fixed compilation warnings when ENGINE not supported
The function "ssl_ui_reader" was declared but never referenced
The function "ssl_ui_writer" was declared but never referenced
2013-09-28 17:24:22 +01:00
Daniel Stenberg
092f33d6bf configure: use icc options without space
The latest version(s) of the icc compiler no longer accept the extra
space in the -we (warning enable), -wd (warning disable), etc.

Reported-by: Elmira A Semenova
Bug: http://curl.haxx.se/mail/lib-2013-09/0182.html
2013-09-27 10:57:20 +02:00
Steve Holme
09a13a1c01 imap: Added clarification to the code about odd continuation responses 2013-09-25 17:44:51 +01:00
Steve Holme
30a09783b2 ftp.c: Fixed compilation warning
There is an implicit conversion from "unsigned long" to "long"
2013-09-25 07:09:41 +01:00
Steve Holme
733a4419d0 sasl: Centralised the authentication mechanism strings
Moved the standard SASL mechanism strings into curl_sasl.h rather than
hard coding the same values over and over again in the protocols that
use SASL authentication.

For more information about the mechanism strings see:

http://www.iana.org/assignments/sasl-mechanisms
2013-09-24 20:12:50 +01:00
Daniel Stenberg
77dc4ba877 RELEASE-NOTES: added recent contributors missing 2013-09-23 23:23:51 +02:00
Steve Holme
14d8209adc test906: Fixed type-2 response 2013-09-23 07:10:25 +01:00
Steve Holme
a942d8ff5b test915: Corrected test number from commit 22bccb0eda 2013-09-23 00:19:56 +01:00
Steve Holme
1695c67818 test906: Fixed type-1 message not handled error
...from commit f81d1e1666 due to copy paste error.
2013-09-23 00:15:37 +01:00
Steve Holme
f81d1e1666 tests: Added SMTP AUTH NTLM test 2013-09-22 20:53:29 +01:00
Steve Holme
b71ed1fb3d tests: Added SMTP multiple and invalid --mail-rcpt test 2013-09-22 20:25:32 +01:00
Steve Holme
86ccfaa3fd tests: Added SMTP multiple --mail-rcpt test 2013-09-22 20:23:27 +01:00
Steve Holme
3b69462fc0 tests: Added SMTP invalid --mail-rcpt test 2013-09-22 20:12:20 +01:00
Steve Holme
22bccb0eda tests: Regrouping of SMTP tests 2013-09-22 20:09:57 +01:00
Benoit Sigoure
4f591b9148 test1112: Increase the timeout from 7s to 16s
As someone reported on the mailing list a while back, the hard-coded
arbitrary timeout of 7s in test 1112 is not sufficient in some build
environments. At Arista Networks we build and test curl as part of our
automated build system, and we've run into this timeout 170 times so
far. Our build servers are typically quite busy building and testing a
lot of code in parallel, so despite being beefy machines with 32 cores
and 128GB of RAM we still hit this 7s timeout regularly.

URL: http://curl.haxx.se/mail/lib-2010-02/0200.html
2013-09-22 18:23:09 +02:00
Steve Holme
52cefc8cd7 tests: Fixed smtp rcpt to addresses 2013-09-22 15:14:26 +01:00
Steve Holme
8880f84e1a ftpserver.pl: Expanded the SMTP RCPT handler to validate TO addresses
RCPT_smtp() will now check for a correctly formatted TO address which
allows for invalid recipient addresses to be added.
2013-09-22 15:05:43 +01:00
Steve Holme
9d4a8c7936 ftpserver.pl: Added cURL SMTP server detection to HELO command handler
As curl will send a HELO command after an negative EHLO response, added
the same detection from commit b07709f741 to the HELO handler to
ensure the test server is identified correctly and an upload isn't
performed.
2013-09-22 13:21:15 +01:00
Steve Holme
fd8dc21fd0 ftpserver.pl: Corrected response code for successful RCPT command 2013-09-22 12:59:28 +01:00
Steve Holme
8ec6486d05 ftpserver.pl: Moved invalid RCPT TO: address detection to RCPT handler
Rather than detecting the TO address as missing in the DATA handler,
moved the detection to the RCPT command handler where an error response
can be generated.
2013-09-22 11:03:18 +01:00
Steve Holme
59c1743c78 RELEASE-NOTES: Corrected missed addition
Somehow commit 60a2046162 missed the last item in the sync list
even though I'm sure I added it during editing.
2013-09-21 22:28:07 +01:00
Steve Holme
60a2046162 RELEASE-NOTES: Synced with 6dd8bd8d2f 2013-09-21 22:20:40 +01:00
Steve Holme
6dd8bd8d2f curl.1: Added information about optional login options to --user in manpage
Added missing information, from curl 7.31.0, regarding the use of the
optional login options that may be specified as part of --user.

For example:

--user 'user:password;auth=NTLM' in IMAP, POP3 and SMTP protocols.
2013-09-21 22:05:12 +01:00
Steve Holme
b07709f741 ftpserver.pl: Moved cURL SMTP server detection into EHLO command handler
Moved the special SMTP server detection code from the DATA command
handler, which happens further down the operation chain after EHLO,
MAIL and RCPT commands, to the EHLO command as it is the first command
to be generated by a SMTP operation as well as containing the special
"verifiedserver" string from the URL.

This not only makes it easier and quicker to detect but also means that
cURL doesn't need to specify "verifiedserver" as --mail-from and
--mail-rcpt arguments.

More importantly, this also makes the upcoming verification changes to
the RCPT handler easier to implement.
2013-09-21 20:49:23 +01:00
Daniel Stenberg
9215cee4c6 openssl: use correct port number in error message
In ossl_connect_step2() when the "Unknown SSL protocol error" occurs, it
would output the local port number instead of the remote one which
showed when doing SSL over a proxy (but with the correct remote host
name). As libcurl only speaks SSL to the remote we know it is the remote
port.

Bug: http://curl.haxx.se/bug/view.cgi?id=1281
Reported-by: Gordon Marler
2013-09-21 21:01:00 +02:00
Daniel Stenberg
34df869f99 test1415: adjusted to work for 32bit time_t
The libcurl date parser returns INT_MAX for all dates > 2037 so this
test is now made to use 2037 instead of 2038 to work the same for both
32bit and 64bit time_t systems.
2013-09-21 13:46:42 -05:00
Steve Holme
3f04d48495 tests: Reworked existing SMTP tests to be single recipient based
...in preparation of upcoming multiple recipient tests.
2013-09-21 19:44:09 +01:00
Steve Holme
517b8e2290 ftpserver.pl: Corrected SMTP QUIT response to be more realistic 2013-09-20 23:08:28 +01:00
Daniel Stenberg
af44da38d6 curl_easy_setopt.3: clarify that TIMEOUT and TIMEOUT_MS set the same value 2013-09-20 23:16:04 +02:00
Kim Vandry
fcfa26a7ee Documented --dns-* options in curl manpage 2013-09-20 23:09:39 +02:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Steve Holme
0e188e2dc3 curl: Added clarification to the --mail options in the --help output
... that these options apply to SMTP only.
2013-09-20 21:35:44 +01:00
Steve Holme
eecb0e969f ftpserver.pl: Moved SMTP RCPT response text into command handler 2013-09-20 21:25:48 +01:00
Steve Holme
bd7d56ec71 tests: Added SMTP invalid --mail-from test 2013-09-20 07:09:39 +01:00
Nick Zitzmann
6f78aaad6f darwinssl: enable BEAST workaround on iOS 7 & later
iOS 7 finally added the option to enable 1/n-1 when using TLS 1.0
and a CBC cipher, so we now always turn that on unless the user
manually turns it off using CURLSSLOPT_ALLOW_BEAST.

It appears Apple also added some new PSK ciphers, but no interface to
use them yet, so we at least support printing them if we find them.
2013-09-19 17:28:54 -05:00
Steve Holme
89d320c2fd tests: Updated SMTP AUTH tests to use the new AUTH directive
...rather than specify a customised EHLO response.
2013-09-19 20:29:59 +01:00
Steve Holme
b809bafb0c tests: Corrected test913 as the QUIT response is received 2013-09-19 20:13:08 +01:00
Steve Holme
3b6a1681dc tests: Added SMTP large message SIZE test 2013-09-19 18:17:11 +01:00
Steve Holme
9300bb826d ftpserver.pl: Updated email regex from commit 98f7ca7e97
...to not be as strict as it was rejecting valid numeric email
addresses.
2013-09-19 12:44:27 +01:00
Steve Holme
dfe7ee1429 tests: Fixed smtp mail from addresses 2013-09-19 07:19:25 +01:00
Steve Holme
841103c776 ftpserver.pl: Standardised CAPA and AUTH responses 2013-09-18 19:38:26 +01:00
Steve Holme
8d2335ca23 ftpserver.pl: Corrected POP3 QUIT reply to be more realistic 2013-09-18 19:37:03 +01:00
Steve Holme
04064e89c1 runtests.pl: Fixed syntax error in commit c873375123
Possible unintended interpolation in string at line 796
2013-09-18 19:32:20 +01:00
Steve Holme
c873375123 runtests.pl: Fixed smtp mail from address
Following changes to ftpserver.pl fixed the mail from address to be a
correctly formatted address otherwise the server response will be 501
Invalid address.
2013-09-18 18:04:26 +01:00
Steve Holme
62d232c131 ftpserver.pl: Fixed syntax error in commit 98f7ca7e97
Can't modify constant item in scalar assignment line 779, near "0;"
2013-09-18 12:58:34 +01:00
Steve Holme
98f7ca7e97 ftpserver.pl: Expanded the SMTP MAIL handler to validate messages
MAIl_smtp() will now check for a correctly formatted FROM address as
well as the optional SIZE parameter comparing it against the server
capability when specified.
2013-09-18 07:23:32 +01:00
YAMADA Yasuharu
4cfbb201c4 cookies: add expiration
Implement: Expired Cookies These following situation, curl removes
cookie(s) from struct CookieInfo if the cookie expired.
 - Curl_cookie_add()
 - Curl_cookie_getlist()
 - cookie_output()
2013-09-17 23:25:56 +02:00
Steve Holme
dc016567ce ftpserver.pl: Corrected response code for successful MAIL command 2013-09-17 22:10:17 +01:00
Steve Holme
96b68c57ce ftpserver.pl: Moved SMTP MAIL handler into own function 2013-09-17 22:09:30 +01:00
Steve Holme
158dfe2c5c dns: fix compilation with MinGW from commit df69440d05
Avoid 'interface' literal that some MinGW versions define as a macro

Additionally, corrected some very, very minor coding style errors.
2013-09-17 20:59:43 +01:00
Steve Holme
8f5336a2fa tests: Fixed test 1406 following recent changes in ftpserver.pl
By default the mail server doesn't send the SIZE capability but instead
it has to be specified as a supported capability.
2013-09-16 00:24:46 +01:00
Steve Holme
f8a9dbd391 tests: Added test for SMTP SIZE capability 2013-09-16 00:24:30 +01:00
Steve Holme
016879d477 ftpserver.pl: Added the ability to include spaces in capabilities
For example:

CAPA "SIZE 1048576" 8BITMIME BINARYMIME

will populate the capabilities list with the following in:

SIZE 1048576
8BITMIME
BINARYMIME
2013-09-15 20:56:16 +01:00
Steve Holme
c03335ec68 ftpserver.pl: Corrected response code for successful SMTP QUIT command 2013-09-15 20:09:49 +01:00
Steve Holme
894585784c ftpserver.pl: Fixed syntax error in commit 33c1f2876b
Can't modify constant item in postincrement line 727, near "i++"
2013-09-15 20:07:43 +01:00
Steve Holme
33c1f2876b ftpserver.pl: Added CAPA & AUTH directive support to the SMTP EHLO handler 2013-09-15 16:53:20 +01:00
Steve Holme
00ee5c5cf1 ftpserver.pl: Fixed SMTP QUIT handler from dadc495540 2013-09-15 12:47:36 +01:00
Steve Holme
dadc495540 ftpserver.pl: Moved SMTP EHLO and QUIT handlers in own functions 2013-09-15 09:20:53 +01:00
Steve Holme
eae86ba62d ftpserver.pl: Added support for SMTP HELO command
...and updated test902 as explicit HELO response is no longer required.
2013-09-15 09:10:11 +01:00
Steve Holme
e9cca79dd1 ftpserver.pl: Added mailbox check to IMAP SELECT handler 2013-09-15 09:00:13 +01:00
Steve Holme
4ba3b6c05a ftpserver.pl: Corrected invalid user details check
...in both the IMAP LOGIN and POP3 PASS handlers introduced in commit
187ac69374 and 84ad1569e5 respectively.
2013-09-15 00:31:55 +01:00
Steve Holme
187ac69374 ftpserver.pl: Moved IMAP LOGIN handler into own function 2013-09-14 20:52:29 +01:00
Steve Holme
84ad1569e5 ftpserver.pl: Moved POP3 USER and PASS handlers into own functions 2013-09-14 20:46:45 +01:00
Steve Holme
45e0a661ce ftpserver.pl: Corrected invalid argument check in POP3 TOP handler
...which was accidentally introduced in commit 4d6ef6297a.
2013-09-14 16:18:47 +01:00
Steve Holme
4d6ef6297a ftpserver.pl: Added capability prerequisite for extended POP3 commands 2013-09-14 15:04:26 +01:00
Steve Holme
b68c52704b tests: Updated descriptions to be more meaningful 2013-09-14 15:04:25 +01:00
Steve Holme
4f4dc5832d ftpserver.pl: Added support for IMAP NOOP command 2013-09-14 10:44:54 +01:00
Steve Holme
fbcefc0ce0 imap: Fixed response check for NOOP command 2013-09-14 10:44:28 +01:00
Steve Holme
83f6f58834 tests: Updated descriptions to be more meaningful 2013-09-14 10:41:17 +01:00
Daniel Stenberg
0a691f8935 curl.1: detail how short/long options work
URL: http://curl.haxx.se/bug/view.cgi?id=1279
Suggested-by: Jerry Krinock
2013-09-13 23:14:41 +02:00
Steve Holme
c243d45aad curl: Fixed usage of DNS options when not using c-ares resolver
Commit 32352ed6ad introduced various DNS options, however, these
would cause curl to exit with CURLE_NOT_BUILT_IN when c-ares wasn't
being used as the backend resolver even if the options weren't set
by the user.

Additionally corrected some minor coding style errors from the same
commit.
2013-09-13 18:50:11 +01:00
Daniel Stenberg
8a6dba520b curl_easy_setopt.3: mention RTMP URL quirks
URL: http://curl.haxx.se/bug/view.cgi?id=1278
Reported-by: Gorilla Maguila
2013-09-13 14:06:20 +02:00
Ben Greear
32352ed6ad curl: Add support for various DNS binding options.
(Passed on to c-ares.)

Allows something like this:

curl --dns-interface sta8 --dns-ipv4-addr 8.8.1.111 --interface sta8 \
--localaddr 8.8.1.111 --dns-servers 8.8.8.1 www.google.com

Signed-off-by: Ben Greear <greearb@candelatech.com>
2013-09-12 21:11:47 +02:00
Kim Vandry
df69440d05 libcurl: New options to bind DNS to local interfaces or IP addresses 2013-09-12 21:11:47 +02:00
Daniel Stenberg
345955e87e libcurl.3: for multi interface connections are held in the multi handle
... and a few more cleanups/clarifications
2013-09-12 13:59:05 +02:00
Steve Holme
6f5b46855c ftpserver.pl: Fixed missing comma from 7fd84b14d2 2013-09-12 11:52:19 +01:00
Steve Holme
5f93c5d658 ftpserver.pl: Fixed variable error introduced in 7fd84b14d2
Global symbol "$mailbox" requires explicit package name
2013-09-12 07:10:41 +01:00
Steve Holme
7fd84b14d2 ftpserver.pl: Added support for UID command 2013-09-11 20:27:13 +01:00
Steve Holme
f2403140f9 ftpserver.pl: Added support for LSUB command 2013-09-11 20:25:48 +01:00
Steve Holme
f3c9749a40 imap: Fixed response check for LSUB and UID commands 2013-09-11 20:15:21 +01:00
Steve Holme
3f6991766f ftpserver.pl: Added support for IMAP COPY command 2013-09-11 19:57:29 +01:00
Steve Holme
cfe5f7dbf4 ftpserver.pl: Added support for IMAP CLOSE and EXPUNGE commands 2013-09-11 18:19:38 +01:00
Steve Holme
5840c918d5 ftpserver.pl: Added support for POP3 RSET command 2013-09-11 18:11:33 +01:00
Steve Holme
b0afb00000 ftpserver.pl: Added the ability to remember what messages are deleted
...as this will be required for IMAP CLOSE and EXPUNGE commands as well
as the POP3 RSET command.
2013-09-11 18:10:28 +01:00
Daniel Stenberg
0b5ae7c80e NI_MAXSERV: remove all use of it
Solaris with the SunStudio Compiler is reportedly missing this define,
but as we're using it without any good reason on all the places it was
used I've now instead switched to just use sensible buffer sizes that
fit a 32 bit decimal number. Which also happens to be smaller than the
common NI_MAXSERV value which is 32 on most machines.

Bug: http://curl.haxx.se/bug/view.cgi?id=1277
Reported-by: D.Flinkmann
2013-09-10 23:18:43 +02:00
Daniel Stenberg
0d55f4e1bc http2: use the support HTTP2 draft version in the upgrade header
... instead of HTTP/2.0 to work fine with the nghttpx proxy/server.
2013-09-10 23:06:20 +02:00
Steve Holme
86d340af27 ldap.c: Fix compilation warning
warning: comparison between signed and unsigned integer expressions
2013-09-10 20:27:52 +01:00
Jiri Hruska
5c14a7f068 imap/pop3/smtp: Speed up SSL connection initialization
Don't wait for the next callback call (usually 1 second) before
continuing with protocol specific connection initialization.
2013-09-10 19:47:54 +01:00
Steve Holme
2879ffacfa ldap.c: Corrected build error from commit 857f999353 2013-09-10 19:30:07 +01:00
Steve Holme
d89eb55906 RELEASE-NOTES: Corrected duplicate in bfefe2400a 2013-09-10 15:35:20 +01:00
Steve Holme
4a85e60cfe RELEASE-NOTES: Corrected typo from bfefe2400a 2013-09-10 14:06:50 +01:00
Steve Holme
bfefe2400a RELEASE-NOTES: synced with 25c6890375 2013-09-10 13:12:56 +01:00
Daniel Stenberg
25c6890375 README.http2: explain nghttp2 a little 2013-09-10 00:21:27 +02:00
Steve Holme
eb6314260d tests: Added test for POP3 TOP command 2013-09-09 17:13:28 +01:00
Steve Holme
313c38c9de ftpserver.pl: Added support for POP3 TOP command 2013-09-09 17:13:25 +01:00
Steve Holme
ae6096471a tests: Added test for POP3 UIDL command 2013-09-09 17:10:40 +01:00
Steve Holme
66ea5c415b ftpserver.pl: Added support for POP3 UIDL command 2013-09-09 17:10:38 +01:00
Daniel Stenberg
2481ac358c http2: adjust to new nghttp2_pack_settings_payload proto
This function was modified in nghttp2 git commit a1c3f89c72e51
2013-09-09 15:18:09 +02:00
Kamil Dudka
c639d725a3 url: handle abortion by read/write callbacks, too
Otherwise, the FTP protocol would unnecessarily hang 60 seconds if
aborted in the CURLOPT_HEADERFUNCTION callback.

Reported by: Tomas Mlcoch
Bug: https://bugzilla.redhat.com/1005686
2013-09-09 13:23:04 +02:00
Daniel Stenberg
857f999353 ldap: fix the build for systems with ldap_url_parse()
Make sure that the custom struct fields are only used by code that
doesn't use a struct defintion from the outside.

Attempts to fix the problem introduced in 3dc6fc42bf
2013-09-09 09:39:08 +02:00
Jiri Hruska
6d9cddc513 pingpong: Check SSL library buffers for already read data
Otherwise the connection can get stuck during various phases, waiting
for new data on the socket using select() etc., but it will never be
received as the data has already been read into SSL library.
2013-09-09 07:40:40 +01:00
Steve Holme
e20e48cbf2 imap: Fixed calculation of transfer when partial FETCH received
The transfer size would be calculated incorrectly if the email contained
within the FETCH response, had been partially received by the pingpong
layer. As such the following, example output, would be seen if the
amount remaining was smaller than the amount received:

* Excess found in a non pipelined read: excess = 1394, size = 262,
  maxdownload = 262, bytecount = 1374
* transfer closed with -1112 bytes remaining to read

Bug: http://curl.haxx.se/mail/lib-2013-08/0170.html
Reported-by: John Dunn
2013-09-09 07:40:38 +01:00
Steve Holme
ee5e2cf6cb ftpserver.pl: Fixed empty array checks
...from commits 28427b4083 and e8313697b6.
2013-09-08 23:59:49 +01:00
Steve Holme
e8313697b6 ftpserver: Reworked AUTH support to allow for specifying the mechanisms
Renamed SUPPORTAUTH to AUTH and added support for specifying a list of
supported SASL mechanisms to return to the client.

Additionally added the directive to the FILEFORMAT document.
2013-09-08 21:47:56 +01:00
Steve Holme
28427b4083 ftpserver: Reworked CAPA support to allow for specifying the capabilities
Renamed SUPPORTCAPA to CAPA and added support for specifying a list of
supported capabilities to return to the client.

Additionally added the directive to the FILEFORMAT document.
2013-09-08 21:45:36 +01:00
Steve Holme
131649a121 ftpserver.pl: Corrected POP3 LIST as message numbers should be contiguous
The message numbers given in the LIST response are an index into the
list, which are only valid for the current session, rather than being a
unique message identifier. An index would only be missing from the LIST
response if a DELE command had been issued within the same session and
had not been committed by the end of session QUIT command. Once
committed the POP3 server will regenerate the message numbers in the
next session to be contiguous again. As such our LIST response should
list message numbers contiguously until we support a DELE command in the
same session.

Should a POP3 user require the unique message ID for any or all
messages then they should use the extended UIDL command. This command
will be supported by the test ftpserver in an upcoming commit.
2013-09-08 20:19:20 +01:00
Clemens Gruber
632b3d81d6 curl_easy_pause: suggest one way to unpause 2013-09-08 19:26:28 +02:00
Steve Holme
241aeadc50 tests: Updated descriptions to be more meaningful 2013-09-08 16:59:57 +01:00
Steve Holme
669e4ca366 tests: Added test for POP3 NOOP command 2013-09-08 16:59:55 +01:00
Steve Holme
c9617d9f93 ftpserver.pl: Added support for POP3 NOOP command 2013-09-08 16:45:52 +01:00
Steve Holme
f8986a2b34 ftpserver.pl: Fixed 'Use of uninitialized value $args in string ne' 2013-09-08 16:39:41 +01:00
Steve Holme
1b96ce04b2 tests: Added test for POP3 STAT command 2013-09-08 08:52:53 +01:00
Steve Holme
f851df88fb ftpserver.pl: Added support for POP STAT command 2013-09-08 08:49:40 +01:00
Steve Holme
18c595fde2 ftpserver.pl: Moved POP3 QUIT handler into own function 2013-09-08 08:44:49 +01:00
Steve Holme
56abdd07e7 ftpserver.pl: Reordered the POP3 handlers to be alphabetical
In preparation for additional POP3 tests, re-ordered the command
function defintions to be sorted alphabetically.
2013-09-08 02:48:34 +01:00
Steve Holme
7e06c336d6 ftpserver.pl: Corrected misaligned indentation in POP3 handlers
Fixed incorrect indentation used in both the RETR_pop3 and LIST_pop3
functions which was 5 and 9 characters rather than 4 and 8.
2013-09-08 02:48:33 +01:00
Steve Holme
8a4069fb17 tests: Added test for POP3 DELE command 2013-09-07 19:49:12 +01:00
Steve Holme
243ad539fe ftpserver.pl: Added support for POP3 DELE command 2013-09-07 19:31:46 +01:00
Daniel Stenberg
3d60590422 http2: include curl_memory.h
Detected by test 1132
2013-09-07 19:48:01 +02:00
Nick Zitzmann
08fa4fed70 http: fix build warning under LLVM
When building the code using LLVM Clang without NGHTTP2, I was getting
this warning:
../lib/http.h:155:1: warning: empty struct is a GNU extension [-Wgnu]
Placing a dummy variable into the data structure silenced the warning.
2013-09-07 10:00:11 -05:00
Daniel Stenberg
4344fa926a http2: actually init nghttp2 and send HTTP2-Settings properly 2013-09-07 13:01:43 +02:00
Daniel Stenberg
61672bde44 README.http2: how to use it best with the multi API? 2013-09-07 11:28:12 +02:00
Daniel Stenberg
13dbb41c49 http2: first embryo toward Upgrade: 2013-09-07 11:28:12 +02:00
Daniel Stenberg
e5c2354fd5 http: rename use_http_1_1 to use_http_1_1plus
Since it now actually says if 1.1 or a later version should be used.
2013-09-07 11:28:12 +02:00
Daniel Stenberg
09634f46fb configure: improve CURL_CHECK_COMPILER_PROTOTYPE_MISMATCH
The compiler test used a variable before it was assigned when it tried
to see how it acts on a mismatching prototype, which could cause a false
positive.
2013-09-07 11:15:18 +02:00
Petr Písař
0119a93b33 Pass password to OpenSSL engine by user interface
Recent OpenSSL uses user interface abstraction to negotiate access to
private keys in the cryprographical engines. An OpenSSL application is
expected to implement the user interface. Otherwise a default one
provided by OpenSSL (interactive standard I/O) will be used and the
aplication will have no way how to pass a password to the engine.

Longer-desc: http://curl.haxx.se/mail/lib-2013-08/0265.html
2013-09-07 00:11:21 +02:00
Daniel Stenberg
9fa42beddc urlglob: improved error messages and column number on bad use
Introduce a convenience macro and keep of the column better so that it
can point out the offending column better.

Updated test 75 accordingly.
2013-09-06 23:27:47 +02:00
Daniel Stenberg
d6cda9e8ab urlglob: avoid error code translation
By using the correct values from the start we don't have to translate
them!
2013-09-06 14:20:48 +02:00
Daniel Stenberg
2a7f1425d9 urlglob: avoid NULL pointer dereference
Thanks to clang-analyzer
2013-09-06 14:12:44 +02:00
Gisle Vanem
900ccc26ae http2: use correct include for snprintf
Using the first little merge of nghttp2 into libcurl, I stumbeled on the
missing 'snprintf' in MSVCRT. Isn't this how we do it for other libcurl
files?  I.e. use 'curl_msnprintf' and not 'snprintf' directly:
2013-09-06 13:56:35 +02:00
Daniel Stenberg
01d7bbbebe --data: mention CRLF treatment when reading from file 2013-09-06 13:52:56 +02:00
Geoff Beier
3dc6fc42bf LDAP: fix bad free() when URL parsing failed
When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries
could be freed even though they sometimes point to data within an
allocated area.

This change introduces a lud_attrs_dup[] array for the duplicated string
pointers, and it removes the unused lud_exts array.

Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html
2013-09-06 13:32:49 +02:00
Nick Zitzmann
d2fe616e7e darwinssl: add support for PKCS#12 files for client authentication
I also documented the fact that the OpenSSL engine also supports them.
2013-09-05 18:57:06 -05:00
Daniel Stenberg
316ca865e3 symbols: added HTTP2 symbols and sorted list
CURL_HTTP_VERSION_2_0 and CURL_VERSION_HTTP2 are new
2013-09-05 12:04:41 +02:00
Daniel Stenberg
812d49db90 configure: add HTTP2 as a curl-config --feature output
Fixes the test 1014 failure
2013-09-05 12:03:24 +02:00
Daniel Stenberg
02370fff3a curl: unbreak --http1.0 again
I broke it in 2eabb7d590
2013-09-05 09:56:05 +02:00
Daniel Stenberg
e9de8e78f0 SASL: fix compiler warnings
comparison between signed and unsigned integer expressions

suggest parentheses around '&&' within '||' (twice)
2013-09-04 22:33:29 +02:00
Daniel Stenberg
2eabb7d590 curl: add --http1.1 and --http2.0 options 2013-09-04 22:29:38 +02:00
Daniel Stenberg
d707a975f6 Curl_setopt: refuse CURL_HTTP_VERSION_2_0 if built without support 2013-09-04 22:29:38 +02:00
Daniel Stenberg
ac487842a1 http2: add http2.[ch] and add nghttp2 version output 2013-09-04 22:29:38 +02:00
Daniel Stenberg
06b6e1d0d2 curl -V: output HTTP2 as a feature if present 2013-09-04 22:29:38 +02:00
Daniel Stenberg
b77997e6da curl.h: add CURL_VERSION_HTTP2 as a feature
It isn't added as a separate protocol as HTTP2 will be done over HTTP://
URLs that can be upgraded to HTTP2 if the server supports it as well.
2013-09-04 22:29:38 +02:00
Steve Holme
9e8ced9890 imap/smtp: Fixed incorrect SASL mechanism selection with XOAUTH2 servers
XOAUTH2 would be selected in preference to LOGIN and PLAIN if the IMAP
or SMTP server advertised support for it even though a user's password
was supplied but bearer token wasn't.

Modified the selection logic so that XOAUTH2 will only be selected if
the server supports it and A) The curl user/libcurl programmer has
specifically asked for XOAUTH via the ;AUTH=XOAUTH login option or 2)
The bearer token is specified. Obviously if XOAUTH is asked for via
the login option but no token is specified the user will receive a
authentication failure which makes more sense than no known
authentication mechanisms supported!
2013-09-04 21:27:01 +01:00
Daniel Stenberg
698e3bdf82 curl.h: added CURL_HTTP_VERSION_2_0
Initial library considerations documented in lib/README.http2
2013-09-04 10:05:00 +02:00
Daniel Stenberg
9011fb3f0c configure: added --with-nghttp2 2013-09-04 10:04:48 +02:00
Daniel Stenberg
073b03fab7 acinclude: fix --without-ca-path when cross-compiling
The commit 7b074a460b to CURL_CHECK_CA_BUNDLE in 7.31 (don't check
for paths when cross-compiling) causes --without-ca-path to no longer
works when cross-compiling, since ca and capath only ever get set to
"no" when not cross-compiling, I attach a patch that works for me. Also
in the cross-compilation case, no ca-path seems to be a better default
(IMVHO) than empty ca-path.

Bug: http://curl.haxx.se/bug/view.cgi?id=1273
Patch-by: Stefan Neis
2013-09-04 00:01:03 +02:00
Steve Holme
f73f052010 lib1512.c: Fixed compilation warning
An enumerated type is mixed with another type.

...as well as a small coding style error.
2013-09-02 20:39:53 +01:00
Guenter Knauf
97ed1ac905 Killed warning 'res' might be used uninitialized. 2013-09-01 23:08:29 +02:00
Steve Holme
322f0bc2f1 url.c: Fixed compilation warning
An enumerated type is mixed with another type
2013-09-01 13:30:12 +01:00
Steve Holme
af4bddf20b easy.c: Fixed compilation warning
warning: `code' might be used uninitialized in this function
2013-09-01 12:48:50 +01:00
Daniel Stenberg
f19efd07e7 -x: rephrased the --proxy section somewhat 2013-08-31 22:55:53 +02:00
Steve Holme
83f5332536 tests: Added test for IMAP CHECK command 2013-08-31 18:40:48 +01:00
Steve Holme
497775024c ftpserver.pl: Added support for the IMAP CHECK command 2013-08-31 18:40:46 +01:00
Guenter Knauf
ea38a70539 Removed reference to krb4.c. 2013-08-31 19:12:35 +02:00
Steve Holme
5eea336d01 ftpserver.pl: Corrected flawed logic in commit 1ca6ed7b75 2013-08-31 11:10:20 +01:00
Steve Holme
f3849a7b84 imap: Fixed response check for EXPUNGE command 2013-08-31 10:49:49 +01:00
Steve Holme
1ca6ed7b75 ftpserver.pl: Added argument check to IMAP command handlers
Added BAD argument check to the following IMAP command handlers:

APPEND, STORE, LIST, EXAMINE, STATUS and SEARCH
2013-08-31 10:41:25 +01:00
Steve Holme
aa51d3a139 ftpserver.pl: More whitespace corrections
LIST_imap() had a second level of indentation at 9 characters and not 8.
2013-08-31 10:35:05 +01:00
Steve Holme
64c8909071 ftpserver.pl: Small correction tidy up
Corrected some IMAP variable names and whitespace issues.
2013-08-30 22:11:17 +01:00
Kyle L. Huff
e848942505 docs: Added documentation for CURLOPT_BEARER 2013-08-30 21:43:13 +01:00
Kyle L. Huff
7e489c42f7 curl.1: Add usage of '--bearer' option 2013-08-30 21:34:20 +01:00
Steve Holme
75b52f9dcc tests: Added tests for IMAP CREATE, DELETE and RENAME commands 2013-08-30 18:56:56 +01:00
Daniel Stenberg
221825aebf ftpserver: Bareword "to_mailbox" not allowed
Added missing $
2013-08-30 15:21:39 +02:00
Steve Holme
9d35ad9552 ftpserver.pl: Added support for IMAP CREATE, DELETE and RENAME commands 2013-08-30 07:35:00 +01:00
Daniel Stenberg
c4a7ca038e FTP: fix getsock during DO_MORE state
... when doing upload it would return the wrong values at times. This
commit attempts to cleanup the mess.

Bug: http://curl.haxx.se/mail/lib-2013-08/0109.html
Reported-by: Mike Mio
2013-08-29 23:09:31 +02:00
Daniel Stenberg
84f3b3dd44 curl_multi_remove_handle: allow multiple removes
When removing an already removed handle, avoid that to ruin the
internals and just return OK instead.
2013-08-29 22:08:45 +02:00
Steve Holme
2ef83136d4 ftpserver.pl: Updated IMAP EXAMINE handler to use dynamic test data 2013-08-29 20:08:27 +01:00
Daniel Stenberg
d737aa19c8 unit1304: include memdebug and free everything correctly 2013-08-29 12:50:15 +02:00
Daniel Stenberg
78e6683bb0 Curl_parsenetrc: document that the arguments must be allocated 2013-08-29 12:49:56 +02:00
Daniel Stenberg
2f9b64ac33 easy: rename struct monitor to socketmonitor
'struct monitor', introduced in 6cf8413e, already exists in an IRIX
header file (sys/mon.h) which gets included via various standard headers
by lib/easy.c

cc-1101 cc: ERROR File = ../../curl/lib/easy.c, Line = 458
"monitor" has already been declared in the current scope.

Reported-by: Tor Arntsen
2013-08-29 09:58:11 +02:00
Steve Holme
6a353049ac ftpserver.pl: Added SELECT check to IMAP FETCH and STORE handlers 2013-08-29 07:20:03 +01:00
Steve Holme
49e3d803ab ftpserver.pl: Corrected accidental move of logmsg() call
Corrected the call to logmsg() in the IMAP SEARCH handler from commit
4ae7b7ea69 as it should have been outputting the what argument and
not the test number.
2013-08-28 22:58:33 +01:00
Daniel Stenberg
b644ae68c8 ftpserver: add missing '}' from 4ae7b7ea69 2013-08-28 22:59:19 +02:00
Steve Holme
4ae7b7ea69 ftpserver.pl: Added SELECT check to IMAP SEARCH command 2013-08-28 18:56:19 +01:00
Steve Holme
13a2e32548 ftpserver.pl: Fixed IMAP SEARCH command 2013-08-28 18:51:59 +01:00
Daniel Stenberg
c3b513e75c bump: next release is 7.33.0 due to added features 2013-08-28 09:32:48 +02:00
Daniel Stenberg
a74b36af2a symbols-in-versions: add CURLOPT_XOAUTH2_BEARER 2013-08-28 09:31:37 +02:00
Steve Holme
1b4dc10393 tests: Added test for IMAP SEARCH command 2013-08-28 07:27:10 +01:00
Daniel Stenberg
45b6e2dd89 valgrind.supp: fix for regular curl_easy_perform too
When we introduced curl_easy_perform_ev, this got a slightly modified
call trace. Without this, test 165 causes a false positive valgrind
error.
2013-08-28 00:09:27 +02:00
Daniel Stenberg
6dca35c0e5 valgrind.supp: add the event-based call stack-trace too
Without this, test 165 triggers a valgrind error when ran with
curl_easy_perform_ev
2013-08-28 00:07:12 +02:00
Daniel Stenberg
a691e04470 multi_socket: improved 100-continue timeout handling
When waiting for a 100-continue response from the server, the
Curl_readwrite() will refuse to run if called until the timeout has been
reached.

We timeout code in multi_socket() allows code to run slightly before the
actual timeout time, so for test 154 it could lead to the function being
executed but refused in Curl_readwrite() and then the application would
just sit idling forever.

This was detected with runtests.pl -e on test 154.
2013-08-28 00:07:12 +02:00
Steve Holme
3d1a453d88 ftpserver.pl: Added support for IMAP SEARCH command 2013-08-27 20:47:31 +01:00
Steve Holme
d7a39f8f97 tool_operate.c: Fixed compilation warning
warning: implicit declaration of function 'checkpasswd'
2013-08-27 16:39:16 +01:00
Steve Holme
3c929ff9f6 curl: Moved check for password out of get parameter loop
Moved the calls to checkpasswd() out of the getparameter() function
which allows for any related arguments to be specified on the command
line before or after --user (and --proxy-user).

For example: --bearer doesn't need to be specified before --user to
prevent curl from asking for an unnecessary password as is the case
with commit e7dcc454c6.
2013-08-27 15:31:21 +01:00
Steve Holme
9d957294cb RELEASE-NOTES: synced with acf59be7f0 2013-08-26 23:27:07 +01:00
Kyle L. Huff
acf59be7f0 curl: added --bearer option to help
Added the --bearer option to the help output
2013-08-26 20:44:05 +01:00
Kyle L. Huff
e7dcc454c6 curl: added basic SASL XOAUTH2 support
Added the ability to specify an XOAUTH2 bearer token [RFC6750] via the
--bearer option.

Example usage:
  curl --url "imaps://imap.gmail.com:993/INBOX/;UID=1" --ssl-reqd
  --bearer ya29.AHES6Z...OMfsHYI --user username@example.com
2013-08-26 20:43:02 +01:00
Steve Holme
84789e12fb tool_urlglob.c: Fixed compiler warnings
warning: 'variable' may be used uninitialized in this function
2013-08-26 11:41:35 +01:00
Daniel Stenberg
460fb12097 security.h: rename to curl_sec.h to avoid name collision
I brought back security.h in commit bb55293313. As we actually
already found out back in 2005 in commit 62970da675, the file name
security.h causes problems so I renamed it curl_sec.h instead.
2013-08-26 11:51:18 +02:00
Daniel Stenberg
63d8b3a507 runtests.pl: allow -vc point to a separate curl binary to verify with
The specified curl binary will then be used to verify the running
server(s) instead of the development version. This is very useful in
some cases when the development version fails to verify correctly as
then the test case may not run at all.

The actual test will still be run with the "normal" curl executable
(unless the test case specifies something differently).
2013-08-26 11:38:38 +02:00
Kyle L. Huff
90ab65c632 smtp: added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with SMTP for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-08-26 10:16:44 +01:00
Kyle L. Huff
34122800b8 imap: added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with IMAP for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"A001 AUTHENTICATE XOAUTH2 <bearer token>".
2013-08-26 10:16:32 +01:00
Steve Holme
7f41eab395 security.h: Fixed compilation warning
ISO C forbids forward references to 'enum' types
2013-08-26 10:14:16 +01:00
Daniel Stenberg
0192ad65bb KNOWN_BUGS: refer to bug numbers with the existing number series
The old numbers would still redirect but who knows for how long...
2013-08-26 00:29:33 +02:00
Kyle L. Huff
06c1bea72f options: added basic SASL XOAUTH2 support
Added the ability to specify an XOAUTH2 bearer token [RFC6750] via the
option CURLOPT_XOAUTH2_BEARER for authentication using RFC6749 "OAuth
2.0 Authorization Framework".
2013-08-25 22:03:57 +01:00
Kyle L. Huff
19a05c908f sasl: added basic SASL XOAUTH2 support
Added the ability to generated a base64 encoded XOAUTH2 token
containing: "user=<username>^Aauth=Bearer <bearer token>^A^A"
as per RFC6749 "OAuth 2.0 Authorization Framework".
2013-08-25 22:02:38 +01:00
Daniel Stenberg
bb55293313 FTP: remove krb4 support
We've announced this pending removal for a long time and we've
repeatedly asked if anyone would care or if anyone objects. Nobody has
objected. It has probably not even been working for a good while since
nobody has tested/used this code recently.

The stuff in krb4.h that was generic enough to be used by other sources
is now present in security.h
2013-08-25 19:16:36 +02:00
Daniel Stenberg
817ceb09e0 easy: define away easy_events() for non-debug builds 2013-08-25 19:10:02 +02:00
Daniel Stenberg
1a911f7ec4 FAQ: editorial updates
Several language fixes. Several reformats that should make the HTML
generation of this document look better.

Reported-by: Dave Thompson
2013-08-24 17:13:46 +02:00
Daniel Stenberg
ea464d72e9 RELEASE-NOTES: synced with 22adb46a32 2013-08-23 15:39:03 +02:00
Daniel Stenberg
22adb46a32 multi: move on from STATE_DONE faster
Make sure we always return CURLM_CALL_MULTI_PERFORM when we reach
CURLM_STATE_DONE since the state is transient and it can very well
continue executing as there is nothing to wait for.

Bug: http://curl.haxx.se/mail/lib-2013-08/0211.html
Reported-by: Yi Huang
2013-08-22 22:55:25 +02:00
Daniel Stenberg
fc99eaa5ae curl.h: name space pollution by "enum type"
Renamed to "enum curl_khtype" now. Will break compilation for programs
that rely on the enum name.

Bug: https://github.com/bagder/curl/pull/76
Reported-by: Shawn Landden
2013-08-22 22:45:51 +02:00
Daniel Stenberg
4bea91fc67 TFTP: make the CURLOPT_LOW_SPEED* options work
... this also makes sure that the progess callback gets called more
often during TFTP transfers.

Added test 1238 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1269
Reported-by: Jo3
2013-08-22 22:42:27 +02:00
Daniel Stenberg
06d1b10cbe tftpd: support "writedelay" within <servercmd> 2013-08-22 19:23:08 +02:00
Daniel Stenberg
816b639035 tftpd: convert 6 global variables into local ones 2013-08-22 13:44:37 +02:00
Gisle Vanem
8804ffd4fa curl_easy_perform_ev: make it CURL_EXTERN
I build curl.exe (using MingW) with '-DCURLDEBUG' and by importing from
libcurl.dll.  Which means the new curl_easy_perform_ev() must be
exported from libcurl.dll.
2013-08-21 22:19:52 +02:00
Daniel Stenberg
19122c0768 CURLM_ADDED_ALREADY: new error code
Doing curl_multi_add_handle() on an easy handle that is already added to
a multi handle now returns this error code. It previously returned
CURLM_BAD_EASY_HANDLE for this condition.
2013-08-20 23:13:19 +02:00
Daniel Stenberg
c346c4c8f9 multi_init: moved init code here from add_handle
The closure_handle is "owned" by the multi handle and it is
unconditional so the setting up of it should be in the Curl_multi_handle
function rather than curl_multi_add_handle.
2013-08-20 23:13:19 +02:00
Daniel Stenberg
bc7d806e3a multi: remove dns cache creation code from *add_handle
As it is done unconditionally in multi_init() this code will never run!
2013-08-20 23:13:19 +02:00
Daniel Stenberg
6cf8413e31 curl_easy_perform_ev: debug/test function
This function is meant to work *exactly* as curl_easy_perform() but will
use the event-based libcurl API internally instead of
curl_multi_perform(). To avoid relying on an actual event-based library
and to not use non-portable functions (like epoll or similar), there's a
rather inefficient emulation layer implemented on top of Curl_poll()
instead.

There's currently some convenience logging done in curl_easy_perform_ev
which helps when tracking down problems. They may be suitable to remove
or change once things seem to be fine enough.

curl has a new --test-event option when built with debug enabled that
then uses curl_easy_perform_ev() instead of curl_easy_perform(). If
built without debug, using --test-event will only output a warning
message.

NOTE: curl_easy_perform_ev() is not part if the public API on purpose.
It is only present in debug builds of libcurl and MUST NOT be considered
stable even then. Use it for libcurl-testing purposes only.

runtests.pl now features an -e command line option that makes it use
--test-event for all curl command line tests. The man page is updated.
2013-08-20 11:56:06 +02:00
Gisle Vanem
062e5bfd9c transfer: the recent sessionhandle change broke CURL_DOES_CONVERSIONS 2013-08-20 11:42:34 +02:00
Daniel Stenberg
e4a1888bd0 test1237: verify 1000+ letter user name + passwords 2013-08-20 11:23:31 +02:00
Jonathan Nieder
2f1a0bc0bf url: handle arbitrary-length username and password before '@'
libcurl quietly truncates usernames, passwords, and options from
before an '@' sign in a URL to 255 (= MAX_CURL_PASSWORD_LENGTH - 1)
characters to fit in fixed-size buffers on the stack.  Allocate a
buffer large enough to fit the parsed fields on the fly instead to
support longer passwords.

After this change, there are no more uses of MAX_CURL_OPTIONS_LENGTH
left, so stop defining that constant while at it.  The hardcoded max
username and password length constants, on the other hand, are still
used in HTTP proxy credential handling (which this patch doesn't
touch).

Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Jonathan Nieder
09ddb1d61c url: handle exceptional cases first in parse_url_login()
Instead of nesting "if(success)" blocks and leaving the reader in
suspense about what happens in the !success case, deal with failure
cases early, usually with a simple goto to clean up and return from
the function.

No functional change intended.  The main effect is to decrease the
indentation of this function slightly.
2013-08-20 11:16:38 +02:00
Jonathan Nieder
15f76bf7bb Curl_setopt: handle arbitrary-length username and password
libcurl truncates usernames, passwords, and options set with
curl_easy_setopt to 255 (= MAX_CURL_PASSWORD_LENGTH - 1) characters.
This doesn't affect the return value from curl_easy_setopt(), so from
the caller's point of view, there is no sign anything strange has
happened, except that authentication fails.

For example:

  # Prepare a long (300-char) password.
  s=0123456789; s=$s$s$s$s$s$s$s$s$s$s; s=$s$s$s;
  # Start a server.
  nc -l -p 8888 | tee out & pid=$!
  # Tell curl to pass the password to the server.
  curl --user me:$s http://localhost:8888 & sleep 1; kill $pid
  # Extract the password.
  userpass=$(
	awk '/Authorization: Basic/ {print $3}' <out |
	tr -d '\r' |
	base64 -d
  )
  password=${userpass#me:}
  echo ${#password}

Expected result: 300
Actual result: 255

The fix is simple: allocate appropriately sized buffers on the heap
instead of trying to squeeze the provided values into fixed-size
on-stack buffers.

Bug: http://bugs.debian.org/719856
Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Jonathan Nieder
36585b5395 netrc: handle longer username and password
libcurl truncates usernames and passwords it reads from .netrc to
LOGINSIZE and PASSWORDSIZE (64) characters without any indication to
the user, to ensure the values returned from Curl_parsenetrc fit in a
caller-provided buffer.

Fix the interface by passing back dynamically allocated buffers
allocated to fit the user's input.  The parser still relies on a
256-character buffer to read each line, though.

So now you can include an ~246-character password in your .netrc,
instead of the previous limit of 63 characters.

Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Jonathan Nieder
11baffbff6 url: allocate username, password, and options on the heap
This makes it possible to increase the size of the buffers when needed
in later patches.  No functional change yet.
2013-08-20 11:16:38 +02:00
Jonathan Nieder
53333a43a1 url: use goto in create_conn() for exception handling
Instead of remembering before each "return" statement which temporary
allocations, if any, need to be freed, take care to set pointers to
NULL when no longer needed and use a goto to a common block to exit
the function and free all temporaries.

No functional change intended.  Currently the only temporary buffer in
this function is "proxy" which is already correctly freed when
appropriate, but there will be more soon.
2013-08-20 11:16:38 +02:00
Jonathan Nieder
c56f9797e7 sasl: allow arbitrarily long username and password
Use appropriately sized buffers on the heap instead of fixed-size
buffers on the stack, to allow for longer usernames and passwords.

Callers never pass anything longer than MAX_CURL_USER_LENGTH (resp.
MAX_CURL_PASSWORD_LENGTH), so no functional change inteded yet.
2013-08-20 11:16:38 +02:00
Alex McLellan
9281be36d5 imap: Fixed response check for SEARCH command
Adding this line allows libcurl to return the server response when
performing a search command via a custom request.
2013-08-19 10:23:14 +01:00
Daniel Stenberg
f15a88f2b2 glob: error out on range overflow
The new multiply() function detects range value overflows. 32bit
machines will overflow on a 32bit boundary while 64bit hosts support
ranges up to the full 64 bit range.

Added test 1236 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1267
Reported-by: Will Dietz
2013-08-16 11:55:04 +02:00
Daniel Stenberg
5ca96cb844 urlglob: better detect unclosed braces, empty lists and overflows
A rather big overhaul and cleanup.

1 - curl wouldn't properly detect and reject globbing that ended with an
open brace if there were brackets or braces before it. Like "{}{" or
"[0-1]{"

2 - curl wouldn't properly reject empty lists so that "{}{}" would
result in curl getting (nil) strings in the output.

3 - By using strtoul() instead of sscanf() the code will now detected
over and underflows. It now also better parses the step argument to only
accept positive numbers and only step counters that is smaller than the
delta between the maximum and minimum numbers.

4 - By switching to unsigned longs instead of signed ints for the
counters, the max values for []-ranges are now very large (on 64bit
machines).

5 - Bumped the maximum number of globs in a single URL to 100 (from 10)

6 - Simplified the code somewhat and now it stores fixed strings as
single- entry lists. That's also one of the reasons why I did (5) as now
all strings between "globs" will take a slot in the array.

Added test 1234 and 1235 to verify. Updated test 87.

This commit fixes three separate bug reports.

Bug: http://curl.haxx.se/bug/view.cgi?id=1264
Bug: http://curl.haxx.se/bug/view.cgi?id=1265
Bug: http://curl.haxx.se/bug/view.cgi?id=1266
Reported-by: Will Dietz
2013-08-16 11:52:08 +02:00
John Malmberg
10afe7cf10 VMS: Add RELEASE-NOTES to vms document
Add the curl release notes to the release note document generated for
VMS packages.

Add the different filenames generated by a daily build to the
cleanup procedures.
2013-08-15 10:57:52 +02:00
Tor Arntsen
6972335f50 tests 2032, 2033: Don't hardcode port in expected output 2013-08-15 10:55:44 +02:00
Daniel Stenberg
d5e2d0b6bf ftp: convert state names to a global array
... just to make them easier to print in debug ouputs while debugging.
They are still within #ifdef [debugbuild].
2013-08-14 22:41:30 +02:00
Daniel Stenberg
f34b5fb4d8 --help: fix the --sasl-ir in the help output 2013-08-14 22:39:58 +02:00
Daniel Stenberg
f584312e81 ftp_domore_getsock: when passive mode, the second conn is already there
This makes the socket callback get called with the proper bitmask as
otherwise the application could be left hanging waiting for reading on
an upload connection!

Bug: http://curl.haxx.se/mail/lib-2013-08/0043.html
Reported-by: Bill Doyle
2013-08-14 22:30:24 +02:00
Daniel Stenberg
0b4557f766 curl: make --no-[option] work properly for several options
--create-dirs, --crlf, --socks5-gssapi-nec and --sasl-ir
2013-08-14 11:39:04 +02:00
Kamil Dudka
204126a5f1 nss: make sure that NSS is initialized
... prior to calling PK11_GenerateRandom()
2013-08-12 15:17:39 +02:00
Daniel Stenberg
2ae3d28f3d multi: s/easy/data
With everything being struct SessionHandle pointers now, this rename
makes multi.c use the library-wide practise of calling that pointer
'data' instead of the previously used 'easy'.
2013-08-12 13:52:58 +02:00
Daniel Stenberg
8a42c2ef8d cleanup: removed one function, made one static
Moved Curl_easy_addmulti() from easy.c to multi.c, renamed it to
easy_addmulti and made it static.

Removed Curl_easy_initHandleData() and uses of it since it was emptied
in commit cdda92ab67b47d74a.
2013-08-12 13:17:57 +02:00
Daniel Stenberg
e79535bc5e SessionHandle: the protocol specific pointer is now a void *
All protocol handler structs are now opaque (void *) in the
SessionHandle struct and moved in the request-specific sub-struct
'SingleRequest'. The intension is to keep the protocol specific
knowledge in their own dedicated source files [protocol].c etc.

There's some "leakage" where this policy is violated, to be addressed at
a later point in time.
2013-08-12 13:17:57 +02:00
Daniel Stenberg
4ad8e142da urldata: clean up the use of the protocol specific structs
1 - always allocate the struct in protocol->setup_connection. Some
protocol handlers had to get this function added.

2 - always free at the end of a request. This is also an attempt to keep
less memory in the handle after it is completed.
2013-08-12 13:17:57 +02:00
Daniel Stenberg
e3ee73b70c version number: bump to 7.32.1 for now
Start working on the next version and up some counters.
2013-08-12 13:16:44 +02:00
Daniel Stenberg
70812c2f32 THANKS: added contributors from the 7.32.0 release notes 2013-08-11 23:43:32 +02:00
Fabian Keil
a64bca68c7 test1228: add 'HTTP proxy' to the keywords 2013-08-11 19:56:23 +02:00
Fabian Keil
67633e1308 tests: add keywords for a couple of FILE tests 2013-08-11 19:56:14 +02:00
Fabian Keil
715ca7c5fe tests: add 'FAILURE' keywords to tests 1409 and 1410 2013-08-11 19:56:11 +02:00
Fabian Keil
001758760b tests: add keywords for a couple of HTTP tests 2013-08-11 19:56:05 +02:00
Fabian Keil
2f06265e39 tests: add keywords for a couple of FTP tests 2013-08-11 19:56:01 +02:00
Fabian Keil
432431368f test1511: consistently terminate headers with CRLF 2013-08-11 19:55:44 +02:00
Daniel Stenberg
4b0028f82d DISABLED: shut of test 1512 for now
It shows intermittent failures and I haven't been able to track them
down yet. Disable this test for now.
2013-08-10 23:55:10 +02:00
Daniel Stenberg
8c9236bb2c curl_multi_add_handle.3: ... that timer callback is for event-based 2013-08-09 23:53:51 +02:00
Daniel Stenberg
2af0b10c95 comments: remove old and wrong multi/easy interface statements 2013-08-09 23:39:09 +02:00
Daniel Stenberg
08adecc9a1 curl_multi_add_handle.3: mention the CURLMOPT_TIMERFUNCTION use 2013-08-09 23:27:43 +02:00
John E. Malmberg
015556d74c KNOWN_BUGS: 22 and 57 have been fixed and committed 2013-08-08 23:34:36 +02:00
Daniel Stenberg
4c40fe64b8 RELEASE-NOTES: synced with d20def2046 2013-08-08 16:37:17 +02:00
Daniel Stenberg
d20def2046 global dns cache: fix memory leak
The take down of the global dns cache didn't take CURLOPT_RESOLVE names
into account.
2013-08-08 16:28:46 +02:00
Daniel Stenberg
d2b36e466a global dns cache: didn't work [regression]
CURLOPT_DNS_USE_GLOBAL_CACHE broke in commit c43127414d (been
broken since the libcurl 7.29.0 release). While this option has been
documented as deprecated for almost a decade and nobody even reported
this bug, it should remain functional.

Added test case 1512 to verify
2013-08-08 16:28:46 +02:00
John Malmberg
27f8c93daf packages/vms: update VMS build files
VMS modified files either missing from a previous commit and changes
to remove references to CVS repositories.
2013-08-08 13:13:56 +02:00
Daniel Stenberg
058b86e6f3 FTP: renamed several local functions
The previous naming scheme ftp_state_post_XXXX() wasn't really helpful
as it wasn't always immediately after 'xxxx' and it wasn't easy to
understand what it does based on such a name.

This new one is instead ftp_state_yyyy() where yyyy describes what it
does or sends.
2013-08-08 12:19:01 +02:00
Daniel Stenberg
0018d6830e mk-ca-bundle.1: don't install on make install
Since the mk-ca-bundle tool itself isn't installed with make install,
there's no point in installing its documentation.

Bug: http://curl.haxx.se/mail/lib-2013-08/0057.html
Reported-by: Guenter Knauf
2013-08-08 09:45:51 +02:00
Yang Tse
59224a31fd packages/vms/Makefile.am: add latest file additions to EXTRA_DIST 2013-08-07 12:21:56 +02:00
John Malmberg
0994d737c8 Building_vms_pcsi_kit
These are the files needed to build VMS distribution packages known as
PCSI kits.

Also minor update to the existing files, mainly to the documentation and
file clean up code.
2013-08-07 12:16:08 +02:00
Daniel Stenberg
96749554fd LIBCURL-STRUCTS: new document
This is the first version of this new document, detailing the seven
perhaps most important internal structs in libcurl source code:

  1.1 SessionHandle
  1.2 connectdata
  1.3 Curl_multi
  1.4 Curl_handler
  1.5 conncache
  1.6 Curl_share
  1.7 CookieInfo
2013-08-06 14:13:33 +02:00
Daniel Stenberg
785749405f CONTRIBUTE: minor language polish 2013-08-06 14:12:45 +02:00
Daniel Stenberg
7cc00d9a83 FTP: when EPSV gets a 229 but fails to connect, retry with PASV
This is a regression as this logic used to work. It isn't clear when it
broke, but I'm assuming in 7.28.0 when we went all-multi internally.

This likely never worked with the multi interface. As the failed
connection is detected once the multi state has reached DO_MORE, the
Curl_do_more() function was now expanded somewhat so that the
ftp_do_more() function can request to go "back" to the previous state
when it makes another attempt - using PASV.

Added test case 1233 to verify this fix. It has the little issue that it
assumes no service is listening/accepting connections on port 1...

Reported-by: byte_bucket in the #curl IRC channel
2013-08-06 09:57:59 +02:00
Nick Zitzmann
230e16dc03 md5: remove use of CommonCrypto-to-OpenSSL macros for the benefit of Leopard
For some reason, OS X 10.5's GCC suddenly stopped working correctly with
macros that change MD5_Init etc. in the code to CC_MD5_Init etc., so I
worked around this by removing use of the macros and inserting static
functions that just call CommonCrypto's implementations of the functions
instead.
2013-08-05 19:47:56 -06:00
Guenter Knauf
0ce410a629 Simplify check for trusted certificates.
This changes the previous check for untrusted certs to a check for
certs explicitely marked as trusted.
The change is backward-compatible (tested with certdata.txt v1.80).
2013-08-05 13:02:27 +02:00
Daniel Stenberg
5d3cbde72e configure: warn on bad env variable use, don't error
Use XC_CHECK_BUILD_FLAGS instead XC_CHECK_USER_FLAGS.
2013-08-05 09:31:59 +02:00
Daniel Stenberg
8fe8fd2b17 Revert "configure: don't error out on variable confusions, just warn"
This reverts commit 6b27703b5f.
2013-08-05 09:28:44 +02:00
Daniel Stenberg
0ddc678927 formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used
The internal function that's used to detect known file extensions for
the default Content-Type got the the wrong pointer passed in when
CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that
strlen() would be used which could lead to an out-of-bounds read (and
thus segfault). In most cases it would only lead to it not finding or
using the correct default content-type.

It also showed that test 554 and test 587 were testing for the
previous/wrong behavior and now they're updated as well.

Bug: http://curl.haxx.se/bug/view.cgi?id=1262
Reported-by: Konstantin Isakov
2013-08-04 23:32:36 +02:00
Guenter Knauf
51f0b798fa Skip more untrusted certificates.
Christian Heimes brought to our attention that the certdata.txt
format has recently changed [1], causing ca-bundle.crt created
with mk-ca-bundle.[pl|vbs] to include untrusted certs.

[1] http://lists.debian.org/debian-release/2012/11/msg00411.html
2013-08-04 21:30:11 +02:00
Daniel Stenberg
6b27703b5f configure: don't error out on variable confusions, just warn 2013-08-04 10:28:26 +02:00
Daniel Stenberg
045ccb59a4 configure: rephrase the notice in _XC_CHECK_VAR_*
Instead of claiming it is an error, we call it a "note" to reduce the
severity level. But the following text now says the [variable] "*should*
only be used to specify"... instead of previously having said "may".
2013-08-03 23:39:23 +02:00
Daniel Stenberg
784336deec multi: remove data->state.current_conn struct field
Not needed
2013-08-03 22:51:35 +02:00
Daniel Stenberg
eb41e8eebe multi: remove the one_easy struct field
Since the merge of SessionHandle with Curl_one_easy, this indirection
isn't used anymore.
2013-08-03 22:51:35 +02:00
Daniel Stenberg
3cd43bbfec multi: rename all Curl_one_easy to SessionHandle 2013-08-03 22:51:35 +02:00
Daniel Stenberg
204e340bcd multi: remove the multi_pos struct field
Since Curl_one_easy is really a SessionHandle now, this indirection
doesn't exist anymore.
2013-08-03 22:51:35 +02:00
Daniel Stenberg
37f2ba7e57 multi: remove easy_handle struct field
It isn't needed anymore
2013-08-03 22:51:35 +02:00
Daniel Stenberg
09b9fc9009 multi: remove 'Curl_one_easy' struct, phase 1
The motivation for having a separate struct that keep track of an easy
handle when using the multi handle was removed when we switched to
always using the multi interface internally. Now they were just two
separate struct that was always allocated for each easy handle.

This first step just moves the Curl_one_easy struct members into the
SessionHandle struct and hides this somehow (== keeps the source code
changes to a minimum) by defining Curl_one_easy to SessionHandle

The biggest changes in this commit are:

 1 - the linked list of easy handles had to be changed somewhat due
     to the new struct layout. This made the main linked list pointer
     get renamed to 'easyp' and there's also a new pointer to the last
     node, called easylp. It is no longer circular but ends with ->next
     pointing to NULL. New nodes are still added last.

 2 - easy->state is now called easy->mstate to avoid name collision
2013-08-03 22:51:35 +02:00
Steve Holme
7da3caaf95 Revert "DOCS: Added IMAP URL example for listing new messages"
This reverts commit 82ab5f1b0c as this was the wrong place to
document the complexity of IMAP URLs and Custom Requests.
2013-08-02 14:25:21 +01:00
Steve Holme
82ab5f1b0c DOCS: Added IMAP URL example for listing new messages
In addition to listing the folder contents, in the URL examples, added
an example to list the new messages waiting in the user's inbox.
2013-08-02 10:08:55 +01:00
Yang Tse
7ae64af368 packages/vms/Makefile.am: add latest file additions to EXTRA_DIST 2013-08-01 13:57:00 +02:00
John Malmberg
2ad688ed7c Add in the files needed to build libcurl shared images on VMS.
Update the packages/vms/readme file to be current.

Also some files for the GNV based build were either missing or needed an
update.

curl_crtl_init.c is a special file that is run before main() to
set up the proper C runtime behavior.

generate_vax_transfer.com generates the VAX transfer vector modules from
the gnv_libcurl_symbols.opt file.

gnv_conftest.c_first is a helper file needed for configure scripts to
come up with the expected answers on VMS.

gnv_libcurl_symbols.opt is the public symbols for the libcurl shared
image.

gnv_link_curl.com builds the shared libcurl image and rebuilds other
programs to use it.

macro32_exactcase.patch is a hack to make a local copy of the VMS Macro32
assembler case sensitive, which is needed to build the VAX transfer modules.

report_openssl_version.c is a tool for help verify that the libcurl
shared image is being built for a minium version of openssl.
2013-08-01 13:51:52 +02:00
Yang Tse
ca786233d2 curl: second follow-up for commit 5af2bfb9
Display progress-bar unconditionally on first call
2013-08-01 12:25:01 +02:00
Yang Tse
14a3139c4d curl: follow-up for commit 5af2bfb9
Use tvnow() and tvdiff() to avoid introducing new linkage issues
2013-07-31 15:36:56 +02:00
Daniel Stenberg
5af2bfb955 curl: --progress-bar max update frequency now at 5Hz 2013-07-31 13:41:00 +02:00
Daniel Stenberg
1691a31cab curl: make --progress-bar update the line less frequently
Also, use memset() instead of a lame loop.

The previous logic that tried to avoid too many updates were very
ineffective for really fast transfers, as then it could easily end up
doing hundreds of updates per second that would make a significant
impact in transfer performance!

Bug: http://curl.haxx.se/mail/archive-2013-07/0031.html
Reported-by: Marc Doughty
2013-07-31 13:41:00 +02:00
Nick Zitzmann
9dedcbf9ec darwinssl: added LFs to some strings passed into infof()
(This doesn't need to appear in the release notes.) I noticed a few places
where infof() was called, and there should've been an LF at the end of the
string, but there wasn't.
2013-07-30 20:32:18 -06:00
Nick Zitzmann
537ffc4c69 darwinssl: fix build error in crypto authentication under Snow Leopard
It turns out Snow Leopard not only has SecItemCopyMatching() defined in
a header not included by the omnibus header, but it won't work for our
purposes, because searching for SecIdentityRef objects wasn't added
to that API until Lion. So we now use the old SecKeychainSearch API
instead if the user is building under, or running under, Snow Leopard.

Bug: http://sourceforge.net/p/curl/bugs/1255/
Reported by: Edward Rudd
2013-07-30 20:25:38 -06:00
Nick Zitzmann
c3e7210548 md5 & metalink: use better build macros on Apple operating systems
Previously we used __MAC_10_X and __IPHONE_X to mark digest-generating
code that was specific to OS X and iOS. Now we use
__MAC_OS_X_VERSION_MAX_ALLOWED and __IPHONE_OS_VERSION_MAX_ALLOWED
instead of those macros.

Bug: http://sourceforge.net/p/curl/bugs/1255/
Reported by: Edward Rudd
2013-07-30 20:20:20 -06:00
Yang Tse
9a5c2d8373 tool_operhlp.c: fix add_file_name_to_url() OOM handling 2013-07-29 18:32:39 +02:00
Yang Tse
8693bbd8c4 tool_operate.c: fix brace placement for vi/emacs delimiter matching 2013-07-29 18:32:38 +02:00
Yang Tse
251dd03b88 tool_operate.c: move <fabdef.h> header inclusion location 2013-07-29 18:32:37 +02:00
Daniel Stenberg
55ea83d622 RELEASE-NOTES: synced with b5478a0e03 2013-07-29 14:51:09 +02:00
Daniel Stenberg
b5478a0e03 curl_easy_pause: on unpause, trigger mulit-socket handling
When the multi-socket API is used, we need the handle to be checked
again when it gets unpaused.

Bug: http://curl.haxx.se/mail/lib-2013-07/0239.html
Reported-by: Justin Karneges
2013-07-29 14:37:08 +02:00
John E. Malmberg
db2deba6b4 curl_formadd: fix file upload on VMS
For the standard VMS text file formats, VMS needs to read the file to
get the actual file size.

For the standard VMS binary file formats, VMS needs a special format of
fopen() call so that it stops reading at the logical end of file instead
of at the end of the blocks allocated to the file.

I structured the patch this way as I was not sure about changing the
structures or parameters to the routines, but would prefer to only call
the stat() function once and pass the information to where the fopen()
call is made.

Bug: https://sourceforge.net/p/curl/bugs/758/
2013-07-29 13:09:08 +02:00
Daniel Stenberg
41fb6443ce formadd: CURLFORM_FILECONTENT wrongly rejected some option combos
The code for CURLFORM_FILECONTENT had its check for duplicate options
wrong so that it would reject CURLFORM_PTRNAME if used in combination
with it (but not CURLFORM_COPYNAME)! The flags field used for this
purpose cannot be interpreted that broadly.

Bug: http://curl.haxx.se/mail/lib-2013-07/0258.html
Reported-by: Byrial Jensen
2013-07-26 23:45:01 +02:00
Yang Tse
e5dfe6c282 packages/vms/Makefile.am: add latest file additions to EXTRA_DIST 2013-07-25 13:18:50 +02:00
John E. Malmberg
e277e20a6d VMS: intial set of files to allow building using GNV toolkit. 2013-07-25 13:04:29 +02:00
Yang Tse
a23e56d109 string formatting: fix too many arguments for format 2013-07-24 17:06:28 +02:00
Yang Tse
ca89a0a092 string formatting: fix zero-length printf format string 2013-07-24 17:05:02 +02:00
Yang Tse
50a74be125 easy.c: curl_easy_getinfo() fix va_start/va_end matching 2013-07-24 16:46:26 +02:00
Yang Tse
8c1e3bb713 imap.c: imap_sendf() fix va_start/va_end matching 2013-07-24 16:46:25 +02:00
Yang Tse
4fad1943a2 string formatting: fix 15+ printf-style format strings 2013-07-24 16:46:24 +02:00
Patrick Monnerat
4d346673a2 OS400: sync ILE/RPG binding with current curl.h 2013-07-24 16:12:35 +02:00
Yang Tse
de052ca6fc string formatting: fix 25+ printf-style format strings 2013-07-24 01:21:26 +02:00
Daniel Stenberg
1a593191c2 Makefile.am: use LDFLAGS as well when linking libcurl
Linking on Solaris 10 x86 with Sun Studio 12 failed when we upgraded
automake for the release builds.

Bug: http://curl.haxx.se/bug/view.cgi?id=1217
Reported-by: Dagobert Michelsen
2013-07-23 21:51:12 +02:00
Fabian Keil
2c4ef997b9 url.c: Fix dot file path cleanup when using an HTTP proxy
Previously the path was cleaned, but the URL wasn't properly updated.
2013-07-23 20:51:15 +02:00
Fabian Keil
d020e2c381 tests: test1232 verifies dotdot removal from path with proxy 2013-07-23 20:51:15 +02:00
Fabian Keil
48fe9226a0 dotdot.c: Fix a RFC section number in a comment for Curl_dedotdotify() 2013-07-23 20:50:59 +02:00
John E. Malmberg
a77ac42e52 build_vms.com: fix debug and float options
In the reorganization of the build_vms.com the debug and float options
were not fixed up correctly.
2013-07-22 22:30:05 +02:00
John E. Malmberg
5880db8abd curl: fix upload of a zip file in OpenVMS
Two fixes:

1. Force output file format to be stream-lf so that partial downloads
can be continued.

This should have minor impact as if the file does not exist, it was
created with stream-lf format.  The only time this was an issue is if
there was already an existing file with a different format.

2. Fix file uploads are now fixed.

   a. VMS binary files such as ZIP archives are now uploaded
      correctly.

   b. VMS text files are read once to get the correct size
      and then converted to line-feed terminated records as
      they are read into curl.

The default VMS text formats do not contain either line-feed or
carriage-return terminated records.  Those delimiters are added by the
operating system file read calls if the application requests them.

Bug: http://curl.haxx.se/bug/view.cgi?id=496
2013-07-22 22:30:05 +02:00
Yang Tse
0f4ba89ffd libtest: fix data type of some *_setopt() 'long' arguments 2013-07-22 21:40:45 +02:00
Yang Tse
edeb1ae65f curl: fix symbolic names for CURL_NETRC_* enum in --libcurl output 2013-07-22 21:40:44 +02:00
Yang Tse
82232bbbaf curl: fix symbolic names for CURLUSESSL_* enum in --libcurl output 2013-07-22 21:40:43 +02:00
Yang Tse
bb2e0686ab tool_operate.c: fix passing curl_easy_setopt long arg on some x64 ABIs
We no longer pass our 'bool' data type variables nor constants as
an argument to my_setopt(), instead we use proper 1L or 0L values.

This also fixes macro used to pass string argument for CURLOPT_SSLCERT,
CURLOPT_SSLKEY and CURLOPT_EGDSOCKET using my_setopt_str() instead of
my_setopt().

This also casts enum or int argument data types to long when passed to
my_setopt_enum().
2013-07-22 21:40:43 +02:00
Daniel Stenberg
513e587c5e curl_multi_wait: fix revents
Commit 6d30f8ebed didn't work properly. First, it used the wrong
array index, but this fix also:

1 - only does the copying if indeed there was any activity

2 - makes sure to properly translate between internal and external
bitfields, which are not guaranteed to match

Reported-by: Evgeny Turnaev
2013-07-21 21:54:47 +02:00
Daniel Stenberg
6ed2bcc5f5 RELEASE-NOTES: synced with d529f3882b 2013-07-19 23:38:43 +02:00
Daniel Stenberg
d529f3882b curl_easy_perform: gradually increase the delay time
Instead of going 50,100,150 etc millisecond delay time when nothing has
been found to do or wait for, we now start lower and double each loop as
in 4,8,16,32 etc.

This lowers the minimum wait without sacrifizing the longer wait too
much with unnecessary CPU cycles burnt.

Bug: http://curl.haxx.se/mail/lib-2013-07/0103.html
Reported-by: Andreas Malzahn
2013-07-19 23:27:17 +02:00
Daniel Stenberg
e2e92486a7 ftp_do_more: consider DO_MORE complete when server connects back
In the case of an active connection when ftp_do_more() detects that the
server has connected back, it must make sure to mark it as complete so
that the multi_runsingle() function will detect this and move on to the
next state.

Bug: http://curl.haxx.se/mail/lib-2013-07/0115.html
Reported-by: Clemens Gruber
2013-07-19 23:02:30 +02:00
Yang Tse
2e5b3168d6 Makefile.b32: Borland makefile adjustments. Tested with BCC 5.5.1 2013-07-19 12:33:11 +02:00
Yang Tse
6bcacff1a5 WIN32 MemoryTracking: require UNICODE for wide strdup code support 2013-07-19 12:33:10 +02:00
Daniel Stenberg
12d01cb6fa CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function
and CURLOPT_PROGRESSFUNCTION is considered deprecated.

This new callback uses pure 'curl_off_t' arguments to pass on full
resolution sizes. It otherwise retains the same characteristics: the
same call rate, the same meanings for the arguments and the return code
is used the same way.

The progressfunc.c example is updated to show how to use the new
callback for newer libcurls while supporting the older one if built with
an older libcurl or even built with a newer libcurl while running with
an older.
2013-07-18 23:44:06 +02:00
Yang Tse
90695fb2c5 Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage".
This reverts commit 7ed25cc, reinstating commit 8ec2cb5.

As of 18-jul-2013 we still do have code in libcurl that makes use of these
memory functions. Commit 8ec2cb5 comment still applies and is yet valid.

These memory functions are solely used in Windows builds, so all related
code is protected with '#ifdef WIN32' preprocessor conditional compilation
directives.

Specifically, wcsdup() _wcsdup() are used when building a Windows target with
UNICODE and USE_WINDOWS_SSPI preprocessor symbols defined. This is the case
when building a Windows UNICODE target with Windows native SSL/TLS support
enabled.

Realizing that wcsdup() _wcsdup() are used is a bit tricky given that usage
of these is hidden behind _tcsdup() which is MS way of dealing with code
that must tolerate UNICODE and non-UNICODE compilation. Additionally, MS
header files and those compatible from other compilers use this preprocessor
conditional compilation directive in order to select at compilation time
whether 'wide' or 'ansi' MS API functions are used.

Without this code, Windows build targets with Windows native SSL/TLS support
enabled and MemoryTracking support enabled misbehave in tracking memory usage,
regardless of being a UNICODE enabled build or not.
2013-07-18 23:37:33 +02:00
Yang Tse
dd17069c9e xc-am-iface.m4: comments refinement 2013-07-18 16:03:15 +02:00
Yang Tse
26b0cb6ae2 configure: fix 'subdir-objects' distclean related issue
See XC_AMEND_DISTCLEAN comments for details.
2013-07-18 04:48:33 +02:00
Evgeny Turnaev
6d30f8ebed curl_multi_wait: set revents for extra fds
Pass back the revents that happened for the user-provided file
descriptors.
2013-07-18 00:06:09 +02:00
Ben Greear
11220678c4 asyn-ares: Don't blank ares servers if none configured.
Best to just let c-ares use it's defaults if none are configured
in (lib)curl.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2013-07-17 23:55:58 +02:00
Sergei Nikulov
448d55ef0a cmake: Fix for MSVC2010 project generation
Fixed issue with static build for MSVC2010.

After some investigation I've discovered known issue
http://public.kitware.com/Bug/view.php?id=11240 When .rc file is linked
to static lib it fails with following linker error

LINK : warning LNK4068: /MACHINE not specified; defaulting to X86
file.obj : fatal error LNK1112: module machine type 'x64' conflicts with
target machine type 'X86'

Fix add target property /MACHINE: for MSVC generation.

Also removed old workarounds - it caused errors during msvc build.

Bug: http://curl.haxx.se/mail/lib-2013-07/0046.html
2013-07-17 00:26:58 +02:00
Daniel Stenberg
7b115cc1e1 mk-ca-bundle.1: point out certdata.txt format docs 2013-07-17 00:06:16 +02:00
Yang Tse
a10d5e3851 slist.c: Curl_slist_append_nodup() OOM handling fix 2013-07-16 23:59:05 +02:00
Daniel Stenberg
1016637f5a test1414: FTP PORT download without SIZE support 2013-07-16 22:54:31 +02:00
Yang Tse
2e00872c04 tests/Makefile.am: add configurehelp.pm to DISTCLEANFILES 2013-07-16 22:51:35 +02:00
Patrick Monnerat
56ece42c81 curl_slist_append(): fix error detection 2013-07-15 19:49:30 +02:00
Patrick Monnerat
99924f6606 slist.c: fix indentation 2013-07-15 19:46:19 +02:00
Patrick Monnerat
0eba02fd41 OS400: new SSL backend GSKit 2013-07-15 19:00:36 +02:00
Patrick Monnerat
464c8693d2 OS400: add slist and certinfo EBCDIC support 2013-07-15 18:48:02 +02:00
Patrick Monnerat
50af17ef24 config-os400.h: enable system strdup(), strcmpi(), etc. 2013-07-15 18:38:17 +02:00
Patrick Monnerat
3a24cb7bc4 x509asn1.c,x509asn1.h: new module to support ASN.1/X509 parsing & info extract
Use from qssl backend
2013-07-15 18:16:13 +02:00
Patrick Monnerat
e839446c2a ssluse.c,sslgen.c,sslgen.h: move certinfo support to generic SSL 2013-07-15 17:26:59 +02:00
Patrick Monnerat
695931cf8e Merge branch 'master' of github.com:bagder/curl
Merge for resync
2013-07-15 16:55:30 +02:00
Patrick Monnerat
964a7600b9 slist.c, slist.h, cookie.c: new internal procedure Curl_slist_append_nodup() 2013-07-15 16:53:43 +02:00
Yang Tse
d4492f955d sslgen.c: fix Curl_rand() compiler warning
Use simple seeding method upon RANDOM_FILE seeding method failure.
2013-07-15 16:00:32 +02:00
Yang Tse
9c15325d34 sslgen.c: fix unreleased Curl_rand() infinite recursion 2013-07-15 13:22:08 +02:00
Dave Reisner
d8c04909fa src/tool: allow timeouts to accept decimal values
Implement wrappers around strtod to convert the user argument to a
double with sane error checking. Use this to allow --max-time and
--connect-timeout to accept decimal values instead of strictly integers.

The manpage is updated to make mention of this feature and,
additionally, forewarn that the actual timeout of the operation can
vary in its precision (particularly as the value increases in its
decimal precision).
2013-07-14 23:04:05 +02:00
Dave Reisner
c0a7a98aee curl.1: fix long line, found by checksrc.pl 2013-07-14 22:50:29 +02:00
Dave Reisner
f5005dd8d0 src/tool_paramhlp: try harder to catch negatives
strto* functions happily chomp off leading whitespace, so simply
checking for str[0] can lead to false negatives. Do the full parse and
check the out value instead.
2013-07-14 22:48:29 +02:00
John E. Malmberg
d3aaa68f55 build_vms.com: detect and use zlib shared image
Update the build_vms.com to detect and use zlib shared image installed
by the ZLIB kit produced by Jean-Francois Pieronne, and the also the
future ZLIB 1.2.8 kit in addition to the older ZLIB kits.

Also fix the indentation to match one of the common standards used for
VMS DCL command files and removed the hard tab characters.

Tested on OpenVMS 8.4 Alpha and IA64, and OpenVMS 7.3 VAX.
2013-07-14 17:37:49 +02:00
Yang Tse
cfc907e43d url.c: fix parse_url_login() OOM handling 2013-07-14 12:19:57 +02:00
Yang Tse
2af64c6432 http_digest.c: SIGSEGV and OOM handling fixes 2013-07-12 19:32:13 +02:00
Yang Tse
83f0dae129 url.c: fix parse_login_details() OOM handling 2013-07-12 12:17:31 +02:00
John E. Malmberg
65d53cf6ef setup-vms.h: sk_pop symbol tweak
Newer versions of curl are referencing a sk_pop symbol while the HP
OpenSSL library has the symbol in uppercase only.
2013-07-12 12:11:11 +02:00
Yang Tse
0d9e65f79f getinfo.c: fix enumerated type mixed with another type 2013-07-11 17:07:36 +02:00
Yang Tse
c983aa9efc test 1511: fix enumerated type mixed with another type 2013-07-11 17:01:02 +02:00
Yang Tse
b16b7f9d3a url.c: fix SIGSEGV 2013-07-11 13:31:08 +02:00
Yang Tse
5c6f12b9f2 dotdot.c: fix global declaration shadowing 2013-07-11 13:31:07 +02:00
Yang Tse
2022b10e50 easy.c: fix global declaration shadowing 2013-07-11 13:31:06 +02:00
Kamil Dudka
45339625bc Revert "curl.1: document the --time-cond option in the man page"
This reverts commit 3a0e931fc7 because
the documentation of --time-cond was duplicated by mistake.

Reported by: Dave Reisner
2013-07-09 15:46:49 +02:00
Kamil Dudka
20ff820ef2 curl.1: document the --sasl-ir option in the man page 2013-07-09 15:18:39 +02:00
Kamil Dudka
39e85d99fe curl.1: document the --post303 option in the man page 2013-07-09 15:18:39 +02:00
Kamil Dudka
3a0e931fc7 curl.1: document the --time-cond option in the man page 2013-07-09 15:18:39 +02:00
Yang Tse
fe7e3229f8 configure: automake 1.14 compatibility tweak (use XC_AUTOMAKE) 2013-07-09 00:10:38 +02:00
Yang Tse
ecf042ff3c xc-am-iface.m4: provide XC_AUTOMAKE macro 2013-07-09 00:07:26 +02:00
Guenter Knauf
aff245b360 Added winssl-zlib target to VC builds. 2013-07-08 17:46:15 +02:00
Guenter Knauf
e01469907a Synced Makefile.vc6 with recent changes.
Issue posted to the list by malinowsky AT FTW DOT at.
2013-07-08 15:05:10 +02:00
Guenter Knauf
b7a933154a Added libmetalink URL; added Android versions. 2013-07-04 04:35:22 +02:00
Dan Fandrich
54f18e5427 examples: Moved usercertinmem.c to COMPLICATED_EXAMPLES
This prevents it from being built during a "make check" since it
depends on OpenSSL.
2013-07-03 21:13:12 +02:00
Nick Zitzmann
833fba265d Merge branch 'master' of https://github.com/bagder/curl 2013-07-02 19:40:14 -06:00
Nick Zitzmann
d633052905 darwinssl: SSLv2 connections are aborted if unsupported by the OS
I just noticed that OS X no longer supports SSLv2. Other TLS engines return
an error if the requested protocol isn't supported by the underlying
engine, so we do that now for SSLv2 if the framework returns an error
when trying to turn on SSLv2 support. (Note: As always, SSLv2 support is
only enabled in curl when starting the app with the -2 argument; it's off
by default. SSLv2 is really old and insecure.)
2013-07-02 19:34:54 -06:00
Marc Hoersken
009d2336fe lib506.c: Fixed possible use of uninitialized variables 2013-07-01 21:42:15 +02:00
Kamil Dudka
abca89aaa0 url: restore the functionality of 'curl -u :'
This commit fixes a regression introduced in
fddb7b44a7.

Reported by: Markus Moeller
Bug: http://curl.haxx.se/mail/archive-2013-06/0052.html
2013-06-30 20:13:14 +02:00
Daniel Stenberg
d689376cb0 digest: append the timer to the random for the nonce 2013-06-25 11:37:27 +02:00
Daniel Stenberg
98b0d66eb4 digest: improve nonce generation
Use the new improved Curl_rand() to generate better random nonce for
Digest auth.
2013-06-25 11:28:22 +02:00
Daniel Stenberg
9c2853f2ae curl.1: fix typo in --xattr description
Bug: http://curl.haxx.se/bug/view.cgi?id=1252
Reported-by: Jean-Noël Rouvignac
2013-06-25 10:41:16 +02:00
Daniel Stenberg
aff7562922 RELEASE-NOTES: synced with 365c5ba395
The 10 first bug fixes for the pending release...
2013-06-25 10:35:21 +02:00
Daniel Stenberg
365c5ba395 formpost: better random boundaries
When doing multi-part formposts, libcurl used a pseudo-random value that
was seeded with time(). This turns out to be bad for users who formpost
data that is provided with users who then can guess how the boundary
string will look like and then they can forge a different formpost part
and trick the receiver.

My advice to such implementors is (still even after this change) to not
rely on the boundary strings being cryptographically strong. Fix your
code and logic to not depend on them that much!

I moved the Curl_rand() function into the sslgen.c source file now to be
able to take advantage of the SSL library's random function if it
provides one. If not, try to use the RANDOM_FILE for seeding and as a
last resort keep the old logic, just modified to also add microseconds
which makes it harder to properly guess the exact seed.

The formboundary() function in formdata.c is now using 64 bit entropy
for the boundary and therefore the string of dashes was reduced by 4
letters and there are 16 hex digits following it. The total length is
thus still the same.

Bug: http://curl.haxx.se/bug/view.cgi?id=1251
Reported-by: "Floris"
2013-06-25 09:55:49 +02:00
Daniel Stenberg
cb1aa8b0e3 printf: make sure %x are treated unsigned
When using %x, the number must be treated as unsigned as otherwise it
would get sign-extended on for example 64bit machines and do wrong
output. This problem showed when doing printf("%08x", 0xffeeddcc) on a
64bit host.
2013-06-25 09:55:49 +02:00
Daniel Stenberg
d3d5c4a40e tests: add test1395 to the tarball 2013-06-24 09:25:58 +02:00
Daniel Stenberg
6117d4025e SIGPIPE: don't use 'data' in sigpipe restore
Follow-up fix from 7d80ed64e4.

The SessionHandle may not be around to use when we restore the sigpipe
sighandler so we store the no_signal boolean in the local struct to know
if/how to restore.
2013-06-24 09:02:49 +02:00
Daniel Stenberg
d23745f7c9 TODO: 1.8 Modified buffer size approach
Thoughts around buffer sizes and what might be possible to do...
2013-06-23 22:49:06 +02:00
Daniel Stenberg
ad47d8e263 c-ares: improve error message on failed resolve
When the c-ares based resolver backend failed to resolve a name, it
tried to show the name that failed from existing structs. This caused
the wrong output and shown hostname when for example --interface
[hostname] was used and that name resolving failed.

Now we use the hostname used in the actual resolve attempt in the error
message as well.

Bug: http://curl.haxx.se/bug/view.cgi?id=1191
Reported-by: Kim Vandry
2013-06-23 20:25:38 +02:00
Daniel Stenberg
8a7a277c08 ossl_recv: check for an OpenSSL error, don't assume
When we recently started to treat a zero return code from SSL_read() as
an error we also got false positives - which primarily looks to be
because the OpenSSL documentation is wrong and a zero return code is not
at all an error case in many situations.

Now ossl_recv() will check with ERR_get_error() to see if there is a
stored error and only then consider it to be a true error if SSL_read()
returned zero.

Bug: http://curl.haxx.se/bug/view.cgi?id=1249
Reported-by: Nach M. S.
Patch-by: Nach M. S.
2013-06-23 12:05:21 +02:00
Nick Zitzmann
0030fbd382 Merge branch 'master' of https://github.com/bagder/curl 2013-06-22 15:16:05 -06:00
Nick Zitzmann
f3052c8a81 darwinssl: fix crash that started happening in Lion
Something (a recent security update maybe?) changed in Lion, and now it
has changed SSLCopyPeerTrust such that it may return noErr but also give
us a null trust, which caught us off guard and caused an eventual crash.
2013-06-22 15:13:36 -06:00
Daniel Stenberg
7d80ed64e4 SIGPIPE: ignored while inside the library
... and restore the ordinary handling again when it returns. This is
done for curl_easy_perform() and curl_easy_cleanup() only for now - and
only when built to use OpenSSL as backend as this is the known culprit
for the spurious SIGPIPEs people have received.

Bug: http://curl.haxx.se/bug/view.cgi?id=1180
Reported by: Lluís Batlle i Rossell
2013-06-22 22:35:06 +02:00
Daniel Stenberg
a2e0ce86ba KNOWN_BUGS: #83 unable to load non-default openssl engines 2013-06-22 22:24:36 +02:00
Daniel Stenberg
6fab0bd9f1 test1396: invoke the correct test tool!
This erroneously run unit test 1310 instead of 1396!
2013-06-22 22:20:31 +02:00
Kamil Dudka
02964ed630 test1230: avoid using hard-wired port number
... to prevent failure when a non-default -b option is given
2013-06-22 22:12:49 +02:00
Kamil Dudka
6f3e7aabdc curl-config.in: replace tabs by spaces 2013-06-22 22:08:42 +02:00
Nick Zitzmann
631e3e13a9 darwinssl: reform OS-specific #defines
This doesn't need to be in the release notes. I cleaned up a lot of the #if
lines in the code to use MAC_OS_X_VERSION_MIN_REQUIRED and
MAC_OS_X_VERSION_MAX_ALLOWED instead of checking for whether things like
__MAC_10_6 or whatever were defined, because for some SDKs Apple has released
they were defined out of place.
2013-06-22 12:23:26 -06:00
Alessandro Ghedini
832c195179 docs: fix typo in curl_easy_getinfo manpage 2013-06-22 18:28:18 +02:00
Daniel Stenberg
7877619f85 dotdot: introducing dot file path cleanup
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
2013-06-22 14:15:07 +02:00
Daniel Stenberg
ec248b590d bump: start working towards what most likely will become 7.32.0 2013-06-22 14:13:28 +02:00
Daniel Stenberg
4846b5e9fe THANKS: added 24 new contributors from the 7.31.0 release 2013-06-22 13:52:27 +02:00
Daniel Stenberg
85c710e11e RELEASE-NOTES: synced with 0de7249bb3 - 7.31.0 2013-06-22 11:30:31 +02:00
Daniel Stenberg
0de7249bb3 unit1396: unit tests to verify curl_easy_(un)escape 2013-06-22 11:21:35 +02:00
Daniel Stenberg
192c4f788d Curl_urldecode: no peeking beyond end of input buffer
Security problem: CVE-2013-2174

If a program would give a string like "%FF" to curl_easy_unescape() but
ask for it to decode only the first byte, it would still parse and
decode the full hex sequence. The function then not only read beyond the
allowed buffer but it would also deduct the *unsigned* counter variable
for how many more bytes there's left to read in the buffer by two,
making the counter wrap. Continuing this, the function would go on
reading beyond the buffer and soon writing beyond the allocated target
buffer...

Bug: http://curl.haxx.se/docs/adv_20130622.html
Reported-by: Timo Sirainen
2013-06-22 11:21:35 +02:00
Guenter Knauf
da0db499fd Use opened body.out file and write content to it. 2013-06-20 22:53:37 +02:00
Daniel Stenberg
88c5c63ffc multi_socket: react on socket close immediately
As a remedy to the problem when a socket gets closed and a new one is
opened with the same file descriptor number and as a result
multi.c:singlesocket() doesn't detect the difference, the new function
Curl_multi_closed() gets told when a socket is closed so that it can be
removed from the socket hash. When the old one has been removed, a new
socket should be detected fine by the singlesocket() on next invoke.

Bug: http://curl.haxx.se/bug/view.cgi?id=1248
Reported-by: Erik Johansson
2013-06-20 22:36:52 +02:00
Daniel Stenberg
a9f5ad0e2a RELEASE-NOTES: synced with e305f5ec71 2013-06-20 22:27:33 +02:00
Daniel Stenberg
e305f5ec71 TODO: mention the DANE patch from March 2013-06-18 09:38:06 +02:00
Daniel Stenberg
7ac3e9f1ba CURLOPT_COOKIELIST: take cookie share lock
When performing COOKIELIST operations the cookie lock needs to be taken
for the cases where the cookies are shared among multiple handles!

Verified by Benjamin Gilbert's updated test 506

Bug: http://curl.haxx.se/bug/view.cgi?id=1215
Reported-by: Benjamin Gilbert
2013-06-17 23:29:05 +02:00
Benjamin Gilbert
03a3dd9ee3 test506: verify that CURLOPT_COOKIELIST takes share lock
It doesn't right now: http://curl.haxx.se/bug/view.cgi?id=1215
2013-06-17 23:28:35 +02:00
Daniel Stenberg
5fc24a5297 TODO: HTTP2/SPDY support 2013-06-15 14:36:35 +02:00
Daniel Stenberg
b1a295ac4e curl_easy_setopt.3: clarify CURLOPT_PROGRESSFUNCTION frequency
Make it clearer that the CURLOPT_PROGRESSFUNCTION callback will be
called more frequently than once per second when things are happening.
2013-06-14 23:17:14 +02:00
Daniel Stenberg
1826c768ab RELEASE-NOTES: synced with 9c3e098259
Mention 7 recent bug fixes and their associated contributors
2013-06-13 23:01:32 +02:00
Daniel Stenberg
9c3e098259 curl_multi_wait.3: clarify the numfds counter 2013-06-13 22:38:53 +02:00
Daniel Stenberg
0feeab7802 curl_easy_perform: avoid busy-looping
When curl_multi_wait() finds no file descriptor to wait for, it returns
instantly and this must be handled gracefully within curl_easy_perform()
or cause a busy-loop. Starting now, repeated fast returns without any
file descriptors is detected and a gradually increasing sleep will be
used (up to a max of 1000 milliseconds) before continuing the loop.

Bug: http://curl.haxx.se/bug/view.cgi?id=1238
Reported-by: Miguel Angel
2013-06-13 19:27:12 +02:00
YAMADA Yasuharu
f24dc09d20 cookies: follow-up fix for path checking
The initial fix to only compare full path names were done in commit
04f52e9b4d but found out to be incomplete. This takes should make the
change more complete and there's now two additional tests to verify
(test 31 and 62).
2013-06-12 11:19:56 +02:00
Sergei Nikulov
9e10963c20 lib1900: use tutil_tvnow instead of gettimeofday
Makes it build on windows
2013-06-12 10:52:23 +02:00
Eric Hu
10b6d81c64 axtls: now done non-blocking 2013-06-12 10:37:32 +02:00
Eric Hu
8026bd7abd test2033: requires NTLM support 2013-06-12 10:34:10 +02:00
Daniel Stenberg
9b8df58169 KNOWN_BUGS: #82 failed build with Borland compiler 2013-06-11 00:21:16 +02:00
Daniel Stenberg
529a2e9110 Curl_output_digest: support auth-int for empty entity body
By always returning the md5 for an empty body when auth-int is asked
for, libcurl now at least sometimes does the right thing.

Bug: http://curl.haxx.se/bug/view.cgi?id=1235
Patched-by: Nach M. S.
2013-06-11 00:08:13 +02:00
Daniel Stenberg
21091549c0 multi_socket: reduce timeout inaccuracy margin
Allow less room for "triggered too early" mistakes by applications /
timers on non-windows platforms. Starting now, we assume that a timeout
call is never made earlier than 3 milliseconds before the actual
timeout. This greatly improves timeout accuracy on Linux.

Bug: http://curl.haxx.se/bug/view.cgi?id=1228
Reported-by: Hang Su
2013-06-11 00:02:29 +02:00
Daniel Stenberg
7b97f03f09 cert_stuff: avoid double free in the PKCS12 code
In the pkcs12 code, we get a list of x509 records returned from
PKCS12_parse but when iterating over the list and passing each to
SSL_CTX_add_extra_chain_cert() we didn't also properly remove them from
the "stack", which made them get freed twice (both in sk_X509_pop_free()
and then later in SSL_CTX_free).

This isn't really documented anywhere...

Bug: http://curl.haxx.se/bug/view.cgi?id=1236
Reported-by: Nikaiw
2013-06-10 23:42:48 +02:00
Daniel Stenberg
ce362e8eb9 cert_stuff: remove code duplication in the pkcs12 logic 2013-06-10 23:04:01 +02:00
Aleksey Tulinov
a4decb49a6 axtls: honor disabled VERIFYHOST
When VERIFYHOST == 0, libcurl should let invalid certificates to pass.
2013-06-08 00:23:05 +02:00
Peter Gal
c53fb36b0c curl_easy_setopt.3: HTTP header with no content
Update the documentation on how to specify a HTTP header with no
content.
2013-06-08 00:15:40 +02:00
Daniel Stenberg
dc19e656b5 RELEASE-NOTES: synced with 87cf677eca
Added 11 bugs and 7 contributors
2013-06-07 10:39:21 +02:00
Daniel Stenberg
87cf677eca lib1500: remove bad check
After curl_multi_wait() returns, this test checked that we got exactly
one file descriptor told to read from, but we cannot be sure that is
true. curl_multi_wait() will sometimes return earlier without any file
descriptor to handle, just just because it is a suitable time to call
*perform().

This problem showed up with commit 29bf0598.

Bug: http://curl.haxx.se/mail/lib-2013-06/0029.html
Reported-by: Fabian Keil
2013-06-06 22:22:14 +02:00
Daniel Stenberg
5657c56f63 tests/Makefile: typo in the perlcheck target
Bug: http://curl.haxx.se/bug/view.cgi?id=1239
Reported-by: Christian Weisgerber
2013-06-04 23:22:11 +02:00
Daniel Stenberg
51b3445e84 test1230: verify CONNECT to a numerical ipv6-address 2013-06-04 22:52:13 +02:00
Daniel Stenberg
a7452b8b8c sws: support extracting test number from CONNECT ipv6-address!
If an ipv6-address is provided to CONNECT, the last hexadecimal group in
the address will be used as the test number! For example the address
"[1234::ff]" would be treated as test case 255.
2013-06-04 22:50:58 +02:00
Daniel Stenberg
0bf5ce77aa curl_multi_wait: only use internal timer if not -1
commit 29bf0598aa introduced a problem when the "internal" timeout is
prefered to the given if shorter, as it didn't consider the case where
-1 was returned. Now the internal timeout is only considered if not -1.

Reported-by: Tor Arntsen
Bug: http://curl.haxx.se/mail/lib-2013-06/0015.html
2013-06-04 13:22:40 +02:00
Dan Fandrich
159d34b58e libcurl-tutorial.3: added a section on IPv6
Also added a (correctly-escaped) backslash to the autoexec.bat
example file and a new Windows character device name with
a colon as examples of other characters that are special
and potentially dangerous (this reverts and reworks commit
7d8d2a54).
2013-06-03 22:44:05 +02:00
Daniel Stenberg
29bf0598aa curl_multi_wait: reduce timeout if the multi handle wants to
If the multi handle's pending timeout is less than what is passed into
this function, it will now opt to use the shorter time anyway since it
is a very good hint that the handle wants to process something in a
shorter time than what otherwise would happen.

curl_multi_wait.3 was updated accordingly to clarify

This is the reason for bug #1224

Bug: http://curl.haxx.se/bug/view.cgi?id=1224
Reported-by: Andrii Moiseiev
2013-06-03 20:27:08 +02:00
Daniel Stenberg
239b58d34d multi_runsingle: switch an if() condition for readability
... because there's an identical check right next to it so using the
operators in the check in the same order increases readability.
2013-06-03 20:23:01 +02:00
Marc Hoersken
74f1810546 curl_schannel.c: Removed variable unused since 35874298e4 2013-06-02 20:21:42 +02:00
Marc Hoersken
f4b08b8f40 curl_setup.h: Fixed redefinition warning using mingw-w64 2013-06-02 15:53:08 +02:00
Daniel Stenberg
6691fdf517 multi_runsingle: add braces to clarify the code 2013-05-30 23:34:33 +02:00
Daniel Stenberg
7d8d2a54ba libcurl-tutorial.3: remove incorrect backslash
A single backslash in the content is not legal nroff syntax.

Reported and fixed by: Eric S. Raymond
Bug: http://curl.haxx.se/bug/view.cgi?id=1234
2013-05-28 13:37:08 +02:00
Daniel Stenberg
9986c6cb2b curl_formadd.3: fixed wrong "end-marker" syntax
Reported and fixed by: Eric S. Raymond
Bug: http://curl.haxx.se/bug/view.cgi?id=1233
2013-05-28 13:35:13 +02:00
Daniel Stenberg
ba9a66663a curl.1: clarify that --silent still outputs data 2013-05-28 11:37:58 +02:00
Daniel Stenberg
ac419bf562 Digest auth: escape user names with \ or " in them
When sending the HTTP Authorization: header for digest, the user name
needs to be escaped if it contains a double-quote or backslash.

Test 1229 was added to verify

Reported and fixed by: Nach M. S
Bug: http://curl.haxx.se/bug/view.cgi?id=1230
2013-05-27 19:45:12 +02:00
Mike Giancola
520833cbe1 ossl_recv: SSL_read() returning 0 is an error too
SSL_read can return 0 for "not successful", according to the open SSL
documentation: http://www.openssl.org/docs/ssl/SSL_read.html
2013-05-22 23:42:33 +02:00
Mike Giancola
e58d9c87f7 ossl_send: SSL_write() returning 0 is an error too
We found that in specific cases if the connection is abruptly closed,
the underlying socket is listed in a close_wait state. We continue to
call the curl_multi_perform, curl_mutli_fdset etc. None of these APIs
report the socket closed / connection finished.  Since we have cases
where the multi connection is only used once, this can pose a problem
for us. I've read that if another connection was to come in, curl would
see the socket as bad and attempt to close it at that time -
unfortunately, this does not work for us.

I found that in specific situations, if SSL_write returns 0, curl did
not recognize the socket as closed (or errored out) and did not report
it to the application. I believe we need to change the code slightly, to
check if ssl_write returns 0. If so, treat it as an error - the same as
a negative return code.

For OpenSSL - the ssl_write documentation is here:
http://www.openssl.org/docs/ssl/SSL_write.html
2013-05-22 23:08:27 +02:00
Daniel Stenberg
84f7991474 KNOWN_BUGS: curl -OJC- fails to resume
Bug: http://curl.haxx.se/bug/view.cgi?id=1169
2013-05-21 23:58:52 +02:00
Daniel Stenberg
85b9dc8023 Curl_cookie_add: handle IPv6 hosts
1 - don't skip host names with a colon in them in an attempt to bail out
on HTTP headers in the cookie file parser. It was only a shortcut anyway
and trying to parse a file with HTTP headers will still be handled, only
slightly slower.

2 - don't skip domain names based on number of dots. The original
netscape cookie spec had this oddity mentioned and while our code
decreased the check to only check for two, the existing cookie spec has
no such dot counting required.

Bug: http://curl.haxx.se/bug/view.cgi?id=1221
Reported-by: Stefan Neis
2013-05-21 23:28:59 +02:00
Daniel Stenberg
7d4d4892d8 curl_easy_setopt.3: expand the PROGRESSFUNCTION section
Explain the callback and its arguments better and with more descriptive
text.
2013-05-20 10:50:51 +02:00
Daniel Stenberg
fc4759af9d tests: add test1394 file to the tarball 2013-05-19 12:44:44 +02:00
Daniel Stenberg
ee84c47655 tarball: include the xmlstream example 2013-05-19 11:21:56 +02:00
David Strauss
ce32176db7 xmlstream: XML stream parsing example source code
Add an XML stream parsing example using Expat. Add missing ignore for
the binary from an unrelated example.
2013-05-19 11:19:28 +02:00
YAMADA Yasuharu
04f52e9b4d cookies: only consider full path matches
I found a bug which cURL sends cookies to the path not to aim at.
For example:
- cURL sends a request to http://example.fake/hoge/
- server returns cookie which with path=/hoge;
  the point is there is NOT the '/' end of path string.
- cURL sends a request to http://example.fake/hogege/ with the cookie.

The reason for this old "feature" is because that behavior is what is
described in the original netscape cookie spec:
http://curl.haxx.se/rfc/cookie_spec.html

The current cookie spec (RFC6265) clarifies the situation:
http://tools.ietf.org/html/rfc6265#section-5.2.4
2013-05-18 22:54:48 +02:00
Eric Hu
100a33f7ff axtls: prevent memleaks on SSL handshake failures 2013-05-16 20:26:42 +02:00
Daniel Stenberg
7ed25ccf0d Revert "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage"
This reverts commit 8ec2cb5544.

We don't have any code anywhere in libcurl (or the curl tool) that use
wcsdup so there's no such memory use to track. It seems to cause mild
problems with the Borland compiler though that we may avoid by reverting
this change again.

Bug: http://curl.haxx.se/mail/lib-2013-05/0070.html
2013-05-12 15:10:01 +02:00
Daniel Stenberg
01eede2662 RELEASE-NOTES: synced with ae26ee3489 2013-05-12 14:36:04 +02:00
Guenter Knauf
ae26ee3489 Updated zlib version in build files. 2013-05-11 17:08:00 +02:00
Renaud Guillard
992bee504d OS X framework: fix invalid symbolic link 2013-05-09 21:51:35 +02:00
Daniel Stenberg
01a2abedd7 nss: give PR_INTERVAL_NO_WAIT instead of -1 to PR_Recv/PR_Send
Reported by: David Strauss
Bug: http://curl.haxx.se/mail/lib-2013-05/0088.html
2013-05-09 11:23:15 +02:00
Daniel Stenberg
a45e3f93e4 libtest: gitignore more binary files 2013-05-08 14:35:45 +02:00
Daniel Stenberg
bdb396ef2a servercert: allow empty subject
Bug: http://curl.haxx.se/bug/view.cgi?id=1220
Patch by: John Gardiner Myers
2013-05-07 23:02:01 +02:00
Steve Holme
6add1901a1 tests: Added new SMTP tests to verify commit 99b4045183 2013-05-07 22:52:43 +02:00
Daniel Stenberg
51b0f09b5e runtests.pl: support nonewline="yes" in client/stdin sections 2013-05-07 22:52:43 +02:00
Daniel Stenberg
8dac7be438 build: fixed unit1394 for debug and metlink builds 2013-05-06 23:28:04 +02:00
Kamil Dudka
bcf1b9dec1 unit1394.c: plug the curl tool unit test in 2013-05-06 15:03:13 +02:00
Jared Jennings
b045d079f8 unit1394.c: basis of a unit test for parse_cert_parameter() 2013-05-06 15:03:13 +02:00
Kamil Dudka
683f2b8323 src/Makefile.am: build static lib for unit tests if enabled 2013-05-06 15:03:12 +02:00
Kamil Dudka
2de20dd9a1 tool_getparam: ensure string termination in parse_cert_parameter() 2013-05-06 15:00:10 +02:00
Kamil Dudka
b47cf4f688 tool_getparam: fix memleak in handling the -E option 2013-05-06 15:00:10 +02:00
Kamil Dudka
a15b2b6c62 tool_getparam: describe what parse_cert_parameter() does
... and de-duplicate the code initializing *passphrase
2013-05-06 15:00:10 +02:00
Kamil Dudka
42e01cff9a curl.1: document escape sequences recognized by -E 2013-05-06 14:32:26 +02:00
Jared Jennings
865d4138a0 curl -E: allow to escape ':' in cert nickname 2013-05-06 14:32:26 +02:00
Marc Hoersken
35874298e4 curl_schannel.c: Fixed invalid memory access during SSL shutdown 2013-05-05 17:57:37 +02:00
Steve Holme
52d72e66c2 smtp: Fix trailing whitespace warning 2013-05-04 18:37:50 +01:00
Steve Holme
f3d10aa0d4 smtp: Fix compilation warning
comparison between signed and unsigned integer expressions
2013-05-04 13:24:05 +01:00
Steve Holme
7632bc911b RELEASE-NOTES: synced with 92ef5f19c8 2013-05-04 10:13:43 +01:00
Steve Holme
92ef5f19c8 smtp: Updated RFC-2821 references to RFC-5321 2013-05-04 10:12:01 +01:00
Steve Holme
99b4045183 smtp: Fixed sending of double CRLF caused by first in EOB
If the mail sent during the transfer contains a terminating <CRLF> then
we should not send the first <CRLF> of the EOB as specified in RFC-5321.

Additionally don't send the <CRLF> if there is "no mail data" as the
DATA command already includes it.
2013-05-04 10:00:33 +01:00
Steve Holme
087f9bb20a tests: Corrected MAIL SIZE for CRLF line endings
... which was missed in commit: f5c3d95384
2013-05-03 20:08:21 +01:00
Steve Holme
e2c7e19144 tests: Corrected infilesize for CRLF line endings
... which was missed in commit: f5c3d95384
2013-05-03 18:27:06 +01:00
Steve Holme
f5c3d95384 tests: Corrected test1406 to be RFC2821 compliant 2013-05-03 18:22:18 +01:00
Steve Holme
6b10f5b963 tests: Corrected test1320 to be RFC2821 compliant 2013-05-02 22:49:16 +01:00
Steve Holme
ee74b77d45 tests: Corrected typo in test909
Introduced in commit: 514817669e
2013-05-02 20:03:50 +01:00
Steve Holme
734bdb68c2 tests: Corrected test909 to be RFC2821 compliant 2013-05-02 18:52:52 +01:00
Steve Holme
514817669e tests: Updated test references to 909 from 1411
...and removed references to libcurl and test1406.
2013-05-02 18:50:00 +01:00
Steve Holme
cb9c0ac7d7 tests: Renamed test1411 to test909 as this is a main SMTP test 2013-05-02 18:46:11 +01:00
Lars Johannesen
1c435295b8 bindlocal: move brace out of #ifdef
The code within #ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID wrongly had two
closing braces when it should only have one, so builds without that
define would fail.

Bug: http://curl.haxx.se/mail/lib-2013-05/0000.html
2013-05-01 14:18:47 +02:00
Steve Holme
46d26a0e77 smtp: Tidy up to move the eob counter to the per-request structure
Move the eob counter from the smtp_conn structure to the SMTP structure
as it is associated with a SMTP payload on a per-request basis.
2013-04-30 22:25:23 +01:00
Steve Holme
f4e3cae8a7 TODO: Updated following the addition of CURLOPT_SASL_IR 2013-04-30 00:12:41 +01:00
Steve Holme
b52cf5d2cd smtp: Fixed unknown percentage complete in progress bar
The curl command line utility would display the the completed progress
bar with a percentage of zero as the progress routines didn't know the
size of the transfer.
2013-04-29 22:34:26 +01:00
Daniel Stenberg
073e83b543 ftpserver: silence warnings
Fix regressions in commit b56e3d43e5. Make @data local and filter off
non-numerical digits from $testno in STATUS_imap.
2013-04-29 14:58:08 +02:00
Steve Holme
c3e6d69acb ftpserver.pl: Corrected the imap LOGIN response
...to be more realistic and consistent with the other imap responses.
2013-04-29 12:58:41 +01:00
Steve Holme
b56e3d43e5 tests: Added imap STATUS command test 2013-04-29 12:53:09 +01:00
Steve Holme
f317ffb7bb tests: Corrected the SMTP tests to be RFC2821 compliant
The emails that are sent to the server during these tests were
incorrectly formatted as they contained one or more LF terminated lines
rather than being CRLF terminated as per Section 2.3.7 of RFC-2821.

This wasn't a problem for the test suite as the <stdin> data matched the
<upload> data but anyone using these tests as reference would be sending
incorrect data to a server.
2013-04-28 16:14:58 +01:00
Steve Holme
9ea5145952 email: Tidy up of *_perform_authenticate()
Removed the hard returns from imap and pop3 by using the same style for
sending the authentication string as smtp. Moved the "Other mechanisms
not supported" check in smtp to match that of imap and pop3 to provide
consistency between the three email protocols.
2013-04-28 12:57:42 +01:00
Steve Holme
1d7c38e1f0 smtp: Updated limit check to be more readable like the check in pop3 2013-04-28 12:26:44 +01:00
Steve Holme
18bfc8f2d7 pop3: Added 255 octet limit check when sending initial response
Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
2013-04-28 12:26:11 +01:00
Steve Holme
945246988d DOCS: Corrected line length of recent Secure Transport changes 2013-04-28 12:17:15 +01:00
Nick Zitzmann
a5c0e20939 darwinssl: add TLS crypto authentication
Users using the Secure Transport (darwinssl) back-end can now use a
certificate and private key to authenticate with a site using TLS. Because
Apple's security system is based around the keychain and does not have any
non-public function to create a SecIdentityRef data structure from data
loaded outside of the Keychain, the certificate and private key have to be
loaded into the Keychain first (using the certtool command line tool or
the Security framework's C API) before we can find it and use it.
2013-04-27 23:15:07 -06:00
Steve Holme
128517649c Corrected version numbers after bump 2013-04-27 23:02:20 +01:00
Daniel Stenberg
219358b93d bump version
Since we're adding new stuff, the next release will bump the minor
version and we're looking forward to 7.31.0
2013-04-27 23:15:35 +02:00
Steve Holme
f133719f73 RELEASE-NOTES: synced with f4e6e201b1 2013-04-27 20:43:55 +01:00
Steve Holme
f4e6e201b1 DOCS: Updated following the addition of CURLOPT_SASL_IR
Documented the the option in curl_easy_setopt() and added it to
symbols-in-versions.
2013-04-27 17:08:08 +01:00
Steve Holme
790b2086d7 tests: Corrected command line arguments in test907 and test908 2013-04-27 16:36:17 +01:00
Steve Holme
f9b691cdb0 tests: Added SMTP AUTH with initial response tests 2013-04-27 13:04:02 +01:00
Steve Holme
4118c30261 tests: Updated SMTP tests to decouple client initial response
Updated test903 and test904 following the addition of CURLOPT_SASL_IR
as the default behaviour of SMTP AUTH responses is now to not include
the initial response. New tests with --sasl-ir support to follow.
2013-04-27 12:32:27 +01:00
Steve Holme
dacbdaab94 imap: Added support for overriding the SASL initial response
In addition to checking for the SASL-IR capability the user can override
the sending of the client's initial response in the AUTHENTICATION
command with the use of CURLOPT_SASL_IR should the server erroneously
not report SASL-IR when it does support it.
2013-04-27 12:12:59 +01:00
Steve Holme
70e30f6caa smtp: Added support for disabling the SASL initial response
Updated the default behaviour of sending the client's initial response in the AUTH
command to not send it and added support for CURLOPT_SASL_IR to allow the user to
specify including the response.

Related Bug: http://curl.haxx.se/mail/lib-2012-03/0114.html
Reported-by: Gokhan Sengun
2013-04-27 12:09:15 +01:00
Steve Holme
7cb6c31370 pop3: Added support for enabling the SASL initial response
Allowed the user to specify whether to send the client's intial response
in the AUTH command via CURLOPT_SASL_IR.
2013-04-27 12:07:39 +01:00
Steve Holme
5d3a031ca7 sasl-ir: Added --sasl-ir option to curl command line tool 2013-04-27 10:03:10 +01:00
Steve Holme
a846fbbe2a sasl-ir: Added CURLOPT_SASL_IR to enable/disable the SASL initial response 2013-04-27 09:58:20 +01:00
Daniel Stenberg
6420672879 curl_easy_init: use less mallocs
By introducing an internal alternative to curl_multi_init() that accepts
parameters to set the hash sizes, easy handles will now use tiny socket
and connection hash tables since it will only ever add a single easy
handle to that multi handle.

This decreased the number mallocs in test 40 (which is a rather simple
and typical easy interface use case) from 1142 to 138. The maximum
amount of memory allocated used went down from 118969 to 78805.
2013-04-26 22:55:55 +02:00
Steve Holme
c4067a5678 ftpserver.pl: Fixed imap logout confirmation data
An IMAP server should response with the BYE continuation response before
confirming the LOGOUT command was successful.
2013-04-26 21:12:36 +01:00
Daniel Stenberg
0523152ad6 ftp_state_pasv_resp: connect through proxy also when set by env
When connecting back to an FTP server after having sent PASV/EPSV,
libcurl sometimes didn't use the proxy properly even though the proxy
was used for the initial connect.

The function wrongly checked for the CURLOPT_PROXY variable to be set,
which made it act wrongly if the proxy information was set with an
environment variable.

Added test case 711 to verify (based on 707 which uses --socks5). Also
added test712 to verify another variation of setting the proxy: with
--proxy socks5://

Bug: http://curl.haxx.se/bug/view.cgi?id=1218
Reported-by: Zekun Ni
2013-04-26 16:49:25 +02:00
Zdenek Pavlas
b37b5233ca url: initialize speed-check data for file:// protocol
... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer.  This commit fixes
a regression caused by 9dd85bced5.

Bug: https://bugzilla.redhat.com/906031
2013-04-26 15:38:22 +02:00
Daniel Stenberg
c68c7e588e test709: clarify the test in the name 2013-04-25 23:42:38 +02:00
Daniel Stenberg
1498a0073e sshserver: disable StrictHostKeyChecking
I couldn't figure out why the host key logic isn't working, but having
it set to yes prevents my SSH-based test cases to run. I also don't see
a strong need to use strict host key checking on this test server.

So I disabled it.
2013-04-25 23:40:31 +02:00
Daniel Stenberg
27777949a0 runtests: log more commands in verbose mode
... to aid tracking down failures
2013-04-25 23:40:01 +02:00
Steve Holme
4dc2d965d6 TODO: Corrected copy/paste typo 2013-04-25 20:18:08 +01:00
Steve Holme
70bbbccc39 TODO: Added new ideas for future SMTP, POP3 and IMAP features 2013-04-25 20:10:09 +01:00
Steve Holme
0dd470fc61 TODO: Updated following the addition of ;auth=<MECH> support 2013-04-25 19:48:34 +01:00
Steve Holme
89acdf50fa DOCS: Minor rewording / clarification of host name protocol detection 2013-04-25 13:30:17 +01:00
Steve Holme
c0d502785f RELEASE-NOTES: synced with a8c92cb608 2013-04-24 19:40:06 +01:00
Steve Holme
a8c92cb608 DOCS: Added reference to IETF draft for SMTP URL Interface
...when mentioning login options. Additional minor clarification of
"Windows builds" to be "Windows builds with SSPI"as a way of enabling
NTLM as Windows builds may be built with OpenSSL to enable NTLM or
without NTLM support altogether.
2013-04-24 19:35:38 +01:00
Linus Nielsen Feltzing
53fda844cc HISTORY: Fix spelling error. 2013-04-23 21:41:38 +02:00
Steve Holme
bbf63b0faa DOCS: Reworked the scheme calculation explanation under CURLOPT_URL 2013-04-23 19:57:58 +01:00
Steve Holme
2af9fd4960 url: Added smtp and pop3 hostnames to the protocol detection list 2013-04-23 19:44:14 +01:00
Daniel Stenberg
2c0d65785f HISTORY: correct some years/dates
Thanks to archive.org's wayback machine I updated this document with
some facts from the early httpget/urlget web page:

http://web.archive.org/web/19980216125115/http://www.inf.ufrgs.br/~sagula/urlget.html
2013-04-23 16:21:29 +02:00
Alessandro Ghedini
d791179d7f tests: add test1511 to check timecond clean-up
Verifies the timecond fix in commit c49ed0b6c0
2013-04-22 22:46:47 +02:00
Alessandro Ghedini
c49ed0b6c0 getinfo.c: reset timecond when clearing session-info variables
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705783
Reported-by: Ludovico Cavedon <cavedon@debian.org>
2013-04-22 22:43:32 +02:00
Steve Holme
868d8e6831 DOCS: Added information about login options to CURLOPT_USERPWD 2013-04-22 20:22:12 +01:00
Steve Holme
e3aca1b2ce DOCS: Added information about login options in the URL 2013-04-22 20:22:10 +01:00
Steve Holme
ddac43b38e url: Fixed missing length check in parse_proxy()
Commit 11332577b3 removed the length check that was performed by the
old scanf() code.
2013-04-21 18:29:33 +01:00
Steve Holme
416ecc1584 url: Fixed crash when no username or password supplied for proxy
Fixed an issue in parse_proxy(), introduced in commit 11332577b3,
where an empty username or password (For example: http://:@example.com)
would cause a crash.
2013-04-21 16:55:19 +01:00
Steve Holme
455ba691a7 url: Removed unused text length constants 2013-04-21 12:16:12 +01:00
Steve Holme
11332577b3 url: Updated proxy URL parsing to use parse_login_details() 2013-04-21 12:12:29 +01:00
Steve Holme
702b0dd408 url: Tidy up of setstropt_userpwd() parameters
Updated the naming convention of the login parameters to match those of
other functions.
2013-04-21 10:27:42 +01:00
Steve Holme
e8a9f794f0 url: Tidy up of code and comments following recent changes
Tidy up of variable names and comments in setstropt_userpwd() and
parse_login_details().
2013-04-21 10:23:47 +01:00
Steve Holme
bddf3d4705 url: Simplified setstropt_userpwd() following recent changes
There is no need to perform separate clearing of data if a NULL option
pointer is passed in. Instead this operation can be performed by simply
not calling parse_login_details() and letting the rest of the code do
the work.
2013-04-20 20:04:00 +01:00
Steve Holme
e99c81a07c url: Correction to scope of if statements when setting data 2013-04-20 19:10:10 +01:00
Steve Holme
fe880475ed url: Fixed memory leak in setstropt_userpwd()
setstropt_userpwd() was calling setstropt() in commit fddb7b44a7 to
set each of the login details which would duplicate the strings and
subsequently cause a memory leak.
2013-04-20 18:40:13 +01:00
Steve Holme
5821d5f111 RELEASE-NOTES: synced with d535c4a2e1 2013-04-20 09:56:16 +01:00
Steve Holme
d535c4a2e1 url: Added overriding of URL login options from CURLOPT_USERPWD 2013-04-20 09:18:51 +01:00
Steve Holme
ca8f17a303 tool_paramhlp: Fixed options being included in username
Fix to prevent the options from being displayed when curl requests the
user's password if the following command line is specified:

--user username;options
2013-04-20 09:16:21 +01:00
Steve Holme
fddb7b44a7 url: Added support for parsing login options from the CURLOPT_USERPWD
In addition to parsing the optional login options from the URL, added
support for parsing them from CURLOPT_USERPWD, to allow the following
supported command line:

--user username:password;options
2013-04-20 09:08:28 +01:00
Steve Holme
49184c3723 url: Added bounds checking to parse_login_details()
Added bounds checking when searching for the separator characters within
the login string as this string may not be NULL terminated (For example
it is the login part of a URL). We do this in preference to allocating a
new string to copy the login details into which could then be passed to
parse_login_details() for performance reasons.
2013-04-19 19:37:55 +01:00
Steve Holme
cc7f6a2ddf url: Added size_t cast to pointer based length calculations 2013-04-19 14:11:43 +01:00
Steve Holme
90fe59b829 url: Corrected minor typo in comment 2013-04-19 12:53:59 +01:00
Daniel Stenberg
7b074a460b CURL_CHECK_CA_BUNDLE: don't check for paths when cross-compiling
When cross-compiling we can't scan and detect existing files or paths.

Bug: http://curl.haxx.se/mail/lib-2013-04/0294.html
2013-04-18 23:37:56 +02:00
Ishan SinghLevett
993cdcd6ee usercertinmem.c: add example showing user cert in memory
Relies on CURLOPT_SSL_CTX_FUNCTION, which is OpenSSL specific
2013-04-18 23:07:15 +02:00
Steve Holme
8763374f0e url: Fix chksrc longer than 79 columns warning 2013-04-18 20:21:11 +01:00
Steve Holme
63388fe1f3 url: Fix incorrect variable type for result code 2013-04-18 19:18:02 +01:00
Steve Holme
b75a88aa72 url: Fix compiler warning
signed and unsigned type in conditional expression
2013-04-18 19:14:25 +01:00
Steve Holme
bb20989a63 url: Moved parsing of login details out of parse_url_login()
Separated the parsing of login details from the processing of them in
parse_url_login() ready for use by setstropt_userpwd().
2013-04-18 18:09:53 +01:00
Steve Holme
0d49e408a4 url: Re-factored set_userpass() and parse_url_userpass()
Re-factored these functions to reflect their new behaviour following the
addition of login options.
2013-04-18 17:36:15 +01:00
Steve Holme
90c87f311e url: Reworked URL parsing to allow overriding by CURLOPT_USERPWD 2013-04-18 17:20:43 +01:00
Daniel Stenberg
da06ac7f3f maketgz: make bzip2 creation work with Parallel BZIP2 too
Apparently the previous usage didn't work with that implementation,
while this updated version works with at least both Parallel BZIP2
v1.1.8 and regular bzip "Version 1.0.6, 6-Sept-2010".
2013-04-18 11:13:56 +02:00
Linus Nielsen Feltzing
6d9236e805 Add tests/http_pipe.py to the tarball build 2013-04-18 10:55:41 +02:00
Steve Holme
c306d2e42f smtp: Re-factored all perform based functions
Standardised the naming of all perform based functions to be in the form
smtp_perform_something().
2013-04-16 19:48:20 +01:00
Steve Holme
f737e3a3dd smtp: Added description comments to all perform based functions 2013-04-16 19:44:53 +01:00
Steve Holme
686586b0f9 smtp: Moved smtp_quit() to be with the other perform functions 2013-04-16 19:44:52 +01:00
Steve Holme
e621a5f6ea smtp: Moved smtp_rcpt_to() to be with the other perform functions 2013-04-16 19:44:49 +01:00
Steve Holme
8093f9541e smtp: Moved smtp_mail() to be with the other perform functions 2013-04-16 19:44:47 +01:00
Wouter Van Rooy
68e7fb499d curl-config: don't output static libs when they are disabled
Curl-config outputs static libraries even when they are disabled in
configure.

This causes problems with the build of pycurl.
2013-04-16 16:07:41 +02:00
Dave Reisner
d9569720dd docs/libcurl: fix formatting in manpage
Commit c3ea3eb6 introduced some minor cosmetic errors in
curl_mutli_socket_action(3).
2013-04-16 09:52:12 +02:00
Paul Howarth
1c40685d32 Add extra libs for lib1900 and lib2033 test programs
These are needed in cases where clock_gettime is used, from librt.
2013-04-15 23:06:10 +02:00
Dan Fandrich
31c6e7af6a FAQ: mention that the network connection can be monitored
Also note the prohibition on sharing handles across threads.
2013-04-15 22:26:18 +02:00
Steve Holme
552ba67bb1 pop3: Added missing comment for pop3_state_apop_resp() 2013-04-15 20:27:49 +01:00
Steve Holme
651254dcc7 smtp: Updated the coding style of smtp_state_servergreet_resp()
Updated the coding style, in this function, to be consistant with other
response functions rather then performing a hard return on failure.
2013-04-15 20:27:47 +01:00
Steve Holme
26bdafcbf9 pop3: Updated the coding style of pop3_state_servergreet_resp()
Updated the coding style, in this function, to be consistent with other
response functions rather then performing a hard return on failure.
2013-04-15 20:27:45 +01:00
Steve Holme
02dc9e788f pop3: Re-factored all perform based functions
Standardised the naming of all perform based functions to be in the form
pop3_perform_something() following the changes made to IMAP.
2013-04-14 10:06:10 +01:00
Steve Holme
e11c6e9961 pop3: Added description comments to all perform based functions 2013-04-14 10:06:08 +01:00
Steve Holme
e4eaa92728 pop3: Moved pop3_quit() to be with the other perform functions 2013-04-14 10:06:07 +01:00
Steve Holme
577f8e5ac6 pop3: Moved pop3_command() to be with the other perform functions
Started to apply the same tidy up to the POP3 code as applied to the
IMAP code in the 7.30.0 release.
2013-04-14 10:06:05 +01:00
Steve Holme
95ba6cdd54 RELEASE-NOTES: Removed erroneous spaces 2013-04-13 18:35:16 +01:00
Steve Holme
7ce6cb9ab4 RELEASE-NOTES: synced with 8723cade21 2013-04-13 16:43:30 +01:00
Steve Holme
8723cade21 smtp: Added support for ;auth=<mech> in the URL
Added support for specifying the preferred authentication mechanism in
the URL as per Internet-Draft 'draft-earhart-url-smtp-00'.
2013-04-13 16:23:00 +01:00
Steve Holme
d956d9db47 pop3: Reworked authentication type constants
... to use left-shifted values, like those defined in curl.h, rather
than 16-bit hexadecimal values.
2013-04-13 16:20:48 +01:00
Steve Holme
ecf93ac986 pop3: Small consistency tidy up 2013-04-13 16:16:23 +01:00
Steve Holme
b3a01be2f3 pop3: Added support for ;auth=<mech> in the URL
Added support for specifying the preferred authentication type and SASL
mechanism in the URL as per RFC-2384.
2013-04-13 16:16:21 +01:00
Steve Holme
00045a3009 imap: Added support for ;auth=<mech> in the URL
Added support for specifying the preferred authentication mechanism in
the URL as per RFC-5092.
2013-04-13 16:11:27 +01:00
Steve Holme
3f7188dd94 sasl: Reworked SASL mechanism constants
... to use left-shifted values, like those defined in curl.h, rather
than 16-bit hexadecimal values.
2013-04-13 13:29:50 +01:00
Steve Holme
720218fea1 sasl: Added predefined preferred mechanism values
In preparation for the upcoming changes to IMAP, POP3 and SMTP added
preferred mechanism values.
2013-04-13 13:11:37 +01:00
Steve Holme
73aa95592f url: Added support for parsing login options from the URL
As well as parsing the username and password from the URL, added support
for parsing the optional options part from the login details, to allow
the following supported URL format:

schema://username:password;options@example.com/path?q=foobar

This will only be used by IMAP, POP3 and SMTP at present but any
protocol that may be given login options in the URL will be able to
add support for them.
2013-04-13 10:49:42 +01:00
Steve Holme
ad3fdbc0a4 smtp: Fix compiler warning
warning: unused variable 'smtp' introduced in commit 73cbd21b5e.
2013-04-13 00:06:19 +01:00
Steve Holme
73cbd21b5e smtp: Moved parsing of url path into separate function 2013-04-12 23:15:51 +01:00
Daniel Stenberg
c5ba0c2f54 FTP: handle a 230 welcome response
...instead of the 220 we otherwise expect.

Made the ftpserver.pl support sending a custom "welcome" and then
created test 1219 to verify this fix with such a 230 welcome.

Bug: http://curl.haxx.se/mail/lib-2013-02/0102.html
Reported by: Anders Havn
2013-04-12 23:59:37 +02:00
Daniel Stenberg
edddf394b8 configure: try pthread_create without -lpthread
For libc variants without a spearate pthread lib (like bionic), try
using pthreads without the pthreads lib first and only if that fails try
the -lpthread linker flag.

Bug: http://curl.haxx.se/bug/view.cgi?id=1216
Reported by: Duncan
2013-04-12 22:58:28 +02:00
Daniel Stenberg
61d259f950 FTP: access files in root dir correctly
Accessing a file with an absolute path in the root dir but with no
directory specified was not handled correctly. This fix comes with four
new test cases that verify it.

Bug: http://curl.haxx.se/mail/lib-2013-04/0142.html
Reported by: Sam Deane
2013-04-12 22:43:13 +02:00
Steve Holme
c01735865f pop3: Reworked the function description for Curl_pop3_write() 2013-04-12 20:22:14 +01:00
Steve Holme
ca46c5dbe2 pop3: Added function description to pop3_parse_custom_request() 2013-04-12 20:22:12 +01:00
Steve Holme
2da127abb5 pop3: Moved utility functions to end of pop3.c 2013-04-12 20:22:10 +01:00
Nick Zitzmann
bc33f2200d darwinssl: add TLS session resumption
This ought to speed up additional TLS handshakes, at least in theory.
2013-04-12 12:20:10 -06:00
Steve Holme
fd399cde00 imap: Added function description to imap_parse_custom_request() 2013-04-12 18:27:51 +01:00
Steve Holme
00c74019f4 imap: Moved utility functions to end of imap.c (Part 3/3)
Moved imap_is_bchar() be with the other utility based functions.
2013-04-12 18:24:46 +01:00
Steve Holme
9d0063befa imap: Moved utility functions to end of imap.c (Part 2/3)
Moved imap_parse_url_path() and imap_parse_custom_request() to the end of the
file allowing all utility functions to be grouped together.
2013-04-12 18:24:44 +01:00
Steve Holme
01e55ebb26 imap: Moved utility functions to end of imap.c (Part 1/3)
Moved imap_atom() and imap_sendf() to the end of the file allowing all
utility functions to be grouped together.
2013-04-12 18:24:43 +01:00
Steve Holme
4bbad1dac7 imap: Corrected function description for imap_connect() 2013-04-12 18:14:43 +01:00
Kamil Dudka
ddbda328b3 tests: prevent test206, test1060, and test1061 from failing
... in case runtests.pl is invoked with non-default -b option

Fixes a regression caused by 1e29d275c6.
2013-04-12 14:25:58 +02:00
David Strauss
8ffbeeda80 libcurl-share.3: update what it does and does not share.
Update sharing interface documentation to provide exhaustive list of
what it does and does not share.
2013-04-12 13:35:29 +02:00
Daniel Stenberg
1d1ffaf912 THANKS: remove duplicated names 2013-04-12 12:37:47 +02:00
Daniel Stenberg
e0cff02061 bump: start working towards next release 2013-04-12 11:30:32 +02:00
Daniel Stenberg
7fe95bb0d5 THANKS: added people from the 7.30.0 RELEASE-NOTES 2013-04-12 11:30:12 +02:00
951 changed files with 80925 additions and 13194 deletions

1
.gitignore vendored
View File

@@ -46,3 +46,4 @@ CHANGES.dist
.cproject
.settings
/[0-9]*.patch
.dirstamp

11
.travis.yml Normal file
View File

@@ -0,0 +1,11 @@
language: c
before_script:
- ./buildconf
compiler:
- clang
- gcc
notifications:
email: false

View File

@@ -108,7 +108,11 @@ if(NOT UNIX)
set(HAVE_IN_ADDR_T 0)
set(HAVE_INET_NTOA_R_DECL 0)
set(HAVE_INET_NTOA_R_DECL_REENTRANT 0)
set(HAVE_GETADDRINFO 0)
if(ENABLE_IPV6)
set(HAVE_GETADDRINFO 1)
else()
set(HAVE_GETADDRINFO 0)
endif()
set(STDC_HEADERS 1)
set(RETSIGTYPE_TEST 1)

View File

@@ -1,3 +1,24 @@
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at http://curl.haxx.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
###########################################################################
# cURL/libcurl CMake script
# by Tetetest and Sukender (Benoit Neil)
@@ -23,6 +44,8 @@ include(Utilities)
project( CURL C )
message(WARNING "the curl cmake build system is poorly maintained. Be aware")
file (READ ${CURL_SOURCE_DIR}/include/curl/curlver.h CURL_VERSION_H_CONTENTS)
string (REGEX MATCH "LIBCURL_VERSION_MAJOR[ \t]+([0-9]+)"
LIBCURL_VERSION_MJ ${CURL_VERSION_H_CONTENTS})
@@ -783,6 +806,17 @@ else()
set(CURL_SIZEOF_CURL_SOCKLEN_T ${SIZEOF_INT})
endif()
# TODO test which of these headers are required for the typedefs used in curlbuild.h
if(WIN32)
set(CURL_PULL_WS2TCPIP_H ${HAVE_WS2TCPIP_H})
else()
set(CURL_PULL_SYS_TYPES_H ${HAVE_SYS_TYPES_H})
set(CURL_PULL_SYS_SOCKET_H ${HAVE_SYS_SOCKET_H})
set(CURL_PULL_SYS_POLL_H ${HAVE_SYS_POLL_H})
endif()
set(CURL_PULL_STDINT_H ${HAVE_STDINT_H})
set(CURL_PULL_INTTYPES_H ${HAVE_INTTYPES_H})
include(CMake/OtherTests.cmake)
add_definitions(-DHAVE_CONFIG_H)

View File

@@ -1,6 +1,6 @@
COPYRIGHT AND PERMISSION NOTICE
Copyright (c) 1996 - 2013, Daniel Stenberg, <daniel@haxx.se>.
Copyright (c) 1996 - 2014, Daniel Stenberg, <daniel@haxx.se>.
All rights reserved.

View File

@@ -103,7 +103,7 @@ if test ! -z $SDK32; then
ln -fs ${FRAMEWORK_VERSION}/Resources Resources
ln -fs ${FRAMEWORK_VERSION}/Headers Headers
cd Versions
ln -fs ${FRAMEWORK_VERSION} Current
ln -fs $(basename "${FRAMEWORK_VERSION}") Current
echo Testing for SDK64
if test -d $SDK64_DIR; then

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -30,28 +30,88 @@ CMake/CurlTests.c CMake/FindOpenSSL.cmake CMake/FindZLIB.cmake \
CMake/OtherTests.cmake CMake/Platforms/WindowsCache.cmake \
CMake/Utilities.cmake include/curl/curlbuild.h.cmake
VC6LIBDSP = vs/vc6/lib/vc6libcurl.dsp
VC6LIBDSPHEAD = vs/t/lib/vc6_libcurl_dsp.head
VC6LIBDSPFOOT = vs/t/lib/vc6_libcurl_dsp.foot
VC6_LIBTMPL = projects/Windows/VC6/lib/libcurl.tmpl
VC6_LIBDSP = projects/Windows/VC6/lib/libcurl.dsp
VC6_LIBDSP_DEPS = $(VC6_LIBTMPL) Makefile.am lib/Makefile.inc
VC6_SRCTMPL = projects/Windows/VC6/src/curlsrc.tmpl
VC6_SRCDSP = projects/Windows/VC6/src/curlsrc.dsp
VC6_SRCDSP_DEPS = $(VC6_SRCTMPL) Makefile.am src/Makefile.inc
VC8LIBPRJ = vs/vc8/lib/vc8libcurl.vcproj
VC8LIBPRJHEAD = vs/t/lib/vc8_libcurl_prj.head
VC8LIBPRJFOOT = vs/t/lib/vc8_libcurl_prj.foot
VC7_LIBTMPL = projects/Windows/VC7/lib/libcurl.tmpl
VC7_LIBVCPROJ = projects/Windows/VC7/lib/libcurl.vcproj
VC7_LIBVCPROJ_DEPS = $(VC7_LIBTMPL) Makefile.am lib/Makefile.inc
VC7_SRCTMPL = projects/Windows/VC7/src/curlsrc.tmpl
VC7_SRCVCPROJ = projects/Windows/VC7/src/curlsrc.vcproj
VC7_SRCVCPROJ_DEPS = $(VC7_SRCTMPL) Makefile.am src/Makefile.inc
VC_DIST = \
vs/t/README \
$(VC6LIBDSP) $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
$(VC8LIBPRJ) $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
vs/vc6/vc6curl.dsw \
vs/vc6/lib/vc6libcurl.dsw \
vs/vc6/src/vc6curltool.dsw \
vs/vc6/src/vc6curltool.dsp
VC71_LIBTMPL = projects/Windows/VC7.1/lib/libcurl.tmpl
VC71_LIBVCPROJ = projects/Windows/VC7.1/lib/libcurl.vcproj
VC71_LIBVCPROJ_DEPS = $(VC71_LIBTMPL) Makefile.am lib/Makefile.inc
VC71_SRCTMPL = projects/Windows/VC7.1/src/curlsrc.tmpl
VC71_SRCVCPROJ = projects/Windows/VC7.1/src/curlsrc.vcproj
VC71_SRCVCPROJ_DEPS = $(VC71_SRCTMPL) Makefile.am src/Makefile.inc
VC6LIBDSP_DEPS = $(VC6LIBDSPHEAD) $(VC6LIBDSPFOOT) \
Makefile.am lib/Makefile.inc
VC8_LIBTMPL = projects/Windows/VC8/lib/libcurl.tmpl
VC8_LIBVCPROJ = projects/Windows/VC8/lib/libcurl.vcproj
VC8_LIBVCPROJ_DEPS = $(VC8_LIBTMPL) Makefile.am lib/Makefile.inc
VC8_SRCTMPL = projects/Windows/VC8/src/curlsrc.tmpl
VC8_SRCVCPROJ = projects/Windows/VC8/src/curlsrc.vcproj
VC8_SRCVCPROJ_DEPS = $(VC8_SRCTMPL) Makefile.am src/Makefile.inc
VC8LIBPRJ_DEPS = $(VC8LIBPRJHEAD) $(VC8LIBPRJFOOT) \
Makefile.am lib/Makefile.inc
VC9_LIBTMPL = projects/Windows/VC9/lib/libcurl.tmpl
VC9_LIBVCPROJ = projects/Windows/VC9/lib/libcurl.vcproj
VC9_LIBVCPROJ_DEPS = $(VC9_LIBTMPL) Makefile.am lib/Makefile.inc
VC9_SRCTMPL = projects/Windows/VC9/src/curlsrc.tmpl
VC9_SRCVCPROJ = projects/Windows/VC9/src/curlsrc.vcproj
VC9_SRCVCPROJ_DEPS = $(VC9_SRCTMPL) Makefile.am src/Makefile.inc
VC10_LIBTMPL = projects/Windows/VC10/lib/libcurl.tmpl
VC10_LIBVCXPROJ = projects/Windows/VC10/lib/libcurl.vcxproj
VC10_LIBVCXPROJ_DEPS = $(VC10_LIBTMPL) Makefile.am lib/Makefile.inc
VC10_SRCTMPL = projects/Windows/VC10/src/curlsrc.tmpl
VC10_SRCVCXPROJ = projects/Windows/VC10/src/curlsrc.vcxproj
VC10_SRCVCXPROJ_DEPS = $(VC10_SRCTMPL) Makefile.am src/Makefile.inc
VC11_LIBTMPL = projects/Windows/VC11/lib/libcurl.tmpl
VC11_LIBVCXPROJ = projects/Windows/VC11/lib/libcurl.vcxproj
VC11_LIBVCXPROJ_DEPS = $(VC11_LIBTMPL) Makefile.am lib/Makefile.inc
VC11_SRCTMPL = projects/Windows/VC11/src/curlsrc.tmpl
VC11_SRCVCXPROJ = projects/Windows/VC11/src/curlsrc.vcxproj
VC11_SRCVCXPROJ_DEPS = $(VC11_SRCTMPL) Makefile.am src/Makefile.inc
VC12_LIBTMPL = projects/Windows/VC12/lib/libcurl.tmpl
VC12_LIBVCXPROJ = projects/Windows/VC12/lib/libcurl.vcxproj
VC12_LIBVCXPROJ_DEPS = $(VC12_LIBTMPL) Makefile.am lib/Makefile.inc
VC12_SRCTMPL = projects/Windows/VC12/src/curlsrc.tmpl
VC12_SRCVCXPROJ = projects/Windows/VC12/src/curlsrc.vcxproj
VC12_SRCVCXPROJ_DEPS = $(VC12_SRCTMPL) Makefile.am src/Makefile.inc
VC_DIST = projects/README \
projects/build-openssl.bat \
projects/Windows/VC6/curl.dsw \
projects/Windows/VC6/lib/libcurl.dsw $(VC6_LIBDSP) \
projects/Windows/VC6/src/curlsrc.dsw $(VC6_SRCDSP) \
projects/Windows/VC7/curl.sln \
projects/Windows/VC7/lib/libcurl.sln $(VC7_LIBVCPROJ) \
projects/Windows/VC7/src/curlsrc.sln $(VC7_SRCVCPROJ) \
projects/Windows/VC7.1/curl.sln \
projects/Windows/VC7.1/lib/libcurl.sln $(VC71_LIBVCPROJ) \
projects/Windows/VC7.1/src/curlsrc.sln $(VC71_SRCVCPROJ) \
projects/Windows/VC8/curl.sln \
projects/Windows/VC8/lib/libcurl.sln $(VC8_LIBVCPROJ) \
projects/Windows/VC8/src/curlsrc.sln $(VC8_SRCVCPROJ) \
projects/Windows/VC9/curl.sln \
projects/Windows/VC9/lib/libcurl.sln $(VC9_LIBVCPROJ) \
projects/Windows/VC9/src/curlsrc.sln $(VC9_SRCVCPROJ) \
projects/Windows/VC10/curl.sln \
projects/Windows/VC10/lib/libcurl.sln $(VC10_LIBVCXPROJ) \
projects/Windows/VC10/src/curlsrc.sln $(VC10_SRCVCXPROJ) \
projects/Windows/VC11/curl.sln \
projects/Windows/VC11/lib/libcurl.sln $(VC11_LIBVCXPROJ) \
projects/Windows/VC11/src/curlsrc.sln $(VC11_SRCVCXPROJ) \
projects/Windows/VC12/curl.sln \
projects/Windows/VC12/lib/libcurl.sln $(VC12_LIBVCXPROJ) \
projects/Windows/VC12/src/curlsrc.sln $(VC12_SRCVCXPROJ)
WINBUILD_DIST = winbuild/BUILD.WINDOWS.txt winbuild/gen_resp_file.bat \
winbuild/MakefileBuild.vc winbuild/Makefile.vc \
@@ -61,7 +121,10 @@ EXTRA_DIST = CHANGES COPYING maketgz Makefile.dist curl-config.in \
RELEASE-NOTES buildconf libcurl.pc.in MacOSX-Framework \
$(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST) lib/libcurl.vers.in
CLEANFILES = $(VC6LIBDSP) $(VC8LIBPRJ)
CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \
$(VC71_LIBVCPROJ) $(VC71_SRCVCPROJ) $(VC8_LIBVCPROJ) $(VC8_SRCVCPROJ) \
$(VC9_LIBVCPROJ) $(VC9_SRCVCPROJ) $(VC10_LIBVCXPROJ) $(VC10_SRCVCXPROJ) \
$(VC11_LIBVCXPROJ) $(VC11_SRCVCXPROJ) $(VC12_LIBVCXPROJ) $(VC12_SRCVCXPROJ)
bin_SCRIPTS = curl-config
@@ -71,11 +134,9 @@ DIST_SUBDIRS = $(SUBDIRS) tests packages docs
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libcurl.pc
# List of libcurl source files required to generate VC IDE dsp and prj files
# List of files required to generate VC IDE .dsp, .vcproj and .vcxproj files
include lib/Makefile.inc
WIN32SOURCES = $(CSOURCES)
WIN32HEADERS = $(HHEADERS) config-win32.h
include src/Makefile.inc
dist-hook:
rm -rf $(top_builddir)/tests/log
@@ -187,96 +248,249 @@ uninstall-hook:
cd docs && $(MAKE) uninstall
ca-bundle: lib/mk-ca-bundle.pl
@echo "generate a fresh ca-bundle.crt"
@echo "generating a fresh ca-bundle.crt"
@perl $< -b -l -u lib/ca-bundle.crt
ca-firefox: lib/firefox-db2pem.sh
@echo "generate a fresh ca-bundle.crt"
@echo "generating a fresh ca-bundle.crt"
./lib/firefox-db2pem.sh lib/ca-bundle.crt
checksrc:
cd lib && $(MAKE) checksrc
cd src && $(MAKE) checksrc
.PHONY: vc6-ide
.PHONY: vc-ide
vc6-ide:
$(MAKE) $(VC6LIBDSP)
$(VC6LIBDSP): $(VC6LIBDSP_DEPS)
@(echo "generating '$(VC6LIBDSP)'"; \
vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \
$(VC7_SRCVCPROJ_DEPS) $(VC71_LIBVCPROJ_DEPS) $(VC71_SRCVCPROJ_DEPS) \
$(VC8_LIBVCPROJ_DEPS) $(VC8_SRCVCPROJ_DEPS) $(VC9_LIBVCPROJ_DEPS) \
$(VC9_SRCVCPROJ_DEPS) $(VC10_LIBVCXPROJ_DEPS) $(VC10_SRCVCXPROJ_DEPS) \
$(VC11_LIBVCXPROJ_DEPS) $(VC11_SRCVCXPROJ_DEPS) $(VC12_LIBVCXPROJ_DEPS) \
$(VC12_SRCVCXPROJ_DEPS)
@(win32_lib_srcs='$(LIB_CFILES)'; \
win32_lib_hdrs='$(LIB_HFILES) config-win32.h'; \
win32_lib_rc='$(LIB_RCFILES)'; \
win32_lib_vtls_srcs='$(LIB_VTLS_CFILES)'; \
win32_lib_vtls_hdrs='$(LIB_VTLS_HFILES)'; \
win32_src_srcs='$(CURL_CFILES)'; \
win32_src_hdrs='$(CURL_HFILES)'; \
win32_src_rc='$(CURL_RCFILES)'; \
\
for dir in 'vs' 'vs/vc6' 'vs/vc6/lib'; do \
test -d "$$dir" || mkdir "$$dir" || exit 1; \
done; \
sorted_lib_srcs=`for file in $$win32_lib_srcs; do echo $$file; done | sort`; \
sorted_lib_hdrs=`for file in $$win32_lib_hdrs; do echo $$file; done | sort`; \
sorted_lib_vtls_srcs=`for file in $$win32_lib_vtls_srcs; do echo $$file; done | sort`; \
sorted_lib_vtls_hdrs=`for file in $$win32_lib_vtls_hdrs; do echo $$file; done | sort`; \
sorted_src_srcs=`for file in $$win32_src_srcs; do echo $$file; done | sort`; \
sorted_src_hdrs=`for file in $$win32_src_hdrs; do echo $$file; done | sort`; \
\
dir='..\..\..\lib\'; \
body='$(VC6LIBDSP)'.body; \
win32_srcs='$(WIN32SOURCES)'; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
awk_code='\
function gen_element(type, dir, file)\
{\
sub(/vtls\//, "", file);\
\
spaces=" ";\
if(dir == "lib\\vtls")\
tabs=" ";\
else\
tabs=" ";\
\
if(type == "dsp") {\
printf("# Begin Source File\r\n");\
printf("\r\n");\
printf("SOURCE=..\\..\\..\\..\\%s\\%s\r\n", dir, file);\
printf("# End Source File\r\n");\
}\
else if(type == "vcproj1") {\
printf("%s<File\r\n", tabs);\
printf("%s RelativePath=\"..\\..\\..\\..\\%s\\%s\">\r\n",\
tabs, dir, file);\
printf("%s</File>\r\n", tabs);\
}\
else if(type == "vcproj2") {\
printf("%s<File\r\n", tabs);\
printf("%s RelativePath=\"..\\..\\..\\..\\%s\\%s\"\r\n",\
tabs, dir, file);\
printf("%s>\r\n", tabs);\
printf("%s</File>\r\n", tabs);\
}\
else if(type == "vcxproj") {\
i = index(file, ".");\
ext = substr(file, i == 0 ? 0 : i + 1);\
\
if(ext == "c")\
printf("%s<ClCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
spaces, dir, file);\
else if(ext == "h")\
printf("%s<ClInclude Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
spaces, dir, file);\
else if(ext == "rc")\
printf("%s<ResourceCompile Include=\"..\\..\\..\\..\\%s\\%s\" />\r\n",\
spaces, dir, file);\
}\
}\
\
{\
\
if($$0 == "CURL_LIB_C_FILES") {\
split(lib_srcs, arr);\
for(val in arr) gen_element(proj_type, "lib", arr[val]);\
}\
else if($$0 == "CURL_LIB_H_FILES") {\
split(lib_hdrs, arr);\
for(val in arr) gen_element(proj_type, "lib", arr[val]);\
}\
else if($$0 == "CURL_LIB_RC_FILES") {\
split(lib_rc, arr);\
for(val in arr) gen_element(proj_type, "lib", arr[val]);\
}\
else if($$0 == "CURL_LIB_VTLS_C_FILES") {\
split(lib_vtls_srcs, arr);\
for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
}\
else if($$0 == "CURL_LIB_VTLS_H_FILES") {\
split(lib_vtls_hdrs, arr);\
for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\
}\
else if($$0 == "CURL_SRC_C_FILES") {\
split(src_srcs, arr);\
for(val in arr) gen_element(proj_type, "src", arr[val]);\
}\
else if($$0 == "CURL_SRC_H_FILES") {\
split(src_hdrs, arr);\
for(val in arr) gen_element(proj_type, "src", arr[val]);\
}\
else if($$0 == "CURL_SRC_RC_FILES") {\
split(src_rc, arr);\
for(val in arr) gen_element(proj_type, "src", arr[val]);\
}\
else\
printf("%s\r\n", $$0);\
}';\
\
echo "# Begin Group \"Source Files\"" > $$body; \
echo "" >> $$body; \
echo "# PROP Default_Filter \"\"" >> $$body; \
for file in $$sorted_srcs; do \
echo "# Begin Source File" >> $$body; \
echo "" >> $$body; \
echo "SOURCE="$$dir$$file >> $$body; \
echo "# End Source File" >> $$body; \
done; \
echo "# End Group" >> $$body; \
echo "# Begin Group \"Header Files\"" >> $$body; \
echo "" >> $$body; \
echo "# PROP Default_Filter \"\"" >> $$body; \
for file in $$sorted_hdrs; do \
echo "# Begin Source File" >> $$body; \
echo "" >> $$body; \
echo "SOURCE="$$dir$$file >> $$body; \
echo "# End Source File" >> $$body; \
done; \
echo "# End Group" >> $$body; \
echo "generating '$(VC6_LIBDSP)'"; \
awk -v proj_type=dsp \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC6_LIBTMPL) > $(VC6_LIBDSP) || { exit 1; }; \
\
awk '{ printf("%s\r\n", $$0); }' \
$(srcdir)/$(VC6LIBDSPHEAD) $$body $(srcdir)/$(VC6LIBDSPFOOT) \
> $(VC6LIBDSP) || { rm -f $$body; exit 1; }; \
echo "generating '$(VC6_SRCDSP)'"; \
awk -v proj_type=dsp \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC6_SRCTMPL) > $(VC6_SRCDSP) || { exit 1; }; \
\
rm -f $$body)
.PHONY: vc8-ide
vc8-ide:
$(MAKE) $(VC8LIBPRJ)
$(VC8LIBPRJ): $(VC8LIBPRJ_DEPS)
@(echo "generating '$(VC8LIBPRJ)'"; \
echo "generating '$(VC7_LIBVCPROJ)'"; \
awk -v proj_type=vcproj1 \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC7_LIBTMPL) > $(VC7_LIBVCPROJ) || { exit 1; }; \
\
for dir in 'vs' 'vs/vc8' 'vs/vc8/lib'; do \
test -d "$$dir" || mkdir "$$dir" || exit 1; \
done; \
echo "generating '$(VC7_SRCVCPROJ)'"; \
awk -v proj_type=vcproj1 \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC7_SRCTMPL) > $(VC7_SRCVCPROJ) || { exit 1; }; \
\
dir='..\..\..\lib\'; \
body='$(VC8LIBPRJ)'.body; \
win32_srcs='$(WIN32SOURCES)'; \
win32_hdrs='$(WIN32HEADERS)'; \
sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \
sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \
echo "generating '$(VC71_LIBVCPROJ)'"; \
awk -v proj_type=vcproj1 \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC71_LIBTMPL) > $(VC71_LIBVCPROJ) || { exit 1; }; \
\
echo "%tab%%tab%<Filter Name=\"Source Files\">" > $$body; \
for file in $$sorted_srcs; do \
echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
done; \
echo "%tab%%tab%</Filter>" >> $$body; \
echo "%tab%%tab%<Filter Name=\"Header Files\">" >> $$body; \
for file in $$sorted_hdrs; do \
echo "%tab%%tab%%tab%<File RelativePath=\""$$dir$$file"\"></File>" >> $$body; \
done; \
echo "%tab%%tab%</Filter>" >> $$body; \
echo "generating '$(VC71_SRCVCPROJ)'"; \
awk -v proj_type=vcproj1 \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC71_SRCTMPL) > $(VC71_SRCVCPROJ) || { exit 1; }; \
\
awk '{ gsub(/%tab%/, "\t"); printf("%s\r\n", $$0); }' \
$(srcdir)/$(VC8LIBPRJHEAD) $$body $(srcdir)/$(VC8LIBPRJFOOT) \
> $(VC8LIBPRJ) || { rm -f $$body; exit 1; }; \
echo "generating '$(VC8_LIBVCPROJ)'"; \
awk -v proj_type=vcproj2 \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC8_LIBTMPL) > $(VC8_LIBVCPROJ) || { exit 1; }; \
\
rm -f $$body)
echo "generating '$(VC8_SRCVCPROJ)'"; \
awk -v proj_type=vcproj2 \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC8_SRCTMPL) > $(VC8_SRCVCPROJ) || { exit 1; }; \
\
echo "generating '$(VC9_LIBVCPROJ)'"; \
awk -v proj_type=vcproj2 \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC9_LIBTMPL) > $(VC9_LIBVCPROJ) || { exit 1; }; \
\
echo "generating '$(VC9_SRCVCPROJ)'"; \
awk -v proj_type=vcproj2 \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC9_SRCTMPL) > $(VC9_SRCVCPROJ) || { exit 1; }; \
\
echo "generating '$(VC10_LIBVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC10_LIBTMPL) > $(VC10_LIBVCXPROJ) || { exit 1; }; \
\
echo "generating '$(VC10_SRCVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC10_SRCTMPL) > $(VC10_SRCVCXPROJ) || { exit 1; }; \
\
echo "generating '$(VC11_LIBVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC11_LIBTMPL) > $(VC11_LIBVCXPROJ) || { exit 1; }; \
\
echo "generating '$(VC11_SRCVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC11_SRCTMPL) > $(VC11_SRCVCXPROJ) || { exit 1; }; \
\
echo "generating '$(VC12_LIBVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v lib_srcs="$$sorted_lib_srcs" \
-v lib_hdrs="$$sorted_lib_hdrs" \
-v lib_rc="$$win32_lib_rc" \
-v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \
-v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \
"$$awk_code" $(srcdir)/$(VC12_LIBTMPL) > $(VC12_LIBVCXPROJ) || { exit 1; }; \
\
echo "generating '$(VC12_SRCVCXPROJ)'"; \
awk -v proj_type=vcxproj \
-v src_srcs="$$sorted_src_srcs" \
-v src_hdrs="$$sorted_src_hdrs" \
-v src_rc="$$win32_src_rc" \
"$$awk_code" $(srcdir)/$(VC12_SRCTMPL) > $(VC12_SRCVCXPROJ) || { exit 1; };)

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -136,24 +136,60 @@ vc-zlib: $(VC)
cd ..\src
nmake /f Makefile.$(VC) cfg=release-zlib
vc-x64-zlib: $(VC)
cd lib
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
cd ..\src
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-zlib
vc-ssl: $(VC)
cd lib
nmake /f Makefile.$(VC) cfg=release-ssl
cd ..\src
nmake /f Makefile.$(VC) cfg=release-ssl
vc-winssl: $(VC)
cd lib
nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
cd ..\src
nmake /f Makefile.$(VC) cfg=release-winssl WINDOWS_SSPI=1
vc-x64-ssl: $(VC)
cd lib
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
cd ..\src
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl
vc-x64-winssl: $(VC)
cd lib
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
cd ..\src
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl WINDOWS_SSPI=1
vc-ssl-zlib: $(VC)
cd lib
nmake /f Makefile.$(VC) cfg=release-ssl-zlib
cd ..\src
nmake /f Makefile.$(VC) cfg=release-ssl-zlib
vc-winssl-zlib: $(VC)
cd lib
nmake /f Makefile.$(VC) cfg=release-winssl-zlib
cd ..\src
nmake /f Makefile.$(VC) cfg=release-winssl-zlib
vc-x64-ssl-zlib: $(VC)
cd lib
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
cd ..\src
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
vc-x64-winssl-zlib: $(VC)
cd lib
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
cd ..\src
nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-winssl-zlib
vc-ssl-dll: $(VC)
cd lib
nmake /f Makefile.$(VC) cfg=release-ssl-dll
@@ -254,6 +290,18 @@ linux-ssl: ssl
# We don't need to do anything for vc6.
vc6:
# VC7 makefiles are for use with VS.NET and VS.NET 2003
vc7: lib/Makefile.vc7 src/Makefile.vc7
lib/Makefile.vc7: lib/Makefile.vc6
@echo "generate $@"
@sed -e "s/VC6/VC7/g" lib/Makefile.vc6 > lib/Makefile.vc7
src/Makefile.vc7: src/Makefile.vc6
@echo "generate $@"
@sed -e "s/VC6/VC7/g" src/Makefile.vc6 > src/Makefile.vc7
# VC8 makefiles are for use with VS2005
vc8: lib/Makefile.vc8 src/Makefile.vc8
lib/Makefile.vc8: lib/Makefile.vc6
@@ -286,6 +334,28 @@ src/Makefile.vc10: src/Makefile.vc6
@echo "generate $@"
@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g" src/Makefile.vc6 > src/Makefile.vc10
# VC11 makefiles are for use with VS2012
vc11: lib/Makefile.vc11 src/Makefile.vc11
lib/Makefile.vc11: lib/Makefile.vc6
@echo "generate $@"
@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g" lib/Makefile.vc6 > lib/Makefile.vc11
src/Makefile.vc11: src/Makefile.vc6
@echo "generate $@"
@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc11/g" -e "s/VC6/VC11/g" src/Makefile.vc6 > src/Makefile.vc11
# VC12 makefiles are for use with VS2013
vc12: lib/Makefile.vc12 src/Makefile.vc12
lib/Makefile.vc12: lib/Makefile.vc6
@echo "generate $@"
@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g" lib/Makefile.vc6 > lib/Makefile.vc12
src/Makefile.vc12: src/Makefile.vc6
@echo "generate $@"
@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc12/g" -e "s/VC6/VC12/g" src/Makefile.vc6 > src/Makefile.vc12
ca-bundle: lib/mk-ca-bundle.pl
@echo "generate a fresh ca-bundle.crt"
@perl $< -b -l -u lib/ca-bundle.crt

View File

@@ -1,88 +1,87 @@
Curl and libcurl 7.30.0
Curl and libcurl 7.37.0
Public curl releases: 132
Command line options: 152
curl_easy_setopt() options: 199
Public curl releases: 139
Command line options: 161
curl_easy_setopt() options: 206
Public functions in libcurl: 58
Known libcurl bindings: 42
Contributors: 1005
***
krb4 support is up for removal. If you care about it at all, speak up
on the curl-library list asap!
***
Contributors: 1137
This release includes the following changes:
o imap: Changed response tag generation to be completely unique
o imap: Added support for SASL-IR extension
o imap: Added support for the list command
o imap: Added support for the append command
o imap: Added custom request parsing
o imap: Added support to the fetch command for UID and SECTION properties
o imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
o darwinssl: Make certificate errors less techy
o imap/pop3/smtp: Added support for the STARTTLS capability
o checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
o curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag [10]
o Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS for
new multi interface connection handling
o Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE,
CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL and
CURLMOPT_PIPELINING_SERVER_BL for new pipelining control [15]
o URL parser: IPv6 zone identifiers are now supported
o CURLOPT_PROXYHEADER: set headers for proxy-only
o CURLOPT_HEADEROPT: added
o curl: add --proxy-header
o sasl: Added support for DIGEST-MD5 via Windows SSPI
o sasl: Added DIGEST-MD5 qop-option validation in native challange handling
o imap: Expanded mailbox SEARCH support to use URL query strings [7]
o imap: Extended FETCH support to include PARTIAL URL specifier [7]
o nss: implement non-blocking SSL handshake
o build: Reworked Visual Studio project files
o poll: enable poll on darwin13
o mk-ca-bundle: added -p
o libtests: add a wait_ms() function
This release includes the following bugfixes:
o SECURITY ADVISORY: cookie tailmatching to avoid cross-domain leakage [25]
o darwinssl: Fix build under Leopard
o DONE: consider callback-aborted transfers premature [1]
o ntlm: Fixed memory leaks
o smtp: Fixed an issue when processing EHLO failure responses
o pop3: Fixed incorrect return value from pop3_endofresp()
o pop3: Fixed SASL authentication capability detection
o pop3: Fixed blocking SSL connect when connecting via POP3S
o imap: Fixed memory leak when performing multiple selects
o nss: fix misplaced code enabling non-blocking socket mode
o AddFormData: prevent only directories from being posted [2]
o darwinssl: fix infinite loop if server disconnected abruptly [3]
o metalink: fix improbable crash parsing metalink filename
o show proper host name on failed resolve
o MacOSX-Framework: Make script work in Xcode 4.0 and later
o strlcat: remove function [4]
o darwinssl: Fix send glitchiness with data > 32 or so KB [5]
o polarssl: better 1.1.x and 1.2.x support
o various documentation improvements
o multi: NULL pointer reference when closing an unused multi handle [9]
o SOCKS: fix socks proxy when noproxy matched [7]
o install-sh: updated to support multiple source files as arguments [6]
o PolarSSL: added human readable error strings
o resolver_error: remove wrong error message output
o docs: updates HTML index and general improvements
o curlbuild.h.dist: enhance non-configure GCC ABI detection logic
o sasl: Fixed null pointer reference when decoding empty digest challenge [8]
o easy: do not ignore poll() failures other than EINTR
o darwinssl: disable ECC ciphers under Mountain Lion by default
o CONNECT: count received headers [11]
o build: fixes for VMS
o CONNECT: clear 'rewindaftersend' on success [12]
o HTTP proxy: insert slash in URL if missing [13]
o hiperfifo: updated to use current libevent API [14]
o getinmemory.c: abort the transfer nicely if not enough memory
o improved win32 memorytracking
o corrected proxy header response headers count [16]
o FTP quote operations on re-used connection [17]
o tcpkeepalive on win32 [18]
o tcpkeepalive on Mac OS X [23]
o easy: acknowledge the CURLOPT_MAXCONNECTS option properly [19]
o easy interface: restore default MAXCONNECTS to 5
o win32: don't set SO_SNDBUF for windows vista or later versions [20]
o HTTP: made cookie sort function more deterministic
o winssl: Fixed memory leak if connection was not successful
o FTP: wait on both connections during active STOR state [21]
o connect: treat a failed local bind of an interface as a non-fatal error [22]
o darwinssl: disable insecure ciphers by default
o FTP: handle "rubbish" in front of directory name in 257 responses [24]
o mk-ca-bundle: Fixed lost OpenSSL output with "-t"
o mkhelp: generate code for --disable-manual as well [1]
o hostcheck: added a system include to define struct in_addr
o winbuild: added warnless.c to fix build
o Makefile.vc6: added warnless.c to fix build
o smtp: Fixed login denied when server doesn't support AUTH capability [2]
o smtp: Fixed login denied with a RFC-821 based server [2]
o curl: stop interpreting IPv6 literals as glob patterns
o http2: remove _DRAFT09 from the NPN_HTTP2 enum
o http2: let openssl mention the exact protocol negotiated
o http2+openssl: fix compiler warnings in ALPN using code
o ftp: in passive data connect wait for happy eyeballs sockets [3]
o HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue [4]
o http2: Compile with current nghttp2, which supports h2-11 [5]
o http_negotiate_sspi: Fixed compilation when USE_HTTP_NEGOTIATE not defined
o strerror: fix comment about vxworks' strerror_r buffer size [6]
o url: only use if_nametoindex() if IFNAMSIZ is available
o imap: Fixed untagged response detection when no data after command
o various: fix possible dereference of null pointer
o various: fix use of uninitialized variable
o various: fix use of non-null terminated strings
o telnet.c: check sscanf results before passing them to snprintf
o parsedate.c: check sscanf result before passing it to strlen
o sockfilt.c: free memory in case of memory allocation errors
o sockfilt.c: ignore non-key-events and continue waiting for input
o sockfilt.c: properly handle disk files, pipes and character input
o sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe
o sockfilt.c: clean up threaded approach and add documentation
o configure: use the nghttp2 path correctly with pkg-config [8]
o curl_global_init_mem: bump initialized even if already initialized [9]
o gtls: fix NULL pointer dereference [10]
o cyassl: Use error-ssl.h when available
o handler: make 'protocol' always specified as a single bit [11]
o INFILESIZE: fields in UserDefined must not be changed run-time
o openssl: biomem->data is not zero terminated
o config-win32.h: Fixed HAVE_LONGLONG for Visual Studio .NET 2003 and up
o curl_ntlm_core: Fixed use of long long for VC6 and VC7
o SNI: strip off a single trailing dot from host name [12]
o curl: bail on cookie use when built with disabled cookies
o curl_easy_setopt.3: added the proto for CURLOPT_SSH_KNOWNHOSTS
o curl_multi_cleanup: ignore SIGPIPE better [13]
o schannel: don't use the connect-timeout during send [14]
o mprintf: allow %.s with data not being zero terminated
o tool_help: Fixed missing --login-options option
o configure: Don't set LD_LIBRARY_PATH when cross-compiling
o http: auth failure on duplicated 'WWW-Authenticate: Negotiate' header [15]
o cacertinmem: fix memory leak [16]
o lib1506: make sure the transfers are not within the same ms [17]
o Makefile.b32: Fixed for vtls changes [18]
o sasl: Fixed missing qop in the client's challenge-response message
o openssl: unbreak PKCS12 support [19]
o darwinssl: fix potential crash with a P12 file [20]
o timers: fix timer regression involving redirects / reconnects [21]
o CURLINFO_SSL_VERIFYRESULT: made more reliable [22]
o HTTP: fixed connection re-use [23]
o configure: add SPNEGO to supported features [24]
o configure: add GSS-API to supported features [25]
o ALPN: fix typo in http/1.1 identifier
o http2: make connection re-use work [26]
This release includes the following known bugs:
@@ -91,43 +90,41 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
Kamil Dudka, Steve Holme, Nick Zitzmann, Patricia Muscalu, Dan Fandrich,
Gisle Vanem, Guenter Knauf, Yang Tse, Oliver Gondža, Aki Koskinen,
Alexander Klauer, Kim Vandry, Willem Sparreboom, Jeremy Huddleston,
Bruno de Carvalho, Rainer Jung, Jeremy Huddleston, Kim Vandry, Jiri Hruska,
Alexander Klauer, Saran Neti, Alessandro Ghedini, Linus Nielsen Feltzing,
Martin Jansen, John E. Malmberg, Tom Grace, Patrick Monnerat,
Zdenek Pavlas, Myk Taylor, Cédric Deltheil, Robert Wruck, Sam Deane,
Clemens Gruber, Marc Hoersken, Tomas Mlcoch, Fredrik Thulin, Steven Gu,
Andrew Kurushin, Christian Hägele, Daniel Theron, Bill Middlecamp,
Richard Michael, Yamada Yasuharu
Aaro Koskinen, Cody Mack, Damian Dixon, Dan Fandrich, Daniel Johnson,
Daniel Stenberg, David Woodhouse, Dilyan Palauzov, Fabian Frank,
Ivo Bellin Salarin, Jeff King, Jeroen Koekkoek, Jon Torrey, Kamil Dudka,
Larry Lin, Leon Winter, Maciej Puzio, Marc Hoersken, Michael Osipov,
Nick Zitzmann, Patrick Watson, Paul Marks, Radu Simionescu, Remi Gacogne,
Ryan Braud, Steve Holme, Tatsuhiro Tsujikawa, Till Maas, Tom Sparrow,
Török Edwin, Vijay Panghal,
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = http://curl.haxx.se/bug/view.cgi?id=1184
[2] = http://curl.haxx.se/mail/archive-2013-02/0040.html
[3] = http://curl.haxx.se/mail/lib-2013-03/0014.html
[4] = http://curl.haxx.se/bug/view.cgi?id=1192
[5] = http://curl.haxx.se/mail/lib-2013-02/0145.html
[6] = http://curl.haxx.se/bug/view.cgi?id=1195
[7] = http://curl.haxx.se/bug/view.cgi?id=1190
[8] = http://curl.haxx.se/bug/view.cgi?id=1193
[9] = http://curl.haxx.se/bug/view.cgi?id=1194
[10] = http://curl.haxx.se/bug/view.cgi?id=1168
[11] = http://curl.haxx.se/bug/view.cgi?id=1204
[12] = https://groups.google.com/d/msg/msysgit/B31LNftR4BI/KhRTz0iuGmUJ
[13] = http://curl.haxx.se/bug/view.cgi?id=1206
[14] = http://curl.haxx.se/bug/view.cgi?id=1199
[15] = http://daniel.haxx.se/blog/2013/03/26/better-pipelining-in-libcurl-7-30-0/
[16] = http://curl.haxx.se/bug/view.cgi?id=1204
[17] = http://curl.haxx.se/mail/lib-2013-03/0319.html
[18] = http://curl.haxx.se/bug/view.cgi?id=1209
[19] = http://curl.haxx.se/bug/view.cgi?id=1212
[20] = http://curl.haxx.se/bug/view.cgi?id=1188
[21] = http://curl.haxx.se/bug/view.cgi?id=1183
[22] = http://curl.haxx.se/bug/view.cgi?id=1189
[23] = http://curl.haxx.se/bug/view.cgi?id=1214
[24] = http://curl.haxx.se/mail/lib-2013-04/0113.html
[25] = http://curl.haxx.se/docs/adv_20130412.html
[1] = http://curl.haxx.se/bug/view.cgi?id=1350
[2] = http://curl.haxx.se/mail/lib-2014-03/0173.html
[3] = http://curl.haxx.se/mail/lib-2014-02/0135.html (ruined)
[4] = http://curl.haxx.se/bug/view.cgi?id=1349
[5] = http://curl.haxx.se/mail/lib-2014-04/0053.html
[6] = http://curl.haxx.se/mail/lib-2014-04/0063.html
[7] = http://curl.haxx.se/mail/lib-2014-04/0067.html
[8] = http://curl.haxx.se/mail/lib-2014-04/0159.html
[9] = http://curl.haxx.se/bug/view.cgi?id=1362
[10] = http://curl.haxx.se/mail/lib-2014-04/0145.html
[11] = https://github.com/bagder/curl/pull/97
[12] = http://curl.haxx.se/mail/lib-2014-04/0161.html
[13] = http://thread.gmane.org/gmane.comp.version-control.git/238242
[14] = http://curl.haxx.se/bug/view.cgi?id=1352
[15] = https://bugzilla.redhat.com/1093348
[16] = http://curl.haxx.se/bug/view.cgi?id=1368
[17] = http://curl.haxx.se/mail/lib-2014-05/0081.html
[18] = http://curl.haxx.se/mail/lib-2014-05/0025.html
[19] = http://curl.haxx.se/bug/view.cgi?id=1371
[20] = http://curl.haxx.se/bug/view.cgi?id=1369
[21] = http://curl.haxx.se/mail/lib-2014-05/0147.html
[22] = http://curl.haxx.se/mail/lib-2014-04/0203.html
[23] = http://curl.haxx.se/mail/lib-2014-05/0127.html
[24] = http://curl.haxx.se/bug/view.cgi?id=1343
[25] = http://curl.haxx.se/bug/view.cgi?id=1344
[26] = http://curl.haxx.se/bug/view.cgi?id=1374

View File

@@ -2620,46 +2620,50 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
capath="$want_capath"
ca="no"
else
dnl neither of --with-ca-* given
dnl first try autodetecting a CA bundle , then a CA path
dnl both autodetections can be skipped by --without-ca-*
ca="no"
capath="no"
if test "x$want_ca" = "xunset"; then
dnl the path we previously would have installed the curl ca bundle
dnl to, and thus we now check for an already existing cert in that place
dnl in case we find no other
if test "x$prefix" != xNONE; then
cac="${prefix}/share/curl/curl-ca-bundle.crt"
else
cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
fi
if test "x$cross_compiling" != "xyes"; then
dnl NOT cross-compiling and...
dnl neither of the --with-ca-* options are provided
if test "x$want_ca" = "xunset"; then
dnl the path we previously would have installed the curl ca bundle
dnl to, and thus we now check for an already existing cert in that
dnl place in case we find no other
if test "x$prefix" != xNONE; then
cac="${prefix}/share/curl/curl-ca-bundle.crt"
else
cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
fi
for a in /etc/ssl/certs/ca-certificates.crt \
/etc/pki/tls/certs/ca-bundle.crt \
/usr/share/ssl/certs/ca-bundle.crt \
/usr/local/share/certs/ca-root.crt \
/etc/ssl/cert.pem \
"$cac"; do
if test -f "$a"; then
ca="$a"
break
fi
done
fi
if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
"x$OPENSSL_ENABLED" = "x1"; then
for a in /etc/ssl/certs/; do
if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
capath="$a"
break
fi
done
for a in /etc/ssl/certs/ca-certificates.crt \
/etc/pki/tls/certs/ca-bundle.crt \
/usr/share/ssl/certs/ca-bundle.crt \
/usr/local/share/certs/ca-root.crt \
/etc/ssl/cert.pem \
"$cac"; do
if test -f "$a"; then
ca="$a"
break
fi
done
fi
if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
"x$OPENSSL_ENABLED" = "x1"; then
for a in /etc/ssl/certs/; do
if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
capath="$a"
break
fi
done
fi
else
dnl no option given and cross-compiling
AC_MSG_WARN([skipped the ca-cert path detection when cross-compiling])
fi
fi
if test "x$ca" != "xno"; then
CURL_CA_BUNDLE='"'$ca'"'
AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default ca bundle])

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -31,7 +31,7 @@ XC_OVR_ZZ60
CURL_OVERRIDE_AUTOCONF
dnl configure script copyright
AC_COPYRIGHT([Copyright (c) 1998 - 2013 Daniel Stenberg, <daniel@haxx.se>
AC_COPYRIGHT([Copyright (c) 1998 - 2014 Daniel Stenberg, <daniel@haxx.se>
This configure script may be copied, distributed and modified under the
terms of the curl license; see COPYING for more details])
@@ -126,7 +126,7 @@ fi
dnl figure out the libcurl version
CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h`
XC_CHECK_PROG_CC
AM_INIT_AUTOMAKE
XC_AUTOMAKE
AC_MSG_CHECKING([curl version])
AC_MSG_RESULT($CURLVERSION)
@@ -150,7 +150,6 @@ dnl initialize all the info variables
curl_ssl_msg="no (--with-{ssl,gnutls,nss,polarssl,cyassl,axtls,winssl,darwinssl} )"
curl_ssh_msg="no (--with-libssh2)"
curl_zlib_msg="no (--with-zlib)"
curl_krb4_msg="no (--with-krb4*)"
curl_gss_msg="no (--with-gssapi)"
curl_spnego_msg="no (--with-spnego)"
curl_tls_srp_msg="no (--enable-tls-srp)"
@@ -1066,6 +1065,7 @@ AC_HELP_STRING([--disable-ipv6],[Disable ipv6 support]),
AC_TRY_RUN([ /* is AF_INET6 available? */
#include <sys/types.h>
#include <sys/socket.h>
#include <stdlib.h> /* for exit() */
main()
{
if (socket(AF_INET6, SOCK_STREAM, 0) < 0)
@@ -1134,101 +1134,6 @@ no)
;;
esac
dnl **********************************************************************
dnl Check for the presence of Kerberos4 libraries and headers
dnl **********************************************************************
AC_ARG_WITH(krb4-includes,
AC_HELP_STRING([--with-krb4-includes=DIR],
[Specify location of kerberos4 headers]),[
CPPFLAGS="$CPPFLAGS -I$withval"
KRB4INC="$withval"
want_krb4=yes
])
AC_ARG_WITH(krb4-libs,
AC_HELP_STRING([--with-krb4-libs=DIR],[Specify location of kerberos4 libs]),[
LDFLAGS="$LDFLAGS -L$withval"
KRB4LIB="$withval"
want_krb4=yes
])
OPT_KRB4=off
AC_ARG_WITH(krb4,dnl
AC_HELP_STRING([--with-krb4=DIR],[where to look for Kerberos4]),[
OPT_KRB4="$withval"
if test X"$OPT_KRB4" != Xno; then
want_krb4="yes"
if test X"$OPT_KRB4" != Xyes; then
LDFLAGS="$LDFLAGS -L$OPT_KRB4/lib$libsuff"
KRB4LIB="$OPT_KRB4/lib$libsuff"
CPPFLAGS="$CPPFLAGS -I$OPT_KRB4/include"
KRB4INC="$OPT_KRB4/include"
fi
fi
])
AC_MSG_CHECKING([if Kerberos4 support is requested])
if test "$want_krb4" = yes
then
if test "$ipv6" = "yes"; then
echo krb4 is not compatible with IPv6
exit 1
fi
AC_MSG_RESULT(yes)
dnl Check for & handle argument to --with-krb4
AC_MSG_CHECKING(where to look for Kerberos4)
if test X"$OPT_KRB4" = Xyes
then
AC_MSG_RESULT([defaults])
else
AC_MSG_RESULT([libs in $KRB4LIB, headers in $KRB4INC])
fi
dnl Check for DES library
AC_CHECK_LIB(des, des_pcbc_encrypt,
[
AC_CHECK_HEADERS(des.h)
dnl resolv lib?
AC_CHECK_FUNC(res_search, , [AC_CHECK_LIB(resolv, res_search)])
dnl Check for the Kerberos4 library
AC_CHECK_LIB(krb, krb_net_read,
[
dnl Check for header files
AC_CHECK_HEADERS(krb.h)
dnl we found the required libraries, add to LIBS
LIBS="-lkrb -lcom_err -ldes $LIBS"
dnl Check for function krb_get_our_ip_for_realm
dnl this is needed for NAT networks
AC_CHECK_FUNCS(krb_get_our_ip_for_realm)
dnl add define KRB4
AC_DEFINE(HAVE_KRB4, 1,
[if you have the Kerberos4 libraries (including -ldes)])
dnl substitute it too!
KRB4_ENABLED=1
AC_SUBST(KRB4_ENABLED)
curl_krb4_msg="enabled"
dnl the krb4 stuff needs a strlcpy()
AC_CHECK_FUNCS(strlcpy)
])
])
else
AC_MSG_RESULT(no)
fi
dnl **********************************************************************
dnl Check for FBopenssl(SPNEGO) libraries
dnl **********************************************************************
@@ -1268,26 +1173,26 @@ dnl **********************************************************************
dnl Check for GSS-API libraries
dnl **********************************************************************
dnl check for gss stuff in the /usr as default
dnl check for GSS-API stuff in the /usr as default
GSSAPI_ROOT="/usr"
AC_ARG_WITH(gssapi-includes,
AC_HELP_STRING([--with-gssapi-includes=DIR],
[Specify location of GSSAPI header]),
[Specify location of GSS-API headers]),
[ GSSAPI_INCS="-I$withval"
want_gss="yes" ]
)
AC_ARG_WITH(gssapi-libs,
AC_HELP_STRING([--with-gssapi-libs=DIR],
[Specify location of GSSAPI libs]),
[Specify location of GSS-API libs]),
[ GSSAPI_LIB_DIR="-L$withval"
want_gss="yes" ]
)
AC_ARG_WITH(gssapi,
AC_HELP_STRING([--with-gssapi=DIR],
[Where to look for GSSAPI]), [
[Where to look for GSS-API]), [
GSSAPI_ROOT="$withval"
if test x"$GSSAPI_ROOT" != xno; then
want_gss="yes"
@@ -1299,7 +1204,7 @@ AC_ARG_WITH(gssapi,
])
save_CPPFLAGS="$CPPFLAGS"
AC_MSG_CHECKING([if GSSAPI support is requested])
AC_MSG_CHECKING([if GSS-API support is requested])
if test x"$want_gss" = xyes; then
AC_MSG_RESULT(yes)
@@ -1316,7 +1221,7 @@ if test x"$want_gss" = xyes; then
AC_CHECK_HEADER(gss.h,
[
dnl found in the given dirs
AC_DEFINE(HAVE_GSSGNU, 1, [if you have the GNU gssapi libraries])
AC_DEFINE(HAVE_GSSGNU, 1, [if you have GNU GSS])
gnu_gss=yes
],
[
@@ -1337,19 +1242,19 @@ AC_INCLUDES_DEFAULT
AC_CHECK_HEADER(gssapi.h,
[
dnl found
AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have Heimdal])
],
[
dnl no header found, disabling GSS
want_gss=no
AC_MSG_WARN(disabling GSSAPI since no header files was found)
AC_MSG_WARN(disabling GSS-API support since no header files were found)
]
)
else
dnl MIT found
AC_DEFINE(HAVE_GSSMIT, 1, [if you have the MIT gssapi libraries])
dnl check if we have a really old MIT kerberos (<= 1.2)
AC_MSG_CHECKING([if gssapi headers declare GSS_C_NT_HOSTBASED_SERVICE])
AC_DEFINE(HAVE_GSSMIT, 1, [if you have MIT Kerberos])
dnl check if we have a really old MIT Kerberos version (<= 1.2)
AC_MSG_CHECKING([if GSS-API headers declare GSS_C_NT_HOSTBASED_SERVICE])
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[
#include <gssapi/gssapi.h>
@@ -1367,7 +1272,7 @@ AC_INCLUDES_DEFAULT
],[
AC_MSG_RESULT([no])
AC_DEFINE(HAVE_OLD_GSSMIT, 1,
[if you have an old MIT gssapi library, lacking GSS_C_NT_HOSTBASED_SERVICE])
[if you have an old MIT Kerberos version, lacking GSS_C_NT_HOSTBASED_SERVICE])
])
fi
]
@@ -1376,9 +1281,9 @@ else
AC_MSG_RESULT(no)
fi
if test x"$want_gss" = xyes; then
AC_DEFINE(HAVE_GSSAPI, 1, [if you have the gssapi libraries])
AC_DEFINE(HAVE_GSSAPI, 1, [if you have GSS-API libraries])
curl_gss_msg="enabled (MIT/Heimdal)"
curl_gss_msg="enabled (MIT Kerberos/Heimdal)"
if test -n "$gnu_gss"; then
curl_gss_msg="enabled (GNU GSS)"
@@ -1389,6 +1294,12 @@ if test x"$want_gss" = xyes; then
*-*-darwin*)
LIBS="-lgssapi_krb5 -lresolv $LIBS"
;;
*-hp-hpux*)
if test "$GSSAPI_ROOT" != "yes"; then
LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
fi
LIBS="-lgss $LIBS"
;;
*)
if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
dnl krb5-config doesn't have --libs-only-L or similar, put everything
@@ -1405,7 +1316,14 @@ if test x"$want_gss" = xyes; then
esac
else
LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
LIBS="-lgssapi $LIBS"
case $host in
*-hp-hpux*)
LIBS="-lgss $LIBS"
;;
*)
LIBS="-lgssapi $LIBS"
;;
esac
fi
else
CPPFLAGS="$save_CPPFLAGS"
@@ -1676,7 +1594,10 @@ if test "$curl_ssl_msg" = "$init_ssl_msg" && test X"$OPT_SSL" != Xno; then
ENGINE_cleanup \
CRYPTO_cleanup_all_ex_data \
SSL_get_shutdown \
SSLv2_client_method )
SSLv2_client_method \
SSL_CTX_set_next_proto_select_cb \
SSL_CTX_set_alpn_protos \
SSL_CTX_set_alpn_select_cb )
dnl Make an attempt to detect if this is actually yassl's headers and
dnl OpenSSL emulation layer. We still leave everything else believing
@@ -2079,6 +2000,12 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$USE_CYASSL" = "xyes"; then
AC_MSG_NOTICE([detected CyaSSL])
dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined!
AC_CHECK_SIZEOF(long long)
dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h
AC_CHECK_HEADERS(cyassl/error-ssl.h)
LIBS="-lcyassl -lm $LIBS"
if test -n "$cyassllib"; then
@@ -2163,8 +2090,8 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
CPPFLAGS="$CPPFLAGS $addcflags"
fi
dnl The function PK11_CreateGenericObject is needed to load libnsspem.so
AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
dnl The function SSL_VersionRangeSet() is needed to enable TLS > 1.0
AC_CHECK_LIB(nss3, SSL_VersionRangeSet,
[
AC_DEFINE(USE_NSS, 1, [if NSS is enabled])
AC_SUBST(USE_NSS, [1])
@@ -2180,14 +2107,6 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
if test "x$USE_NSS" = "xyes"; then
AC_MSG_NOTICE([detected NSS version $version])
dnl NSS_InitContext() was introduced in NSS 3.12.5 and helps to prevent
dnl collisions on NSS initialization/shutdown with other libraries
AC_CHECK_FUNC(NSS_InitContext,
[
AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [if you have the NSS_InitContext function])
AC_SUBST(HAVE_NSS_INITCONTEXT, [1])
])
dnl when shared libs were found in a path that the run-time
dnl linker doesn't search through, we need to add it to
dnl LD_LIBRARY_PATH to prevent further configure tests to fail
@@ -2248,10 +2167,11 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then
USE_AXTLS="yes"
curl_ssl_msg="enabled (axTLS)"
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
export LD_LIBRARY_PATH
AC_MSG_NOTICE([Added $LIB_AXTLS to LD_LIBRARY_PATH])
if test "x$cross_compiling" != "xyes"; then
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$LIB_AXTLS"
export LD_LIBRARY_PATH
AC_MSG_NOTICE([Added $LIB_AXTLS to LD_LIBRARY_PATH])
fi
],[
LDFLAGS="$CLEANLDFLAGS"
CPPFLAGS="$CLEANCPPFLAGS"
@@ -2553,19 +2473,19 @@ AC_HELP_STRING([--disable-versioned-symbols], [Disable versioned symbols in shar
AC_MSG_RESULT(yes)
if test "x$OPENSSL_ENABLED" = "x1"; then
versioned_symbols_flavour="OPENSSL_"
elif test "x$GNUTLS_ENABLED" == "x1"; then
elif test "x$GNUTLS_ENABLED" = "x1"; then
versioned_symbols_flavour="GNUTLS_"
elif test "x$NSS_ENABLED" == "x1"; then
elif test "x$NSS_ENABLED" = "x1"; then
versioned_symbols_flavour="NSS_"
elif test "x$POLARSSL_ENABLED" == "x1"; then
elif test "x$POLARSSL_ENABLED" = "x1"; then
versioned_symbols_flavour="POLARSSL_"
elif test "x$CYASSL_ENABLED" == "x1"; then
elif test "x$CYASSL_ENABLED" = "x1"; then
versioned_symbols_flavour="CYASSL_"
elif test "x$AXTLS_ENABLED" == "x1"; then
elif test "x$AXTLS_ENABLED" = "x1"; then
versioned_symbols_flavour="AXTLS_"
elif test "x$WINSSL_ENABLED" == "x1"; then
elif test "x$WINSSL_ENABLED" = "x1"; then
versioned_symbols_flavour="WINSSL_"
elif test "x$DARWINSSL_ENABLED" == "x1"; then
elif test "x$DARWINSSL_ENABLED" = "x1"; then
versioned_symbols_flavour="DARWINSSL_"
else
versioned_symbols_flavour=""
@@ -2783,7 +2703,7 @@ if test "$want_idn" = "yes"; then
if test "x$ac_cv_header_tld_h" = "xyes"; then
AC_SUBST([IDN_ENABLED], [1])
curl_idn_msg="enabled"
if test -n "$IDN_DIR"; then
if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
export LD_LIBRARY_PATH
AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
@@ -2808,6 +2728,90 @@ dnl http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/aixprggd/ \
dnl genprogc/thread_quick_ref.htm
dnl **********************************************************************
dnl Check for nghttp2
dnl **********************************************************************
AC_MSG_CHECKING([whether to build with nghttp2])
OPT_H2="no"
AC_ARG_WITH(nghttp2,
AC_HELP_STRING([--with-nghttp2=PATH],[Enable nghttp2 usage])
AC_HELP_STRING([--without-nghttp2],[Disable nghttp2 usage]),
[OPT_H2=$withval])
case "$OPT_H2" in
no)
dnl --without-nghttp2 option used
want_h2="no"
AC_MSG_RESULT([no])
;;
default)
dnl configure option not specified
want_h2="no"
AC_MSG_RESULT([no])
;;
yes)
dnl --with-nghttp2 option used without path
want_h2="yes"
want_h2_path=""
AC_MSG_RESULT([yes])
;;
*)
dnl --with-nghttp2 option used with path
want_h2="yes"
want_h2_path="$withval/lib/pkgconfig"
AC_MSG_RESULT([yes ($withval)])
;;
esac
curl_h2_msg="disabled (--with-nghttp2)"
if test X"$want_h2" != Xno; then
dnl backup the pre-nghttp2 variables
CLEANLDFLAGS="$LDFLAGS"
CLEANCPPFLAGS="$CPPFLAGS"
CLEANLIBS="$LIBS"
CURL_CHECK_PKGCONFIG(libnghttp2, $want_h2_path)
if test "$PKGCONFIG" != "no" ; then
LIB_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
$PKGCONFIG --libs-only-l libnghttp2`
AC_MSG_NOTICE([-l is $LIB_H2])
CPP_H2=`CURL_EXPORT_PCDIR([$want_h2_path]) dnl
$PKGCONFIG --cflags-only-I libnghttp2`
AC_MSG_NOTICE([-I is $CPP_H2])
LD_H2=`CURL_EXPORT_PCDIR([$want_h2_path])
$PKGCONFIG --libs-only-L libnghttp2`
AC_MSG_NOTICE([-L is $LD_H2])
else
dnl To avoid link errors, we do not allow --libnghttp2 without
dnl a pkgconfig file
AC_MSG_ERROR([--with-nghttp2 was specified but could not find libnghttp2 pkg-config file.])
fi
LDFLAGS="$LDFLAGS $LD_H2"
CPPFLAGS="$CPPFLAGS $CPP_H2"
LIBS="$LIB_H2 $LIBS"
AC_CHECK_LIB(nghttp2, nghttp2_session_client_new,
[
AC_CHECK_HEADERS(nghttp2/nghttp2.h,
curl_h2_msg="enabled (nghttp2)"
NGHTTP2_ENABLED=1
AC_DEFINE(USE_NGHTTP2, 1, [if nghttp2 is in use])
AC_SUBST(USE_NGHTTP2, [1])
)
],
dnl not found, revert back to clean variables
LDFLAGS=$CLEANLDFLAGS
CPPFLAGS=$CLEANCPPFLAGS
LIBS=$CLEANLIBS
)
fi
dnl **********************************************************************
dnl Back to "normal" configuring
dnl **********************************************************************
@@ -3158,14 +3162,26 @@ if test "$want_thres" = "yes"; then
AC_CHECK_HEADER(pthread.h,
[ AC_DEFINE(HAVE_PTHREAD_H, 1, [if you have <pthread.h>])
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -pthread"
AC_CHECK_LIB(pthread, pthread_create,
[ AC_MSG_NOTICE([using POSIX threaded DNS lookup])
AC_DEFINE(USE_THREADS_POSIX, 1, [if you want POSIX threaded DNS lookup])
USE_THREADS_POSIX=1
curl_res_msg="threaded"
],
[ CFLAGS="$save_CFLAGS"])
dnl first check for function without lib
AC_CHECK_FUNC(pthread_create, [USE_THREADS_POSIX=1] )
dnl if it wasn't found without lib, search for it in pthread lib
if test "$USE_THREADS_POSIX" != "1"
then
CFLAGS="$CFLAGS -pthread"
AC_CHECK_LIB(pthread, pthread_create,
[USE_THREADS_POSIX=1],
[ CFLAGS="$save_CFLAGS"])
fi
if test "x$USE_THREADS_POSIX" = "x1"
then
AC_DEFINE(USE_THREADS_POSIX, 1, [if you want POSIX threaded DNS lookup])
curl_res_msg="POSIX threaded"
fi
])
fi
@@ -3235,6 +3251,7 @@ AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
no)
AC_MSG_RESULT(no)
AC_DEFINE(CURL_DISABLE_CRYPTO_AUTH, 1, [to disable cryptographic authentication])
CURL_DISABLE_CRYPTO_AUTH=1
;;
*) AC_MSG_RESULT(yes)
;;
@@ -3338,6 +3355,11 @@ dnl yes or no
ENABLE_SHARED="$enable_shared"
AC_SUBST(ENABLE_SHARED)
dnl to let curl-config output the static libraries correctly
ENABLE_STATIC="$enable_static"
AC_SUBST(ENABLE_STATIC)
dnl
dnl For keeping supported features and protocols also in pkg-config file
dnl since it is more cross-compile friendly than curl-config
@@ -3348,9 +3370,6 @@ if test "x$USE_SSLEAY" = "x1"; then
elif test -n "$SSL_ENABLED"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES SSL"
fi
if test "@KRB4_ENABLED@" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES KRB4"
fi
if test "x$IPV6_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES IPv6"
fi
@@ -3366,7 +3385,8 @@ fi
if test "x$USE_WINDOWS_SSPI" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES SSPI"
fi
if test "x$CURL_DISABLE_HTTP" != "x1"; then
if test "x$CURL_DISABLE_HTTP" != "x1" -a \
"x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
-o "x$DARWINSSL_ENABLED" = "x1"; then
@@ -3380,6 +3400,16 @@ if test "x$USE_TLS_SRP" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES TLS-SRP"
fi
if test "x$USE_NGHTTP2" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES HTTP2"
fi
if test "x$curl_spnego_msg" = "xenabled"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES SPNEGO"
fi
if test "x$want_gss" = "xyes"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES GSS-API"
fi
AC_SUBST(SUPPORT_FEATURES)
dnl For supported protocols in pkg-config file
@@ -3514,6 +3544,8 @@ AC_OUTPUT
CURL_GENERATE_CONFIGUREHELP_PM
XC_AMEND_DISTCLEAN([lib src tests/unit tests/server tests/libtest docs/examples])
AC_MSG_NOTICE([Configured to build curl/libcurl:
curl version: ${CURLVERSION}
@@ -3523,8 +3555,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
SSL support: ${curl_ssl_msg}
SSH support: ${curl_ssh_msg}
zlib support: ${curl_zlib_msg}
krb4 support: ${curl_krb4_msg}
GSSAPI support: ${curl_gss_msg}
GSS-API support: ${curl_gss_msg}
SPNEGO support: ${curl_spnego_msg}
TLS-SRP support: ${curl_tls_srp_msg}
resolver: ${curl_res_msg}
@@ -3542,6 +3573,7 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
RTSP support: ${curl_rtsp_msg}
RTMP support: ${curl_rtmp_msg}
metalink support: ${curl_mtlnk_msg}
HTTP2 support: ${curl_h2_msg}
Protocols: ${SUPPORT_PROTOCOLS}
])

65
contributors.sh Executable file
View File

@@ -0,0 +1,65 @@
#!/bin/sh
#***************************************************************************
# _ _ ____ _
# Project ___| | | | _ \| |
# / __| | | | |_) | |
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 2013-2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at http://curl.haxx.se/docs/copyright.html.
#
# You may opt to use, copy, modify, merge, publish, distribute and/or sell
# copies of the Software, and permit persons to whom the Software is
# furnished to do so, under the terms of the COPYING file.
#
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
# KIND, either express or implied.
#
###########################################################################
#
# This script shows all mentioned contributors from <hash> until HEAD. To aid
# when writing RELEASE-NOTES and THANKS.
#
start=$1
if test -z "$start"; then
echo "Usage: $0 <since this tag/hash>"
fi
# filter out Author:, Commit: and *by: lines
# cut off the email parts
# cut off spaces first and last on the line
# only count names with a space (ie more than one word)
# sort all unique names
# awk them into RELEASE-NOTES format
git log $start..HEAD | \
egrep '(Author|Commit|by):' | \
cut -d: -f2- | \
cut '-d<' -f1 | \
sed -e 's/^ //' -e 's/ $//g' | \
grep ' ' | \
sort -u |
awk '{
num++;
n = sprintf("%s%s%s,", n, length(n)?" ":"", $0);
#print n;
if(length(n) > 78) {
printf(" %s\n", p);
n=sprintf("%s,", $0);
}
p=n;
}
END {
printf(" %s\n", p);
printf(" (%d contributors)\n", num);
}
'

View File

@@ -155,7 +155,12 @@ while test $# -gt 0; do
;;
--static-libs)
echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
if test "X@ENABLE_STATIC@" != "Xno" ; then
echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
else
echo "curl was built with static libraries disabled" >&2
exit 1
fi
;;
--configure)

View File

@@ -79,9 +79,9 @@
1.3 What To Read
Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS, the
most recent CHANGES. Just lurking on the libcurl mailing list is gonna give
you a lot of insights on what's going on right now. Asking there is a good
idea too.
most recent CHANGES. Just lurking on the curl-library mailing list is gonna
give you a lot of insights on what's going on right now. Asking there is a
good idea too.
2. cURL Coding Standards
@@ -98,12 +98,12 @@
2.2 Indenting
Please try using the same indenting levels and bracing method as all the
other code already does. It makes the source code a lot easier to follow if
all of it is written using the same style. We don't ask you to like it, we
just ask you to follow the tradition! ;-) This mainly means: 2-level indents,
using spaces only (no tabs) and having the opening brace ({) on the same line
as the if() or while().
Use the same indenting levels and bracing method as all the other code
already does. It makes the source code easier to follow if all of it is
written using the same style. We don't ask you to like it, we just ask you to
follow the tradition! ;-) This mainly means: 2-level indents, using spaces
only (no tabs) and having the opening brace ({) on the same line as the if()
or while().
Also note that we use if() and while() with no space before the parenthesis.
@@ -151,6 +151,9 @@
description exactly what they correct so that all patches can be selectively
applied by the maintainer or other interested parties.
Also, separate patches enable bisecting much better when we track problems in
the future.
2.9 Patch Against Recent Sources
Please try to get the latest available sources to make your patches
@@ -178,6 +181,10 @@
test case that verifies that it works as documented. If every submitter also
posts a few test cases, it won't end up as a heavy burden on a single person!
If you don't have test cases or perhaps you have done something that is very
hard to write tests for, do explain exactly how you have otherwise tested and
verified your changes.
3. Pushing Out Your Changes
3.1 Write Access to git Repository
@@ -271,6 +278,10 @@
[full description, no wider than 72 columns that describe as much as
possible as to why this change is made, and possibly what things
it fixes and everything else that is related]
[Bug: link to source of the report or more related discussion]
[Reported-by: John Doe - credit the reporter]
[whatever-else-by: credit all helpers, finders, doers]
---- stop ----
Don't forget to use commit --author="" if you commit someone else's work,

View File

@@ -59,7 +59,7 @@ GnuTLS
OpenSSL does. Now, you can build and distribute an TLS/SSL capable libcurl
without including any Original BSD licensed code.
I believe Debian is the first (only?) distro that provides libcurl/GnutTLS
I believe Debian is the first (only?) distro that provides libcurl/GnuTLS
packages.
yassl
@@ -72,20 +72,20 @@ GnuTLS vs OpenSSL vs yassl
While these three libraries offer similar features, they are not equal.
libcurl does not (yet) offer a standardized stable ABI if you decide to
switch from using libcurl-openssl to libcurl-gnutls or vice versa. The GnuTLS
switch from using libcurl-openssl to libcurl-gnutls or vice-versa. The GnuTLS
and yassl support is very recent in libcurl and it has not been tested nor
used very extensively, while the OpenSSL equivalent code has been used and
thus matured since 1999.
GnuTLS
- LGPL licensened
- LGPL licensed
- supports SRP
- lacks SSLv2 support
- lacks MD2 support (used by at least some CA certs)
- lacks the crypto functions libcurl uses for NTLM
OpenSSL
- Original BSD licensened
- Original BSD licensed
- lacks SRP
- supports SSLv2
- older and more widely used

162
docs/FAQ
View File

@@ -99,6 +99,7 @@ FAQ
5.15 How do I get an FTP directory listing?
5.16 I want a different time-out!
5.17 Can I write a server with libcurl?
5.18 Does libcurl use threads?
6. License Issues
6.1 I have a GPL program, can I use the libcurl library?
@@ -202,27 +203,25 @@ FAQ
better. We do however believe in a few rules when it comes to the future of
curl:
* Curl -- the command line tool -- is to remain a non-graphical command line
tool. If you want GUIs or fancy scripting capabilities, you should look
for another tool that uses libcurl.
Curl -- the command line tool -- is to remain a non-graphical command line
tool. If you want GUIs or fancy scripting capabilities, you should look for
another tool that uses libcurl.
* We do not add things to curl that other small and available tools already
do very fine at the side. Curl's output is fine to pipe into another
program or redirect to another file for the next program to interpret.
We do not add things to curl that other small and available tools already do
very fine at the side. Curl's output is fine to pipe into another program or
redirect to another file for the next program to interpret.
* We focus on protocol related issues and improvements. If you wanna do more
magic with the supported protocols than curl currently does, chances are
big we will agree. If you wanna add more protocols, we may very well
agree.
We focus on protocol related issues and improvements. If you wanna do more
magic with the supported protocols than curl currently does, chances are big
we will agree. If you wanna add more protocols, we may very well agree.
* If you want someone else to make all the work while you wait for us to
implement it for you, that is not a very friendly attitude. We spend a
considerable time already on maintaining and developing curl. In order to
get more out of us, you should consider trading in some of your time and
efforts in return.
If you want someone else to make all the work while you wait for us to
implement it for you, that is not a very friendly attitude. We spend a
considerable time already on maintaining and developing curl. In order to
get more out of us, you should consider trading in some of your time and
efforts in return.
* If you write the code, chances are bigger that it will get into curl
faster.
If you write the code, chances are bigger that it will get into curl faster.
1.5 Who makes curl?
@@ -263,7 +262,7 @@ FAQ
Our project name curl has been in effective use since 1998. We were not the
first computer related project to use the name "curl" and do not claim any
first-hand rights to the name.
rights to the name.
We recognize that we will be living in parallel with curl.com and wish them
every success.
@@ -424,7 +423,7 @@ FAQ
curl can be built to use one of the following SSL alternatives: OpenSSL,
GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X),
schannel (native Windows) or qssl (native IBM i). They all have their pros
WinSSL (native Windows) or qssl (native IBM i). They all have their pros
and cons, and we try to maintain a comparison of them here:
http://curl.haxx.se/docs/ssl-compared.html
@@ -620,15 +619,15 @@ FAQ
Some workarounds usually suggested to overcome this Javascript dependency:
- Depending on the Javascript complexity, write up a script that
translates it to another language and execute that.
Depending on the Javascript complexity, write up a script that translates it
to another language and execute that.
- Read the Javascript code and rewrite the same logic in another language.
Read the Javascript code and rewrite the same logic in another language.
- Implement a Javascript interpreter, people have successfully used the
Mozilla Javascript engine in the past.
Implement a Javascript interpreter, people have successfully used the
Mozilla Javascript engine in the past.
- Ask your admins to stop this, for a static proxy setup or similar.
Ask your admins to stop this, for a static proxy setup or similar.
3.15 Can I do recursive fetches with curl?
@@ -644,34 +643,38 @@ FAQ
There are three different kinds of "certificates" to keep track of when we
talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl.
- Client certificate. The server you communicate may require that you can
provide this in order to prove that you actually are who you claim to be.
If the server doesn't require this, you don't need a client certificate.
CLIENT CERTIFICATE
A client certificate is always used together with a private key, and the
private key has a pass phrase that protects it.
The server you communicate may require that you can provide this in order to
prove that you actually are who you claim to be. If the server doesn't
require this, you don't need a client certificate.
- Server certificate. The server you communicate with has a server
certificate. You can and should verify this certificate to make sure that
you are truly talking to the real server and not a server impersonating
it.
A client certificate is always used together with a private key, and the
private key has a pass phrase that protects it.
- Certificate Authority certificate ("CA cert"). You often have several CA
certs in a CA cert bundle that can be used to verify a server certificate
that was signed by one of the authorities in the bundle. curl does not
come with a CA cert bundle but most curl installs provide one. You can
also override the default.
SERVER CERTIFICATE
The server certificate verification process is made by using a Certificate
Authority certificate ("CA cert") that was used to sign the server
certificate. Server certificate verification is enabled by default in curl
and libcurl and is often the reason for problems as explained in FAQ entry
4.12 and the SSLCERTS document
(http://curl.haxx.se/docs/sslcerts.html). Server certificates that are
"self-signed" or otherwise signed by a CA that you do not have a CA cert
for, cannot be verified. If the verification during a connect fails, you
are refused access. You then need to explicitly disable the verification
to connect to the server.
The server you communicate with has a server certificate. You can and should
verify this certificate to make sure that you are truly talking to the real
server and not a server impersonating it.
CERTIFICATE AUTHORITY CERTIFICATE ("CA cert")
You often have several CA certs in a CA cert bundle that can be used to
verify a server certificate that was signed by one of the authorities in the
bundle. curl does not come with a CA cert bundle but most curl installs
provide one. You can also override the default.
The server certificate verification process is made by using a Certificate
Authority certificate ("CA cert") that was used to sign the server
certificate. Server certificate verification is enabled by default in curl
and libcurl and is often the reason for problems as explained in FAQ entry
4.12 and the SSLCERTS document
(http://curl.haxx.se/docs/sslcerts.html). Server certificates that are
"self-signed" or otherwise signed by a CA that you do not have a CA cert
for, cannot be verified. If the verification during a connect fails, you are
refused access. You then need to explicitly disable the verification to
connect to the server.
3.17 How do I list the root dir of an FTP server?
@@ -728,7 +731,7 @@ FAQ
When passing on a URL to curl to use, it may respond that the particular
protocol is not supported or disabled. The particular way this error message
is phrased is because curl doesn't make a distinction internally of whether
a particular protocol is not supported (ie never got any code added that
a particular protocol is not supported (i.e. never got any code added that
knows how to speak that protocol) or if it was explicitly disabled. curl can
be built to only support a given set of protocols, and the rest would then
be disabled or not supported.
@@ -794,12 +797,13 @@ FAQ
curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl'
In Windows, the standard DOS shell treats the %-symbol specially and you
need to use TWO %-symbols for each single one you want to use in the URL.
In Windows, the standard DOS shell treats the percent sign specially and you
need to use TWO percent signs for each single one you want to use in the
URL.
Also note that if you want the literal %-symbol to be part of the data you
pass in a POST using -d/--data you must encode it as '%25' (which then also
needs the %-symbol doubled on Windows machines).
If you want a literal percent sign to be part of the data you pass in a POST
using -d/--data you must encode it as '%25' (which then also needs the
percent sign doubled on Windows machines).
4.3 How can I use {, }, [ or ] to specify multiple URLs?
@@ -968,13 +972,13 @@ FAQ
4.14 Redirects work in browser but not with curl!
curl supports HTTP redirects fine (see item 3.8). Browsers generally support
at least two other ways to perform directs that curl does not:
at least two other ways to perform redirects that curl does not:
- Meta tags. You can write a HTML tag that will cause the browser to
redirect to another given URL after a certain time.
Meta tags. You can write a HTML tag that will cause the browser to redirect
to another given URL after a certain time.
- Javascript. You can write a Javascript program embedded in a HTML page
that redirects the browser to another given URL.
Javascript. You can write a Javascript program embedded in a HTML page that
redirects the browser to another given URL.
There is no way to make curl follow these redirects. You must either
manually figure out what the page is set to do, or you write a script that
@@ -1055,11 +1059,11 @@ FAQ
4.19 Why doesn't cURL return an error when the network cable is unplugged?
Unplugging the cable is not an error situation. The TCP/IP protocol stack
Unplugging a cable is not an error situation. The TCP/IP protocol stack
was designed to be fault tolerant, so even though there may be a physical
break somewhere the connection shouldn't be affected, just possibly
delayed. Eventually, the physical break will be fixed or the data will be
re-routed around the physical problem.
re-routed around the physical problem through another path.
In such cases, the TCP/IP stack is responsible for detecting when the
network connection is irrevocably lost. Since with some protocols it is
@@ -1077,6 +1081,12 @@ FAQ
falls too low, and --connect-timeout and --max-time can be used to put an
overall timeout on the connection phase or the entire transfer.
A libcurl-using application running in a known physical environment (e.g.
an embedded device with only a single network connection) may want to act
immediately if its lone network connection goes down. That can be achieved
by having the application monitor the network connection on its own using an
OS-specific mechanism, then signalling libcurl to abort (see also item 5.13).
5. libcurl Issues
@@ -1086,7 +1096,9 @@ FAQ
We have written the libcurl code specifically adjusted for multi-threaded
programs. libcurl will use thread-safe functions instead of non-safe ones if
your system has such.
your system has such. Note that you must never share the same handle in
multiple threads.
If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
need to provide one or two locking functions:
@@ -1262,17 +1274,18 @@ FAQ
5.12 Can I make libcurl fake or hide my real IP address?
No. libcurl operates on a higher level than so. Besides, faking IP address
would imply sending IP packages with a made-up source address, and then you
normally get a problem with intercepting the packages sent back as they
would then not be routed to you!
No. libcurl operates on a higher level. Besides, faking IP address would
imply sending IP packet with a made-up source address, and then you normally
get a problem with receiving the packet sent back as they would then not be
routed to you!
If you use a proxy to access remote sites, the sites will not see your local
IP address but instead the address of the proxy.
Also note that on many networks NATs or other IP-munging techniques are used
that makes you see and use a different IP address locally than what the
remote server will see you coming from.
remote server will see you coming from. You may also consider using
http://www.torproject.org .
5.13 How do I stop an ongoing transfer?
@@ -1353,6 +1366,19 @@ FAQ
server for. And there are really good stand-alone ones that have been tested
and proven for many years. There's no need for you to reinvent them!
5.18 Does libcurl use threads?
Put simply: no, libcurl will execute in the same thread you call it in. All
callbacks will be called in the same thread as the one you call libcurl in.
If you want to avoid your thread to be blocked by the libcurl call, you make
sure you use the non-blocking API which will do transfers asynchronously -
but still in the same single thread.
libcurl will potentially internally use threads for name resolving, if it
was built to work like that, but in those cases it'll create the child
threads by itself and they will only be used and then killed internally by
libcurl and never exposed to the outside.
6. License Issues

View File

@@ -55,7 +55,7 @@ HTTP
- reads/writes the netscape cookie file format
- custom headers (replace/remove internally generated headers)
- custom user-agent string
- custom referer string
- custom referrer string
- range
- proxy authentication
- time conditions
@@ -161,8 +161,8 @@ IMAP
- SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and
NTLM (*9)
- list the folders of a mailbox
- select a mailbox with support for verifing the UIDVALIDITY
- fetch e-mails with support for specifing the UID and SECTION
- select a mailbox with support for verifying the UIDVALIDITY
- fetch e-mails with support for specifying the UID and SECTION
- upload e-mails via the append command
- enhanced command support for: EXAMINE, CREATE, DELETE, RENAME, STATUS,
STORE, COPY and UID via custom requests
@@ -176,14 +176,14 @@ IMAPS (*1)
FOOTNOTES
=========
*1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, schannel (native
*1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native
Windows), Secure Transport (native iOS/OS X) or qssl (native IBM i)
*2 = requires OpenLDAP
*3 = requires a GSSAPI-compliant library, such as Heimdal or similar
*4 = requires FBopenssl
*5 = requires a krb4 library, such as the MIT one or similar
*6 = requires c-ares
*7 = requires OpenSSL, NSS, qssl, schannel or Secure Transport; GnuTLS, for
*7 = requires OpenSSL, NSS, qssl, WinSSL or Secure Transport; GnuTLS, for
example, only supports SSLv3 and TLSv1
*8 = requires libssh2
*9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native

View File

@@ -7,19 +7,19 @@
How cURL Became Like This
In the second half of 1997, Daniel Stenberg came up with the idea to make
Towards the end of 1996, Daniel Stenberg came up with the idea to make
currency-exchange calculations available to Internet Relay Chat (IRC)
users. All the necessary data are published on the Web; he just needed to
automate their retrieval.
Daniel simply adopted an existing command-line open-source tool, httpget, that
Brazilian Rafael Sagula had written. After a few minor adjustments, it did
just what he needed.
Brazilian Rafael Sagula had written and recently release version 0.1 of. After
a few minor adjustments, it did just what he needed. HttpGet 1.0 was released
on April 8th 1997 with brand new HTTP proxy support.
Soon, he found currencies on a GOPHER site, so support for that had to go in,
and not before long FTP download support was added as well. The name of the
project was changed to urlget to better fit what it actually did now, since
the http-only days were already passed.
We soon found and fixed support for getting currencies over GOPHER. Once FTP
download support was added, the name of the project was changed and urlget 2.0
was released in August 1997. The http-only days were already passed.
The project slowly grew bigger. When upload capabilities were added and the
name once again was misleading, a second name change was made and on March 20,

View File

@@ -115,18 +115,6 @@ UNIX
./configure --disable-thread
To build curl with kerberos4 support enabled, curl requires the krb4 libs
and headers installed. You can then use a set of options to tell
configure where those are:
--with-krb4-includes[=DIR] Specify location of kerberos4 headers
--with-krb4-libs[=DIR] Specify location of kerberos4 libs
--with-krb4[=DIR] where to look for Kerberos4
In most cases, /usr/athena is the install prefix and then it works with
./configure --with-krb4=/usr/athena
If you're a curl developer and use gcc, you might want to enable more
debug options with the --enable-debug option.
@@ -220,7 +208,7 @@ Win32
adjust as necessary. It is also possible to override these paths with
environment variables, for example:
set ZLIB_PATH=c:\zlib-1.2.7
set ZLIB_PATH=c:\zlib-1.2.8
set OPENSSL_PATH=c:\openssl-0.9.8y
set LIBSSH2_PATH=c:\libssh2-1.4.3
@@ -264,8 +252,10 @@ Win32
MSVC 6 caveats
--------------
If you use MSVC 6 it is required that you use the February 2003 edition PSDK:
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
If you use MSVC 6 it is required that you use the February 2003 edition of
the 'Platform SDK' which can be downloaded from:
http://www.microsoft.com/en-us/download/details.aspx?id=12261
Building any software with MSVC 6 without having PSDK installed is just
asking for trouble down the road once you have released it, you might notice
@@ -273,8 +263,6 @@ Win32
choice of static vs dynamic runtime and third party libraries. Anyone using
software built in such way will at some point regret having done so.
When someone uses MSVC 6 without PSDK he is using a compiler back from 1998.
If the compiler has been updated with the installation of a service pack as
those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
safely used to read source code, translate and make it object code.
@@ -284,13 +272,6 @@ Win32
header files and libraries with bugs and security issues which have already
been addressed and fixed long time ago.
In order to make use of the updated system headers and fixed libraries
for MSVC 6, it is required that 'Platform SDK', PSDK from now onwards,
is installed. The specific PSDK that must be installed for MSVC 6 is the
February 2003 edition, which is the latest one supporting the MSVC 6 compiler,
this PSDK is also known as 'Windows Server 2003 PSDK' and can be downloaded
from http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
So, building curl and libcurl with MSVC 6 without PSDK is absolutely
discouraged for the benefit of anyone using software built in such
environment. And it will not be supported in any way, as we could just
@@ -323,7 +304,7 @@ Win32
documentation on how to compile zlib. Define the ZLIB_PATH environment
variable to the location of zlib.h and zlib.lib, for example:
set ZLIB_PATH=c:\zlib-1.2.7
set ZLIB_PATH=c:\zlib-1.2.8
Then run 'nmake vc-zlib' in curl's root directory.
@@ -352,39 +333,18 @@ Win32
at runtime.
Run 'nmake vc-ssl-zlib' to build with both ssl and zlib support.
MSVC 6 IDE
----------
MSVC IDE
--------
A minimal VC++ 6.0 reference workspace (vc6curl.dsw) is available with the
source distribution archive to allow proper building of the two included
projects, the libcurl library and the curl tool.
A fairly comprehensive set of Visual Studio project files are available for
v6.0 through v12.0 and are located in the projects folder to allow proper
building of both the libcurl library as well as the curl tool.
1) Open the vs/vc6/vc6curl.dsw workspace with MSVC6's IDE.
2) Select 'Build' from top menu.
3) Select 'Batch Build' from dropdown menu.
4) Make sure that the eight project configurations are 'checked'.
5) Click on the 'Build' button.
6) Once the eight project configurations are built you are done.
Dynamic and static libcurl libraries are built in debug and release flavours,
and can be located each one in its own subdirectory, dll-debug, dll-release,
lib-debug and lib-release, all of them below the 'vs/vc6/lib' subdirectory.
In the same way four curl executables are created, each using its respective
library. The resulting curl executables are located in its own subdirectory,
dll-debug, dll-release, lib-debug and lib-release, below 'vs/vc6/src' subdir.
These reference VC++ 6.0 configurations are generated using the dynamic CRT.
Intentionally, these reference VC++ 6.0 projects and configurations don't use
third party libraries, such as OpenSSL or Zlib, to allow proper compilation
and configuration for all new users without further requirements.
If you need something more 'involved' you might adjust them for your own use,
or explore the world of makefiles described above 'MSVC from command line'.
For more information about these projects and building via Visual Studio
please see the README file located in the projects folder.
Borland C++ compiler
---------------------
--------------------
Ensure that your build environment is properly set up to use the compiler
and associated tools. PATH environment variable must include the path to
@@ -993,6 +953,7 @@ REDUCING SIZE
--disable-verbose (eliminates debugging strings and error code strings)
--enable-hidden-symbols (eliminates unneeded symbols in the shared library)
--without-libidn (disables support for the libidn DNS library)
--without-librtmp (disables support for RTMP)
--without-ssl (disables support for SSL/TLS)
--without-zlib (disables support for on-the-fly decompression)
@@ -1011,9 +972,9 @@ REDUCING SIZE
.comment section).
Using these techniques it is possible to create a basic HTTP-only shared
libcurl library for i386 Linux platforms that is only 106 KiB in size, and
an FTP-only library that is 108 KiB in size (as of libcurl version 7.27.0,
using gcc 4.6.3).
libcurl library for i386 Linux platforms that is only 114 KiB in size, and
an FTP-only library that is 115 KiB in size (as of libcurl version 7.35.0,
using gcc 4.8.2).
You may find that statically linking libcurl to your application will
result in a lower total size than dynamically linking.
@@ -1025,7 +986,6 @@ REDUCING SIZE
command line. Following is a list of appropriate key words:
--disable-cookies !cookies
--disable-crypto-auth !HTTP\ Digest\ auth !HTTP\ proxy\ Digest\ auth
--disable-manual !--manual
--disable-proxy !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5
@@ -1045,7 +1005,7 @@ PORTS
- Alpha OpenVMS V7.1-1H2
- Alpha Tru64 v5.0 5.1
- AVR32 Linux
- ARM Android 1.5, 2.1
- ARM Android 1.5, 2.1, 2.3, 3.2, 4.x
- ARM INTEGRITY
- ARM iOS
- Cell Linux
@@ -1116,6 +1076,7 @@ GNU GSS http://www.gnu.org/software/gss/
GnuTLS http://www.gnu.org/software/gnutls/
Heimdal http://www.pdc.kth.se/heimdal/
libidn http://www.gnu.org/software/libidn/
libmetalink https://launchpad.net/libmetalink/
libssh2 http://www.libssh2.org/
MIT Kerberos http://web.mit.edu/kerberos/www/dist/
NSS http://www.mozilla.org/projects/security/pki/nss/

View File

@@ -71,7 +71,7 @@ Command Line CMake
$ make install
(The teste suit does not work with the cmake build)
(The test suite does not work with the cmake build)
ccmake
=========

View File

@@ -43,8 +43,9 @@ Portability
openldap 2.0
MIT krb5 lib 1.2.4
qsossl V5R3M0
NSS 3.12.x
NSS 3.14.x
axTLS 1.2.7
PolarSSL 1.3.0
Heimdal ?
On systems where configure runs, we aim at working on them all - if they have
@@ -111,6 +112,9 @@ Windows vs Unix
Library
=======
(See LIBCURL-STRUCTS for a separate document describing all major internal
structs and their purposes.)
There are plenty of entry points to the library, namely each publicly defined
function that libcurl offers to applications. All of those functions are
rather small and easy-to-follow. All the ones prefixed with 'curl_easy' are
@@ -135,16 +139,18 @@ Library
options is documented in the man page. This function mainly sets things in
the 'SessionHandle' struct.
curl_easy_perform() does a whole lot of things:
curl_easy_perform() is just a wrapper function that makes use of the multi
API. It basically curl_multi_init(), curl_multi_add_handle(),
curl_multi_wait(), and curl_multi_perform() until the transfer is done and
then returns.
It starts off in the lib/easy.c file by calling Curl_perform() and the main
work then continues in lib/url.c. The flow continues with a call to
Curl_connect() to connect to the remote site.
Some of the most important key functions in url.c are called from multi.c
when certain key steps are to be made in the transfer operation.
o Curl_connect()
... analyzes the URL, it separates the different components and connects to
the remote host. This may involve using a proxy and/or using SSL. The
Analyzes the URL, it separates the different components and connects to the
remote host. This may involve using a proxy and/or using SSL. The
Curl_resolv() function in lib/hostip.c is used for looking up host names
(it does then use the proper underlying method, which may vary between
platforms and builds).
@@ -160,10 +166,7 @@ Library
o Curl_do()
Curl_do() makes sure the proper protocol-specific function is called. The
functions are named after the protocols they handle. Curl_ftp(),
Curl_http(), Curl_dict(), etc. They all reside in their respective files
(ftp.c, http.c and dict.c). HTTPS is handled by Curl_http() and FTPS by
Curl_ftp().
functions are named after the protocols they handle.
The protocol-specific functions of course deal with protocol-specific
negotiations and setup. They have access to the Curl_sendf() (from
@@ -182,10 +185,9 @@ Library
be called with some basic info about the upcoming transfer: what socket(s)
to read/write and the expected file transfer sizes (if known).
o Transfer()
o Curl_readwrite()
Curl_perform() then calls Transfer() in lib/transfer.c that performs the
entire file transfer.
Called during the transfer of the actual protocol payload.
During transfer, the progress functions in lib/progress.c are called at a
frequent interval (or at the user's choice, a specified callback might get
@@ -207,33 +209,11 @@ Library
used. This function is only used when we are certain that no more transfers
is going to be made on the connection. It can be also closed by force, or
it can be called to make sure that libcurl doesn't keep too many
connections alive at the same time (there's a default amount of 5 but that
can be changed with the CURLOPT_MAXCONNECTS option).
connections alive at the same time.
This function cleans up all resources that are associated with a single
connection.
Curl_perform() is the function that does the main "connect - do - transfer -
done" loop. It loops if there's a Location: to follow.
When completed, the curl_easy_cleanup() should be called to free up used
resources. It runs Curl_disconnect() on all open connections.
A quick roundup on internal function sequences (many of these call
protocol-specific function-pointers):
Curl_connect - connects to a remote site and does initial connect fluff
This also checks for an existing connection to the requested site and uses
that one if it is possible.
Curl_do - starts a transfer
Curl_handler::do_it() - transfers data
Curl_done - ends a transfer
Curl_disconnect - disconnects from a remote site. This is called when the
disconnect is really requested, which doesn't necessarily have to be
exactly after curl_done in case we want to keep the connection open for
a while.
HTTP(S)
@@ -316,48 +296,38 @@ Persistent Connections
hold connection-oriented data. It is meant to hold the root data as well as
all the options etc that the library-user may choose.
o The 'SessionHandle' struct holds the "connection cache" (an array of
pointers to 'connectdata' structs). There's one connectdata struct
allocated for each connection that libcurl knows about. Note that when you
use the multi interface, the multi handle will hold the connection cache
and not the particular easy handle. This of course to allow all easy handles
in a multi stack to be able to share and re-use connections.
pointers to 'connectdata' structs).
o This enables the 'curl handle' to be reused on subsequent transfers.
o When we are about to perform a transfer with curl_easy_perform(), we first
check for an already existing connection in the cache that we can use,
otherwise we create a new one and add to the cache. If the cache is full
already when we add a new connection, we close one of the present ones. We
select which one to close dependent on the close policy that may have been
previously set.
o When the transfer operation is complete, we try to leave the connection
open. Particular options may tell us not to, and protocols may signal
closure on connections and then we don't keep it open of course.
o When libcurl is told to perform a transfer, it first checks for an already
existing connection in the cache that we can use. Otherwise it creates a
new one and adds that the cache. If the cache is full already when a new
connection is added added, it will first close the oldest unused one.
o When the transfer operation is complete, the connection is left
open. Particular options may tell libcurl not to, and protocols may signal
closure on connections and then they won't be kept open of course.
o When curl_easy_cleanup() is called, we close all still opened connections,
unless of course the multi interface "owns" the connections.
You do realize that the curl handle must be re-used in order for the
persistent connections to work.
The curl handle must be re-used in order for the persistent connections to
work.
multi interface/non-blocking
============================
We make an effort to provide a non-blocking interface to the library, the
multi interface. To make that interface work as good as possible, no
low-level functions within libcurl must be written to work in a blocking
manner.
The multi interface is a non-blocking interface to the library. To make that
interface work as good as possible, no low-level functions within libcurl
must be written to work in a blocking manner. (There are still a few spots
violating this rule.)
One of the primary reasons we introduced c-ares support was to allow the name
resolve phase to be perfectly non-blocking as well.
The ultimate goal is to provide the easy interface simply by wrapping the
multi interface functions and thus treat everything internally as the multi
interface is the single interface we have.
The FTP and the SFTP/SCP protocols are thus perfect examples of how we adapt
and adjust the code to allow non-blocking operations even on multi-stage
protocols. They are built around state machines that return when they could
block waiting for data. The DICT, LDAP and TELNET protocols are crappy
examples and they are subject for rewrite in the future to better fit the
libcurl protocol family.
The FTP and the SFTP/SCP protocols are examples of how we adapt and adjust
the code to allow non-blocking operations even on multi-stage command-
response protocols. They are built around state machines that return when
they would otherwise block waiting for data. The DICT, LDAP and TELNET
protocols are crappy examples and they are subject for rewrite in the future
to better fit the libcurl protocol family.
SSL libraries
=============
@@ -368,10 +338,10 @@ SSL libraries
in future libcurl versions.
To deal with this internally in the best way possible, we have a generic SSL
function API as provided by the sslgen.[ch] system, and they are the only SSL
functions we must use from within libcurl. sslgen is then crafted to use the
function API as provided by the vtls.[ch] system, and they are the only SSL
functions we must use from within libcurl. vtls is then crafted to use the
appropriate lower-level function calls to whatever SSL library that is in
use.
use. For example vtls/openssl.[ch] for the OpenSSL library.
Library Symbols
===============
@@ -408,12 +378,12 @@ API/ABI
Client
======
main() resides in src/main.c together with most of the client code.
main() resides in src/tool_main.c.
src/tool_hugehelp.c is automatically generated by the mkhelp.pl perl script
to display the complete "manual" and the src/urlglob.c file holds the
functions used for the URL-"globbing" support. Globbing in the sense that
the {} and [] expansion stuff is there.
to display the complete "manual" and the src/tool_urlglob.c file holds the
functions used for the URL-"globbing" support. Globbing in the sense that the
{} and [] expansion stuff is there.
The client mostly messes around to setup its 'config' struct properly, then
it calls the curl_easy_*() functions of the library and when it gets back
@@ -425,8 +395,8 @@ Client
curl_easy_getinfo() function to extract useful information from the curl
session.
Recent versions may loop and do all this several times if many URLs were
specified on the command line or config file.
It may loop and do all this several times if many URLs were specified on the
command line or config file.
Memory Debugging
================

View File

@@ -3,20 +3,61 @@ join in and help us correct one or more of these! Also be sure to check the
changelog of the current development status, as one or more of these problems
may have been fixed since this was written!
87. -J/--remote-header-name doesn't decode %-encoded file names. RFC6266
details how it should be done. The can of worm is basically that we have no
charset handling in curl and ascii >=128 is a challenge for us. Not to
mention that decoding also means that we need to check for nastiness that is
attempted, like "../" sequences and the like. Probably everything to the left
of any embedded slashes should be cut off.
http://curl.haxx.se/bug/view.cgi?id=1294
86. The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3
and SMTP if a failure occurs during the authentication phase of a
connection.
85. Wrong STARTTRANSFER timer accounting for POST requests
Timer works fine with GET requests, but while using POST the time for
CURLINFO_STARTTRANSFER_TIME is wrong. While using POST
CURLINFO_STARTTRANSFER_TIME minus CURLINFO_PRETRANSFER_TIME is near to zero
every time.
http://curl.haxx.se/bug/view.cgi?id=1213
84. CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends, so relying on this information in a generic app is flaky.
83. curl is unable to load non-default openssl engines, because openssl isn't
initialized properly. This seems to require OpenSSL_config() or
CONF_modules_load_file() to be used by libcurl but the first seems to not
work and we've gotten not reports from tests with the latter. Possibly we
need to discuss with OpenSSL developers how this is supposed to be done. We
need users with actual external openssl engines for testing to work on this.
http://curl.haxx.se/bug/view.cgi?id=1208
82. When building with the Windows Borland compiler, it fails because the
"tlib" tool doesn't support hyphens (minus signs) in file names and we have
such in the build.
http://curl.haxx.se/bug/view.cgi?id=1222
81. When using -J (with -O), automatically resumed downloading together with
"-C -" fails. Without -J the same command line works! This happens because
the resume logic is worked out before the target file name (and thus its
pre-transfer size) has been figured out!
http://curl.haxx.se/bug/view.cgi?id=1169
80. Curl doesn't recognize certificates in DER format in keychain, but it
works with PEM.
http://curl.haxx.se/bug/view.cgi?id=3439999
http://curl.haxx.se/bug/view.cgi?id=1065
79. SMTP. When sending data to multiple recipients, curl will abort and return
failure if one of the recipients indicate failure (on the "RCPT TO"
command). Ordinary mail programs would proceed and still send to the ones
that can receive data. This is subject for change in the future.
http://curl.haxx.se/bug/view.cgi?id=3438362
http://curl.haxx.se/bug/view.cgi?id=1116
78. curl and libcurl don't always signal the client properly when "sending"
zero bytes files - it makes for example the command line client not creating
any file at all. Like when using FTP.
http://curl.haxx.se/bug/view.cgi?id=3438362
http://curl.haxx.se/bug/view.cgi?id=1063
77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it
"abuses" the underlying connection re-use system and if connections are
@@ -28,12 +69,12 @@ may have been fixed since this was written!
option as for all other operating systems.
75. NTLM authentication involving unicode user name or password only works
properly if built with UNICODE defined together with the schannel/winssl
properly if built with UNICODE defined together with the WinSSL/schannel
backend. The original problem was mentioned in:
http://curl.haxx.se/mail/lib-2009-10/0024.html
http://curl.haxx.se/bug/view.cgi?id=2944325
http://curl.haxx.se/bug/view.cgi?id=896
The schannel version verified to work as mentioned in
The WinSSL/schannel version verified to work as mentioned in
http://curl.haxx.se/mail/lib-2012-07/0073.html
73. if a connection is made to a FTP server but the server then just never
@@ -41,7 +82,7 @@ may have been fixed since this was written!
acknowledge the connection timeout during that phase but only the "real"
timeout - which may surprise users as it is probably considered to be the
connect phase to most people. Brought up (and is being misunderstood) in:
http://curl.haxx.se/bug/view.cgi?id=2844077
http://curl.haxx.se/bug/view.cgi?id=856
72. "Pausing pipeline problems."
http://curl.haxx.se/mail/lib-2009-07/0214.html
@@ -59,7 +100,7 @@ may have been fixed since this was written!
http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
66. When using telnet, the time limitation options don't work.
http://curl.haxx.se/bug/view.cgi?id=2818950
http://curl.haxx.se/bug/view.cgi?id=846
65. When doing FTP over a socks proxy or CONNECT through HTTP proxy and the
multi interface is used, libcurl will fail if the (passive) TCP connection
@@ -85,19 +126,12 @@ may have been fixed since this was written!
CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is
not working: http://curl.haxx.se/mail/lib-2008-07/0295.html
57. On VMS-Alpha: When using an http-file-upload the file is not sent to the
Server with the correct content-length. Sending a file with 511 or less
bytes, content-length 512 is used. Sending a file with 513 - 1023 bytes,
content-length 1024 is used. Files with a length of a multiple of 512 Bytes
show the correct content-length. Only these files work for upload.
http://curl.haxx.se/bug/view.cgi?id=2057858
56. When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP
server using the multi interface, the commands are not being sent correctly
and instead the connection is "cancelled" (the operation is considered done)
prematurely. There is a half-baked (busy-looping) patch provided in the bug
report but it cannot be accepted as-is. See
http://curl.haxx.se/bug/view.cgi?id=2006544
http://curl.haxx.se/bug/view.cgi?id=748
55. libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's
library header files exporting symbols/macros that should be kept private
@@ -121,12 +155,12 @@ may have been fixed since this was written!
protocol code. This should be very rare.
43. There seems to be a problem when connecting to the Microsoft telnet server.
http://curl.haxx.se/bug/view.cgi?id=1720605
http://curl.haxx.se/bug/view.cgi?id=649
41. When doing an operation over FTP that requires the ACCT command (but not
when logging in), the operation will fail since libcurl doesn't detect this
and thus fails to issue the correct command:
http://curl.haxx.se/bug/view.cgi?id=1693337
http://curl.haxx.se/bug/view.cgi?id=635
39. Steffen Rumler's Race Condition in Curl_proxyCONNECT:
http://curl.haxx.se/mail/lib-2007-01/0045.html
@@ -139,28 +173,18 @@ may have been fixed since this was written!
34. The SOCKS4 connection codes don't properly acknowledge (connect) timeouts.
Also see #12. According to bug #1556528, even the SOCKS5 connect code does
not do it right: http://curl.haxx.se/bug/view.cgi?id=1556528,
not do it right: http://curl.haxx.se/bug/view.cgi?id=604
31. "curl-config --libs" will include details set in LDFLAGS when configure is
run that might be needed only for building libcurl. Further, curl-config
--cflags suffers from the same effects with CFLAGS/CPPFLAGS.
30. You need to use -g to the command line tool in order to use RFC2732-style
IPv6 numerical addresses in URLs.
29. IPv6 URLs with zone ID is not nicely supported.
http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired)
specifies the use of a plus sign instead of a percent when specifying zone
IDs in URLs to get around the problem of percent signs being
special. According to the reporter, Firefox deals with the URL _with_ a
percent letter (which seems like a blatant URL spec violation).
libcurl supports zone IDs where the percent sign is URL-escaped (i.e. %25).
See http://curl.haxx.se/bug/view.cgi?id=1371118
or RFC6874-style IPv6 numerical addresses in URLs.
26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in
"system context" will make it use wrong(?) user name - at least when compared
to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=1281867
to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=535
23. SOCKS-related problems:
B) libcurl doesn't support FTPS over a SOCKS proxy.
@@ -169,12 +193,6 @@ may have been fixed since this was written!
We probably have even more bugs and lack of features when a SOCKS proxy is
used.
22. Sending files to a FTP server using curl on VMS, might lead to curl
complaining on "unaligned file size" on completion. The problem is related
to VMS file structures and the perceived file sizes stat() returns. A
possible fix would involve sending a "STRU VMS" command.
http://curl.haxx.se/bug/view.cgi?id=1156287
21. FTP ASCII transfers do not follow RFC959. They don't convert the data
accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1
clearly describes how this should be done:
@@ -212,7 +230,7 @@ may have been fixed since this was written!
10. To get HTTP Negotiate authentication to work fine, you need to provide a
(fake) user name (this concerns both curl and the lib) because the code
wrongly only considers authentication if there's a user name provided.
http://curl.haxx.se/bug/view.cgi?id=1004841. How?
http://curl.haxx.se/bug/view.cgi?id=440 How?
http://curl.haxx.se/mail/lib-2004-08/0182.html
8. Doing resumed upload over HTTP does not work with '-C -', because curl

245
docs/LIBCURL-STRUCTS Normal file
View File

@@ -0,0 +1,245 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Structs in libcurl
This document should cover 7.32.0 pretty accurately, but will make sense even
for older and later versions as things don't change drastically that often.
1. The main structs in libcurl
1.1 SessionHandle
1.2 connectdata
1.3 Curl_multi
1.4 Curl_handler
1.5 conncache
1.6 Curl_share
1.7 CookieInfo
==============================================================================
1. The main structs in libcurl
1.1 SessionHandle
The SessionHandle handle struct is the one returned to the outside in the
external API as a "CURL *". This is usually known as an easy handle in API
documentations and examples.
Information and state that is related to the actual connection is in the
'connectdata' struct. When a transfer is about to be made, libcurl will
either create a new connection or re-use an existing one. The particular
connectdata that is used by this handle is pointed out by
SessionHandle->easy_conn.
Data and information that regard this particular single transfer is put in
the SingleRequest sub-struct.
When the SessionHandle struct is added to a multi handle, as it must be in
order to do any transfer, the ->multi member will point to the Curl_multi
struct it belongs to. The ->prev and ->next members will then be used by the
multi code to keep a linked list of SessionHandle structs that are added to
that same multi handle. libcurl always uses multi so ->multi *will* point to
a Curl_multi when a transfer is in progress.
->mstate is the multi state of this particular SessionHandle. When
multi_runsingle() is called, it will act on this handle according to which
state it is in. The mstate is also what tells which sockets to return for a
specific SessionHandle when curl_multi_fdset() is called etc.
The libcurl source code generally use the name 'data' for the variable that
points to the SessionHandle.
1.2 connectdata
A general idea in libcurl is to keep connections around in a connection
"cache" after they have been used in case they will be used again and then
re-use an existing one instead of creating a new as it creates a significant
performance boost.
Each 'connectdata' identifies a single physical connection to a server. If
the connection can't be kept alive, the connection will be closed after use
and then this struct can be removed from the cache and freed.
Thus, the same SessionHandle can be used multiple times and each time select
another connectdata struct to use for the connection. Keep this in mind, as
it is then important to consider if options or choices are based on the
connection or the SessionHandle.
Functions in libcurl will assume that connectdata->data points to the
SessionHandle that uses this connection.
As a special complexity, some protocols supported by libcurl require a
special disconnect procedure that is more than just shutting down the
socket. It can involve sending one or more commands to the server before
doing so. Since connections are kept in the connection cache after use, the
original SessionHandle may no longer be around when the time comes to shut
down a particular connection. For this purpose, libcurl holds a special
dummy 'closure_handle' SessionHandle in the Curl_multi struct to
FTP uses two TCP connections for a typical transfer but it keeps both in
this single struct and thus can be considered a single connection for most
internal concerns.
The libcurl source code generally use the name 'conn' for the variable that
points to the connectdata.
1.3 Curl_multi
Internally, the easy interface is implemented as a wrapper around multi
interface functions. This makes everything multi interface.
Curl_multi is the multi handle struct exposed as "CURLM *" in external APIs.
This struct holds a list of SessionHandle structs that have been added to
this handle with curl_multi_add_handle(). The start of the list is ->easyp
and ->num_easy is a counter of added SessionHandles.
->msglist is a linked list of messages to send back when
curl_multi_info_read() is called. Basically a node is added to that list
when an individual SessionHandle's transfer has completed.
->hostcache points to the name cache. It is a hash table for looking up name
to IP. The nodes have a limited life time in there and this cache is meant
to reduce the time for when the same name is wanted within a short period of
time.
->timetree points to a tree of SessionHandles, sorted by the remaining time
until it should be checked - normally some sort of timeout. Each
SessionHandle has one node in the tree.
->sockhash is a hash table to allow fast lookups of socket descriptor to
which SessionHandle that uses that descriptor. This is necessary for the
multi_socket API.
->conn_cache points to the connection cache. It keeps track of all
connections that are kept after use. The cache has a maximum size.
->closure_handle is described in the 'connectdata' section.
The libcurl source code generally use the name 'multi' for the variable that
points to the Curl_multi struct.
1.4 Curl_handler
Each unique protocol that is supported by libcurl needs to provide at least
one Curl_handler struct. It defines what the protocol is called and what
functions the main code should call to deal with protocol specific issues.
In general, there's a source file named [protocol].c in which there's a
"struct Curl_handler Curl_handler_[protocol]" declared. In url.c there's
then the main array with all individual Curl_handler structs pointed to from
a single array which is scanned through when a URL is given to libcurl to
work with.
->scheme is the URL scheme name, usually spelled out in uppercase. That's
"HTTP" or "FTP" etc. SSL versions of the protcol need its own Curl_handler
setup so HTTPS separate from HTTP.
->setup_connection is called to allow the protocol code to allocate protocol
specific data that then gets associated with that SessionHandle for the rest
of this transfer. It gets freed again at the end of the transfer. It will be
called before the 'connectdata' for the transfer has been selected/created.
Most protocols will allocate its private 'struct [PROTOCOL]' here and assign
SessionHandle->req.protop to point to it.
->connect_it allows a protocol to do some specific actions after the TCP
connect is done, that can still be considered part of the connection phase.
Some protocols will alter the connectdata->recv[] and connectdata->send[]
function pointers in this function.
->connecting is similarly a function that keeps getting called as long as the
protocol considers itself still in the connecting phase.
->do_it is the function called to issue the transfer request. What we call
the DO action internally. If the DO is not enough and things need to be kept
getting done for the entire DO sequence to complete, ->doing is then usually
also provided. Each protocol that needs to do multiple commands or similar
for do/doing need to implement their own state machines (see SCP, SFTP,
FTP). Some protocols (only FTP and only due to historical reasons) has a
separate piece of the DO state called DO_MORE.
->doing keeps getting called while issuing the transfer request command(s)
->done gets called when the transfer is complete and DONE. That's after the
main data has been transferred.
->do_more gets called during the DO_MORE state. The FTP protocol uses this
state when setting up the second connection.
->proto_getsock
->doing_getsock
->domore_getsock
->perform_getsock
Functions that return socket information. Which socket(s) to wait for which
action(s) during the particular multi state.
->disconnect is called immediately before the TCP connection is shutdown.
->readwrite gets called during transfer to allow the protocol to do extra
reads/writes
->defport is the default report TCP or UDP port this protocol uses
->protocol is one or more bits in the CURLPROTO_* set. The SSL versions have
their "base" protocol set and then the SSL variation. Like "HTTP|HTTPS".
->flags is a bitmask with additional information about the protocol that will
make it get treated differently by the generic engine:
PROTOPT_SSL - will make it connect and negotiate SSL
PROTOPT_DUAL - this protocol uses two connections
PROTOPT_CLOSEACTION - this protocol has actions to do before closing the
connection. This flag is no longer used by code, yet still set for a bunch
protocol handlers.
PROTOPT_DIRLOCK - "direction lock". The SSH protocols set this bit to
limit which "direction" of socket actions that the main engine will
concern itself about.
PROTOPT_NONETWORK - a protocol that doesn't use network (read file:)
PROTOPT_NEEDSPWD - this protocol needs a password and will use a default
one unless one is provided
PROTOPT_NOURLQUERY - this protocol can't handle a query part on the URL
(?foo=bar)
1.5 conncache
Is a hash table with connections for later re-use. Each SessionHandle has
a pointer to its connection cache. Each multi handle sets up a connection
cache that all added SessionHandles share by default.
1.6 Curl_share
The libcurl share API allocates a Curl_share struct, exposed to the external
API as "CURLSH *".
The idea is that the struct can have a set of own versions of caches and
pools and then by providing this struct in the CURLOPT_SHARE option, those
specific SessionHandles will use the caches/pools that this share handle
holds.
Then individual SessionHandle structs can be made to share specific things
that they otherwise wouldn't, such as cookies.
The Curl_share struct can currently hold cookies, DNS cache and the SSL
session cache.
1.7 CookieInfo
This is the main cookie struct. It holds all known cookies and related
information. Each SessionHandle has its own private CookieInfo even when
they are added to a multi handle. They can be made to share cookies by using
the share API.

View File

@@ -105,7 +105,7 @@ MAIL ETIQUETTE
No matter what, we NEVER EVER respond to trolls or spammers on the list. If
you believe the list admin should do something particular, contact him/her
off-list. The subject will be taken care of as good as possible to prevent
repeated offences, but responding on the list to such messages never lead to
repeated offenses, but responding on the list to such messages never lead to
anything good and only puts the light even more on the offender: which was
the entire purpose of it getting to the list in the first place.

View File

@@ -50,7 +50,7 @@ SIMPLE USAGE
Get the main page from an IPv6 web server:
curl -g "http://[2001:1890:1112:1::20]/"
curl "http://[2001:1890:1112:1::20]/"
DOWNLOAD TO A FILE
@@ -956,9 +956,9 @@ IPv6
When this style is used, the -g option must be given to stop curl from
interpreting the square brackets as special globbing characters. Link local
and site local addresses including a scope identifier, such as fe80::1234%1,
may also be used, but the scope portion must be numeric and the percent
character must be URL escaped. The previous example in an SFTP URL might
look like:
may also be used, but the scope portion must be numeric or match an existing
network interface on Linux and the percent character must be URL escaped. The
previous example in an SFTP URL might look like:
sftp://[fe80::1234%251]/

View File

@@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____|
#
# Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
@@ -22,7 +22,8 @@
AUTOMAKE_OPTIONS = foreign no-dependencies
man_MANS = curl.1 curl-config.1 mk-ca-bundle.1
man_MANS = curl.1 curl-config.1
noinst_man_MANS = mk-ca-bundle.1
GENHTMLPAGES = curl.html curl-config.html mk-ca-bundle.html
PDFPAGES = curl.pdf curl-config.pdf mk-ca-bundle.pdf
@@ -36,7 +37,8 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \
README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \
KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \
$(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
MAIL-ETIQUETTE HTTP-COOKIES
MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS SECURITY RELEASE-PROCEDURE \
SSL-PROBLEMS
MAN2HTML= roffit < $< >$@

View File

@@ -10,7 +10,7 @@ README.netware
Curl has been successfully compiled with gcc / nlmconv on different flavours
of Linux as well as with the official Metrowerks CodeWarrior compiler.
While not being the main development target, a continously growing share of
While not being the main development target, a continuously growing share of
curl users are NetWare-based, specially also consuming the lib from PHP.
The unix-style man pages are tricky to read on windows, so therefore are all

53
docs/RELEASE-PROCEDURE Normal file
View File

@@ -0,0 +1,53 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
curl release procedure - how to do a release
============================================
[in the source code repo]
- edit RELEASE-NOTES to be accurate
- update docs/THANKS
- make sure all relevant changes are committed on the master branch
- tag the git repo in this style: 'git tag -a curl-7_34_0'. -a annotates the
tag and we use underscores instead of dots in the version number.
- run "./maketgz 7.34.0" to build the release tarballs. It is important that
you run this on a machine with the correct set of autotools etc installed
as this is what then will be shipped and used by most users on *nix like
systems.
- push the git commits and the new tag
- gpg sign the 4 tarballs as maketgz suggests
- upload the 8 resulting files to the primary download directory
[data in the curl-www repo]
- edit Makefile (version number and date),
_newslog.html (announce the new release) and
_changes.html (insert changes+bugfixes from RELEASE-NOTES)
- commit all local changes
- tag the repo with the same tag as used for the source repo
- make sure all relevant changes are committed and pushed on the master branch
(the web site then updates its contents automatically)
[inform]
- send an email to curl-users, curl-announce and curl-library. Insert the
RELEASE-NOTES into the mail.
[celebrate]
- suitable beverage intake is encouraged for the festivities

91
docs/SECURITY Normal file
View File

@@ -0,0 +1,91 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
CURL SECURITY FOR DEVELOPERS
This document is intended to provide guidance to curl developers on how
security vulnerabilities should be handled.
PUBLISHING INFORMATION
All known and public curl or libcurl related vulnerabilities are listed at
http://curl.haxx.se/docs/security.html
Security vulnerabilities should not be entered in the project's public bug
tracker unless the necessary configuration is in place to limit access to the
issue to only the reporter and the project's security team.
VULNERABILITY HANDLING
The typical process for handling a new security vulnerability is as follows.
No information should be made public about a vulnerability until it is
formally announced at the end of this process. That means, for example that a
bug tracker entry must NOT be created to track the issue since that will make
the issue public and it should not be discussed on any of the project's public
mailing lists. Also messages associated with any commits should not make
any reference to the security nature of the commit if done prior to the public
announcement.
- The person discovering the issue, the reporter, reports the vulnerability
privately to curl-security@haxx.se. That's an email alias that reaches a
handful of selected and trusted people.
- Messages that do not relate to the reporting or managing of an undisclosed
security vulnerability in curl or libcurl are ignored and no further action
is required.
- A person in the security team sends an e-mail to the original reporter to
acknowledge the report.
- The security team investigates the report and either rejects it or accepts
it.
- If the report is rejected, the team writes to the reporter to explain why.
- If the report is accepted, the team writes to the reporter to let him/her
know it is accepted and that they are working on a fix.
- The security team discusses the problem, works out a fix, considers the
impact of the problem and suggests a release schedule. This discussion
should involve the reporter as much as possible.
- The release of the information should be "as soon as possible" and is most
often synced with an upcoming release that contains the fix. If the
reporter, or anyone else, thinks the next planned release is too far away
then a separate earlier release for security reasons should be considered.
- Write a security advisory draft about the problem that explains what the
problem is, its impact, which versions it affects, solutions or
workarounds, when the release is out and make sure to credit all
contributors properly.
- Request a CVE number from distros@openwall.org[1] when also informing and
preparing them for the upcoming public security vulnerability announcement -
attach the advisory draft for information. Note that 'distros' won't accept
an embargo longer than 19 days.
- Update the "security advisory" with the CVE number.
- The security team commits the fix in a private branch. The commit message
should ideally contain the CVE number. This fix is usually also distributed
to the 'distros' mailing list to allow them to use the fix prior to the
public announcement.
- At the day of the next release, the private branch is merged into the master
branch and pushed. Once pushed, the information is accessible to the public
and the actual release should follow suit immediately afterwards.
- The project team creates a release that includes the fix.
- The project team announces the release and the vulnerability to the world in
the same manner we always announce releases. It gets sent to the
curl-announce, curl-library and curl-users mailing lists.
- The security web page on the web site should get the new vulnerability
mentioned.
[1] = http://oss-security.openwall.org/wiki/mailing-lists/distros

67
docs/SSL-PROBLEMS Normal file
View File

@@ -0,0 +1,67 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
SSL problems
First, let's establish that we often refer to TLS and SSL interchangeably as
SSL here. The current protocol is called TLS, it was called SSL a long time
ago.
There are several known reasons why a connection that involves SSL might
fail. This is a document that attempts to details the most common ones and
how to mitigate them.
CA certs
CA certs are used to digitally verify the server's certificate. You need a
"ca bundle" for this. See lots of more details on this in the SSLCERTS
document.
CA bundle missing intermediate certificates
When using said CA bundle to verify a server cert, you will experience
problems if your CA cert does not have the certificates for the
intermediates in the whole trust chain.
SSL version
Some broken servers fail to support the protocol negotiation properly that
SSL servers are supposed to handle. This may cause the connection to fail
completely. Sometimes you may need to explicitly select a SSL version to use
when connecting to make the connection succeed.
An additional complication can be that modern SSL libraries sometimes are
built with support for older SSL and TLS versions disabled!
SSL ciphers
Clients give servers a list of ciphers to select from. If the list doesn't
include any ciphers the server wants/can use, the connection handshake
fails.
curl has recently disabled the user of a whole bunch of seriously insecure
ciphers from its default set (slightly depending on SSL backend in use).
You may have to explicitly provide an alternative list of ciphers for curl
to use to allow the server to use a WEAK cipher for you.
Note that these weak ciphers are identified as flawed. For example, this
includes symmetric ciphers with less than 128 bit keys and RC4.
References:
http://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
Allow BEAST
BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means
to mitigate this attack, it turned out that some broken servers out there in
the wild didn't work properly with the BEAST mitigation in place.
To make such broken servers work, the --ssl-allow-beast option was
introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability
but on the other hand it allows curl to connect to that kind of strange
servers.

View File

@@ -110,7 +110,7 @@ Starting with version 7.19.7, libcurl will check for the NSS version it runs,
and automatically add the 'sql:' prefix to the certdb directory (either the
hardcoded default /etc/pki/nssdb or the directory configured with SSL_DIR
environment variable) if version 3.12.0 or later is detected. To check which
ertdb format your distribution provides, examine the default
certdb format your distribution provides, examine the default
certdb location: /etc/pki/nssdb; the new certdb format can be identified by
the filenames cert9.db, key4.db, pkcs11.txt; filenames of older versions are
cert8.db, key3.db, modsec.db.

View File

@@ -4,33 +4,39 @@
If you have contributed but are missing here, please let us know!
Aaro Koskinen
Aaron Oneal
Aaron Orenstein
Abram Pousada
Adam D. Moss
Adam Light
Adam Piggott
Adam Sampson
Adam Tkac
Adrian Schuur
Adriano Meirelles
Ajit Dhumale
Aki Koskinen
Akos Pasztory
Alan Pinstein
Albert Chin
Albert Chin-A-Young
Albert Choy
Ale Vesely
Alejandro Alvarez
Aleksandar Milivojevic
Aleksey Tulinov
Alessandro Ghedini
Alessandro Vesely
Alex Bligh
Alex Fishman
Alex Gruz
Alex McLellan
Alex Neblett
Alex Suykov
Alex Vinnik
Alex aka WindEagle
Alexander Beedie
Alexander Klauer
Alexander Kourakos
Alexander Krasnostavsky
Alexander Lazic
@@ -46,11 +52,13 @@ Amol Pattekar
Amr Shahin
Anatoli Tubman
Anders Gustafsson
Anders Havn
Andi Jahja
Andre Guibert de Bruet
Andreas Damm
Andreas Faerber
Andreas Farber
Andreas Malzahn
Andreas Ntaflos
Andreas Olsson
Andreas Rieke
@@ -58,15 +66,18 @@ Andreas Schuldei
Andreas Wurf
Andrei Benea
Andrei Cipu
Andrej E Baranov
Andres Garcia
Andrew Benham
Andrew Biggs
Andrew Bushnell
Andrew Francis
Andrew Fuller
Andrew Kurushin
Andrew Moise
Andrew Wansink
Andrew de los Reyes
Andrii Moiseiev
Andrés García
Andy Cedilnik
Andy Serpa
@@ -85,12 +96,14 @@ Arnaud Compan
Arnaud Ebalard
Arthur Murray
Arve Knudsen
Arvid Norberg
Ates Goral
Augustus Saunders
Avery Fay
Axel Tillequin
Balaji Parasuram
Balint Szilakszi
Barry Abrahamson
Bart Whiteley
Bas Mevissen
Ben Darnell
@@ -101,12 +114,16 @@ Ben Van Hof
Ben Winslow
Benbuck Nason
Benjamin Gerard
Benjamin Gilbert
Benjamin Johnson
Benoit Sigoure
Bernard Leak
Bernhard Reutner-Fischer
Bertrand Demiddelaer
Bill Doyle
Bill Egert
Bill Hoffman
Bill Middlecamp
Bjoern Sikora
Bjorn Augustsson
Bjorn Reese
@@ -119,6 +136,7 @@ Bogdan Nicula
Brad Burdick
Brad Hards
Brad King
Brad Spencer
Bradford Bruce
Brandon Wang
Brendan Jurd
@@ -133,6 +151,7 @@ Bruce Mitchener
Bruno de Carvalho
Bryan Henderson
Bryan Kemp
Byrial Jensen
Cameron Kaiser
Camille Moncelier
Caolan McNamara
@@ -142,9 +161,11 @@ Cedric Deltheil
Chad Monroe
Chandrakant Bagul
Charles Kerr
Chen Prog
Chih-Chung Chang
Chris "Bob Bob"
Chris Combes
Chris Conlon
Chris Conroy
Chris Deidun
Chris Flerackers
@@ -153,13 +174,13 @@ Chris Maltby
Chris Mumford
Chris Smowton
Christian Grothoff
Christian Hagele
Christian Hägele
Christian Krause
Christian Kurz
Christian Robottom Reis
Christian Schmitz
Christian Vogt
Christian Weisgerber
Christophe Demory
Christophe Legry
Christopher Conroy
@@ -169,8 +190,11 @@ Christopher Stone
Ciprian Badescu
Claes Jakobsson
Clarence Gardner
Clemens Gruber
Clifford Wolf
Cody Jones
Cody Mack
Colby Ranger
Colin Hogben
Colin Watson
Colm Buckley
@@ -180,12 +204,14 @@ Craig A West
Craig Davison
Craig Markwardt
Cris Bailiff
Cristian Rodriguez
Cristian Rodríguez
Curt Bogmine
Cyrill Osterwalder
Cédric Deltheil
D. Flinkmann
Dag Ekengren
Dagobert Michelsen
Damian Dixon
Damien Adant
Dan Becker
Dan C
@@ -211,6 +237,7 @@ Dave Halbakken
Dave Hamilton
Dave May
Dave Reisner
Dave Thompson
Dave Vasilevsky
David Bau
David Binderman
@@ -230,16 +257,23 @@ David McCreedy
David Odin
David Phillips
David Rosenstrauch
David Ryskalczyk
David Shaw
David Strauss
David Tarendash
David Thiel
David Walser
David Woodhouse
David Wright
David Yan
Dengminwen
Derek Higgins
Detlef Schmier
Didier Brisebourg
Diego Casorran
Dilyan Palauzov
Dima Barsky
Dima Tisnek
Dimitre Dimitrov
Dimitris Sarris
Dinar
@@ -263,6 +297,7 @@ Douglas R. Horner
Douglas Steinwand
Dov Murik
Duane Cathey
Duncan
Duncan Mac-Vicar Prett
Dustin Boswell
Dylan Ellicott
@@ -271,11 +306,13 @@ Early Ehlinger
Ebenezer Ikonne
Edin Kadribasic
Eduard Bloch
Edward Rudd
Edward Sheldrake
Eelco Dolstra
Eetu Ojanen
Eldar Zaitov
Ellis Pritchard
Elmira A Semenova
Emanuele Bovisio
Emil Romanus
Emiliano Ida
@@ -285,27 +322,34 @@ Eric Cooper
Eric Hu
Eric Landes
Eric Lavigne
Eric Lubin
Eric Melville
Eric Mertens
Eric Rautman
Eric S. Raymond
Eric Thelin
Eric Vergnaud
Eric Wong
Eric Young
Erick Nuwendam
Erik Johansson
Erwan Legrand
Erwin Authried
Eugene Kotlyarov
Evan Jordan
Evgeny Turnaev
Eygene Ryabinkin
Fabian Frank
Fabian Hiernaux
Fabian Keil
Fabrizio Ammollo
Fedor Karpelevitch
Felix Yan
Felix von Leitner
Feng Tu
Florian Schoppmann
Forrest Cahoon
Francois Charlier
Frank Hempel
Frank Keeney
Frank McGeough
@@ -317,6 +361,7 @@ Fred Machado
Fred New
Fred Noz
Frederic Lepied
Fredrik Thulin
Gabriel Kuri
Gabriel Sjoberg
Garrett Holmstrom
@@ -325,11 +370,14 @@ Gautam Kachroo
Gautam Mani
Gavrie Philipson
Gaz Iqbal
Gaël Portay
Geoff Beier
Georg Horn
Georg Huettenegger
Georg Lippitsch
Georg Wicherski
Gerd v. Egidy
Gergely Nagy
Gerhard Herre
Gerrit Bruchhäuser
Ghennadi Procopciuc
@@ -344,7 +392,10 @@ Giuseppe Attardi
Giuseppe D'Ambrosio
Glen Nakamura
Glen Scott
Glenn Sheridan
Gokhan Sengun
Gordon Marler
Gorilla Maguila
Grant Erickson
Greg Hewgill
Greg Morse
@@ -360,14 +411,17 @@ Gwenole Beauchesne
Götz Babin-Ebell
Hamish Mackenzie
Hang Kin Lau
Hang Su
Hanno Kranzhoff
Hans Steegers
Hans-Jurgen May
Hardeep Singh
Harshal Pradhan
Hauke Duden
He Qin
Heikki Korpela
Heinrich Ko
Heinrich Schaefer
Hendrik Visage
Henrik Storner
Henry Ludemann
@@ -377,6 +431,7 @@ Ho-chi Chen
Hoi-Ho Chan
Hongli Lai
Howard Chu
Hubert Kario
Hzhijun
Ian D Allen
Ian Ford
@@ -388,12 +443,15 @@ Ignacio Vazquez-Abrams
Igor Franchuk
Igor Novoseltsev
Igor Polyakov
Iida Yosiaki
Ilguiz Latypov
Ilja van Sprundel
Immanuel Gregoire
Ingmar Runge
Ingo Ralf Blum
Ingo Wilken
Ishan SinghLevett
Ivo Bellin Salarin
Jack Zhang
Jacky Lam
Jacob Meuser
@@ -403,6 +461,7 @@ James Bursa
James Cheng
James Clancy
James Cone
James Dury
James Gallagher
James Griffiths
James Housley
@@ -415,12 +474,14 @@ Jan Koen Annot
Jan Kunder
Jan Schaumann
Jan Van Boghout
Jared Jennings
Jared Lundell
Jari Sundell
Jason Glasgow
Jason Liu
Jason McDonald
Jason S. Priebe
Javier Barroso
Jay Austin
Jayesh A Shah
Jaz Fresh
@@ -429,17 +490,23 @@ Jean-Claude Chauve
Jean-Francois Bertrand
Jean-Louis Lemaire
Jean-Marc Ranger
Jean-Noel Rouvignac
Jean-Philippe Barrette-LaPierre
Jeff Connelly
Jeff Hodges
Jeff Johnson
Jeff King
Jeff Lawson
Jeff Phillips
Jeff Pohlmeyer
Jeff Weber
Jeffrey Pohlmeyer
Jeremy Friesner
Jeremy Huddleston
Jeroen Koekkoek
Jerome Muffat-Meridol
Jerome Vouillon
Jerry Krinock
Jerry Wu
Jes Badwal
Jesper Jensen
@@ -449,8 +516,9 @@ Jim Drash
Jim Freeman
Jim Hollinger
Jim Meyering
Jiri Jaburek
Jiri Hruska
Jiri Jaburek
Jiri Malak
Jocelyn Jaubert
Joe Halpin
Joe Malicki
@@ -464,7 +532,9 @@ Johannes Bauer
John Bradshaw
John Crow
John Dennis
John Dunn
John E. Malmberg
John Gardiner Myers
John Janssen
John Joseph Bachir
John Kelly
@@ -480,6 +550,7 @@ Johnny Luong
Jon Grubbs
Jon Nelson
Jon Sargeant
Jon Torrey
Jon Travis
Jon Turner
Jonas Forsman
@@ -506,6 +577,8 @@ Julien Royer
Jun-ichiro itojun Hagino
Jurij Smakov
Justin Fletcher
Justin Karneges
Justin Maggard
Jörg Mueller-Tolk
Jörn Hartroth
Kai Engert
@@ -534,31 +607,38 @@ Kevin Lussier
Kevin Reed
Kevin Roth
Kim Rinnewitz
Kim Vandry
Kimmo Kinnunen
Kjell Ericson
Kjetil Jacobsen
Klevtsov Vadim
Konstantin Isakov
Kris Kennaway
Krishnendu Majumdar
Krister Johansen
Kristian Gunstone
Kristian Köhntopp
Kyle L. Huff
Kyle Sallee
Lachlan O'Dea
Larry Campbell
Larry Fahnoe
Larry Lin
Lars Buitinck
Lars Gustafsson
Lars J. Aas
Lars Johannesen
Lars Nilsson
Lars Torben Wilson
Lau Hang Kin
Laurent Rabret
Legoff Vincent
Lehel Bernadt
Leif W
Len Krause
Lenaic Lefever
Lenny Rachitsky
Leon Winter
Liam Healy
Lijo Antony
Linas Vepstas
@@ -572,23 +652,30 @@ Loren Kirkby
Luca Altea
Luca Alteas
Lucas Adamski
Ludovico Cavedon
Lukasz Czekierda
Luke Amery
Luke Call
Luke Dashjr
Luong Dinh Dung
Maciej Karpiuk
Maciej Puzio
Maciej W. Rozycki
Maks Naumov
Mamoru Tasaka
Mandy Wu
Manfred Schwarb
Manuel Massing
Marc Boucher
Marc Deslauriers
Marc Doughty
Marc Hoersken
Marc Kleine-Budde
Marcel Raad
Marcel Roelofs
Marcelo Juchem
Marcin Adamski
Marcin Gryszkalis
Marcin Konicki
Marco G. Salvagno
Marco Maggi
@@ -614,6 +701,7 @@ Martin C. Martin
Martin Drasar
Martin Hager
Martin Hedenfalk
Martin Jansen
Martin Lemke
Martin Skinner
Martin Storsjo
@@ -642,6 +730,7 @@ Maxim Prohorov
Maxime Larocque
Mehmet Bozkurt
Mekonikum
Melissa Mears
Mettgut Jamalla
Michael Benedict
Michael Calmer
@@ -653,6 +742,7 @@ Michael Jahn
Michael Jerris
Michael Mealling
Michael Mueller
Michael Osipov
Michael Smith
Michael Stillwell
Michael Wallner
@@ -661,21 +751,28 @@ Michal Gorny
Michal Kowalczyk
Michal Marek
Michele Bini
Miguel Angel
Mihai Ionescu
Mikael Johansson
Mikael Sennerholm
Mike Bytnar
Mike Crowe
Mike Dobbs
Mike Giancola
Mike Hasselberg
Mike Hommey
Mike Mio
Mike Power
Mike Protts
Mike Revi
Miklos Nemeth
Mitz Wark
Mohamed Lrhazi
Mohammad AlSaleh
Mohun Biswas
Moonesamy
Myk Taylor
Nach M. S.
Nathan Coulter
Nathan O'Sullivan
Nathanael Nerode
@@ -709,6 +806,8 @@ Ofer
Olaf Flebbe
Olaf Stueben
Olaf Stüben
Oliver Gondža
Oliver Kuckertz
Olivier Berger
Oren Tirosh
Ori Avtalion
@@ -716,18 +815,23 @@ Oscar Koeroo
Oscar Norlander
P R Schaffner
Paolo Piacentini
Paras Sethia
Pascal Terjan
Pasha Kuznetsov
Pat Ray
Patrice Guerin
Patricia Muscalu
Patrick Bihan-Faou
Patrick Monnerat
Patrick Scott
Patrick Smith
Patrick Watson
Patrik Thunstrom
Pau Garcia i Quiles
Paul Donohue
Paul Harrington
Paul Howarth
Paul Marks
Paul Marquis
Paul Moore
Paul Nolan
@@ -742,6 +846,7 @@ Pedro Neves
Pete Su
Peter Bray
Peter Forret
Peter Gal
Peter Heuchert
Peter Hjalmarsson
Peter Korsgaard
@@ -755,6 +860,9 @@ Peter Todd
Peter Verhas
Peter Wullinger
Peteris Krumins
Petr Bahula
Petr Novak
Petr Pisar
Phil Blundell
Phil Karn
Phil Lisiecki
@@ -772,13 +880,17 @@ Pierre Joye
Pierre Ynard
Pooyan McSporran
Pramod Sharma
Prash Dush
Priyanka Shah
Puneet Pawaia
Quagmire
Quanah Gibson-Mount
Quinn Slack
Radu Simionescu
Rafa Muyo
Rafael Sagula
Rainer Canavan
Rainer Jung
Rainer Koenig
Rajesh Naganathan
Ralf S. Engelschall
@@ -790,9 +902,11 @@ Ravi Pratap
Ray Dassen
Ray Pekowski
Reinout van Schouwen
Remi Gacogne
Renato Botelho
Renaud Chaillat
Renaud Duhaut
Renaud Guillard
Rene Bernhardt
Rene Rebe
Reuven Wachtfogel
@@ -806,11 +920,13 @@ Richard Bramante
Richard Clayton
Richard Cooper
Richard Gorton
Richard Michael
Richard Prescott
Richard Silverman
Rick Jones
Rick Richardson
Rob Crittenden
Rob Davies
Rob Jones
Rob Stanzel
Rob Ward
@@ -822,6 +938,7 @@ Robert Iakobashvili
Robert Olson
Robert Schumann
Robert Weaver
Robert Wruck
Robin Cornelius
Robin Johnson
Robin Kay
@@ -834,18 +951,22 @@ Roland Zimmermann
Rolland Dudemaine
Roman Koifman
Roman Mamedov
Romulo A. Ceccon
Ron Zapp
Rosimildo da Silva
Roy Shan
Rune Kleveland
Ruslan Gazizov
Rutger Hofman
Ryan Braud
Ryan Chan
Ryan Nelson
Ryan Schmidt
Rémy Léone
S. Moonesamy
Salvador Dávila
Salvatore Sorrentino
Sam Deane
Sam Listopad
Sampo Kellomaki
Samuel Díaz García
@@ -856,6 +977,7 @@ Sandor Feldi
Santhana Todatry
Saqib Ali
Sara Golemon
Saran Neti
Saul good
Scott Bailey
Scott Barrett
@@ -866,11 +988,14 @@ Sebastian Rasmussen
Sebastien Willemijns
Senthil Raja Velu
Sergei Nikulov
Sergey Tatarincev
Sergio Ballestrero
Seshubabu Pasam
Sh Diao
Shao Shuchao
Sharad Gupta
Shard
Shawn Landden
Shawn Poulson
Shmulik Regev
Siddhartha Prakash Jain
@@ -888,6 +1013,7 @@ Stan van de Burgt
Stanislav Ivochkin
Stefan Esser
Stefan Krause
Stefan Neis
Stefan Teleman
Stefan Tomanek
Stefan Ulrich
@@ -906,6 +1032,7 @@ Steve Oliphant
Steve Roskowski
Steven Bazyl
Steven G. Johnson
Steven Gu
Steven M. Schweda
Steven Parkes
Stoned Elipot
@@ -919,12 +1046,15 @@ Taneli Vahakangas
Tanguy Fautre
Tatsuhiro Tsujikawa
Temprimus
Thomas Braun
Thomas J. Moore
Thomas Klausner
Thomas L. Shinnick
Thomas Lopatic
Thomas Schwinge
Thomas Tonino
Tiit Pikma
Till Maas
Tim Ansell
Tim Baker
Tim Bartley
@@ -934,7 +1064,9 @@ Tim Harder
Tim Heckman
Tim Newsome
Tim Sneddon
Timo Sirainen
Tinus van den Berg
Tobias Markus
Tobias Rundström
Toby Peterson
Todd A Ouska
@@ -943,13 +1075,16 @@ Todd Ouska
Todd Vierling
Tom Benoist
Tom Donovan
Tom Grace
Tom Lee
Tom Mattison
Tom Moers
Tom Mueller
Tom Regner
Tom Sparrow
Tom Wright
Tom Zerucha
Tomas Hoger
Tomas Mlcoch
Tomas Pospisek
Tomas Szepe
@@ -967,12 +1102,17 @@ Traian Nicolescu
Troels Walsted Hansen
Troy Engel
Tupone Alfredo
Tyler Hall
Török Edwin
Ulf Härnhammar
Ulf Samuelsson
Ulrich Doehner
Ulrich Zadow
Venkat Akella
Victor Snezhko
Vijay Panghal
Vikram Saxena
Viktor Szakáts
Vilmos Nebehaj
Vincent Bronner
Vincent Le Normand
@@ -994,16 +1134,26 @@ Wesley Laxton
Wesley Miaw
Wez Furlong
Wilfredo Sanchez
Will Dietz
Willem Sparreboom
Wojciech Zwiefka
Wouter Van Rooy
Wu Yongzheng
Xavier Bouchoux
Yaakov Selkowitz
Yamada Yasuharu
Yang Tse
Yarram Sunil
Yehezkel Horowitz
Yehoshua Hershberg
Yi Huang
Yingwei Liu
Yukihiro Kawada
Yuriy Sosov
Yves Arrouye
Yves Lejeune
Zdenek Pavlas
Zekun Ni
Zmey Petroff
Zvi Har'El
nk

249
docs/TODO
View File

@@ -16,28 +16,30 @@
1.3 struct lifreq
1.4 signal-based resolver timeouts
1.5 get rid of PATH_MAX
1.6 progress callback without doubles
1.7 Happy Eyeball dual stack connect
1.6 Modified buffer size approach
1.7 Detect when called from within callbacks
1.8 Allow SSL (HTTPS) to proxy
2. libcurl - multi interface
2.1 More non-blocking
2.2 Fix HTTP Pipelining for PUT
3. Documentation
3.1 More and better
3.1 Update date and version in man pages
4. FTP
4.1 HOST
4.2 Alter passive/active on failure and retry
4.3 Earlier bad letter detection
4.4 REST for large files
4.5 FTP proxy support
4.6 ASCII support
4.5 ASCII support
5. HTTP
5.1 Better persistency for HTTP 1.0
5.2 support FF3 sqlite cookie files
5.3 Rearrange request header order
5.4 SPDY
5.5 auth= in URLs
6. TELNET
6.1 ditch stdin
@@ -46,19 +48,15 @@
6.4 send data in chunks
7. SMTP
7.1 Specify the preferred authentication mechanism
7.2 Initial response
7.3 Pipelining
7.4 Graceful base64 decoding failure
7.1 Pipelining
7.2 Enhanced capability support
8. POP3
8.1 auth= in URLs
8.2 Initial response
8.3 Graceful base64 decoding failure
8.1 Pipelining
8.2 Enhanced capability support
9. IMAP
9.1 auth= in URLs
9.2 Graceful base64 decoding failure
9.1 Enhanced capability support
10. LDAP
10.1 SASL based authentication mechanisms
@@ -73,9 +71,8 @@
12.4 Cache OpenSSL contexts
12.5 Export session ids
12.6 Provide callback for cert verification
12.7 Support other SSL libraries
12.8 improve configure --with-ssl
12.9 Support DANE
12.7 improve configure --with-ssl
12.8 Support DANE
13. GnuTLS
13.1 SSL engine stuff
@@ -90,9 +87,7 @@
15.3 prevent file overwriting
15.4 simultaneous parallel transfers
15.5 provide formpost headers
15.6 url-specific options
15.7 warning when setting an option
15.8 IPv6 addresses with globbing
15.6 warning when setting an option
16. Build
16.1 roffit
@@ -102,9 +97,10 @@
17.2 nicer lacking perl message
17.3 more protocols supported
17.4 more platforms supported
17.5 Add support for concurrent connections
18. Next SONAME bump
18.1 http-style HEAD output for ftp
18.1 http-style HEAD output for FTP
18.2 combine error codes
18.3 extend CURLOPT_SOCKOPTFUNCTION prototype
@@ -157,26 +153,41 @@
we need libssh2 to properly tell us when we pass in a too small buffer and
its current API (as of libssh2 1.2.7) doesn't.
1.6 progress callback without doubles
1.6 Modified buffer size approach
The progress callback was introduced way back in the days and the choice to
use doubles in the arguments was possibly good at the time. Today the doubles
only confuse users and make the amounts less precise. We should introduce
another progress callback option that take precedence over the old one and
have both co-exist for a forseeable time until we can remove the double-using
one.
Current libcurl allocates a fixed 16K size buffer for download and an
additional 16K for upload. They are always unconditionally part of the easy
handle. If CRLF translations are requested, an additional 32K "scratch
buffer" is allocated. A total of 64K transfer buffers in the worst case.
1.7 Happy Eyeball dual stack connect
First, while the handles are not actually in use these buffers could be freed
so that lingering handles just kept in queues or whatever waste less memory.
In order to make alternative technologies not suffer when transitioning, like
when introducing IPv6 as an alternative to IPv4 and there are more than one
option existing simultaneously there are reasons to reconsider internal
choices.
Secondly, SFTP is a protocol that needs to handle many ~30K blocks at once
since each need to be individually acked and therefore libssh2 must be
allowed to send (or receive) many separate ones in parallel to achieve high
transfer speeds. A current libcurl build with a 16K buffer makes that
impossible, but one with a 512K buffer will reach MUCH faster transfers. But
allocating 512K unconditionally for all buffers just in case they would like
to do fast SFTP transfers at some point is not a good solution either.
To make libcurl do blazing fast IPv6 in a dual-stack configuration, this needs
to be addressed:
Dynamically allocate buffer size depending on protocol in use in combination
with freeing it after each individual transfer? Other suggestions?
http://tools.ietf.org/html/rfc6555
1.7 Detect when called from within callbacks
We should set a state variable before calling callbacks, so that we
subsequently can add code within libcurl that returns error if called within
callbacks for when that's not supported.
1.8 Allow SSL (HTTPS) to proxy
To prevent local users from snooping on your traffic to the proxy. Supported
by Chrome already:
http://www.chromium.org/developers/design-documents/secure-web-proxy
...and by Firefox soon:
https://bugzilla.mozilla.org/show_bug.cgi?id=378637
2. libcurl - multi interface
@@ -202,18 +213,20 @@
3. Documentation
3.1 More and better
3.1 Update date and version in man pages
Exactly
'maketgz' or another suitable script could update the .TH sections of the man
pages at release time to use the current date and curl/libcurl version
number.
4. FTP
4.1 HOST
HOST is a suggested command in the works for a client to tell which host name
to use, to offer FTP servers named-based virtual hosting:
HOST is a command for a client to tell which host name to use, to offer FTP
servers named-based virtual hosting:
http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11
http://tools.ietf.org/html/rfc7151
4.2 Alter passive/active on failure and retry
@@ -224,7 +237,7 @@
4.3 Earlier bad letter detection
Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
Make the detection of (bad) %0d and %0a codes in FTP URL parts earlier in the
process to avoid doing a resolve and connect in vain.
4.4 REST for large files
@@ -233,13 +246,7 @@
the server doesn't set the pointer to the requested index. The tricky
(impossible?) part is to figure out if the server did the right thing or not.
4.5 FTP proxy support
Support the most common FTP proxies, Philip Newton provided a list allegedly
from ncftp. This is not a subject without debate, and is probably not really
suitable for libcurl. http://curl.haxx.se/mail/archive-2003-04/0126.html
4.6 ASCII support
4.5 ASCII support
FTP ASCII transfers do not follow RFC959. They don't convert the data
accordingly.
@@ -269,6 +276,26 @@
headers use a default value so only headers that need to be moved have to be
specified.
5.4 SPDY
Chrome and Firefox already support SPDY and lots of web services do. There's
a library for us to use for this (spdylay) that has a similar API and the
same author as nghttp2.
spdylay: https://github.com/tatsuhiro-t/spdylay
5.5 auth= in URLs
Add the ability to specify the preferred authentication mechanism to use by
using ;auth=<mech> in the login part of the URL.
For example:
http://test:pass;auth=NTLM@example.com would be equivalent to specifying --user
test:pass;auth=NTLM or --user test:pass --ntlm from the command line.
Additionally this should be implemented for proxy base URLs as well.
6. TELNET
6.1 ditch stdin
@@ -295,64 +322,32 @@ to provide the data to send.
7. SMTP
7.1 Specify the preferred authentication mechanism
Add the ability to specify the preferred authentication mechanism or a list
of mechanisms that should be used. Not only that, but the order that is
returned by the server during the EHLO response should be honored by curl.
7.2 Initial response
Add the ability for the user to specify whether the initial response is
included in the AUTH command. Some email servers, such as Microsoft
Exchange, can work with either whilst others need to have the initial
response sent separately:
http://curl.haxx.se/mail/lib-2012-03/0114.html
7.3 Pipelining
7.1 Pipelining
Add support for pipelining emails.
7.4 Graceful base64 decoding failure
7.2 Enhanced capability support
Rather than shutting down the session and returning an error when the
decoding of a base64 encoded authentication response fails, we should
gracefully shutdown the authentication process by sending a * response to the
server as per RFC4954.
Add the ability, for an application that uses libcurl, to obtain the list of
capabilities returned from the EHLO command.
8. POP3
8.1 auth= in URLs
8.1 Pipelining
Being able to specify the preferred authentication mechanism in the URL as
per RFC2384.
Add support for pipelining commands.
8.2 Initial response
8.2 Enhanced capability support
Add the ability for the user to specify whether the initial response is
included in the AUTH command as per RFC5034.
8.3 Graceful base64 decoding failure
Rather than shutting down the session and returning an error when the
decoding of a base64 encoded authentication response fails, we should
gracefully shutdown the authentication process by sending a * response to the
server as per RFC5034.
Add the ability, for an application that uses libcurl, to obtain the list of
capabilities returned from the CAPA command.
9. IMAP
9.1 auth= in URLs
9.1 Enhanced capability support
Being able to specify the preferred authentication mechanism in the URL as
per RFC5092.
9.2 Graceful base64 decoding failure
Rather than shutting down the session and returning an error when the
decoding of a base64 encoded authentication response fails, we should
gracefully shutdown the authentication process by sending a * response to the
server as per RFC3501.
Add the ability, for an application that uses libcurl, to obtain the list of
capabilities returned from the CAPABILITY command.
10. LDAP
@@ -361,7 +356,7 @@ to provide the data to send.
Currently the LDAP module only supports ldap_simple_bind_s() in order to bind
to an LDAP server. However, this function sends username and password details
using the simple authentication mechanism (as clear text). However, it should
be possible to use ldap_bind_s() instead specifing the security context
be possible to use ldap_bind_s() instead specifying the security context
information ourselves.
11. New protocols
@@ -392,7 +387,7 @@ to provide the data to send.
12.4 Cache OpenSSL contexts
"Look at SSL cafile - quick traces look to me like these are done on every
request as well, when they should only be necessary once per ssl context (or
request as well, when they should only be necessary once per SSL context (or
once per handle)". The major improvement we can rather easily do is to make
sure we don't create and kill a new SSL "context" for every request, but
instead make one for every connection and re-use that SSL context in the same
@@ -413,22 +408,23 @@ to provide the data to send.
certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
it be? There's so much that could be done if it were!
12.7 Support other SSL libraries
Make curl's SSL layer capable of using other free SSL libraries. Such as
MatrixSSL (http://www.matrixssl.org/).
12.8 improve configure --with-ssl
12.7 improve configure --with-ssl
make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
then NSS...
12.9 Support DANE
12.8 Support DANE
DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
keys and certs over DNS using DNSSEC as an alternative to the CA model.
http://www.rfc-editor.org/rfc/rfc6698.txt
An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
(http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple
approach. See Daniel's comments:
http://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the
correct library to base this development on.
13. GnuTLS
13.1 SSL engine stuff
@@ -491,33 +487,12 @@ to provide the data to send.
which should overwrite the program reasonable defaults (plain/text,
8bit...)
15.6 url-specific options
Provide a way to make options bound to a specific URL among several on the
command line. Possibly by letting ':' separate options between URLs,
similar to this:
curl --data foo --url url.com : \
--url url2.com : \
--url url3.com --data foo3
(More details: http://curl.haxx.se/mail/archive-2004-07/0133.html)
The example would do a POST-GET-POST combination on a single command line.
15.7 warning when setting an option
15.6 warning when setting an option
Display a warning when libcurl returns an error when setting an option.
This can be useful to tell when support for a particular feature hasn't been
compiled into the library.
15.8 IPv6 addresses with globbing
Currently the command line client needs to get url globbing disabled (with
-g) for it to support IPv6 numerical addresses. This is a rather silly flaw
that should be corrected. It probably involves a smarter detection of the
'[' and ']' letters.
16. Build
16.1 roffit
@@ -540,7 +515,7 @@ to provide the data to send.
17.3 more protocols supported
Extend the test suite to include more protocols. The telnet could just do ftp
Extend the test suite to include more protocols. The telnet could just do FTP
or http operations (for which we have test servers).
17.4 more platforms supported
@@ -548,12 +523,26 @@ to provide the data to send.
Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
fork()s and it should become even more portable.
17.5 Add support for concurrent connections
Tests 836, 882 and 938 were designed to verify that separate connections aren't
used when using different login credentials in protocols that shouldn't re-use
a connection under such circumstances.
Unfortunately, ftpserver.pl doesn't appear to support multiple concurrent
connections. The read while() loop seems to loop until it receives a disconnect
from the client, where it then enters the waiting for connections loop. When
the client opens a second connection to the server, the first connection hasn't
been dropped (unless it has been forced - which we shouldn't do in these tests)
and thus the wait for connections loop is never entered to receive the second
connection.
18. Next SONAME bump
18.1 http-style HEAD output for ftp
18.1 http-style HEAD output for FTP
#undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
from being output in NOBODY requests over ftp
from being output in NOBODY requests over FTP
18.2 combine error codes
@@ -587,7 +576,7 @@ to provide the data to send.
for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
similar.
10. Next major release
19. Next major release
19.1 cleanup return codes
@@ -651,7 +640,7 @@ to provide the data to send.
but instead often restricts how the form functions can or can't be modified.
Changing them to return a private handle will benefit the implementation and
allow us much greater freedoms while still maintining a solid API and ABI.
allow us much greater freedoms while still maintaining a solid API and ABI.
19.9 have form functions use CURL handle argument
@@ -665,7 +654,7 @@ to provide the data to send.
Rather than use the URL to specify the mail client string to present in the
HELO and EHLO commands, libcurl should support a new CURLOPT specifically for
specifing this data as the URL is non-standard and to be honest a bit of a
specifying this data as the URL is non-standard and to be honest a bit of a
hack ;-)
Please see the following thread for more information:

View File

@@ -1,16 +1,72 @@
Online: http://curl.haxx.se/docs/httpscripting.html
Date: Jan 19, 2011
Updated: Dec 24, 2013 (http://curl.haxx.se/docs/httpscripting.html)
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
The Art Of Scripting HTTP Requests Using Curl
=============================================
This document will assume that you're familiar with HTML and general
networking.
The Art Of Scripting HTTP Requests Using Curl
The possibility to write scripts is essential to make a good computer
system. Unix' capability to be extended by shell scripts and various tools to
run various automated commands and scripts is one reason why it has succeeded
so well.
1. HTTP Scripting
1.1 Background
1.2 The HTTP Protocol
1.3 See the Protocol
1.4 See the Timing
1.5 See the Response
2. URL
2.1 Spec
2.2 Host
2.3 Port number
2.4 User name and password
2.5 Path part
3. Fetch a page
3.1 GET
3.2 HEAD
4. HTML forms
4.1 Forms explained
4.2 GET
4.3 POST
4.4 File Upload POST
4.5 Hidden Fields
4.6 Figure Out What A POST Looks Like
5. HTTP upload
5.1 PUT
6. HTTP Authentication
6.1 Basic Authentication
6.2 Other Authentication
6.3 Proxy Authentication
6.4 Hiding credentials
7. More HTTP Headers
7.1 Referer
7.2 User Agent
8. Redirects
8.1 Location header
8.2 Other redirects
9. Cookies
9.1 Cookie Basics
9.2 Cookie options
10. HTTPS
10.1 HTTPS is HTTP secure
10.2 Certificates
11. Custom Request Elements
11.1 Modify method and headers
11.2 More on changed methods
12. Web Login
12.1 Some login tricks
13. Debug
13.1 Some debug tricks
14. References
14.1 Standards
14.2 Sites
==============================================================================
1. HTTP Scripting
1.1 Background
This document assumes that you're familiar with HTML and general networking.
The increasing amount of applications moving to the web has made "HTTP
Scripting" more frequently requested and wanted. To be able to automatically
@@ -27,7 +83,7 @@ Date: Jan 19, 2011
to glue everything together using some kind of script language or repeated
manual invokes.
1. The HTTP Protocol
1.2 The HTTP Protocol
HTTP is the protocol used to fetch data from web servers. It is a very simple
protocol that is built upon TCP/IP. The protocol also allows information to
@@ -44,7 +100,7 @@ Date: Jan 19, 2011
well), response headers and most often also a response body. The "body" part
is the plain data you requested, like the actual HTML or the image etc.
1.1 See the Protocol
1.3 See the Protocol
Using curl's option --verbose (-v as a short option) will display what kind
of commands curl sends to the server, as well as a few other informational
@@ -59,13 +115,88 @@ Date: Jan 19, 2011
curl --trace-ascii debugdump.txt http://www.example.com/
1.4 See the Timing
Many times you may wonder what exactly is taking all the time, or you just
want to know the amount of milliseconds between two points in a
transfer. For those, and other similar situations, the --trace-time option
is what you need. It'll prepend the time to each trace output line:
curl --trace-ascii d.txt --trace-time http://example.com/
1.5 See the Response
By default curl sends the response to stdout. You need to redirect it
somewhere to avoid that, most often that is done with -o or -O.
2. URL
2.1 Spec
The Uniform Resource Locator format is how you specify the address of a
particular resource on the Internet. You know these, you've seen URLs like
http://curl.haxx.se or https://yourbank.com a million times.
http://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the
canonical spec.
3. GET a page
2.2 Host
The host name is usually resolved using DNS or your /etc/hosts file to an IP
address and that's what curl will communicate with. Alternatively you specify
the IP address directly in the URL instead of a name.
For development and other trying out situation, you can point out a different
IP address for a host name than what would otherwise be used, by using curl's
--resolve option:
curl --resolve www.example.org:80:127.0.0.1 http://www.example.org/
2.3 Port number
Each protocol curl supports operate on a default port number, be it over TCP
or in some cases UDP. Normally you don't have to take that into
consideration, but at times you run test servers on other ports or
similar. Then you can specify the port number in the URL with a colon and a
number immediately following the host name. Like when doing HTTP to port
1234:
curl http://www.example.org:1234/
The port number you specify in the URL is the number that the server uses to
offer its services. Sometimes you may use a local proxy, and then you may
need to specify that proxy's port number separate on what curl needs to
connect to locally. Like when using a HTTP proxy on port 4321:
curl --proxy http://proxy.example.org:4321 http://remote.example.org/
2.4 User name and password
Some services are setup to require HTTP authentication and then you need to
provide name and password which then is transferred to the remote site in
various ways depending on the exact authentication protocol used.
You can opt to either insert the user and password in the URL or you can
provide them separately:
curl http://user:password@example.org/
or
curl -u user:password http://example.org/
You need to pay attention that this kind of HTTP authentication is not what
is usually done and requested by user-oriented web sites these days. They
tend to use forms and cookies instead.
2.5 Path part
The path part is just sent off to the server to request that it sends back
the associated response. The path is what is to the right side of the slash
that follows the host name and possibly port number.
3. Fetch a page
3.1 GET
The simplest and most common request/operation made using HTTP is to get a
URL. The URL could itself refer to a web page, an image or a file. The client
@@ -79,10 +210,23 @@ Date: Jan 19, 2011
All HTTP replies contain a set of response headers that are normally hidden,
use curl's --include (-i) option to display them as well as the rest of the
document. You can also ask the remote server for ONLY the headers by using
the --head (-I) option (which will make curl issue a HEAD request).
document.
4. Forms
3.2 HEAD
You can ask the remote server for ONLY the headers by using the --head (-I)
option which will make curl issue a HEAD request. In some special cases
servers deny the HEAD method while others still work, which is a particular
kind of annoyance.
The HEAD method is defined and made so that the server returns the headers
exactly the way it would do for a GET, but without a body. It means that you
may see a Content-Length: in the response headers, but there must not be an
actual body in the HEAD response.
4. HTML forms
4.1 Forms explained
Forms are the general way a web site can present a HTML page with fields for
the user to enter data in, and then press some kind of 'OK' or 'submit'
@@ -95,7 +239,7 @@ Date: Jan 19, 2011
Of course there has to be some kind of program in the server end to receive
the data you send. You cannot just invent something out of the air.
4.1 GET
4.2 GET
A GET-form uses the method GET, as specified in HTML like:
@@ -121,7 +265,7 @@ Date: Jan 19, 2011
curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK"
4.2 POST
4.3 POST
The GET method makes all input field names get displayed in the URL field of
your browser. That's generally a good thing when you want to be able to
@@ -158,7 +302,7 @@ Date: Jan 19, 2011
curl --data-urlencode "name=I am Daniel" http://www.example.com
4.3 File Upload POST
4.4 File Upload POST
Back in late 1995 they defined an additional way to post data over HTTP. It
is documented in the RFC 1867, why this method sometimes is referred to as
@@ -179,7 +323,7 @@ Date: Jan 19, 2011
curl --form upload=@localfilename --form press=OK [URL]
4.4 Hidden Fields
4.5 Hidden Fields
A very common way for HTML based application to pass state information
between pages is to add hidden fields to the forms. Hidden fields are
@@ -200,7 +344,7 @@ Date: Jan 19, 2011
curl --data "birthyear=1905&press=OK&person=daniel" [URL]
4.5 Figure Out What A POST Looks Like
4.6 Figure Out What A POST Looks Like
When you're about fill in a form and send to a server by using curl instead
of a browser, you're of course very interested in sending a POST exactly the
@@ -213,7 +357,9 @@ Date: Jan 19, 2011
You will then clearly see the data get appended to the URL, separated with a
'?'-letter as GET forms are supposed to.
5. PUT
5. HTTP upload
5.1 PUT
The perhaps best way to upload data to a HTTP server is to use PUT. Then
again, this of course requires that someone put a program or script on the
@@ -225,6 +371,8 @@ Date: Jan 19, 2011
6. HTTP Authentication
6.1 Basic Authentication
HTTP Authentication is the ability to tell the server your username and
password so that it can verify that you're allowed to do the request you're
doing. The Basic authentication used in HTTP (which is the type curl uses by
@@ -236,10 +384,14 @@ Date: Jan 19, 2011
curl --user name:password http://www.example.com
6.2 Other Authentication
The site might require a different authentication method (check the headers
returned by the server), and then --ntlm, --digest, --negotiate or even
--anyauth might be options that suit you.
6.3 Proxy Authentication
Sometimes your HTTP access is only available through the use of a HTTP
proxy. This seems to be especially common at various companies. A HTTP proxy
may require its own user and password to allow the client to get through to
@@ -253,6 +405,8 @@ Date: Jan 19, 2011
If you use any one these user+password options but leave out the password
part, curl will prompt for the password interactively.
6.4 Hiding credentials
Do note that when a program is run, its parameters might be possible to see
when listing the running processes of the system. Thus, other users may be
able to watch your passwords if you pass them as plain command line
@@ -262,7 +416,9 @@ Date: Jan 19, 2011
many web sites will not use this concept when they provide logins etc. See
the Web Login chapter further below for more details on that.
7. Referer
7. More HTTP Headers
7.1 Referer
A HTTP request may include a 'referer' field (yes it is misspelled), which
can be used to tell from which URL the client got to this particular
@@ -276,7 +432,7 @@ Date: Jan 19, 2011
curl --referer http://www.example.come http://www.example.com
8. User Agent
7.2 User Agent
Very similar to the referer field, all HTTP requests may set the User-Agent
field. It names what user agent (client) that is being used. Many
@@ -298,7 +454,9 @@ Date: Jan 19, 2011
curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]
9. Redirects
8. Redirects
8.1 Location header
When a resource is requested from a server, the reply from the server may
include a hint about where the browser should go next to find this page, or a
@@ -318,7 +476,16 @@ Date: Jan 19, 2011
only use POST in the first request, and then revert to GET in the following
operations.
10. Cookies
8.2 Other redirects
Browser typically support at least two other ways of redirects that curl
doesn't: first the html may contain a meta refresh tag that asks the browser
to load a specific URL after a set number of seconds, or it may use
javascript to do it.
9. Cookies
9.1 Cookie Basics
The way the web browsers do "client side state control" is by using
cookies. Cookies are just names with associated contents. The cookies are
@@ -335,6 +502,8 @@ Date: Jan 19, 2011
must be able to record and send back cookies the way the web application
expects them. The same way browsers deal with them.
9.2 Cookie options
The simplest way to send a few cookies to the server when getting a page with
curl is to add them on the command line like:
@@ -351,7 +520,7 @@ Date: Jan 19, 2011
Curl has a full blown cookie parsing engine built-in that comes to use if you
want to reconnect to a server and use cookies that were stored from a
previous connection (or handicrafted manually to fool the server into
previous connection (or hand-crafted manually to fool the server into
believing you had a previous connection). To use previously stored cookies,
you run curl like:
@@ -366,16 +535,18 @@ Date: Jan 19, 2011
curl --cookie nada --location http://www.example.com
Curl has the ability to read and write cookie files that use the same file
format that Netscape and Mozilla do. It is a convenient way to share cookies
between browsers and automatic scripts. The --cookie (-b) switch
automatically detects if a given file is such a cookie file and parses it,
and by using the --cookie-jar (-c) option you'll make curl write a new cookie
file at the end of an operation:
format that Netscape and Mozilla once used. It is a convenient way to share
cookies between scripts or invokes. The --cookie (-b) switch automatically
detects if a given file is such a cookie file and parses it, and by using the
--cookie-jar (-c) option you'll make curl write a new cookie file at the end
of an operation:
curl --cookie cookies.txt --cookie-jar newcookies.txt \
http://www.example.com
11. HTTPS
10. HTTPS
10.1 HTTPS is HTTP secure
There are a few ways to do secure HTTP transfers. The by far most common
protocol for doing this is what is generally known as HTTPS, HTTP over
@@ -391,7 +562,7 @@ Date: Jan 19, 2011
curl https://secure.example.com
11.1 Certificates
10.2 Certificates
In the HTTPS world, you use certificates to validate that you are the one
you claim to be, as an addition to normal passwords. Curl supports client-
@@ -413,7 +584,9 @@ Date: Jan 19, 2011
http://curl.haxx.se/docs/sslcerts.html
12. Custom Request Elements
11. Custom Request Elements
11.1 Modify method and headers
Doing fancy stuff, you may need to add or change elements of a single curl
request.
@@ -434,7 +607,26 @@ Date: Jan 19, 2011
curl --header "Destination: http://nowhere" http://example.com
13. Web Login
11.2 More on changed methods
It should be noted that curl selects which methods to use on its own
depending on what action to ask for. -d will do POST, -I will do HEAD and so
on. If you use the --request / -X option you can change the method keyword
curl selects, but you will not modify curl's behavior. This means that if you
for example use -d "data" to do a POST, you can modify the method to a
PROPFIND with -X and curl will still think it sends a POST. You can change
the normal GET to a POST method by simply adding -X POST in a command line
like:
curl -X POST http://example.org/
... but curl will still think and act as if it sent a GET so it won't send any
request body etc.
12. Web Login
12.1 Some login tricks
While not strictly just HTTP related, it still cause a lot of people problems
so here's the executive run-down of how the vast majority of all login forms
@@ -453,7 +645,7 @@ Date: Jan 19, 2011
sometimes they use such code to set or modify cookie contents. Possibly they
do that to prevent programmed logins, like this manual describes how to...
Anyway, if reading the code isn't enough to let you repeat the behavior
manually, capturing the HTTP requests done by your browers and analyzing the
manually, capturing the HTTP requests done by your browsers and analyzing the
sent cookies is usually a working method to work out how to shortcut the
javascript need.
@@ -463,7 +655,9 @@ Date: Jan 19, 2011
to do a proper login POST. Remember that the contents need to be URL encoded
when sent in a normal POST.
14. Debug
13. Debug
13.1 Some debug tricks
Many times when you run curl on a site, you'll notice that the site doesn't
seem to respond the same way to your curl requests as it does to your
@@ -473,35 +667,40 @@ Date: Jan 19, 2011
browser's requests:
* Use the --trace-ascii option to store fully detailed logs of the requests
for easier analyzing and better understanding
for easier analyzing and better understanding
* Make sure you check for and use cookies when needed (both reading with
--cookie and writing with --cookie-jar)
--cookie and writing with --cookie-jar)
* Set user-agent to one like a recent popular browser does
* Set referer like it is set by the browser
* If you use POST, make sure you send all the fields and in the same order as
the browser does it. (See chapter 4.5 above)
the browser does it.
A very good helper to make sure you do this right, is the LiveHTTPHeader tool
that lets you view all headers you send and receive with Mozilla/Firefox
(even when using HTTPS).
(even when using HTTPS). Chrome features similar functionality out of the box
among the developer's tools.
A more raw approach is to capture the HTTP traffic on the network with tools
such as ethereal or tcpdump and check what headers that were sent and
received by the browser. (HTTPS makes this technique inefficient.)
15. References
14. References
14.1 Standards
RFC 2616 is a must to read if you want in-depth understanding of the HTTP
protocol.
protocol
RFC 3986 explains the URL syntax.
RFC 3986 explains the URL syntax
RFC 2109 defines how cookies are supposed to work.
RFC 1867 defines the HTTP post upload format
RFC 1867 defines the HTTP post upload format.
RFC 6525 defines how HTTP cookies work
14.2 Sites
http://curl.haxx.se is the home of the cURL project

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -103,6 +103,18 @@ any response data to the terminal.
If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your
friend.
.SH OPTIONS
Options start with one or two dashes. Many of the options require an addition
value next to it.
The short "single-dash" form of the options, -d for example, may be used with
or without a space between it and its value, although a space is a recommended
separator. The long "double-dash" form, --data for example, requires a space
between it and its value.
Short version options that don't need any additional values can be used
immediately next to each other, like for example you can specify all the
options -O, -L and -v at once as -OLv.
In general, all boolean options are enabled with --\fBoption\fP and yet again
disabled with --\fBno-\fPoption. That is, you use the exact same option name
but prefix it with "no-". However, in this list we mostly only list and show
@@ -112,12 +124,38 @@ same command line option.)
.IP "-#, --progress-bar"
Make curl display progress as a simple progress bar instead of the standard,
more informational, meter.
.IP "-:, --next"
Tells curl to use a separate operation for the following URL and associated
options. This allows you to send several URL requests, each with their own
specific options, for example, such as different user names or custom requests
for each. (Added in 7.36.0)
.IP "-0, --http1.0"
(HTTP) Forces curl to issue its requests using HTTP 1.0 instead of using its
internally preferred: HTTP 1.1.
(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally
preferred: HTTP 1.1.
.IP "--http1.1"
(HTTP) Tells curl to use HTTP version 1.1. This is the internal default
version. (Added in 7.33.0)
.IP "--http2"
(HTTP) Tells curl to issue its requests using HTTP 2. This requires that the
underlying libcurl was built to support it. (Added in 7.33.0)
.IP "--no-npn"
Disable the NPN TLS extension. NPN is enabled by default if libcurl was built
with an SSL library that supports NPN. NPN is used by a libcurl that supports
HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
(Added in 7.36.0)
.IP "--no-alpn"
Disable the ALPN TLS extension. ALPN is enabled by default if libcurl was built
with an SSL library that supports ALPN. ALPN is used by a libcurl that supports
HTTP 2 to negotiate HTTP 2 support with the server during https sessions.
(Added in 7.36.0)
.IP "-1, --tlsv1"
(SSL)
Forces curl to use TLS version 1 when negotiating with a remote TLS server.
Forces curl to use TLS version 1.x when negotiating with a remote TLS server.
You can use options \fI--tlsv1.0\fP, \fI--tlsv1.1\fP, and \fI--tlsv1.2\fP to
control the TLS version more precisely (if the SSL backend in use supports such
a level of control).
.IP "-2, --sslv2"
(SSL)
Forces curl to use SSL version 2 when negotiating with a remote SSL server.
@@ -230,7 +268,9 @@ server sends an unsupported encoding, curl will report an error.
.IP "--connect-timeout <seconds>"
Maximum time in seconds that you allow the connection to the server to take.
This only limits the connection phase, once curl has connected this option is
of no more use. See also the \fI-m, --max-time\fP option.
of no more use. Since 7.32.0, this option accepts decimal values, but the
actual timeout will decrease in accuracy as the specified timeout increases in
decimal precision. See also the \fI-m, --max-time\fP option.
If this option is used several times, the last one will be used.
.IP "--create-dirs"
@@ -267,10 +307,11 @@ data pieces specified will be merged together with a separating
chunk that looks like \&'name=daniel&skill=lousy'.
If you start the data with the letter @, the rest should be a file name to
read the data from, or - if you want curl to read the data from stdin. The
contents of the file must already be URL-encoded. Multiple files can also be
specified. Posting data from a file named 'foobar' would thus be done with
\fI--data @foobar\fP.
read the data from, or - if you want curl to read the data from
stdin. Multiple files can also be specified. Posting data from a file
named 'foobar' would thus be done with \fI--data\fP @foobar. When --data is
told to read from a file like that, carriage returns and newlines will be
stripped out.
.IP "-D, --dump-header <file>"
Write the protocol headers to the specified file.
@@ -292,7 +333,7 @@ whatsoever.
If you start the data with the letter @, the rest should be a filename. Data
is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
are preserved and conversions are never done.
and carriage returns are preserved and conversions are never done.
If this option is used several times, the ones following the first will append
data as described in \fI-d, --data\fP.
@@ -367,8 +408,41 @@ is an alias for \fB--disable-epsv\fP.
Disabling EPSV only changes the passive behavior. If you want to switch to
active mode you need to use \fI-P, --ftp-port\fP.
.IP "--dns-interface <interface>"
Tell curl to send outgoing DNS requests through <interface>. This option
is a counterpart to \fI--interface\fP (which does not affect DNS). The
supplied string must be an interface name (not an address).
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one. (Added in
7.33.0)
.IP "--dns-ipv4-addr <ip-address>"
Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that
the DNS requests originate from this address. The argument should be a
single IPv4 address.
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one. (Added in
7.33.0)
.IP "--dns-ipv6-addr <ip-address>"
Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that
the DNS requests originate from this address. The argument should be a
single IPv6 address.
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one. (Added in
7.33.0)
.IP "--dns-servers <ip-address,ip-address>"
Set the list of DNS servers to be used instead of the system default.
The list of IP addresses should be separated with commas. Port numbers
may also optionally be given as \fI:<port-number>\fP after each IP
address.
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one. (Added in
7.33.0)
.IP "-e, --referer <URL>"
(HTTP) Sends the "Referer Page" information to the HTTP server. This can also
(HTTP) Sends the "Referrer Page" information to the HTTP server. This can also
be set with the \fI-H, --header\fP flag of course. When used with
\fI-L, --location\fP you can append ";auto" to the --referer URL to make curl
automatically set the previous URL when it follows a Location: header. The
@@ -378,7 +452,8 @@ If this option is used several times, the last one will be used.
.IP "-E, --cert <certificate[:password]>"
(SSL) Tells curl to use the specified client certificate file when getting a
file with HTTPS, FTPS or another SSL-based protocol. The certificate must be
in PEM format. If the optional password isn't specified, it will be queried
in PKCS#12 format if using Secure Transport, or PEM format if using any other
engine. If the optional password isn't specified, it will be queried
for on the terminal. Note that this option assumes a \&"certificate" file that
is the private key and the private certificate concatenated! See \fI--cert\fP
and \fI--key\fP to specify them independently.
@@ -388,7 +463,16 @@ curl the nickname of the certificate to use within the NSS database defined
by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the
NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
loaded. If you want to use a file from the current directory, please precede
it with "./" prefix, in order to avoid confusion with a nickname.
it with "./" prefix, in order to avoid confusion with a nickname. If the
nickname contains ":", it needs to be preceded by "\\" so that it is not
recognized as password delimiter. If the nickname contains "\\", it needs to
be escaped as "\\\\" so that it is not recognized as an escape character.
(iOS and Mac OS X only) If curl is built against Secure Transport, then the
certificate string can either be the name of a certificate/private key in the
system or user keychain, or the path to a PKCS#12-encoded certificate and
private key. If you want to use a file from the current directory, please
precede it with "./" prefix, in order to avoid confusion with a nickname.
If this option is used several times, the last one will be used.
.IP "--engine <name>"
@@ -582,10 +666,10 @@ you can specify URLs that contain the letters {}[] without having them being
interpreted by curl itself. Note that these letters are not normal legal URL
contents but they should be encoded according to the URI standard.
.IP "-G, --get"
When used, this option will make all data specified with \fI-d, --data\fP or
\fI--data-binary\fP to be used in an HTTP GET request instead of the POST
request that otherwise would be used. The data will be appended to the URL
with a '?' separator.
When used, this option will make all data specified with \fI-d, --data\fP,
\fI--data-binary\fP or \fI--data-urlencode\fP to be used in an HTTP GET
request instead of the POST request that otherwise would be used. The data
will be appended to the URL with a '?' separator.
If used in combination with -I, the POST data will instead be appended to the
URL with a HEAD request.
@@ -594,16 +678,16 @@ If this option is used several times, only the first one is used. This is
because undoing a GET doesn't make sense, but you should then instead enforce
the alternative method you prefer.
.IP "-H, --header <header>"
(HTTP) Extra header to use when getting a web page. You may specify any number
of extra headers. Note that if you should add a custom header that has the
same name as one of the internal ones curl would use, your externally set
header will be used instead of the internal one. This allows you to make even
trickier stuff than curl would normally do. You should not replace internally
set headers without knowing perfectly well what you're doing. Remove an
internal header by giving a replacement without content on the right side of
the colon, as in: -H \&"Host:". If you send the custom header with no-value
then its header must be terminated with a semicolon, such as \-H
\&"X-Custom-Header;" to send "X-Custom-Header:".
(HTTP) Extra header to include in the request when sending HTTP to a
server. You may specify any number of extra headers. Note that if you should
add a custom header that has the same name as one of the internal ones curl
would use, your externally set header will be used instead of the internal
one. This allows you to make even trickier stuff than curl would normally
do. You should not replace internally set headers without knowing perfectly
well what you're doing. Remove an internal header by giving a replacement
without content on the right side of the colon, as in: -H \&"Host:". If you
send the custom header with no-value then its header must be terminated with a
semicolon, such as \-H \&"X-Custom-Header;" to send "X-Custom-Header:".
curl will make sure that each header you add/replace is sent with the proper
end-of-line marker, you should thus \fBnot\fP add that as a part of the header
@@ -612,6 +696,9 @@ for you.
See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options.
Starting in 7.37.0, you need \fI--proxy-header\fP to send custom headers
intended for a proxy.
This option can be used multiple times to add/replace/remove multiple headers.
.IP "--hostpubmd5 <md5>"
(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should
@@ -647,6 +734,9 @@ cookies when they're closed down.
(HTTP) This option tells the \fI-O, --remote-name\fP option to use the
server-specified Content-Disposition filename instead of extracting a filename
from the URL.
There's no attempt to decode %-sequences (yet) in the provided file name, so
this option may provide you with rather unexpected file names.
.IP "-k, --insecure"
(SSL) This option explicitly allows curl to perform "insecure" SSL connections
and transfers. All SSL connections are attempted to be made secure by using
@@ -658,16 +748,21 @@ See this online resource for further details:
.IP "-K, --config <config file>"
Specify which config file to read curl arguments from. The config file is a
text file in which command line arguments can be written which then will be
used as if they were written on the actual command line. Options and their
parameters must be specified on the same config file line, separated by
whitespace, colon, the equals sign or any combination thereof (however,
the preferred separator is the equals sign). If the parameter is to contain
whitespace, the parameter must be enclosed within quotes. Within double
quotes, the following escape sequences are available: \\\\, \\", \\t, \\n,
\\r and \\v. A backslash preceding any other letter is ignored. If the
first column of a config line is a '#' character, the rest of the line will be
treated as a comment. Only write one option per physical line in the config
file.
used as if they were written on the actual command line.
Options and their parameters must be specified on the same config file line,
separated by whitespace, colon, or the equals sign. Long option names can
optionally be given in the config file without the initial double dashes and
if so, the colon or equals characters can be used as separators. If the option
is specified with one or two dashes, there can be no colon or equals character
between the option and its parameter.
If the parameter is to contain whitespace, the parameter must be enclosed
within quotes. Within double quotes, the following escape sequences are
available: \\\\, \\", \\t, \\n, \\r and \\v. A backslash preceding any other
letter is ignored. If the first column of a config line is a '#' character,
the rest of the line will be treated as a comment. Only write one option per
physical line in the config file.
Specify the filename to -K, --config as '-' to make curl read the file from
stdin.
@@ -678,9 +773,6 @@ line. So, it could look similar to this:
url = "http://curl.haxx.se/docs/"
Long option names can optionally be given in the config file without the
initial double dashes.
When curl is invoked, it always (unless \fI-q\fP is used) checks for a default
config file and uses it if found. The default config file is checked for in
the following places in this order:
@@ -742,15 +834,23 @@ see if your curl supports it.
If this option is used several times, the last one will be used.
.IP "-l, --list-only"
(FTP)
When listing an FTP directory, this switch forces a name-only view.
Especially useful if you want to machine-parse the contents of an FTP
directory since the normal directory view doesn't use a standard look
or format.
When listing an FTP directory, this switch forces a name-only view. This is
especially useful if the user wants to machine-parse the contents of an FTP
directory since the normal directory view doesn't use a standard look or
format. When used like this, the option causes a NLST command to be sent to
the server instead of LIST.
This option causes an FTP NLST command to be sent. Some FTP servers
list only files in their response to NLST; they do not include
subdirectories and symbolic links.
Note: Some FTP servers list only files in their response to NLST; they do not
include sub-directories and symbolic links.
(POP3)
When retrieving a specific email from POP3, this switch forces a LIST command
to be performed instead of RETR. This is particularly useful if the user wants
to see if a specific message id exists on the server and what size it is.
Note: When combined with \fI-X, --request <command>\fP, this option can be used
to send an UIDL command instead, so the user may use the email's unique
identifier rather than it's message id to make the request. (Added in 7.21.5)
.IP "-L, --location"
(HTTP/HTTPS) If the server reports that the requested page has moved to a
different location (indicated with a Location: header and a 3XX response code),
@@ -805,7 +905,20 @@ Basic authentication).
.IP "-m, --max-time <seconds>"
Maximum time in seconds that you allow the whole operation to take. This is
useful for preventing your batch jobs from hanging for hours due to slow
networks or links going down. See also the \fI--connect-timeout\fP option.
networks or links going down. Since 7.32.0, this option accepts decimal
values, but the actual timeout will decrease in accuracy as the specified
timeout increases in decimal precision. See also the \fI--connect-timeout\fP
option.
If this option is used several times, the last one will be used.
.IP "--login-options <options>"
Specify the login options to use during server authentication.
You can use the login options to specify protocol specific options that may
be used during authentication. At present only IMAP, POP3 and SMTP support
login options. For more information about the login options please see
RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in
7.34.0).
If this option is used several times, the last one will be used.
.IP "--mail-auth <address>"
@@ -827,10 +940,18 @@ return with exit code 63.
files this option has no effect even if the file transfer ends up being larger
than this given limit. This concerns both FTP and HTTP transfers.
.IP "--mail-rcpt <address>"
(SMTP) Specify a single address that the given mail should get sent to. This
option can be used multiple times to specify many recipients.
(SMTP) Specify a single address, user name or mailing list name.
(Added in 7.20.0)
When performing a mail transfer, the recipient should specify a valid email
address to send the mail to. (Added in 7.20.0)
When performing an address verification (VRFY command), the recipient should be
specified as the user name or user name and domain (as per Section 3.5 of
RFC5321). (Added in 7.34.0)
When performing a mailing list expand (EXPN command), the recipient should be
specified using the mailing list name, such as "Friends" or "London-Office".
(Added in 7.34.0)
.IP "--max-redirs <num>"
Set maximum number of redirection-followings allowed. If \fI-L, --location\fP
is used, this option can be used to prevent curl from following redirections
@@ -986,7 +1107,37 @@ Consequentially, the file will be saved in the current working directory. If
you want the file saved in a different directory, make sure you change current
working directory before you invoke curl with the \fB-O, --remote-name\fP flag!
There is no URL decoding done on the file name. If it has %20 or other URL
encoded parts of the name, they will end up as-is as file name.
You may use this option as many times as the number of URLs you have.
.IP "--oauth2-bearer"
(IMAP, POP3, SMTP)
Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token
is used in conjunction with the user name which can be specified as part of the
\fI--url\fP or \fI-u, --user\fP options.
The Bearer Token and user name are formatted according to RFC 6750.
If this option is used several times, the last one will be used.
.IP "--proxy-header <header>"
(HTTP) Extra header to include in the request when sending HTTP to a
proxy. You may specify any number of extra headers. This is the equivalent
option to \fI-H, --header\fP but is for proxy communication only like in
CONNECT requests when you want a separate header sent to the proxy to what is
sent to the actual remote host.
curl will make sure that each header you add/replace is sent with the proper
end-of-line marker, you should thus \fBnot\fP add that as a part of the header
content: do not add newlines or carriage returns, they will only mess things
up for you.
Headers specified with this option will not be included in requests that curl
knows will not be sent to a proxy.
This option can be used multiple times to add/replace/remove multiple headers.
(Added in 7.37.0)
.IP "-p, --proxytunnel"
When an HTTP proxy is used (\fI-x, --proxy\fP), this option will cause non-HTTP
protocols to attempt to tunnel through the proxy instead of merely using it to
@@ -1038,6 +1189,13 @@ ubiquitous in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using \fI-L, --location\fP
(Added in 7.19.1)
.IP "--post303"
(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests
into GET requests when following a 303 redirection. The non-RFC behaviour is
ubiquitous in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using \fI-L, --location\fP
(Added in 7.26.0)
.IP "--proto <protocols>"
Tells curl to use the listed protocols for its initial retrieval. Protocols
are evaluated left to right, are comma separated, and are each a protocol
@@ -1272,8 +1430,12 @@ Set this option to zero to not timeout retries. (Added in 7.12.3)
If this option is used several times, the last one will be used.
.IP "-s, --silent"
Silent or quiet mode. Don't show progress meter or error messages. Makes
Curl mute.
Silent or quiet mode. Don't show progress meter or error messages. Makes Curl
mute. It will still output the data you ask for, potentially even to the
terminal/stdout unless you redirect it.
.IP "--sasl-ir"
Enable initial response in SASL authentication.
(Added in 7.31.0)
.IP "-S, --show-error"
When used with \fI-s\fP it makes curl show an error message if it fails.
.IP "--ssl"
@@ -1293,7 +1455,7 @@ option name can still be used but will be removed in a future version.
.IP "--ssl-allow-beast"
(SSL) This option tells curl to not work around a security flaw in the SSL3
and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer
may use work-arounds known to cause interoperability problems with some older
may use workarounds known to cause interoperability problems with some older
SSL implementations. WARNING: this option loosens the SSL security, and by
using this flag you ask for exactly that. (Added in 7.25.0)
.IP "--socks4 <host[:port]>"
@@ -1412,14 +1574,26 @@ Set TLS authentication type. Currently, the only supported option is "SRP",
for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are
specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP".
(Added in 7.21.4)
.IP "--tlsuser <user>"
Set username for use with the TLS authentication method specified with
\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set. (Added in
7.21.4)
.IP "--tlspassword <password>"
Set password for use with the TLS authentication method specified with
\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set. (Added in
7.21.4)
.IP "--tlsuser <user>"
Set username for use with the TLS authentication method specified with
\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set. (Added in
7.21.4)
.IP "--tlsv1.0"
(SSL)
Forces curl to use TLS version 1.0 when negotiating with a remote TLS server.
(Added in 7.34.0)
.IP "--tlsv1.1"
(SSL)
Forces curl to use TLS version 1.1 when negotiating with a remote TLS server.
(Added in 7.34.0)
.IP "--tlsv1.2"
(SSL)
Forces curl to use TLS version 1.2 when negotiating with a remote TLS server.
(Added in 7.34.0)
.IP "--tr-encoding"
(HTTP) Request a compressed Transfer-Encoding response using one of the
algorithms curl supports, and uncompress the data while receiving it.
@@ -1453,12 +1627,11 @@ Prepends a time stamp to each trace or verbose line that curl displays.
Specify the user name and password to use for server authentication. Overrides
\fI-n, --netrc\fP and \fI--netrc-optional\fP.
If you just give the user name (without entering a colon) curl will prompt for
a password.
If you simply specify the user name, curl will prompt for a password.
If you use an SSPI-enabled curl binary and do NTLM authentication, you can
force curl to pick up the user name and password from your environment by
simply specifying a single colon with this option: "-u :".
If you use an SSPI-enabled curl binary and perform NTLM authentication, you
can force curl to select the user name and password from your environment by
specifying a single colon with this option: "-u :".
If this option is used several times, the last one will be used.
.IP "-U, --proxy-user <user:password>"
@@ -1619,8 +1792,16 @@ to follow location: headers.
If this option is used several times, the last one will be used.
.IP "-x, --proxy <[protocol://][user:password@]proxyhost[:port]>"
Use the specified HTTP proxy. If the port number is not specified, it is
assumed at port 1080.
Use the specified proxy.
The proxy string can be specified with a protocol:// prefix to specify
alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
socks5h:// to request the specific SOCKS version to be used. No protocol
specified, http:// and all others will be treated as HTTP proxies. (The
protocol support was added in curl 7.21.7)
If the port number is not specified in the proxy string, it is assumed to be
1080.
This option overrides existing environment variables that set the proxy to
use. If there's an environment variable setting a proxy, you can set proxy to
@@ -1639,11 +1820,6 @@ The proxy host can be specified the exact same way as the proxy environment
variables, including the protocol prefix (http://) and the embedded user +
password.
From 7.21.7, the proxy string may be specified with a protocol:// prefix to
specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
socks5h:// to request the specific SOCKS version to be used. No protocol
specified, http:// and all others will be treated as HTTP proxies.
If this option is used several times, the last one will be used.
.IP "-X, --request <command>"
(HTTP) Specifies a custom request method to use when communicating with the
@@ -1665,11 +1841,20 @@ option.
Specifies a custom FTP command to use instead of LIST when doing file lists
with FTP.
If this option is used several times, the last one will be used.
(POP3)
Specifies a custom POP3 command to use instead of LIST or RETR. (Added in
7.26.0)
(IMAP)
Specifies a custom IMAP command to use instead of LIST. (Added in 7.30.0)
(SMTP)
Specifies a custom SMTP command to use instead of HELP or VRFY. (Added in 7.34.0)
If this option is used several times, the last one will be used.
.IP "--xattr"
When saving output to a file, this option tells curl to store certain file
metadata in extened file attributes. Currently, the URL is stored in the
metadata in extended file attributes. Currently, the URL is stored in the
xdg.origin.url attribute and, for HTTP, the content type is stored in
the mime_type attribute. If the file system does not support extended
attributes, a warning is issued.
@@ -1689,7 +1874,7 @@ speed-time seconds it gets aborted. speed-time is set with \fI-y\fP and is 30
if not set.
If this option is used several times, the last one will be used.
.IP "-z/--time-cond <date expression>|<file>"
.IP "-z, --time-cond <date expression>|<file>"
(HTTP/FTP) Request a file that has been modified later than the given time and
date, or one that has been modified before that time. The <date expression>
can be all sorts of date strings or if it doesn't match any internal ones, it
@@ -1959,6 +2144,8 @@ RTSP: mismatch of Session Identifiers
unable to parse FTP file list
.IP 88
FTP chunk callback reported error
.IP 89
No connection available, the session will be queued
.IP XX
More error codes will appear here in future releases. The existing ones
are meant to never change.

View File

@@ -20,15 +20,39 @@ httpcustomheader
httpput
https
imap
imap-append
imap-copy
imap-create
imap-delete
imap-examine
imap-fetch
imap-list
imap-multi
imap-noop
imap-search
imap-ssl
imap-store
imap-tls
multi-app
multi-debugcallback
multi-double
multi-post
multi-single
persistant
pop3-dele
pop3-list
pop3-multi
pop3-noop
pop3-retr
pop3-ssl
pop3-stat
pop3-tls
pop3-top
pop3-uidl
pop3s
pop3slist
post-callback
postinmemory
postit2
progressfunc
resolve
@@ -40,6 +64,12 @@ simple
simplepost
simplesmtp
simplessl
smtp-expn
smtp-mail
smtp-multi
smtp-ssl
smtp-tls
smtp-vrfy
url2file
usercertinmem
xmlstream

View File

@@ -4,8 +4,12 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
https multi-app multi-debugcallback multi-double multi-post multi-single \
persistant post-callback postit2 sepheaders simple simplepost simplessl \
sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard \
smtp-multi simplesmtp smtp-tls rtsp externalsocket resolve \
progressfunc pop3s pop3slist imap url2file sftpget ftpsget
smtp-mail smtp-multi smtp-ssl smtp-tls smtp-vrfy smtp-expn rtsp \
externalsocket resolve progressfunc pop3-retr pop3-list pop3-uidl pop3-dele \
pop3-top pop3-stat pop3-noop pop3-ssl pop3-tls pop3-multi imap-list \
imap-lsub imap-fetch imap-store imap-append imap-examine imap-search \
imap-create imap-delete imap-copy imap-noop imap-ssl imap-tls imap-multi \
url2file sftpget ftpsget postinmemory
# These examples require external dependencies that may not be commonly
# available on POSIX systems, so don't bother attempting to compile them here.
@@ -13,4 +17,4 @@ COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c \
ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c \
opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp \
multi-uv.c
multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c

View File

@@ -27,14 +27,14 @@
## Example: mingw32-make -f Makefile.m32 CFG=-zlib-ssl-spi-winidn
##
## Hint: you can also set environment vars to control the build, f.e.:
## set ZLIB_PATH=c:/zlib-1.2.7
## set ZLIB_PATH=c:/zlib-1.2.8
## set ZLIB=1
#
###########################################################################
# Edit the path below to point to the base of your Zlib sources.
ifndef ZLIB_PATH
ZLIB_PATH = ../../../zlib-1.2.7
ZLIB_PATH = ../../../zlib-1.2.8
endif
# Edit the path below to point to the base of your OpenSSL package.
ifndef OPENSSL_PATH

View File

@@ -14,7 +14,7 @@ endif
# Edit the path below to point to the base of your Zlib sources.
ifndef ZLIB_PATH
ZLIB_PATH = ../../../zlib-1.2.7
ZLIB_PATH = ../../../zlib-1.2.8
endif
# Edit the path below to point to the base of your OpenSSL package.

View File

@@ -78,4 +78,5 @@ simplepost.c - HTTP POST
simplessl.c - HTTPS example with certificates many options set
synctime.c - Sync local time by extracting date from remote HTTP servers
url2file.c - download a document and store it in a file
xmlstream.c - Stream-parse a document using the streaming Expat parser
10-at-a-time.c - Download many files simultaneously, 10 at a time.

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -103,6 +103,10 @@ static CURLcode sslctx_function(CURL * curl, void * sslctx, void * parm)
if (X509_STORE_add_cert(store, cert)==0)
printf("error adding certificate\n");
/* decrease reference counts */
X509_free(cert);
BIO_free(bio);
/* all set to go */
return CURLE_OK ;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -133,7 +133,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
const char *s;
switch ( code )
{
case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
case CURLM_BAD_HANDLE: s="CURLM_BAD_HANDLE"; break;
case CURLM_BAD_EASY_HANDLE: s="CURLM_BAD_EASY_HANDLE"; break;
case CURLM_OUT_OF_MEMORY: s="CURLM_OUT_OF_MEMORY"; break;

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -98,10 +98,6 @@ int main(void)
* bytes big and contains the remote file.
*
* Do something nice with it!
*
* You should be aware of the fact that at this point we might have an
* allocated data block, and nothing has yet deallocated that data. So when
* you're done with it, you should free() it as a nice application.
*/
printf("%lu bytes retrieved\n", (long)chunk.size);

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -104,7 +104,6 @@ static void mcode_or_die(const char *where, CURLMcode code) {
if ( CURLM_OK != code ) {
const char *s;
switch (code) {
case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
case CURLM_BAD_HANDLE: s="CURLM_BAD_HANDLE"; break;
case CURLM_BAD_EASY_HANDLE: s="CURLM_BAD_EASY_HANDLE"; break;
case CURLM_OUT_OF_MEMORY: s="CURLM_OUT_OF_MEMORY"; break;

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -125,7 +125,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
if ( CURLM_OK != code ) {
const char *s;
switch (code) {
case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
case CURLM_BAD_HANDLE: s="CURLM_BAD_HANDLE"; break;
case CURLM_BAD_EASY_HANDLE: s="CURLM_BAD_EASY_HANDLE"; break;
case CURLM_OUT_OF_MEMORY: s="CURLM_OUT_OF_MEMORY"; break;

View File

@@ -22,8 +22,6 @@
#include <stdio.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <unistd.h>
#include <curl/curl.h>
/*
@@ -59,7 +57,6 @@ int main(int argc, char **argv)
CURL *curl;
CURLcode res;
FILE * hd_src ;
int hd ;
struct stat file_info;
char *file;
@@ -72,9 +69,7 @@ int main(int argc, char **argv)
url = argv[2];
/* get the file size of the local file */
hd = open(file, O_RDONLY) ;
fstat(hd, &file_info);
close(hd) ;
stat(file, &file_info);
/* get a FILE * of the same file, could also be made with
fdopen() from the previous descriptor, but hey this is just

116
docs/examples/imap-append.c Normal file
View File

@@ -0,0 +1,116 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/* This is a simple example showing how to send mail using libcurl's IMAP
* capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
#define FROM "<sender@example.org>"
#define TO "<addressee@example.net>"
#define CC "<info@example.org>"
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO "\r\n",
"From: " FROM "(Example User)\r\n",
"Cc: " CC "(Another example User)\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
"Subject: IMAP example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
struct upload_status {
int lines_read;
};
static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
{
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = payload_text[upload_ctx->lines_read];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
upload_ctx->lines_read++;
return len;
}
return 0;
}
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will create a new message 100. Note that you should perform an
* EXAMINE command to obtain the UID of the next message to create and a
* SELECT to ensure you are creating the message in the OUTBOX. */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/100");
/* In this case, we're using a callback function to specify the data. You
* could just use the CURLOPT_READDATA option to specify a FILE pointer to
* read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* Perform the append */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

65
docs/examples/imap-copy.c Normal file
View File

@@ -0,0 +1,65 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to copy a mail from one mailbox folder
* to another using libcurl's IMAP capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is source mailbox folder to select */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
/* Set the COPY command specifing the message ID and destination folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "COPY 1 FOLDER");
/* Note that to perform a move operation you will need to perform the copy,
* then mark the original mail as Deleted and EXPUNGE or CLOSE. Please see
* imap-store.c for more information on deleting messages. */
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to create a new mailbox folder using
* libcurl's IMAP capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Set the CREATE command specifing the new folder name */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "CREATE FOLDER");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to delete an existing mailbox folder
* using libcurl's IMAP capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Set the DELETE command specifing the existing folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE FOLDER");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to obtain information about a mailbox
* folder using libcurl's IMAP capabilities via the EXAMINE command.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Set the EXAMINE command specifing the mailbox folder */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXAMINE OUTBOX");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,6 +22,12 @@
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to fetch mail using libcurl's IMAP
* capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
@@ -30,15 +36,23 @@ int main(void)
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will fetch the mailbox named "foobar" */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/foobar");
/* This will fetch message 1 from the user's inbox */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
/* Perform the fetch */
res = curl_easy_perform(curl);
/* always cleanup */
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

60
docs/examples/imap-list.c Normal file
View File

@@ -0,0 +1,60 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to list the folders within an IMAP
* mailbox.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will list the folders within the user's mailbox. If you want to
* list the folders within a specific folder, for example the inbox, then
* specify the folder as a path in the URL such as /INBOX */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Perform the list */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

62
docs/examples/imap-lsub.c Normal file
View File

@@ -0,0 +1,62 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to list the subscribed folders within
* an IMAP mailbox.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Set the LSUB command. Note the syntax is very similar to that of a LIST
command. */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "LSUB \"\" *");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

145
docs/examples/imap-multi.c Normal file
View File

@@ -0,0 +1,145 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to fetch mail using libcurl's IMAP
* capabilities. It builds on the imap-fetch.c example to demonstrate how to
* use libcurl's multi interface.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
#define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
static struct timeval tvnow(void)
{
struct timeval now;
/* time() returns the value of time in seconds since the epoch */
now.tv_sec = (long)time(NULL);
now.tv_usec = 0;
return now;
}
static long tvdiff(struct timeval newer, struct timeval older)
{
return (newer.tv_sec - older.tv_sec) * 1000 +
(newer.tv_usec - older.tv_usec) / 1000;
}
int main(void)
{
CURL *curl;
CURLM *mcurl;
int still_running = 1;
struct timeval mp_start;
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(!curl)
return 1;
mcurl = curl_multi_init();
if(!mcurl)
return 2;
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will fetch message 1 from the user's inbox */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
/* Tell the multi stack about our easy handle */
curl_multi_add_handle(mcurl, curl);
/* Record the start time which we can use later */
mp_start = tvnow();
/* We start some action by calling perform right away */
curl_multi_perform(mcurl, &still_running);
while(still_running) {
struct timeval timeout;
fd_set fdread;
fd_set fdwrite;
fd_set fdexcep;
int maxfd = -1;
int rc;
long curl_timeo = -1;
/* Initialise the file descriptors */
FD_ZERO(&fdread);
FD_ZERO(&fdwrite);
FD_ZERO(&fdexcep);
/* Set a suitable timeout to play around with */
timeout.tv_sec = 1;
timeout.tv_usec = 0;
curl_multi_timeout(mcurl, &curl_timeo);
if(curl_timeo >= 0) {
timeout.tv_sec = curl_timeo / 1000;
if(timeout.tv_sec > 1)
timeout.tv_sec = 1;
else
timeout.tv_usec = (curl_timeo % 1000) * 1000;
}
/* Get file descriptors from the transfers */
curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
/* In a real-world program you OF COURSE check the return code of the
function calls. On success, the value of maxfd is guaranteed to be
greater or equal than -1. We call select(maxfd + 1, ...), specially in
case of (maxfd == -1), we call select(0, ...), which is basically equal
to sleep. */
rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
fprintf(stderr,
"ABORTING: Since it seems that we would have run forever.\n");
break;
}
switch(rc) {
case -1: /* select error */
break;
case 0: /* timeout */
default: /* action */
curl_multi_perform(mcurl, &still_running);
break;
}
}
/* Always cleanup */
curl_multi_remove_handle(mcurl, curl);
curl_multi_cleanup(mcurl);
curl_easy_cleanup(curl);
curl_global_cleanup();
return 0;
}

61
docs/examples/imap-noop.c Normal file
View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to perform a noop using libcurl's IMAP
* capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com");
/* Set the NOOP command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "NOOP");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -0,0 +1,65 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to search for new messages using
* libcurl's IMAP capabilities.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is mailbox folder to select */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
/* Set the SEARCH command specifing what we want to search for. Note that
* this can contain a message sequence set and a number of search criteria
* keywords including flags such as ANSWERED, DELETED, DRAFT, FLAGGED, NEW,
* RECENT and SEEN. For more information about the search criteria please
* see RFC-3501 section 6.4.4. */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "SEARCH NEW");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,52 +22,64 @@
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to fetch mail using libcurl's IMAP
* capabilities. It builds on the imap-fetch.c example adding transport
* security to protect the authentication details from being snooped.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will list every message of the given mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/");
/* This will fetch message 1 from the user's inbox. Note the use of
* imaps:// rather than imap:// to request a SSL based connection. */
curl_easy_setopt(curl, CURLOPT_URL, "imaps://imap.example.com/INBOX/;UID=1");
#ifdef SKIP_PEER_VERIFICATION
/*
* If you want to connect to a site who isn't using a certificate that is
/* If you want to connect to a site who isn't using a certificate that is
* signed by one of the certs in the CA bundle you have, you can skip the
* verification of the server's certificate. This makes the connection
* A LOT LESS SECURE.
*
* If you have a CA cert for the server stored someplace else than in the
* default bundle, then the CURLOPT_CAPATH option might come handy for
* you.
*/
* you. */
#ifdef SKIP_PEER_VERIFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
#endif
#ifdef SKIP_HOSTNAME_VERFICATION
/*
* If the site you're connecting to uses a different host name that what
/* If the site you're connecting to uses a different host name that what
* they have mentioned in their server certificate's commonName (or
* subjectAltName) fields, libcurl will refuse to connect. You can skip
* this check, but this will make the connection less secure.
*/
* this check, but this will make the connection less secure. */
#ifdef SKIP_HOSTNAME_VERFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Perform the request, res will get the return code */
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the
* transfer */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* Perform the fetch */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
/* Always cleanup */
curl_easy_cleanup(curl);
}
return 0;
return (int)res;
}

View File

@@ -0,0 +1,76 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to modify an existing mail using
* libcurl's IMAP capabilities with the STORE command.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is the mailbox folder to select */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX");
/* Set the STORE command with the Deleted flag for message 1. Note that
* you can use the STORE command to set other flags such as Seen, Answered,
* Flagged, Draft and Recent. */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "STORE 1 +Flags \\Deleted");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
else {
/* Set the EXPUNGE command, although you can use the CLOSE command if you
* don't want to know the result of the STORE */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXPUNGE");
/* Perform the second custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
}
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

84
docs/examples/imap-tls.c Normal file
View File

@@ -0,0 +1,84 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to fetch mail using libcurl's IMAP
* capabilities. It builds on the imap-fetch.c example adding transport
* security to protect the authentication details from being snooped.
*
* Note that this example requires libcurl 7.30.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will fetch message 1 from the user's inbox */
curl_easy_setopt(curl, CURLOPT_URL, "imap://imap.example.com/INBOX/;UID=1");
/* In this example, we'll start with a plain text connection, and upgrade
* to Transport Layer Security (TLS) using the STARTTLS command. Be careful
* of using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
* will continue anyway - see the security discussion in the libcurl
* tutorial for more details. */
curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
/* If your server doesn't have a valid certificate, then you can disable
* part of the Transport Layer Security protection by setting the
* CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
* curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
* curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
* That is, in general, a bad idea. It is still better than sending your
* authentication details in plain text though.
* Instead, you should get the issuer certificate (or the host certificate
* if the certificate is self-signed) and add it to the set of certificates
* that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
* docs/SSLCERTS for more information. */
curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the
* transfer */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* Perform the fetch */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

64
docs/examples/pop3-dele.c Normal file
View File

@@ -0,0 +1,64 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to delete an existing mail using
* libcurl's POP3 capabilities.
*
* Note that this example requires libcurl 7.26.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* You can specify the message either in the URL or DELE command */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
/* Set the DELE command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELE");
/* Do not perform a transfer as DELE returns no data */
curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -19,43 +19,40 @@
* KIND, either express or implied.
*
***************************************************************************/
#include "curl_setup.h"
#include <stdio.h>
#include <curl/curl.h>
#include "curl_rand.h"
/* This is a simple example using libcurl's POP3 capabilities to list the
* contents of a mailbox.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
#include "curl_memory.h"
/* The last #include file should be: */
#include "memdebug.h"
/* Private pseudo-random number seed. Unsigned integer >= 32bit. Threads
mutual exclusion is not implemented to acess it since we do not require
high quality random numbers (only used in form boudary generation). */
static unsigned int randseed;
/* Pseudo-random number support. */
unsigned int Curl_rand(void)
int main(void)
{
unsigned int r;
/* Return an unsigned 32-bit pseudo-random number. */
r = randseed = randseed * 1103515245 + 12345;
return (r << 16) | ((r >> 16) & 0xFFFF);
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will list every message of the given mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
/* Perform the list */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}
void Curl_srand(void)
{
/* Randomize pseudo-random number sequence. */
randseed = (unsigned int) time(NULL);
Curl_rand();
Curl_rand();
Curl_rand();
}

145
docs/examples/pop3-multi.c Normal file
View File

@@ -0,0 +1,145 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve mail using libcurl's POP3
* capabilities. It builds on the pop3-retr.c example to demonstrate how to use
* libcurl's multi interface.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
static struct timeval tvnow(void)
{
struct timeval now;
/* time() returns the value of time in seconds since the epoch */
now.tv_sec = (long)time(NULL);
now.tv_usec = 0;
return now;
}
static long tvdiff(struct timeval newer, struct timeval older)
{
return (newer.tv_sec - older.tv_sec) * 1000 +
(newer.tv_usec - older.tv_usec) / 1000;
}
int main(void)
{
CURL *curl;
CURLM *mcurl;
int still_running = 1;
struct timeval mp_start;
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(!curl)
return 1;
mcurl = curl_multi_init();
if(!mcurl)
return 2;
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will retreive message 1 from the user's mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
/* Tell the multi stack about our easy handle */
curl_multi_add_handle(mcurl, curl);
/* Record the start time which we can use later */
mp_start = tvnow();
/* We start some action by calling perform right away */
curl_multi_perform(mcurl, &still_running);
while(still_running) {
struct timeval timeout;
fd_set fdread;
fd_set fdwrite;
fd_set fdexcep;
int maxfd = -1;
int rc;
long curl_timeo = -1;
/* Initialise the file descriptors */
FD_ZERO(&fdread);
FD_ZERO(&fdwrite);
FD_ZERO(&fdexcep);
/* Set a suitable timeout to play around with */
timeout.tv_sec = 1;
timeout.tv_usec = 0;
curl_multi_timeout(mcurl, &curl_timeo);
if(curl_timeo >= 0) {
timeout.tv_sec = curl_timeo / 1000;
if(timeout.tv_sec > 1)
timeout.tv_sec = 1;
else
timeout.tv_usec = (curl_timeo % 1000) * 1000;
}
/* Get file descriptors from the transfers */
curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
/* In a real-world program you OF COURSE check the return code of the
function calls. On success, the value of maxfd is guaranteed to be
greater or equal than -1. We call select(maxfd + 1, ...), specially in
case of (maxfd == -1), we call select(0, ...), which is basically equal
to sleep. */
rc = select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout);
if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
fprintf(stderr,
"ABORTING: Since it seems that we would have run forever.\n");
break;
}
switch(rc) {
case -1: /* select error */
break;
case 0: /* timeout */
default: /* action */
curl_multi_perform(mcurl, &still_running);
break;
}
}
/* Always cleanup */
curl_multi_remove_handle(mcurl, curl);
curl_multi_cleanup(mcurl);
curl_easy_cleanup(curl);
curl_global_cleanup();
return 0;
}

64
docs/examples/pop3-noop.c Normal file
View File

@@ -0,0 +1,64 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to perform a noop using libcurl's POP3
* capabilities.
*
* Note that this example requires libcurl 7.26.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
/* Set the NOOP command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "NOOP");
/* Do not perform a transfer as NOOP returns no data */
curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

58
docs/examples/pop3-retr.c Normal file
View File

@@ -0,0 +1,58 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve mail using libcurl's POP3
* capabilities.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will retreive message 1 from the user's mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
/* Perform the retr */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -22,52 +22,64 @@
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve mail using libcurl's POP3
* capabilities. It builds on the pop3-retr.c example adding transport
* security to protect the authentication details from being snooped.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERPWD, "user:password");
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will only fetch the message with ID "1" of the given mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3s://user@pop.example.com/1");
/* This will retreive message 1 from the user's mailbox. Note the use of
* pop3s:// rather than pop3:// to request a SSL based connection. */
curl_easy_setopt(curl, CURLOPT_URL, "pop3s://pop.example.com/1");
#ifdef SKIP_PEER_VERIFICATION
/*
* If you want to connect to a site who isn't using a certificate that is
/* If you want to connect to a site who isn't using a certificate that is
* signed by one of the certs in the CA bundle you have, you can skip the
* verification of the server's certificate. This makes the connection
* A LOT LESS SECURE.
*
* If you have a CA cert for the server stored someplace else than in the
* default bundle, then the CURLOPT_CAPATH option might come handy for
* you.
*/
* you. */
#ifdef SKIP_PEER_VERIFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
#endif
#ifdef SKIP_HOSTNAME_VERFICATION
/*
* If the site you're connecting to uses a different host name that what
/* If the site you're connecting to uses a different host name that what
* they have mentioned in their server certificate's commonName (or
* subjectAltName) fields, libcurl will refuse to connect. You can skip
* this check, but this will make the connection less secure.
*/
* this check, but this will make the connection less secure. */
#ifdef SKIP_HOSTNAME_VERFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Perform the request, res will get the return code */
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the
* transfer */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* Perform the retr */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* always cleanup */
/* Always cleanup */
curl_easy_cleanup(curl);
}
return 0;
return (int)res;
}

64
docs/examples/pop3-stat.c Normal file
View File

@@ -0,0 +1,64 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to obtain message statistics using
* libcurl's POP3 capabilities.
*
* Note that this example requires libcurl 7.26.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
/* Set the STAT command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "STAT");
/* Do not perform a transfer as the data is in the response */
curl_easy_setopt(curl, CURLOPT_NOBODY, 1L);
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

84
docs/examples/pop3-tls.c Normal file
View File

@@ -0,0 +1,84 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve mail using libcurl's POP3
* capabilities. It builds on the pop3-retr.c example adding transport
* security to protect the authentication details from being snooped.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This will retreive message 1 from the user's mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
/* In this example, we'll start with a plain text connection, and upgrade
* to Transport Layer Security (TLS) using the STLS command. Be careful of
* using CURLUSESSL_TRY here, because if TLS upgrade fails, the transfer
* will continue anyway - see the security discussion in the libcurl
* tutorial for more details. */
curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
/* If your server doesn't have a valid certificate, then you can disable
* part of the Transport Layer Security protection by setting the
* CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST options to 0 (false).
* curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
* curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
* That is, in general, a bad idea. It is still better than sending your
* authentication details in plain text though.
* Instead, you should get the issuer certificate (or the host certificate
* if the certificate is self-signed) and add it to the set of certificates
* that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
* docs/SSLCERTS for more information. */
curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the
* transfer */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* Perform the retr */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

61
docs/examples/pop3-top.c Normal file
View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve only the headers of a mail
* using libcurl's POP3 capabilities.
*
* Note that this example requires libcurl 7.26.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
/* Set the TOP command for message 1 to only include the headers */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "TOP 1 0");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

61
docs/examples/pop3-uidl.c Normal file
View File

@@ -0,0 +1,61 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example using libcurl's POP3 capabilities to list the
* contents of a mailbox by unique ID.
*
* Note that this example requires libcurl 7.26.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is just the server URL */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com");
/* Set the UIDL command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "UIDL");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -0,0 +1,111 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <curl/curl.h>
struct MemoryStruct {
char *memory;
size_t size;
};
static size_t
WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
size_t realsize = size * nmemb;
struct MemoryStruct *mem = (struct MemoryStruct *)userp;
mem->memory = realloc(mem->memory, mem->size + realsize + 1);
if(mem->memory == NULL) {
/* out of memory! */
printf("not enough memory (realloc returned NULL)\n");
return 0;
}
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
int main(void)
{
CURL *curl;
CURLcode res;
struct MemoryStruct chunk;
static const char *postthis="Field=1&Field=2&Field=3";
chunk.memory = malloc(1); /* will be grown as needed by realloc above */
chunk.size = 0; /* no data at this point */
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.org/");
/* send all data to this function */
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
/* we pass our 'chunk' struct to the callback function */
curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&chunk);
/* some servers don't like requests that are made without a user-agent
field, so we provide one */
curl_easy_setopt(curl, CURLOPT_USERAGENT, "libcurl-agent/1.0");
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postthis);
/* if we don't provide POSTFIELDSIZE, libcurl will strlen() by
itself */
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)strlen(postthis));
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK) {
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
}
else {
/*
* Now, our chunk.memory points to a memory block that is chunk.size
* bytes big and contains the remote file.
*
* Do something nice with it!
*/
printf("%s\n",chunk.memory);
}
/* always cleanup */
curl_easy_cleanup(curl);
if(chunk.memory)
free(chunk.memory);
/* we're done with libcurl, so clean it up */
curl_global_cleanup();
}
return 0;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -30,9 +30,10 @@ struct myprogress {
CURL *curl;
};
static int progress(void *p,
double dltotal, double dlnow,
double ultotal, double ulnow)
/* this is how the CURLOPT_XFERINFOFUNCTION callback works */
static int xferinfo(void *p,
curl_off_t dltotal, curl_off_t dlnow,
curl_off_t ultotal, curl_off_t ulnow)
{
struct myprogress *myp = (struct myprogress *)p;
CURL *curl = myp->curl;
@@ -48,7 +49,9 @@ static int progress(void *p,
fprintf(stderr, "TOTAL TIME: %f \r\n", curtime);
}
fprintf(stderr, "UP: %g of %g DOWN: %g of %g\r\n",
fprintf(stderr, "UP: %" CURL_FORMAT_CURL_OFF_T " of %" CURL_FORMAT_CURL_OFF_T
" DOWN: %" CURL_FORMAT_CURL_OFF_T " of %" CURL_FORMAT_CURL_OFF_T
"\r\n",
ulnow, ultotal, dlnow, dltotal);
if(dlnow > STOP_DOWNLOAD_AFTER_THIS_MANY_BYTES)
@@ -56,6 +59,19 @@ static int progress(void *p,
return 0;
}
/* for libcurl older than 7.32.0 (CURLOPT_PROGRESSFUNCTION) */
static int older_progress(void *p,
double dltotal, double dlnow,
double ultotal, double ulnow)
{
return xferinfo(p,
(curl_off_t)dltotal,
(curl_off_t)dlnow,
(curl_off_t)ultotal,
(curl_off_t)ulnow);
}
int main(void)
{
CURL *curl;
@@ -68,9 +84,28 @@ int main(void)
prog.curl = curl;
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress);
curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, older_progress);
/* pass the struct pointer into the progress function */
curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, &prog);
#if LIBCURL_VERSION_NUM >= 0x072000
/* xferinfo was introduced in 7.32.0, no earlier libcurl versions will
compile as they won't have the symbols around.
If built with a newer libcurl, but running with an older libcurl:
curl_easy_setopt() will fail in run-time trying to set the new
callback, making the older callback get used.
New libcurls will prefer the new callback and instead use that one even
if both callbacks are set. */
curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, xferinfo);
/* pass the struct pointer into the xferinfo function, note that this is
an alias to CURLOPT_PROGRESSDATA */
curl_easy_setopt(curl, CURLOPT_XFERINFODATA, &prog);
#endif
curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 0L);
res = curl_easy_perform(curl);

View File

@@ -54,23 +54,22 @@ int main(void)
curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, write_data);
/* open the files */
headerfile = fopen(headerfilename,"w");
headerfile = fopen(headerfilename,"wb");
if (headerfile == NULL) {
curl_easy_cleanup(curl_handle);
return -1;
}
bodyfile = fopen(bodyfilename,"w");
bodyfile = fopen(bodyfilename,"wb");
if (bodyfile == NULL) {
curl_easy_cleanup(curl_handle);
return -1;
}
/* we want the headers to this file handle */
/* we want the headers be written to this file handle */
curl_easy_setopt(curl_handle, CURLOPT_WRITEHEADER, headerfile);
/*
* Notice here that if you want the actual data sent anywhere else but
* stdout, you should consider using the CURLOPT_WRITEDATA option. */
/* we want the body be written to this file handle instead of stdout */
curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile);
/* get it! */
curl_easy_perform(curl_handle);
@@ -78,6 +77,9 @@ int main(void)
/* close the header file */
fclose(headerfile);
/* close the body file */
fclose(bodyfile);
/* cleanup curl stuff */
curl_easy_cleanup(curl_handle);

105
docs/examples/sessioninfo.c Normal file
View File

@@ -0,0 +1,105 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* Note that this example currently requires cURL to be linked against
GnuTLS (and this program must also be linked against -lgnutls). */
#include <stdio.h>
#include <curl/curl.h>
#include <gnutls/gnutls.h>
static CURL *curl;
static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)
{
const struct curl_tlssessioninfo *info;
unsigned int cert_list_size;
const gnutls_datum_t *chainp;
CURLcode res;
(void)stream;
(void)ptr;
res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info);
if(!res) {
switch(info->backend) {
case CURLSSLBACKEND_GNUTLS:
/* info->internals is now the gnutls_session_t */
chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size);
if((chainp) && (cert_list_size)) {
unsigned int i;
for(i = 0; i < cert_list_size; i++) {
gnutls_x509_crt_t cert;
gnutls_datum_t dn;
if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {
if(GNUTLS_E_SUCCESS ==
gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {
if(GNUTLS_E_SUCCESS ==
gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {
fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);
gnutls_free(dn.data);
}
}
gnutls_x509_crt_deinit(cert);
}
}
}
break;
case CURLSSLBACKEND_NONE:
default:
break;
}
}
return size * nmemb;
}
int main(void)
{
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
(void) curl_easy_perform(curl);
curl_easy_cleanup(curl);
}
curl_global_cleanup();
return 0;
}

View File

@@ -1,87 +0,0 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
int main(void)
{
CURL *curl;
CURLcode res;
struct curl_slist *recipients = NULL;
/* value for envelope reverse-path */
static const char *from = "<bradh@example.com>";
/* this becomes the envelope forward-path */
static const char *to = "<bradh@example.net>";
curl = curl_easy_init();
if(curl) {
/* this is the URL for your mailserver - you can also use an smtps:// URL
* here */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.net.");
/* Note that this option isn't strictly required, omitting it will result in
* libcurl will sent the MAIL FROM command with no sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise, they
* could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, from);
/* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array. */
recipients = curl_slist_append(recipients, to);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* You provide the payload (headers and the body of the message) as the
* "data" element. There are two choices, either:
* - provide a callback function and specify the function name using the
* CURLOPT_READFUNCTION option; or
* - just provide a FILE pointer that can be used to read the data from.
* The easiest case is just to read from standard input, (which is available
* as a FILE pointer) as shown here.
*/
curl_easy_setopt(curl, CURLOPT_READDATA, stdin);
/* send the message (including headers) */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* free the list of recipients */
curl_slist_free_all(recipients);
/* curl won't send the QUIT command until you call cleanup, so you should be
* able to re-use this connection for additional messages (setting
* CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT as required, and calling
* curl_easy_perform() again. It may not be a good idea to keep the
* connection open for a very long time though (more than a few minutes may
* result in the server timing out the connection), and you do want to clean
* up in the end.
*/
curl_easy_cleanup(curl);
}
return 0;
}

73
docs/examples/smtp-expn.c Normal file
View File

@@ -0,0 +1,73 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/* This is a simple example showing how to expand an email mailing list.
*
* Notes:
*
* 1) This example requires libcurl 7.34.0 or above.
* 2) Not all email servers support this command.
*/
int main(void)
{
CURL *curl;
CURLcode res;
struct curl_slist *recipients = NULL;
curl = curl_easy_init();
if(curl) {
/* This is the URL for your mailserver */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
/* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */
recipients = curl_slist_append(recipients, "Friends");
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* Set the EXPN command */
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "EXPN");
/* Perform the custom request */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* Curl won't send the QUIT command until you call cleanup, so you should
* be able to re-use this connection for additional requests. It may not be
* a good idea to keep the connection open for a very long time though
* (more than a few minutes may result in the server timing out the
* connection) and you do want to clean up in the end.
*/
curl_easy_cleanup(curl);
}
return 0;
}

137
docs/examples/smtp-mail.c Normal file
View File

@@ -0,0 +1,137 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/* This is a simple example showing how to send mail using libcurl's SMTP
* capabilities. For an exmaple of using the multi interface please see
* smtp-multi.c.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define FROM "<sender@example.org>"
#define TO "<addressee@example.net>"
#define CC "<info@example.org>"
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO "\r\n",
"From: " FROM "(Example User)\r\n",
"Cc: " CC "(Another example User)\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
"Subject: SMTP example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
struct upload_status {
int lines_read;
};
static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
{
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = payload_text[upload_ctx->lines_read];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
upload_ctx->lines_read++;
return len;
}
return 0;
}
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
struct curl_slist *recipients = NULL;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
curl = curl_easy_init();
if(curl) {
/* This is the URL for your mailserver */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
/* Note that this option isn't strictly required, omitting it will result in
* libcurl sending the MAIL FROM command with empty sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise, they
* could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM);
/* Add two recipients, in this particular case they correspond to the
* To: and Cc: addressees in the header, but they could be any kind of
* recipient. */
recipients = curl_slist_append(recipients, TO);
recipients = curl_slist_append(recipients, CC);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* We're using a callback function to specify the payload (the headers and
* body of the message). You could just use the CURLOPT_READDATA option to
* specify a FILE pointer to read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* Send the message */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* curl won't send the QUIT command until you call cleanup, so you should be
* able to re-use this connection for additional messages (setting
* CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT as required, and calling
* curl_easy_perform() again. It may not be a good idea to keep the
* connection open for a very long time though (more than a few minutes may
* result in the server timing out the connection), and you do want to clean
* up in the end.
*/
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -19,139 +19,151 @@
* KIND, either express or implied.
*
***************************************************************************/
/* This is an example application source code sending SMTP mail using the
* multi interface.
*/
#include <string.h>
#include <curl/curl.h>
/*
* This is the list of basic details you need to tweak to get things right.
/* This is an example showing how to send mail using libcurl's SMTP
* capabilities. It builds on the smtp-mail.c example to demonstrate how to use
* libcurl's multi interface.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define USERNAME "user@example.com"
#define PASSWORD "123qwerty"
#define SMTPSERVER "smtp.example.com"
#define SMTPPORT ":587" /* it is a colon+port string, but you can set it
to "" to use the default port */
#define RECIPIENT "<recipient@example.com>"
#define MAILFROM "<realuser@example.com>"
#define FROM "<sender@example.com>"
#define TO "<recipient@example.com>"
#define CC "<info@example.com>"
#define MULTI_PERFORM_HANG_TIMEOUT 60 * 1000
/* Note that you should include the actual meta data headers here as well if
you want the mail to have a Subject, another From:, show a To: or whatever
you think your mail should feature! */
static const char *text[]={
"one\n",
"two\n",
"three\n",
" Hello, this is CURL email SMTP\n",
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO "\r\n",
"From: " FROM "(Example User)\r\n",
"Cc: " CC "(Another example User)\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
"Subject: SMTP multi example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
struct WriteThis {
int counter;
struct upload_status {
int lines_read;
};
static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
{
struct WriteThis *pooh = (struct WriteThis *)userp;
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if(size*nmemb < 1)
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = text[pooh->counter];
data = payload_text[upload_ctx->lines_read];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
pooh->counter++; /* advance pointer */
upload_ctx->lines_read++;
return len;
}
return 0; /* no more data left to deliver */
return 0;
}
static struct timeval tvnow(void)
{
/*
** time() returns the value of time in seconds since the Epoch.
*/
struct timeval now;
/* time() returns the value of time in seconds since the epoch */
now.tv_sec = (long)time(NULL);
now.tv_usec = 0;
return now;
}
static long tvdiff(struct timeval newer, struct timeval older)
{
return (newer.tv_sec-older.tv_sec)*1000+
(newer.tv_usec-older.tv_usec)/1000;
return (newer.tv_sec - older.tv_sec) * 1000 +
(newer.tv_usec - older.tv_usec) / 1000;
}
int main(void)
{
CURL *curl;
CURLM *mcurl;
int still_running = 1;
struct timeval mp_start;
struct WriteThis pooh;
struct curl_slist* rcpt_list = NULL;
CURL *curl;
CURLM *mcurl;
int still_running = 1;
struct timeval mp_start;
struct curl_slist *recipients = NULL;
struct upload_status upload_ctx;
pooh.counter = 0;
upload_ctx.lines_read = 0;
curl_global_init(CURL_GLOBAL_DEFAULT);
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(!curl)
return 1;
curl = curl_easy_init();
if(!curl)
return 1;
mcurl = curl_multi_init();
if(!mcurl)
return 2;
mcurl = curl_multi_init();
if(!mcurl)
return 2;
rcpt_list = curl_slist_append(rcpt_list, RECIPIENT);
/* more addresses can be added here
rcpt_list = curl_slist_append(rcpt_list, "<others@example.com>");
/* This is the URL for your mailserver */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
/* Note that this option isn't strictly required, omitting it will result in
* libcurl sending the MAIL FROM command with empty sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise, they
* could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM);
curl_easy_setopt(curl, CURLOPT_URL, "smtp://" SMTPSERVER SMTPPORT);
curl_easy_setopt(curl, CURLOPT_USERNAME, USERNAME);
curl_easy_setopt(curl, CURLOPT_PASSWORD, PASSWORD);
curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, MAILFROM);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, rcpt_list);
curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
curl_easy_setopt(curl, CURLOPT_READDATA, &pooh);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(curl, CURLOPT_SSLVERSION, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_SESSIONID_CACHE, 0L);
curl_multi_add_handle(mcurl, curl);
/* Add two recipients, in this particular case they correspond to the
* To: and Cc: addressees in the header, but they could be any kind of
* recipient. */
recipients = curl_slist_append(recipients, TO);
recipients = curl_slist_append(recipients, CC);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
mp_start = tvnow();
/* We're using a callback function to specify the payload (the headers and
* body of the message). You could just use the CURLOPT_READDATA option to
* specify a FILE pointer to read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* we start some action by calling perform right away */
/* Tell the multi stack about our easy handle */
curl_multi_add_handle(mcurl, curl);
/* Record the start time which we can use later */
mp_start = tvnow();
/* We start some action by calling perform right away */
curl_multi_perform(mcurl, &still_running);
while(still_running) {
struct timeval timeout;
int rc; /* select() return code */
fd_set fdread;
fd_set fdwrite;
fd_set fdexcep;
int maxfd = -1;
int rc;
long curl_timeo = -1;
/* Initialise the file descriptors */
FD_ZERO(&fdread);
FD_ZERO(&fdwrite);
FD_ZERO(&fdexcep);
/* set a suitable timeout to play around with */
/* Set a suitable timeout to play around with */
timeout.tv_sec = 1;
timeout.tv_usec = 0;
@@ -164,7 +176,7 @@ int main(void)
timeout.tv_usec = (curl_timeo % 1000) * 1000;
}
/* get file descriptors from the transfers */
/* Get file descriptors from the transfers */
curl_multi_fdset(mcurl, &fdread, &fdwrite, &fdexcep, &maxfd);
/* In a real-world program you OF COURSE check the return code of the
@@ -172,32 +184,32 @@ int main(void)
greater or equal than -1. We call select(maxfd + 1, ...), specially in
case of (maxfd == -1), we call select(0, ...), which is basically equal
to sleep. */
rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
if (tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
fprintf(stderr, "ABORTING TEST, since it seems "
"that it would have run forever.\n");
if(tvdiff(tvnow(), mp_start) > MULTI_PERFORM_HANG_TIMEOUT) {
fprintf(stderr,
"ABORTING: Since it seems that we would have run forever.\n");
break;
}
switch(rc) {
case -1:
/* select error */
case -1: /* select error */
break;
case 0: /* timeout */
default: /* action */
case 0: /* timeout */
default: /* action */
curl_multi_perform(mcurl, &still_running);
break;
}
}
curl_slist_free_all(rcpt_list);
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* Always cleanup */
curl_multi_remove_handle(mcurl, curl);
curl_multi_cleanup(mcurl);
curl_easy_cleanup(curl);
curl_global_cleanup();
return 0;
}

161
docs/examples/smtp-ssl.c Normal file
View File

@@ -0,0 +1,161 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/* This is a simple example showing how to send mail using libcurl's SMTP
* capabilities. It builds on the smtp-mail.c example to add authentication
* and, more importantly, transport security to protect the authentication
* details from being snooped.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define FROM "<sender@example.org>"
#define TO "<addressee@example.net>"
#define CC "<info@example.org>"
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO "\r\n",
"From: " FROM "(Example User)\r\n",
"Cc: " CC "(Another example User)\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
"Subject: SMTP SSL example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
struct upload_status {
int lines_read;
};
static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
{
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = payload_text[upload_ctx->lines_read];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
upload_ctx->lines_read++;
return len;
}
return 0;
}
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
struct curl_slist *recipients = NULL;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
curl = curl_easy_init();
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is the URL for your mailserver. Note the use of smtps:// rather
* than smtp:// to request a SSL based connection. */
curl_easy_setopt(curl, CURLOPT_URL, "smtps://mainserver.example.net");
/* If you want to connect to a site who isn't using a certificate that is
* signed by one of the certs in the CA bundle you have, you can skip the
* verification of the server's certificate. This makes the connection
* A LOT LESS SECURE.
*
* If you have a CA cert for the server stored someplace else than in the
* default bundle, then the CURLOPT_CAPATH option might come handy for
* you. */
#ifdef SKIP_PEER_VERIFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
#endif
/* If the site you're connecting to uses a different host name that what
* they have mentioned in their server certificate's commonName (or
* subjectAltName) fields, libcurl will refuse to connect. You can skip
* this check, but this will make the connection less secure. */
#ifdef SKIP_HOSTNAME_VERFICATION
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
#endif
/* Note that this option isn't strictly required, omitting it will result in
* libcurl sending the MAIL FROM command with empty sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise, they
* could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM);
/* Add two recipients, in this particular case they correspond to the
* To: and Cc: addressees in the header, but they could be any kind of
* recipient. */
recipients = curl_slist_append(recipients, TO);
recipients = curl_slist_append(recipients, CC);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* We're using a callback function to specify the payload (the headers and
* body of the message). You could just use the CURLOPT_READDATA option to
* specify a FILE pointer to read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the
* transfer */
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* Send the message */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

View File

@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -24,26 +24,29 @@
#include <curl/curl.h>
/* This is a simple example showing how to send mail using libcurl's SMTP
* capabilities. It builds on the simplesmtp.c example, adding some
* authentication and transport security.
* capabilities. It builds on the smtp-mail.c example to add authentication
* and, more importantly, transport security to protect the authentication
* details from being snooped.
*
* Note that this example requires libcurl 7.20.0 or above.
*/
#define FROM "<sender@example.org>"
#define TO "<addressee@example.net>"
#define CC "<info@example.org>"
static const char *payload_text[]={
"Date: Mon, 29 Nov 2010 21:54:29 +1100\n",
"To: " TO "\n",
"From: " FROM "(Example User)\n",
"Cc: " CC "(Another example User)\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\n",
"Subject: SMTP TLS example message\n",
"\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\n",
"\n",
"It could be a lot of lines, could be MIME encoded, whatever.\n",
"Check RFC5322.\n",
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO "\r\n",
"From: " FROM "(Example User)\r\n",
"Cc: " CC "(Another example User)\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@rfcpedant.example.org>\r\n",
"Subject: SMTP TLS example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
@@ -56,33 +59,38 @@ static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if ((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = payload_text[upload_ctx->lines_read];
if (data) {
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
upload_ctx->lines_read ++;
upload_ctx->lines_read++;
return len;
}
return 0;
}
int main(void)
{
CURL *curl;
CURLcode res;
CURLcode res = CURLE_OK;
struct curl_slist *recipients = NULL;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
curl = curl_easy_init();
if (curl) {
if(curl) {
/* Set username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* This is the URL for your mailserver. Note the use of port 587 here,
* instead of the normal SMTP port (25). Port 587 is commonly used for
* secure mail submission (see RFC4403), but you should use whatever
@@ -106,18 +114,17 @@ int main(void)
* Instead, you should get the issuer certificate (or the host certificate
* if the certificate is self-signed) and add it to the set of certificates
* that are known to libcurl using CURLOPT_CAINFO and/or CURLOPT_CAPATH. See
* docs/SSLCERTS for more information.
*/
* docs/SSLCERTS for more information. */
curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
/* A common reason for requiring transport security is to protect
* authentication details (user names and passwords) from being "snooped"
* on the network. Here is how the user name and password are provided: */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user@example.net");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "P@ssw0rd");
/* value for envelope reverse-path */
/* Note that this option isn't strictly required, omitting it will result in
* libcurl sending the MAIL FROM command with empty sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise, they
* could cause an endless loop. See RFC 5321 Section 4.5.5 for more details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM);
/* Add two recipients, in this particular case they correspond to the
* To: and Cc: addressees in the header, but they could be any kind of
* recipient. */
@@ -125,28 +132,32 @@ int main(void)
recipients = curl_slist_append(recipients, CC);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* In this case, we're using a callback function to specify the data. You
* could just use the CURLOPT_READDATA option to specify a FILE pointer to
* read from.
*/
/* We're using a callback function to specify the payload (the headers and
* body of the message). You could just use the CURLOPT_READDATA option to
* specify a FILE pointer to read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* Since the traffic will be encrypted, it is very useful to turn on debug
* information within libcurl to see what is happening during the transfer.
*/
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
/* send the message (including headers) */
/* Send the message */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* free the list of recipients and clean up */
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* Always cleanup */
curl_easy_cleanup(curl);
}
return 0;
return (int)res;
}

73
docs/examples/smtp-vrfy.c Normal file
View File

@@ -0,0 +1,73 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/* This is a simple example showing how to verify an email address from an
* SMTP server.
*
* Notes:
*
* 1) This example requires libcurl 7.34.0 or above.
* 2) Not all email servers support this command and even if your email server
* does support it, it may respond with a 252 response code even though the
* address doesn't exist.
*/
int main(void)
{
CURL *curl;
CURLcode res;
struct curl_slist *recipients = NULL;
curl = curl_easy_init();
if(curl) {
/* This is the URL for your mailserver */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com");
/* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */
recipients = curl_slist_append(recipients, "<recipient@example.com>");
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* Perform the VRFY */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* Curl won't send the QUIT command until you call cleanup, so you should
* be able to re-use this connection for additional requests. It may not be
* a good idea to keep the connection open for a very long time though
* (more than a few minutes may result in the server timing out the
* connection) and you do want to clean up in the end.
*/
curl_easy_cleanup(curl);
}
return 0;
}

View File

@@ -0,0 +1,224 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* Example using an in memory PEM user certificate and RSA key to retrieve an
* https page.
* Written by Ishan SinghLevett, based on Theo Borm's cacertinmem.c.
* Note that to maintain simplicity this example does not use a CA certificate
* for peer verification. However, some form of peer verification
* must be used in real circumstances when a secure connection is required.
*/
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <curl/curl.h>
#include <stdio.h>
static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream)
{
fwrite(ptr,size,nmemb,stream);
return(nmemb*size);
}
static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm)
{
X509 *cert = NULL;
BIO *bio = NULL;
BIO *kbio = NULL;
RSA *rsa = NULL;
int ret;
const char *mypem = /* www.cacert.org */
"-----BEGIN CERTIFICATE-----\n"\
"MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\n"\
"IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\n"\
"IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\n"\
"Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\n"\
"BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi\n"\
"MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ\n"\
"ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC\n"\
"CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ\n"\
"8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6\n"\
"zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y\n"\
"fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7\n"\
"w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc\n"\
"G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k\n"\
"epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q\n"\
"laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ\n"\
"QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU\n"\
"fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826\n"\
"YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w\n"\
"ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY\n"\
"gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe\n"\
"MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0\n"\
"IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy\n"\
"dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw\n"\
"czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0\n"\
"dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl\n"\
"aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC\n"\
"AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg\n"\
"b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB\n"\
"ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc\n"\
"nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg\n"\
"18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c\n"\
"gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl\n"\
"Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY\n"\
"sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T\n"\
"SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF\n"\
"CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum\n"\
"GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\n"\
"zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\n"\
"omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\n"\
"-----END CERTIFICATE-----\n";
/*replace the XXX with the actual RSA key*/
const char *mykey =
"-----BEGIN RSA PRIVATE KEY-----\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"\
"-----END RSA PRIVATE KEY-----\n";
(void)curl; /* avoid warnings */
(void)parm; /* avoid warnings */
/* get a BIO */
bio = BIO_new_mem_buf((char *)mypem, -1);
if (bio == NULL) {
printf("BIO_new_mem_buf failed\n");
}
/* use it to read the PEM formatted certificate from memory into an X509
* structure that SSL can use
*/
cert = PEM_read_bio_X509(bio, NULL, 0, NULL);
if (cert == NULL) {
printf("PEM_read_bio_X509 failed...\n");
}
/*tell SSL to use the X509 certificate*/
ret = SSL_CTX_use_certificate((SSL_CTX*)sslctx, cert);
if (ret != 1) {
printf("Use certificate failed\n");
}
/*create a bio for the RSA key*/
kbio = BIO_new_mem_buf((char *)mykey, -1);
if (kbio == NULL) {
printf("BIO_new_mem_buf failed\n");
}
/*read the key bio into an RSA object*/
rsa = PEM_read_bio_RSAPrivateKey(kbio, NULL, 0, NULL);
if (rsa == NULL) {
printf("Failed to create key bio\n");
}
/*tell SSL to use the RSA key from memory*/
ret = SSL_CTX_use_RSAPrivateKey((SSL_CTX*)sslctx, rsa);
if (ret != 1) {
printf("Use Key failed\n");
}
/* free resources that have been allocated by openssl functions */
if (bio)
BIO_free(bio);
if (kbio)
BIO_free(kbio);
if (rsa)
RSA_free(rsa);
if (cert)
X509_free(cert);
/* all set to go */
return CURLE_OK ;
}
int main(void)
{
CURL *ch;
CURLcode rv;
rv = curl_global_init(CURL_GLOBAL_ALL);
ch = curl_easy_init();
rv = curl_easy_setopt(ch,CURLOPT_VERBOSE, 0L);
rv = curl_easy_setopt(ch,CURLOPT_HEADER, 0L);
rv = curl_easy_setopt(ch,CURLOPT_NOPROGRESS, 1L);
rv = curl_easy_setopt(ch,CURLOPT_NOSIGNAL, 1L);
rv = curl_easy_setopt(ch,CURLOPT_WRITEFUNCTION, *writefunction);
rv = curl_easy_setopt(ch,CURLOPT_WRITEDATA, stdout);
rv = curl_easy_setopt(ch,CURLOPT_HEADERFUNCTION, *writefunction);
rv = curl_easy_setopt(ch,CURLOPT_WRITEHEADER, stderr);
rv = curl_easy_setopt(ch,CURLOPT_SSLCERTTYPE,"PEM");
/* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there is
no CA certificate*/
rv = curl_easy_setopt(ch,CURLOPT_SSL_VERIFYPEER, 0L);
rv = curl_easy_setopt(ch,CURLOPT_SSL_VERIFYHOST, 0L);
rv = curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/");
rv = curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM");
/* first try: retrieve page without user certificate and key -> will fail
*/
rv = curl_easy_perform(ch);
if (rv==CURLE_OK) {
printf("*** transfer succeeded ***\n");
}
else {
printf("*** transfer failed ***\n");
}
/* second try: retrieve page using user certificate and key -> will succeed
* load the certificate and key by installing a function doing the necessary
* "modifications" to the SSL CONTEXT just before link init
*/
rv = curl_easy_setopt(ch,CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
rv = curl_easy_perform(ch);
if (rv==CURLE_OK) {
printf("*** transfer succeeded ***\n");
}
else {
printf("*** transfer failed ***\n");
}
curl_easy_cleanup(ch);
curl_global_cleanup();
return rv;
}

158
docs/examples/xmlstream.c Normal file
View File

@@ -0,0 +1,158 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* Stream-parse a document using the streaming Expat parser.
* Written by David Strauss
*
* Expat => http://www.libexpat.org/
*
* gcc -Wall -I/usr/local/include xmlstream.c -lcurl -lexpat -o xmlstream
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <expat.h>
#include <curl/curl.h>
struct MemoryStruct {
char *memory;
size_t size;
};
struct ParserStruct {
int ok;
size_t tags;
size_t depth;
struct MemoryStruct characters;
};
static void startElement(void *userData, const XML_Char *name, const XML_Char **atts)
{
struct ParserStruct *state = (struct ParserStruct *) userData;
state->tags++;
state->depth++;
/* Get a clean slate for reading in character data. */
free(state->characters.memory);
state->characters.memory = NULL;
state->characters.size = 0;
}
static void characterDataHandler(void *userData, const XML_Char *s, int len)
{
struct ParserStruct *state = (struct ParserStruct *) userData;
struct MemoryStruct *mem = &state->characters;
mem->memory = realloc(mem->memory, mem->size + len + 1);
if(mem->memory == NULL) {
/* Out of memory. */
fprintf(stderr, "Not enough memory (realloc returned NULL).\n");
state->ok = 0;
return;
}
memcpy(&(mem->memory[mem->size]), s, len);
mem->size += len;
mem->memory[mem->size] = 0;
}
static void endElement(void *userData, const XML_Char *name)
{
struct ParserStruct *state = (struct ParserStruct *) userData;
state->depth--;
printf("%5lu %10lu %s\n", state->depth, state->characters.size, name);
}
static size_t parseStreamCallback(void *contents, size_t length, size_t nmemb, void *userp)
{
XML_Parser parser = (XML_Parser) userp;
size_t real_size = length * nmemb;
struct ParserStruct *state = (struct ParserStruct *) XML_GetUserData(parser);
/* Only parse if we're not already in a failure state. */
if (state->ok && XML_Parse(parser, contents, real_size, 0) == 0) {
int error_code = XML_GetErrorCode(parser);
fprintf(stderr, "Parsing response buffer of length %lu failed with error code %d (%s).\n",
real_size, error_code, XML_ErrorString(error_code));
state->ok = 0;
}
return real_size;
}
int main(void)
{
CURL *curl_handle;
CURLcode res;
XML_Parser parser;
struct ParserStruct state;
/* Initialize the state structure for parsing. */
memset(&state, 0, sizeof(struct ParserStruct));
state.ok = 1;
/* Initialize a namespace-aware parser. */
parser = XML_ParserCreateNS(NULL, '\0');
XML_SetUserData(parser, &state);
XML_SetElementHandler(parser, startElement, endElement);
XML_SetCharacterDataHandler(parser, characterDataHandler);
/* Initalize a libcurl handle. */
curl_global_init(CURL_GLOBAL_ALL ^ CURL_GLOBAL_SSL);
curl_handle = curl_easy_init();
curl_easy_setopt(curl_handle, CURLOPT_URL, "http://www.w3schools.com/xml/simple.xml");
curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, parseStreamCallback);
curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *)parser);
printf("Depth Characters Closing Tag\n");
/* Perform the request and any follow-up parsing. */
res = curl_easy_perform(curl_handle);
if(res != CURLE_OK) {
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
}
else if (state.ok) {
/* Expat requires one final call to finalize parsing. */
if (XML_Parse(parser, NULL, 0, 1) == 0) {
int error_code = XML_GetErrorCode(parser);
fprintf(stderr, "Finalizing parsing failed with error code %d (%s).\n",
error_code, XML_ErrorString(error_code));
}
else {
printf(" --------------\n");
printf(" %lu tags total\n", state.tags);
}
}
/* Clean up. */
free(state.characters.memory);
XML_ParserFree(parser);
curl_easy_cleanup(curl_handle);
curl_global_cleanup();
return 0;
}

View File

@@ -79,9 +79,12 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \
curl_multi_assign.pdf curl_easy_pause.pdf curl_easy_recv.pdf \
curl_easy_send.pdf curl_multi_socket_action.pdf curl_multi_wait.pdf
m4macrodir = $(datadir)/aclocal
dist_m4macro_DATA = libcurl.m4
CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) libcurl.m4 ABI \
EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \
symbols-in-versions symbols.pl
MAN2HTML= roffit --mandir=. < $< >$@

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -109,7 +109,9 @@ uploaded.
.IP CURLINFO_SIZE_DOWNLOAD
Pass a pointer to a double to receive the total amount of bytes that were
downloaded. The amount is only for the latest transfer and will be reset again
for each new transfer.
for each new transfer. This counts actual payload data, what's also commonly
called body. All meta and header data are excluded and will not be counted in
this number.
.IP CURLINFO_SPEED_DOWNLOAD
Pass a pointer to a double to receive the average download speed that curl
measured for the complete download. Measured in bytes/second.
@@ -219,8 +221,20 @@ done. The struct reports how many certs it found and then you can extract info
for each of those certs by following the linked lists. The info chain is
provided in a series of data in the format "name:content" where the content is
for the specific named data. See also the certinfo.c example. NOTE: this
option is only available in libcurl built with OpenSSL support. (Added in
7.19.1)
option is only available in libcurl built with OpenSSL, NSS, GSKit or QsoSSL
support. (Added in 7.19.1)
.IP CURLINFO_TLS_SESSION
Pass a pointer to a 'struct curl_tlsinfo *'. The pointer will be initialized
to refer to a 'struct curl_tlsinfo *' that will contain an enum indicating the
SSL library used for the handshake and the respective internal TLS session
structure of this underlying SSL library.
This may then be used to extract certificate information in a format
convenient for further processing, such as manual validation. NOTE: this
option may not be available for all SSL backends; unsupported SSL backends
will return 'CURLSSLBACKEND_NONE' to indicate that they are not supported;
this does not mean that no SSL backend was used. (Added in 7.34.0)
.IP CURLINFO_CONDITION_UNMET
Pass a pointer to a long to receive the number 1 if the condition provided in
the previous request didn't match (see \fICURLOPT_TIMECONDITION\fP). Alas, if
@@ -232,7 +246,7 @@ Pass a pointer to a char pointer to receive a pointer to a string holding the
most recent RTSP Session ID.
Applications wishing to resume an RTSP session on another connection should
retreive this info before closing the active connection.
retrieve this info before closing the active connection.
.IP CURLINFO_RTSP_CLIENT_CSEQ
Pass a pointer to a long to receive the next CSeq that will be used by the
application.
@@ -244,7 +258,7 @@ by the application.
unimplemented).\fP
Applications wishing to resume an RTSP session on another connection should
retreive this info before closing the active connection.
retrieve this info before closing the active connection.
.IP CURLINFO_RTSP_CSEQ_RECV
Pass a pointer to a long to receive the most recently received CSeq from the
server. If your application encounters a \fICURLE_RTSP_CSEQ_ERROR\fP then you

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -31,15 +31,18 @@ curl_easy_pause - pause and unpause a connection
Using this function, you can explicitly mark a running connection to get
paused, and you can unpause a connection that was previously paused.
A connection can be paused by using this function or by letting the read
or the write callbacks return the proper magic return code
A connection can be paused by using this function or by letting the read or
the write callbacks return the proper magic return code
(\fICURL_READFUNC_PAUSE\fP and \fICURL_WRITEFUNC_PAUSE\fP). A write callback
that returns pause signals to the library that it couldn't take care of any
data at all, and that data will then be delivered again to the callback when
the writing is later unpaused.
NOTE: while it may feel tempting, take care and notice that you cannot call
this function from another thread.
While it may feel tempting, take care and notice that you cannot call this
function from another thread. To unpause, you may for example call it from the
progress callback (see \fIcurl_easy_setopt(3)\fP's
\fICURLOPT_PROGRESSFUNCTION\fP), which gets called at least once per second,
even if the connection is paused.
When this function is called to unpause reading, the chance is high that you
will get your write callback called before this function returns.
@@ -65,9 +68,25 @@ Convenience define that unpauses both directions
CURLE_OK (zero) means that the option was set properly, and a non-zero return
code means something wrong occurred after the new state was set. See the
\fIlibcurl-errors(3)\fP man page for the full list with descriptions.
.SH LIMITATIONS
The pausing of transfers does not work with protocols that work without
network connectivity, like FILE://. Trying to pause such a transfer, in any
direction, will cause problems in the worst case or an error in the best case.
.SH AVAILABILITY
This function was added in libcurl 7.18.0. Before this version, there was no
explicit support for pausing transfers.
.SH "USAGE WITH THE MULTI-SOCKET INTERFACE"
Before libcurl 7.32.0, when a specific handle was unpaused with this function,
there was no particular forced rechecking or similar of the socket's state,
which made the continuation of the transfer get delayed until next
multi-socket call invoke or even longer. Alternatively, the user could
forcibly call for example curl_multi_socket_all(3) - with a rather hefty
performance penalty.
Starting in libcurl 7.32.0, unpausing a transfer will schedule a timeout
trigger for that handle 1 millisecond into the future, so that a
curl_multi_socket_action( ... CURL_SOCKET_TIMEOUT) can be used immediately
afterwards to get the transfer going again as desired.
.SH "MEMORY USE"
When pausing a read by returning the magic return code from a write callback,
the read data is already in libcurl's internal buffers so it'll have to keep

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -25,33 +25,41 @@ curl_easy_perform - Perform a file transfer
.SH SYNOPSIS
.B #include <curl/curl.h>
.sp
.BI "CURLcode curl_easy_perform(CURL *" handle ");"
.BI "CURLcode curl_easy_perform(CURL *" easy_handle ");"
.ad
.SH DESCRIPTION
This function is called after the init and all the \fIcurl_easy_setopt(3)\fP
calls are made, and will perform the transfer as described in the options. It
must be called with the same
.I handle
as input as the curl_easy_init call returned.
Invoke this function after \fIcurl_easy_init(3)\fP and all the
\fIcurl_easy_setopt(3)\fP calls are made, and will perform the transfer as
described in the options. It must be called with the same \fBeasy_handle\fP as
input as the \fIcurl_easy_init(3)\fP call returned.
\fIcurl_easy_perform(3)\fP performs the entire request in a blocking manner
and returns when done, or if it failed. For non-blocking behavior, see
\fIcurl_multi_perform(3)\fP.
You can do any amount of calls to \fIcurl_easy_perform(3)\fP while using the
same handle. If you intend to transfer more than one file, you are even
encouraged to do so. libcurl will then attempt to re-use the same connection
for the following transfers, thus making the operations faster, less CPU
intense and using less network resources. Just note that you will have to use
\fIcurl_easy_setopt(3)\fP between the invokes to set options for the following
curl_easy_perform.
same \fBeasy_handle\fP. If you intend to transfer more than one file, you are
even encouraged to do so. libcurl will then attempt to re-use the same
connection for the following transfers, thus making the operations faster,
less CPU intense and using less network resources. Just note that you will
have to use \fIcurl_easy_setopt(3)\fP between the invokes to set options for
the following curl_easy_perform.
You must never call this function simultaneously from two places using the
same handle. Let the function return first before invoking it another time. If
you want parallel transfers, you must use several curl handles.
same \fBeasy_handle\fP. Let the function return first before invoking it
another time. If you want parallel transfers, you must use several curl
easy_handles.
While the \fBeasy_handle\fP is added to a multi handle, it cannot be used by
\fIcurl_easy_perform(3)\fP.
.SH RETURN VALUE
0 means everything was ok, non-zero means an error occurred as
CURLE_OK (0) means everything was ok, non-zero means an error occurred as
.I <curl/curl.h>
defines. If the CURLOPT_ERRORBUFFER was set with
.I curl_easy_setopt
there will be a readable error message in the error buffer when non-zero is
returned.
defines - see \fIlibcurl-errors(3)\fP. If the \fBCURLOPT_ERRORBUFFER\fP was
set with \fIcurl_easy_setopt(3)\fP there will be a readable error message in
the error buffer when non-zero is returned.
.SH "SEE ALSO"
.BR curl_easy_init "(3), " curl_easy_setopt "(3), "
.BR curl_multi_add_handle "(3), " curl_multi_perform "(3), "
.BR libcurl-errors "(3), "

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -260,9 +260,9 @@ used to fast forward a file in a resumed upload (instead of reading all
uploaded bytes with the normal read function/callback). It is also called to
rewind a stream when doing a HTTP PUT or POST with a multi-pass authentication
method. The function shall work like "fseek" or "lseek" and accepted SEEK_SET,
SEEK_CUR and SEEK_END as argument for origin, although (in 7.18.0) libcurl
only passes SEEK_SET. The callback must return 0 (CURL_SEEKFUNC_OK) on
success, 1 (CURL_SEEKFUNC_FAIL) to cause the upload operation to fail or 2
SEEK_CUR and SEEK_END as argument for origin, although libcurl currently only
passes SEEK_SET. The callback must return 0 (CURL_SEEKFUNC_OK) on success, 1
(CURL_SEEKFUNC_FAIL) to cause the upload operation to fail or 2
(CURL_SEEKFUNC_CANTSEEK) to indicate that while the seek failed, libcurl is
free to work around the problem if possible. The latter can sometimes be done
by instead reading from the input or similar.
@@ -342,15 +342,36 @@ argument in the closesocket callback set with
The default value of this parameter is unspecified.
(Option added in 7.21.7)
.IP CURLOPT_PROGRESSFUNCTION
Pass a pointer to a function that matches the following prototype: \fBint
function(void *clientp, double dltotal, double dlnow, double ultotal, double
ulnow); \fP. This function gets called by libcurl instead of its internal
equivalent with a frequent interval during operation (roughly once per second
or sooner) no matter if data is being transferred or not. Unknown/unused
argument values passed to the callback will be set to zero (like if you only
download data, the upload size will remain 0). Returning a non-zero value from
this callback will cause libcurl to abort the transfer and return
\fICURLE_ABORTED_BY_CALLBACK\fP.
Pass a pointer to a function that matches the following prototype:
\fBint function(void *clientp, double dltotal, double dlnow, double ultotal,
double ulnow);\fP
We encourage users to use \fICURLOPT_XFERINFOFUNCTION\fP instead, if you can.
This function gets called by libcurl instead of its internal equivalent with a
frequent interval. While data is being transferred it will be called very
frequently, and during slow periods like when nothing is being transferred it
can slow down to about one call per second.
\fIclientp\fP is the pointer set with \fICURLOPT_PROGRESSDATA\fP, it is not
actually used by libcurl but is only passed along from the application to the
callback.
The callback gets told how much data libcurl will transfer and has
transferred, in number of bytes. \fIdltotal\fP is the total number of bytes
libcurl expects to download in this transfer. \fIdlnow\fP is the number of
bytes downloaded so far. \fIultotal\fP is the total number of bytes libcurl
expects to upload in this transfer. \fIulnow\fP is the number of bytes
uploaded so far.
Unknown/unused argument values passed to the callback will be set to zero
(like if you only download data, the upload size will remain 0). Many times
the callback will be called one or more times first, before it knows the data
sizes so a program must be made to handle that.
Returning a non-zero value from this callback will cause libcurl to abort the
transfer and return \fICURLE_ABORTED_BY_CALLBACK\fP.
If you transfer data with the multi interface, this function will not be
called during periods of idleness unless you call the appropriate libcurl
@@ -358,10 +379,54 @@ function that performs transfers.
\fICURLOPT_NOPROGRESS\fP must be set to 0 to make this function actually
get called.
.IP CURLOPT_XFERINFOFUNCTION
Pass a pointer to a function that matches the following prototype:
.nf
\fBint function(void *clientp, curl_off_t dltotal, curl_off_t dlnow,
curl_off_t ultotal, curl_off_t ulnow);\fP
.fi
This function gets called by libcurl instead of its internal equivalent with a
frequent interval. While data is being transferred it will be called very
frequently, and during slow periods like when nothing is being transferred it
can slow down to about one call per second.
\fIclientp\fP is the pointer set with \fICURLOPT_XFERINFODATA\fP, it is only
passed along from the application to the callback.
The callback gets told how much data libcurl will transfer and has
transferred, in number of bytes. \fIdltotal\fP is the total number of bytes
libcurl expects to download in this transfer. \fIdlnow\fP is the number of
bytes downloaded so far. \fIultotal\fP is the total number of bytes libcurl
expects to upload in this transfer. \fIulnow\fP is the number of bytes
uploaded so far.
Unknown/unused argument values passed to the callback will be set to zero
(like if you only download data, the upload size will remain 0). Many times
the callback will be called one or more times first, before it knows the data
sizes so a program must be made to handle that.
Returning a non-zero value from this callback will cause libcurl to abort the
transfer and return \fICURLE_ABORTED_BY_CALLBACK\fP.
If you transfer data with the multi interface, this function will not be
called during periods of idleness unless you call the appropriate libcurl
function that performs transfers.
\fICURLOPT_NOPROGRESS\fP must be set to 0 to make this function actually
get called.
(Added in 7.32.0)
.IP CURLOPT_PROGRESSDATA
Pass a pointer that will be untouched by libcurl and passed as the first
argument in the progress callback set with \fICURLOPT_PROGRESSFUNCTION\fP.
The default value of this parameter is unspecified.
.IP CURLOPT_XFERINFODATA
Pass a pointer that will be untouched by libcurl and passed as the first
argument in the progress callback set with \fICURLOPT_XFERINFOFUNCTION\fP.
The default value of this parameter is unspecified. This option is an alias
for CURLOPT_PROGRESSDATA. (Added in 7.32.0)
.IP CURLOPT_HEADERFUNCTION
Pass a pointer to a function that matches the following prototype:
\fBsize_t function( void *ptr, size_t size, size_t nmemb, void
@@ -430,6 +495,10 @@ The data is header (or header-like) data sent to the peer.
The data is protocol data received from the peer.
.IP CURLINFO_DATA_OUT
The data is protocol data sent to the peer.
.IP CURLINFO_SSL_DATA_OUT
The data is SSL/TLS (binary) data sent to the peer.
.IP CURLINFO_SSL_DATA_IN
The data is SSL/TLS (binary) data received from the peer.
.RE
.IP CURLOPT_DEBUGDATA
Pass a pointer to whatever you want passed in to your
@@ -620,12 +689,20 @@ scheme://host:port/path
For a greater explanation of the format please see RFC3986.
If the given URL lacks the scheme, or protocol, part ("http://" or "ftp://"
etc), libcurl will attempt to resolve which protocol to use based on the
given host mame. If the protocol is not supported, libcurl will return
(\fICURLE_UNSUPPORTED_PROTOCOL\fP) when you call \fIcurl_easy_perform(3)\fP
or \fIcurl_multi_perform(3)\fP. Use \fIcurl_version_info(3)\fP for detailed
information on which protocols are supported.
If the given URL lacks the scheme (such as "http://" or "ftp://" etc) then
libcurl will attempt to resolve the protocol based on one of the following
given host names:
HTTP, FTP, DICT, LDAP, IMAP, POP3 or SMTP
(POP3 and SMTP added in 7.31.0)
Should the protocol, either that specified by the scheme or deduced by libcurl
from the host name, not be supported by libcurl then
(\fICURLE_UNSUPPORTED_PROTOCOL\fP) will be returned from either the
\fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform(3)\fP functions when you
call them. Use \fIcurl_version_info(3)\fP for detailed information of which
protocols are supported by the build of libcurl you are using.
The host part of the URL contains the address of the server that you want to
connect to. This can be the fully qualified domain name of the server, the
@@ -640,17 +717,23 @@ http://192.168.0.1/
http://[2001:1890:1112:1::20]/
It is also possible to specify the user name and password as part of the
host, for some protocols, when connecting to servers that require
authentication.
For example the following types of authentication support this:
It is also possible to specify the user name, password and any supported login
options as part of the host, for the following protocols, when connecting to
servers that require authentication:
http://user:password@www.example.com
ftp://user:password@ftp.example.com
pop3://user:password@mail.example.com
imap://user:password;options@mail.example.com
pop3://user:password;options@mail.example.com
smtp://user:password;options@mail.example.com
At present only IMAP, POP3 and SMTP support login options as part of the host.
For more information about the login options in URL syntax please see RFC2384,
RFC5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in 7.31.0).
The port is optional and when not specified libcurl will use the default port
based on the determined or specified protocol: 80 for HTTP, 21 for FTP and 25
@@ -740,8 +823,9 @@ the user
The path part of an IMAP request not only specifies the mailbox to list (Added
in 7.30.0) or select, but can also be used to check the UIDVALIDITY of the
mailbox and to specify the UID and SECTION of the message to fetch (Added in
7.30.0).
mailbox, to specify the UID, SECTION (Added in 7.30.0) and PARTIAL octets
(Added in 7.37.0) of the message to fetch and to specify what nessages to
search for (Added in 7.37.0).
imap://user:password@mail.example.com - Performs a top level folder list
@@ -756,7 +840,17 @@ the user's inbox, checks the UIDVALIDITY of the mailbox is 50 and fetches
message 2 if it is
imap://user:password@mail.example.com/INBOX/;UID=3/;SECTION=TEXT - Selects the
user's inbox and fetches message 3 with only the text portion of the message
user's inbox and fetches the text portial of message 3
imap://user:password@mail.example.com/INBOX/;UID=4/;PARTIAL=0.1024 - Selects
the user's inbox and fetches the first 1024 octets of message 4
imap://user:password@mail.example.com/INBOX?NEW - Selects the user's inbox and
checks for NEW messages
imap://user:password@mail.example.com/INBOX?SUBJECT%20shadows - Selects the
user's inbox and searches for messages containing "shadows" in the subject
line
For more information about the individual components of an IMAP URL please
see RFC5092.
@@ -814,6 +908,19 @@ Active Directory server.
For more information about the individual components of a LDAP URL please
see RFC4516.
.B RTMP
There's no official URL spec for RTMP so libcurl uses the URL syntax supported
by the underlying librtmp library. It has a syntax where it wants a
traditional URL, followed by a space and a series of space-separated
name=value pairs.
While space is not typically a "legal" letter, libcurl accepts them. When a
user wants to pass in a '#' (hash) character it will be treated as a fragment
and get cut off by libcurl if provided literally. You will instead have to
escape it by providing it as backslash and its ASCII value in hexadecimal:
"\\23".
.B NOTES
Starting with version 7.20.0, the fragment part of the URI will not be sent as
@@ -846,9 +953,9 @@ Set HTTP proxy to use. The parameter should be a char * to a zero terminated
string holding the host name or dotted IP address. To specify port number in
this string, append :[port] to the end of the host name. The proxy string may
be prefixed with [protocol]:// since any such prefix will be ignored. The
proxy's port number may optionally be specified with the separate option. If
not specified, libcurl will default to using port 1080 for proxies.
\fICURLOPT_PROXYPORT\fP.
proxy's port number may optionally be specified with the separate option
\fICURLOPT_PROXYPORT\fP. If not specified, libcurl will default to using port
1080 for proxies.
When you tell the library to use a HTTP proxy, libcurl will transparently
convert operations to HTTP even if you specify an FTP URL etc. This may have
@@ -895,8 +1002,8 @@ if one is specified. The only wildcard available is a single * character,
which matches all hosts, and effectively disables the proxy. Each name in this
list is matched as either a domain which contains the hostname, or the
hostname itself. For example, example.com would match example.com,
example.com:80, and www.example.com, but not www.notanexample.com. (Added in
7.19.4)
example.com:80, and www.example.com, but not www.notanexample.com or
example.com.othertld. (Added in 7.19.4)
.IP CURLOPT_HTTPPROXYTUNNEL
Set the parameter to 1 to make the library tunnel all operations through a
given HTTP proxy. There is a big difference between using a proxy and to
@@ -1040,8 +1147,8 @@ the full path name to the file you want libcurl to use as .netrc file. If this
option is omitted, and \fICURLOPT_NETRC\fP is set, libcurl will attempt to
find a .netrc file in the current user's home directory. (Added in 7.10.9)
.IP CURLOPT_USERPWD
Pass a char * as parameter, which should be [user name]:[password] to use for
the connection. Use \fICURLOPT_HTTPAUTH\fP to decide the authentication method.
Pass a char * as parameter, pointing to a zero terminated login details string
for the connection. The format of which is: [user name]:[password].
When using NTLM, you can set the domain by prepending it to the user name and
separating the domain and name with a forward (/) or backward slash (\\). Like
@@ -1054,10 +1161,21 @@ and password information to hosts using the initial host name (unless
\fICURLOPT_UNRESTRICTED_AUTH\fP is set), so if libcurl follows locations to
other hosts it will not send the user and password to those. This is enforced
to prevent accidental information leakage.
Use \fICURLOPT_HTTPAUTH\fP to specify the authentication method for HTTP based
connections or \fICURLOPT_LOGIN_OPTIONS\fP to control IMAP, POP3 and SMTP
options.
The user and password strings are not URL decoded, so there's no way to send
in a user name containing a colon using this option. Use \fICURLOPT_USERNAME\fP
for that, or include it in the URL.
.IP CURLOPT_PROXYUSERPWD
Pass a char * as parameter, which should be [user name]:[password] to use for
the connection to the HTTP proxy. Use \fICURLOPT_PROXYAUTH\fP to decide
the authentication method.
the connection to the HTTP proxy. Both the name and the password will be URL
decoded before use, so to include for example a colon in the user name you
should encode it as %3A.
Use \fICURLOPT_PROXYAUTH\fP to specify the authentication method.
.IP CURLOPT_USERNAME
Pass a char * as parameter, which should be pointing to the zero terminated
user name to use for the transfer.
@@ -1066,14 +1184,26 @@ user name to use for the transfer.
authentication. You should not use this option together with the (older)
CURLOPT_USERPWD option.
In order to specify the password to be used in conjunction with the user name
use the \fICURLOPT_PASSWORD\fP option. (Added in 7.19.1)
To specify the password and login options, along with the user name, use the
\fICURLOPT_PASSWORD\fP and \fICURLOPT_LOGIN_OPTIONS\fP options. (Added in
7.19.1)
.IP CURLOPT_PASSWORD
Pass a char * as parameter, which should be pointing to the zero terminated
password to use for the transfer.
The CURLOPT_PASSWORD option should be used in conjunction with
the \fICURLOPT_USERNAME\fP option. (Added in 7.19.1)
The CURLOPT_PASSWORD option should be used in conjunction with the
\fICURLOPT_USERNAME\fP option. (Added in 7.19.1)
.IP CURLOPT_LOGIN_OPTIONS
(Added in 7.34.0) Pass a char * as parameter, which should be pointing to the
zero terminated options string to use for the transfer.
At present only IMAP, POP3 and SMTP support login options. For more
information about the login options please see RFC2384, RFC5092 and IETF draft
draft-earhart-url-smtp-00.txt
\fBCURLOPT_LOGIN_OPTIONS\fP can be used to set protocol specific login options,
such as the preferred authentication mechanism via "AUTH=NTLM" or "AUTH=*",
and should be used in conjunction with the \fICURLOPT_USERNAME\fP option.
.IP CURLOPT_PROXYUSERNAME
Pass a char * as parameter, which should be pointing to the zero terminated
user name to use for the transfer while connecting to Proxy.
@@ -1134,7 +1264,7 @@ Microsoft. It uses a challenge-response and hash concept similar to Digest, to
prevent the password from being eavesdropped.
You need to build libcurl with either OpenSSL, GnuTLS or NSS support for this
option to work, or build libcurl on Windows.
option to work, or build libcurl on Windows with SSPI support.
.IP CURLAUTH_NTLM_WB
NTLM delegating to winbind helper. Authentication is performed by a separate
binary application that is executed when needed. The name of the application
@@ -1193,8 +1323,23 @@ authentication methods it supports and then pick the best one you allow it to
use. For some methods, this will induce an extra network round-trip. Set the
actual name and password with the \fICURLOPT_PROXYUSERPWD\fP option. The
bitmask can be constructed by or'ing together the bits listed above for the
\fICURLOPT_HTTPAUTH\fP option. As of this writing, only Basic, Digest and NTLM
work. (Added in 7.10.7)
\fICURLOPT_HTTPAUTH\fP option. \fICURLOPT_PROXYAUTH\fP was added in 7.10.7
.IP CURLOPT_SASL_IR
Pass a long. If the value is 1, curl will send the initial response to the
server in the first authentication packet in order to reduce the number of
ping pong requests. Only applicable to supporting SASL authentication
mechanisms and to the IMAP, POP3 and SMTP protocols. (Added in 7.31.0)
Note: Whilst IMAP supports this option there is no need to explicitly set it,
as libcurl can determine the feature itself when the server supports the
SASL-IR CAPABILITY.
.IP CURLOPT_XOAUTH2_BEARER
Pass a char * as parameter, which should point to the zero terminated OAuth
2.0 Bearer Access Token for use with IMAP, POP3 and SMTP servers that support
the OAuth 2.0 Authorization Framework. (Added in 7.33.0)
Note: The user name used to generate the Bearer Token should be supplied via
the \fICURLOPT_USERNAME\fP option.
.SH HTTP OPTIONS
.IP CURLOPT_AUTOREFERER
Pass a parameter set to 1 to enable this. When enabled, libcurl will
@@ -1383,19 +1528,24 @@ set the User-Agent: header in the http request sent to the remote server. This
can be used to fool servers or scripts. You can also set any custom header
with \fICURLOPT_HTTPHEADER\fP.
.IP CURLOPT_HTTPHEADER
Pass a pointer to a linked list of HTTP headers to pass to the server in your
HTTP request. The linked list should be a fully valid list of \fBstruct
curl_slist\fP structs properly filled in. Use \fIcurl_slist_append(3)\fP to
create the list and \fIcurl_slist_free_all(3)\fP to clean up an entire
list. If you add a header that is otherwise generated and used by libcurl
internally, your added one will be used instead. If you add a header with no
content as in 'Accept:' (no data on the right side of the colon), the
internally used header will get disabled. Thus, using this option you can add
new headers, replace internal headers and remove internal headers. To add a
header with no content, make the content be two quotes: \&"". The headers
included in the linked list must not be CRLF-terminated, because curl adds
CRLF after each header item. Failure to comply with this will result in
strange bugs because the server will most likely ignore part of the headers
Pass a pointer to a linked list of HTTP headers to pass to the server and/or
proxy in your HTTP request. The same list is used for both host and proxy
requests!
The linked list should be a fully valid list of \fBstruct curl_slist\fP
structs properly filled in. Use \fIcurl_slist_append(3)\fP to create the list
and \fIcurl_slist_free_all(3)\fP to clean up an entire list. If you add a
header that is otherwise generated and used by libcurl internally, your added
one will be used instead. If you add a header with no content as in 'Accept:'
(no data on the right side of the colon), the internally used header will get
disabled. With this option you can add new headers, replace internal headers
and remove internal headers. To add a header with no content (nothing to the
right side of the colon), use the form 'MyHeader;' (note the ending
semicolon).
The headers included in the linked list must not be CRLF-terminated, because
curl adds CRLF after each header item. Failure to comply with this will result
in strange bugs because the server will most likely ignore part of the headers
you specified.
The first line in a request (containing the method, usually a GET or POST) is
@@ -1407,6 +1557,42 @@ Pass a NULL to this to reset back to no custom headers.
The most commonly replaced headers have "shortcuts" in the options
\fICURLOPT_COOKIE\fP, \fICURLOPT_USERAGENT\fP and \fICURLOPT_REFERER\fP.
There's an alternative option that sets or replaces headers only for requests
that are sent with CONNECT to a proxy: \fICURLOPT_PROXYHEADER\fP. Use
\fICURLOPT_HEADEROPT\fP to control the behavior.
.IP CURLOPT_HEADEROPT
Pass a long that is a bitmask of options of how to deal with headers. The two
mutually exclusive options are:
CURLHEADER_UNIFIED - keep working as before. This means CURLOPT_HTTPHEADER
headers will be used in requests both to servers and proxies. With this option
enabled, \fICURLOPT_PROXYHEADER\fP will not have any effect.
CURLHEADER_SEPARATE - makes \fICURLOPT_HTTPHEADER\fP headers only get sent to
a server and not to a proxy. Proxy headers must be set with
\fICURLOPT_PROXYHEADER\fP to get used. Note that if a non-CONNECT request is
sent to a proxy, libcurl will send both server headers and proxy headers. When
doing CONNECT, libcurl will send \fICURLOPT_PROXYHEADER\fP headers only do the
proxy and then \fICURLOPT_HTTPHEADER\fP headers only to the server.
(Added in 7.37.0)
.IP CURLOPT_PROXYHEADER
Pass a pointer to a linked list of HTTP headers to pass in your HTTP request
sent to a proxy. The rules for this list is identical to the
\fICURLOPT_HTTPHEADER\fP option's.
The headers set with this option is only ever used in requests sent to a proxy
- when there's also a request sent to a host.
The first line in a request (containing the method, usually a GET or POST) is
NOT a header and cannot be replaced using this option. Only the lines
following the request-line are headers. Adding this method line in this list
of headers will only cause your request to send an invalid header.
Pass a NULL to this to reset back to no custom headers.
This option was added in libcurl 7.37.0.
.IP CURLOPT_HTTP200ALIASES
Pass a pointer to a linked list of aliases to be treated as valid HTTP 200
responses. Some servers respond with a custom header response line. For
@@ -1489,7 +1675,8 @@ When setting \fICURLOPT_HTTPGET\fP to 1, it will automatically set
.IP CURLOPT_HTTP_VERSION
Pass a long, set to one of the values described below. They force libcurl to
use the specific HTTP versions. This is not sensible to do unless you have a
good reason.
good reason. You have to set this option if you want to use libcurl's HTTP 2.0
support.
.RS
.IP CURL_HTTP_VERSION_NONE
We don't care about what version the library uses. libcurl will use whatever
@@ -1498,6 +1685,9 @@ it thinks fit.
Enforce HTTP 1.0 requests.
.IP CURL_HTTP_VERSION_1_1
Enforce HTTP 1.1 requests.
.IP CURL_HTTP_VERSION_2_0
Attempt HTTP 2.0 requests. libcurl will fall back to HTTP 1.x if HTTP 2.0
can't be negotiated with the server.
.RE
.IP CURLOPT_IGNORE_CONTENT_LENGTH
Ignore the Content-Length header. This is useful for Apache 1.x (and similar
@@ -1515,6 +1705,12 @@ Pass a long to tell libcurl how to act on transfer decoding. If set to zero,
transfer decoding will be disabled, if set to 1 it is enabled
(default). libcurl does chunked transfer decoding by default unless this
option is set to zero. (added in 7.16.2)
.IP CURLOPT_EXPECT_100_TIMEOUT_MS
Pass a long to tell libcurl the number of milliseconds to wait for a server
response with the HTTP status 100 (Continue), 417 (Expectation Failed) or
similar after sending a HTTP request containing an Expect: 100-continue
header. If this times out before a response is received, the request body is
sent anyway. By default, libcurl waits 1000 milliseconds. (Added in 7.36.0)
.SH SMTP OPTIONS
.IP CURLOPT_MAIL_FROM
Pass a pointer to a zero terminated string as parameter. This should be used
@@ -1535,12 +1731,18 @@ SMTP mail request. The linked list should be a fully valid list of \fBstruct
curl_slist\fP structs properly filled in. Use \fIcurl_slist_append(3)\fP to
create the list and \fIcurl_slist_free_all(3)\fP to clean up an entire list.
Each recipient should be specified within a pair of angled brackets (<>),
however, should you not use an angled bracket as the first character libcurl
will assume you provided a single email address and enclose that address
within brackets for you.
When performing a mail transfer, each recipient should be specified within a
pair of angled brackets (<>), however, should you not use an angled bracket as
the first character libcurl will assume you provided a single email address and
enclose that address within brackets for you. (Added in 7.20.0)
(Added in 7.20.0)
When performing an address verification (VRFY command), each recipient should
be specified as the user name or user name and domain (as per Section 3.5 of
RFC5321). (Added in 7.34.0)
When performing a mailing list expand (EXPN command), each recipient should be
specified using the mailing list name, such as "Friends" or "London-Office".
(Added in 7.34.0)
.IP CURLOPT_MAIL_AUTH
Pass a pointer to a zero terminated string as parameter. This will be used
to specify the authentication address (identity) of a submitted message that
@@ -1912,35 +2114,32 @@ source file to the remote target file.
Pass a curl_off_t as parameter. It contains the offset in number of bytes that
you want the transfer to start from. (Added in 7.11.0)
.IP CURLOPT_CUSTOMREQUEST
Pass a pointer to a zero terminated string as parameter. It can be used to
specify the request instead of GET or HEAD when performing HTTP based
requests, instead of LIST and NLST when performing FTP directory listings and
instead of LIST and RETR when issuing POP3 based commands. This is
particularly useful, for example, for performing a HTTP DELETE request or a
POP3 DELE command.
Please don't perform this at will, on HTTP based requests, by making sure
your server supports the command you are sending first.
Pass a pointer to a zero terminated string as parameter.
When you change the request method by setting \fBCURLOPT_CUSTOMREQUEST\fP to
something, you don't actually change how libcurl behaves or acts in regards
to the particular request method, it will only change the actual string sent
in the request.
Restore to the internal default by setting this to NULL.
This option can be used to specify the request:
.B HTTP
Instead of GET or HEAD when performing HTTP based requests. This is
particularly useful, for example, for performing a HTTP DELETE request.
For example:
With the HTTP protocol when you tell libcurl to do a HEAD request, but then
specify a GET though a custom request libcurl will still act as if it sent a
HEAD. To switch to a proper HEAD use \fICURLOPT_NOBODY\fP, to switch to a
proper POST use \fICURLOPT_POST\fP or \fICURLOPT_POSTFIELDS\fP and to switch
to a proper GET use CURLOPT_HTTPGET.
When you tell libcurl to do a HEAD request, but then specify a GET though a
custom request libcurl will still act as if it sent a HEAD. To switch to a
proper HEAD use \fICURLOPT_NOBODY\fP, to switch to a proper POST use
\fICURLOPT_POST\fP or \fICURLOPT_POSTFIELDS\fP and to switch to a proper GET
use CURLOPT_HTTPGET.
With the POP3 protocol when you tell libcurl to use a custom request it will
behave like a LIST or RETR command was sent where it expects data to be
returned by the server. As such \fICURLOPT_NOBODY\fP should be used when
specifying commands such as DELE and NOOP for example.
Restore to the internal default by setting this to NULL.
Please don't perform this at will, on HTTP based requests, by making sure
your server supports the command you are sending first.
Many people have wrongly used this option to replace the entire request with
their own, including multiple headers and POST contents. While that might
@@ -1950,7 +2149,35 @@ could possibly confuse the remote server badly. Use \fICURLOPT_POST\fP and
replace or extend the set of headers sent by libcurl. Use
\fICURLOPT_HTTP_VERSION\fP to change HTTP version.
(Support for POP3 added in 7.26.0)
.B FTP
Instead of LIST and NLST when performing FTP directory listings.
.B IMAP
Instead of LIST when issuing IMAP based requests. (Added in 7.30.0)
.B POP3
Instead of LIST and RETR when issuing POP3 based requests. (Added in 7.26.0)
For example:
When you tell libcurl to use a custom request it will behave like a LIST or
RETR command was sent where it expects data to be returned by the server. As
such \fICURLOPT_NOBODY\fP should be used when specifying commands such as
DELE and NOOP for example.
.B SMTP
Instead of a HELP or VRFY when issuing SMTP based requests. (Added in 7.34.0)
For example:
Normally a multiline response is returned which can be used, in conjuection with
\fICURLOPT_MAIL_RCPT\fP, to specify an EXPN request. If the \fICURLOPT_NOBODY\fP
option is specified then the request can be used to issue NOOP and RSET
commands.
.IP CURLOPT_FILETIME
Pass a long. If it is 1, libcurl will attempt to get the modification date of
the remote document in this operation. This requires that the remote server
@@ -1972,6 +2199,8 @@ as a long. See also \fICURLOPT_INFILESIZE_LARGE\fP.
For uploading using SCP, this option or \fICURLOPT_INFILESIZE_LARGE\fP is
mandatory.
To "unset" this value again, set it to -1.
When sending emails using SMTP, this command can be used to specify the
optional SIZE parameter for the MAIL FROM command. (Added in 7.23.0)
@@ -1984,6 +2213,11 @@ as a curl_off_t. (Added in 7.11.0)
For uploading using SCP, this option or \fICURLOPT_INFILESIZE\fP is mandatory.
To "unset" this value again, set it to -1.
When sending emails using SMTP, this command can be used to specify the
optional SIZE parameter for the MAIL FROM command. (Added in 7.23.0)
This option does not limit how much data libcurl will actually send, as that
is controlled entirely by what the read callback returns.
.IP CURLOPT_UPLOAD
@@ -2046,10 +2280,14 @@ In unix-like systems, this might cause signals to be used unless
Default timeout is 0 (zero) which means it never times out.
.IP CURLOPT_TIMEOUT_MS
Like \fICURLOPT_TIMEOUT\fP but takes number of milliseconds instead. If
libcurl is built to use the standard system name resolver, that portion
of the transfer will still use full-second resolution for timeouts with
a minimum timeout allowed of one second.
An alternative to \fICURLOPT_TIMEOUT\fP but takes number of milliseconds
instead. If libcurl is built to use the standard system name resolver, that
portion of the transfer will still use full-second resolution for timeouts
with a minimum timeout allowed of one second.
If both \fICURLOPT_TIMEOUT\fP and \fICURLOPT_TIMEOUT_MS\fP are set, the value
set last will be used.
(Added in 7.16.2)
.IP CURLOPT_LOW_SPEED_LIMIT
Pass a long as parameter. It contains the transfer speed in bytes per second
@@ -2063,12 +2301,18 @@ it too slow and abort.
Pass a curl_off_t as parameter. If an upload exceeds this speed (counted in
bytes per second) on cumulative average during the transfer, the transfer will
pause to keep the average rate less than or equal to the parameter value.
Defaults to unlimited speed. (Added in 7.15.5)
Defaults to unlimited speed.
This option doesn't affect transfer speeds done with FILE:// URLs. (Added in
7.15.5)
.IP CURLOPT_MAX_RECV_SPEED_LARGE
Pass a curl_off_t as parameter. If a download exceeds this speed (counted in
bytes per second) on cumulative average during the transfer, the transfer will
pause to keep the average rate less than or equal to the parameter
value. Defaults to unlimited speed. (Added in 7.15.5)
value. Defaults to unlimited speed.
This option doesn't affect transfer speeds done with FILE:// URLs. (Added in
7.15.5)
.IP CURLOPT_MAXCONNECTS
Pass a long. The set number will be the persistent connection cache size. The
set amount will be the maximum amount of simultaneously open connections that
@@ -2173,7 +2417,9 @@ ADDRESS can of course be either IPv4 or IPv6 style addressing.
This option effectively pre-populates the DNS cache with entries for the
host+port pair so redirects and everything that operations against the
HOST+PORT will instead use your provided ADDRESS.
HOST+PORT will instead use your provided ADDRESS. Addresses to set with
\fICURL_RESOLVE\fP will not time-out from the DNS cache like ordindary
entries.
You can remove names from the DNS cache again, to stop providing these fake
resolves, by including a string in the linked list that uses the format
@@ -2195,6 +2441,36 @@ This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
(Added in 7.24.0)
.IP CURLOPT_DNS_INTERFACE
Pass a char * as parameter. Set the name of the network interface that
the DNS resolver should bind to. This must be an interface name (not an
address). Set this option to NULL to use the default setting (don't
bind to a specific interface).
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
(Added in 7.33.0)
.IP CURLOPT_DNS_LOCAL_IP4
Set the local IPv4 address that the resolver should bind to. The argument
should be of type char * and contain a single IPv4 address as a string.
Set this option to NULL to use the default setting (don't
bind to a specific IP address).
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
(Added in 7.33.0)
.IP CURLOPT_DNS_LOCAL_IP6
Set the local IPv6 address that the resolver should bind to. The argument
should be of type char * and contain a single IPv6 address as a string.
Set this option to NULL to use the default setting (don't
bind to a specific IP address).
This option requires that libcurl was built with a resolver backend that
supports this operation. The c-ares backend is the only such one.
(Added in 7.33.0)
.IP CURLOPT_ACCEPTTIMEOUT_MS
Pass a long telling libcurl the maximum number of milliseconds to wait for a
server to connect back to libcurl when an active FTP connection is used. If no
@@ -2202,20 +2478,28 @@ timeout is set, the internal default of 60000 will be used. (Added in 7.24.0)
.SH SSL and SECURITY OPTIONS
.IP CURLOPT_SSLCERT
Pass a pointer to a zero terminated string as parameter. The string should be
the file name of your certificate. The default format is "PEM" and can be
changed with \fICURLOPT_SSLCERTTYPE\fP.
the file name of your certificate. The default format is "P12" on Secure
Transport and "PEM" on other engines, and can be changed with
\fICURLOPT_SSLCERTTYPE\fP.
With NSS this can also be the nickname of the certificate you wish to
authenticate with. If you want to use a file from the current directory, please
precede it with "./" prefix, in order to avoid confusion with a nickname.
With NSS or Secure Transport, this can also be the nickname of the certificate
you wish to authenticate with as it is named in the security database. If you
want to use a file from the current directory, please precede it with "./"
prefix, in order to avoid confusion with a nickname.
.IP CURLOPT_SSLCERTTYPE
Pass a pointer to a zero terminated string as parameter. The string should be
the format of your certificate. Supported formats are "PEM" and "DER". (Added
in 7.9.3)
the format of your certificate. Supported formats are "PEM" and "DER", except
with Secure Transport. OpenSSL (versions 0.9.3 and later) and Secure Transport
(on iOS 5 or later, or OS X 10.7 or later) also support "P12" for
PKCS#12-encoded files. (Added in 7.9.3)
.IP CURLOPT_SSLKEY
Pass a pointer to a zero terminated string as parameter. The string should be
the file name of your private key. The default format is "PEM" and can be
changed with \fICURLOPT_SSLKEYTYPE\fP.
(iOS and Mac OS X only) This option is ignored if curl was built against Secure
Transport. Secure Transport expects the private key to be already present in
the keychain or PKCS#12 file containing the certificate.
.IP CURLOPT_SSLKEYTYPE
Pass a pointer to a zero terminated string as parameter. The string should be
the format of your private key. Supported formats are "PEM", "DER" and "ENG".
@@ -2233,6 +2517,20 @@ load your private key.
(This option was known as CURLOPT_SSLKEYPASSWD up to 7.16.4 and
CURLOPT_SSLCERTPASSWD up to 7.9.2)
.IP CURLOPT_SSL_ENABLE_ALPN
Pass a long as parameter, 0 or 1 where 1 is for enable and 0 for disable. By
default, libcurl assumes a value of 1. This option enables/disables ALPN in
the SSL handshake (if the SSL backend libcurl is built to use supports it),
which can be used to negotiate http2.
(Added in 7.36.0)
.IP CURLOPT_SSL_ENABLE_NPN
Pass a long as parameter, 0 or 1 where 1 is for enable and 0 for disable. By
default, libcurl assumes a value of 1. This option enables/disables NPN in the
SSL handshake (if the SSL backend libcurl is built to use supports it), which
can be used to negotiate http2.
(Added in 7.36.0)
.IP CURLOPT_SSLENGINE
Pass a pointer to a zero terminated string as parameter. It will be used as
the identifier for the crypto engine you want to use for your private
@@ -2252,6 +2550,8 @@ Even though this option doesn't need any parameter, in some configurations
arguments. Therefore, it's recommended to pass 1 as parameter to this option.
.IP CURLOPT_SSLVERSION
Pass a long as parameter to control what version of SSL/TLS to attempt to use.
(Added in 7.9.2)
The available options are:
.RS
.IP CURL_SSLVERSION_DEFAULT
@@ -2259,11 +2559,17 @@ The default action. This will attempt to figure out the remote SSL protocol
version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
by default with 7.18.1).
.IP CURL_SSLVERSION_TLSv1
Force TLSv1
Force TLSv1.x
.IP CURL_SSLVERSION_SSLv2
Force SSLv2
.IP CURL_SSLVERSION_SSLv3
Force SSLv3
.IP CURL_SSLVERSION_TLSv1_0
Force TLSv1.0 (Added in 7.34.0)
.IP CURL_SSLVERSION_TLSv1_1
Force TLSv1.1 (Added in 7.34.0)
.IP CURL_SSLVERSION_TLSv1_2
Force TLSv1.2 (Added in 7.34.0)
.RE
.IP CURLOPT_SSL_VERIFYPEER
Pass a long as parameter. By default, curl assumes a value of 1.
@@ -2364,9 +2670,10 @@ Curl considers the server the intended one when the Common Name field or a
Subject Alternate Name field in the certificate matches the host name in the
URL to which you told Curl to connect.
When the value is 1, libcurl will return a failure. It was previously (in
7.28.0 and earlier) a debug option of some sorts, but it is no longer
supported due to frequently leading to programmer mistakes.
When the value is 1, \fIcurl_easy_setopt\fP will return an error and the option
value will not be changed. It was previously (in 7.28.0 and earlier) a debug
option of some sorts, but it is no longer supported due to frequently leading
to programmer mistakes.
When the value is 0, the connection succeeds regardless of the names in the
certificate.
@@ -2376,14 +2683,14 @@ The default value for this option is 2.
This option controls checking the server's certificate's claimed identity.
The server could be lying. To control lying, see
\fICURLOPT_SSL_VERIFYPEER\fP. If libcurl is built against NSS and
\fICURLOPT_SSL_VERIFYPEER\fP is zero, \fICURLOPT_SSL_VERIFYHOST\fP
is ignored.
\fICURLOPT_SSL_VERIFYPEER\fP is zero, \fICURLOPT_SSL_VERIFYHOST\fP is also set
to zero and cannot be overridden.
.IP CURLOPT_CERTINFO
Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
this enabled, libcurl (if built with OpenSSL) will extract lots of information
this enabled, libcurl (if built with OpenSSL, NSS, GSKit or QsoSSL) will
extract lots of information
and data about the certificates in the certificate chain used in the SSL
connection. This data is then possible to extract after a transfer using
connection. This data may then be retrieved after a transfer using
\fIcurl_easy_getinfo(3)\fP and its option \fICURLINFO_CERTINFO\fP. (Added in
7.19.1)
.IP CURLOPT_RANDOM_FILE
@@ -2488,6 +2795,14 @@ known_host matching has been done, to allow the application to act and decide
for libcurl how to proceed. The callback will only be called if
\fICURLOPT_SSH_KNOWNHOSTS\fP is also set.
.nf
int curl_sshkeycallback (CURL *easy, /* easy handle */
const struct curl_khkey *knownkey, /* known */
const struct curl_khkey *foundkey, /* found */
enum curl_khmatch, /* libcurl's view on the keys */
void *clientp);
.fi
The curl_sshkeycallback function gets passed the CURL handle, the key from the
known_hosts file, the key from the remote site, info from libcurl on the
matching status and a custom pointer (set with \fICURLOPT_SSH_KEYDATA\fP). It

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -42,7 +42,7 @@ After the \fIlastitem\fP pointer follow the real arguments.
The pointers \fIfirstitem\fP and \fIlastitem\fP should both be pointing to
NULL in the first call to this function. All list-data will be allocated by
the function itself. You must call \fIcurl_formfree(3)\fP on the
\fIfirstitem\P after the form post has been done to free the resources.
\fIfirstitem\fP after the form post has been done to free the resources.
Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header.
You can disable this header with \fICURLOPT_HTTPHEADER\fP as usual.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -21,22 +21,17 @@
.\" **************************************************************************
.TH curl_getdate 3 "12 Aug 2005" "libcurl 7.0" "libcurl Manual"
.SH NAME
curl_getdate - Convert a date string to number of seconds since January 1,
1970
curl_getdate - Convert a date string to number of seconds
.SH SYNOPSIS
.B #include <curl/curl.h>
.sp
.BI "time_t curl_getdate(char *" datestring ", time_t *"now " );"
.ad
.SH DESCRIPTION
This function returns the number of seconds since January 1st 1970 in the UTC
time zone, for the date and time that the \fIdatestring\fP parameter
specifies. The \fInow\fP parameter is not used, pass a NULL there.
\fBNOTE:\fP This function was rewritten for the 7.12.2 release and this
documentation covers the functionality of the new one. The new one is not
feature-complete with the old one, but most of the formats supported by the
new one was supported by the old too.
\fIcurl_getdate(3)\fP returns the number of seconds since the Epoch, January
1st 1970 00:00:00 in the UTC time zone, for the date and time that the
\fIdatestring\fP parameter specifies. The \fInow\fP parameter is not used,
pass a NULL there.
.SH PARSING DATES AND TIMES
A "date" is a string containing several items separated by whitespace. The
order of the items is immaterial. A date string may contain many flavors of
@@ -108,10 +103,3 @@ number).
Having a 64 bit time_t is not a guarantee that dates beyond 03:14:07 UTC,
January 19, 2038 will work fine. On systems with a 64 bit time_t but with a
crippled mktime(), \fIcurl_getdate\fP will return -1 in this case.
.SH REWRITE
The former version of this function was built with yacc and was not only very
large, it was also never quite understood and it wasn't possible to build with
non-GNU tools since only GNU Bison could make it thread-safe!
The rewrite was done for 7.12.2. The new one is much smaller and uses simpler
code.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -29,18 +29,26 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle, CURL *easy_handle);
.ad
.SH DESCRIPTION
Adds a standard easy handle to the multi stack. This function call will make
this \fImulti_handle\fP control the specified \fIeasy_handle\fP.
Furthermore, libcurl now initiates the connection associated with the
specified \fIeasy_handle\fP.
this \fImulti_handle\fP control the specified \fIeasy_handle\fP. Furthermore,
libcurl now initiates the connection associated with the specified
\fIeasy_handle\fP.
When an easy handle has been added to a multi stack, you can not and you must
not use \fIcurl_easy_perform(3)\fP on that handle!
While an easy handle is added to a multi stack, you can not and you must not
use \fIcurl_easy_perform(3)\fP on that handle. After having removed the handle
from the multi stack again, it is perfectly fine to use it with the easy
interface again.
If the easy handle is not set to use a shared (CURLOPT_SHARE) or global DNS
cache (CURLOPT_DNS_USE_GLOBAL_CACHE), it will be made to use the DNS cache
that is shared between all easy handles within the multi handle when
\fIcurl_multi_add_handle(3)\fP is called.
If you have CURLMOPT_TIMERFUNCTION set in the multi handle (and you really
should if you're working event-based with \fIcurl_multi_socket_action(3)\fP
and friends), that callback will be called from within this function to ask
for an updated timer so that your main event loop will get the activity on
this handle to get started.
The easy handle will remain added until you remove it again with
\fIcurl_multi_remove_handle(3)\fP. You should remove the easy handle from the
multi stack before you terminate first the easy handle and then the multi

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -28,8 +28,8 @@ curl_multi_assign \- set data to association with an internal socket
CURLMcode curl_multi_assign(CURLM *multi_handle, curl_socket_t sockfd,
void *sockptr);
.SH DESCRIPTION
This function assigns an association in the multi handle between the given
socket and a private pointer of the application. This is (only) useful for
This function creates an association in the multi handle between the given
socket and a private pointer of the application. This is designed for
\fIcurl_multi_socket(3)\fP uses.
When set, the \fIsockptr\fP pointer will be passed to all future socket
@@ -51,13 +51,13 @@ The standard CURLMcode for multi interface error codes.
.SH "TYPICAL USAGE"
In a typical application you allocate a struct or at least use some kind of
semi-dynamic data for each socket that we must wait for action on when using
the \fIcurl_multi_socket(3)\fP approach.
the \fIcurl_multi_socket_action(3)\fP approach.
When our socket-callback gets called by libcurl and we get to know about yet
another socket to wait for, we can use \fIcurl_multi_assign(3)\fP to point out
the particular data so that when we get updates about this same socket again,
we don't have to find the struct associated with this socket by ourselves.
.SH AVAILABILITY
This function was added in libcurl 7.15.5, although not deemed stable yet.
This function was added in libcurl 7.15.5.
.SH "SEE ALSO"
.BR curl_multi_setopt "(3), " curl_multi_socket "(3) "
.BR curl_multi_setopt "(3), " curl_multi_socket_action "(3) "

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -81,9 +81,9 @@ not used by libcurl but only passed-thru as-is. Set the callback pointer with
\fICURLMOPT_TIMERFUNCTION\fP. (Added in 7.16.0)
.IP CURLMOPT_MAXCONNECTS
Pass a long. The set number will be used as the maximum amount of
simultaneously open connections that libcurl may cache. Default is 10, and
libcurl will enlarge the size for each added easy handle to make it fit 4
times the number of added easy handles.
simultaneously open connections that libcurl may keep in its connection cache
after completed use. By default libcurl will enlarge the size for each added
easy handle to make it fit 4 times the number of added easy handles.
By setting this option, you can prevent the cache size from growing beyond the
limit set by you.
@@ -94,6 +94,9 @@ number of open connections from increasing.
This option is for the multi handle's use only, when using the easy interface
you should instead use the \fICURLOPT_MAXCONNECTS\fP option.
See \fICURLMOPT_MAX_TOTAL_CONNECTIONS\fP for limiting the number of active
connections.
(Added in 7.16.3)
.IP CURLMOPT_MAX_HOST_CONNECTIONS
Pass a long. The set number will be used as the maximum amount of

View File

@@ -74,9 +74,9 @@ The socket \fBcallback\fP function uses a prototype like this
int action, /* see values below */
void *userp, /* private callback pointer */
void *socketp); /* private socket pointer,
\fBNULL\fI if not
\fBNULL\fP if not
previously assigned with
\fIcurl_multi_assign(3)\fP */
\fBcurl_multi_assign(3)\fP */
.fi
The callback MUST return 0.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -36,12 +36,17 @@ CURLMcode curl_multi_wait(CURLM *multi_handle,
This function polls on all file descriptors used by the curl easy handles
contained in the given multi handle set. It will block until activity is
detected on at least one of the handles or \fItimeout_ms\fP has passed.
Alternatively, if the multi handle has a pending internal timeout that has a
shorter expiry time than \fItimeout_ms\fP, that shorter time will be used
instead to make sure timeout accuracy is reasonably kept.
The calling application may pass additional curl_waitfd structures which are
similar to \fIpoll(2)\fP's pollfd structure to be waited on in the same call.
On completion, if \fInumfds\fP is supplied, it will be populated with the
number of file descriptors on which interesting events occured.
total number of file descriptors on which interesting events occured. This
number can include both libcurl internal descriptors as well as descriptors
provided in \fIextra_fds\fP.
If no extra file descriptors are provided and libcurl has no file descriptor
to offer to wait for, this function will return immediately.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -30,6 +30,8 @@ curl_version - returns the libcurl version string
.SH DESCRIPTION
Returns a human readable string with the version number of libcurl and some of
its important components (like OpenSSL version).
We recommend using \fIcurl_version_info(3)\fP instead!
.SH RETURN VALUE
A pointer to a zero terminated string. The string resides in a statically
allocated buffer and must not be freed by the caller.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -20,7 +20,7 @@
.\" *
.\" **************************************************************************
.\"
.TH curl_version_info 3 "10 June 2009" "libcurl 7.19.6" "libcurl Manual"
.TH curl_version_info 3 "18 Feb 2014" "libcurl 7.33.0" "libcurl Manual"
.SH NAME
curl_version_info - returns run-time libcurl version info
.SH SYNOPSIS
@@ -30,11 +30,12 @@ curl_version_info - returns run-time libcurl version info
.ad
.SH DESCRIPTION
Returns a pointer to a filled in struct with information about various
run-time features in libcurl. \fItype\fP should be set to the version of this
functionality by the time you write your program. This way, libcurl will
always return a proper struct that your program understands, while programs in
the future might get a different struct. CURLVERSION_NOW will be the most
recent one for the library you have installed:
features in the running version of libcurl. \fItype\fP should be set to the
version of this functionality by the time you write your program. This way,
libcurl will always return a proper struct that your program understands,
while programs in the future might get a different
struct. \fBCURLVERSION_NOW\fP will be the most recent one for the library you
have installed:
data = curl_version_info(CURLVERSION_NOW);
@@ -133,6 +134,9 @@ libcurl was built with support for TLS-SRP. (Added in 7.21.4)
.IP CURL_VERSION_NTLM_WB
libcurl was built with support for NTLM delegation to a winbind helper.
(Added in 7.22.0)
.IP CURL_VERSION_HTTP2
libcurl was built with support for HTTP2.
(Added in 7.33.0)
.RE
\fIssl_version\fP is an ASCII string for the OpenSSL version used. If libcurl
has no SSL support, this is NULL.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -273,6 +273,9 @@ The passed-in socket is not a valid one that libcurl already knows about.
.IP "CURLM_UNKNOWN_OPTION (6)"
curl_multi_setopt() with unsupported option
(Added in 7.15.4)
.IP "CURLM_ADDED_ALREADY (7)"
An easy handle already added to a multi handle was attempted to get added a
second time. (Added in 7.32.1)
.SH "CURLSHcode"
The "share" interface will return a CURLSHcode to indicate when an error has
occurred. Also consider \fIcurl_share_strerror(3)\fP.

View File

@@ -34,8 +34,10 @@ The share interface was added to enable sharing of data between curl
\&"handles".
.SH "ONE SET OF DATA - MANY TRANSFERS"
You can have multiple easy handles share data between them. Have them update
and use the \fBsame\fP cookie database or DNS cache! This way, each single
transfer will take advantage from data updates made by the other transfer(s).
and use the \fBsame\fP cookie database, DNS cache, TLS session cache! This
way, each single transfer will take advantage from data updates made by the
other transfer(s). The sharing interface, however, does not share active or
persistent connections between different easy handles.
.SH "SHARE OBJECT"
You create a shared object with \fIcurl_share_init(3)\fP. It returns a handle
for a newly created one.

View File

@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -1157,13 +1157,13 @@ and install a CURLOPT_OPENSOCKETFUNCTION callback function in which addresses
are sanitized before use.
.IP "Private Resources"
A user who can control the DNS server of a domain being passed in within
a URL can change the address of the host to a local, private address
which the libcurl application will then use. e.g. The innocuous URL
http://fuzzybunnies.example.com/ could actually resolve to the IP address
of a server behind a firewall, such as 127.0.0.1 or 10.1.2.3
Apps can mitigate against this by setting a CURLOPT_OPENSOCKETFUNCTION
and checking the address before a connection.
A user who can control the DNS server of a domain being passed in within a URL
can change the address of the host to a local, private address which a
server-side libcurl-using application could then use. e.g. the innocuous URL
http://fuzzybunnies.example.com/ could actually resolve to the IP address of a
server behind a firewall, such as 127.0.0.1 or 10.1.2.3. Apps can mitigate
against this by setting a CURLOPT_OPENSOCKETFUNCTION and checking the address
before a connection.
All the malicious scenarios regarding redirected URLs apply just as well
to non-redirected URLs, if the user is allowed to specify an arbitrary URL
@@ -1178,6 +1178,19 @@ IP address and port number for a server local to the app running libcurl
but behind a firewall. Apps can mitigate against this by using the
CURLOPT_FTP_SKIP_PASV_IP option or CURLOPT_FTPPORT.
.IP "IPv6 Addresses"
libcurl will normally handle IPv6 addresses transparently and just as easily
as IPv4 addresses. That means that a sanitizing function that filters out
addressses like 127.0.0.1 isn't sufficient--the equivalent IPv6 addresses ::1,
::, 0:00::0:1, ::127.0.0.1 and ::ffff:7f00:1 supplied somehow by an attacker
would all bypass a naive filter and could allow access to undesired local
resources. IPv6 also has special address blocks like link-local and site-local
that generally shouldn't be accessed by a server-side libcurl-using
application. A poorly-configured firewall installed in a data center,
organization or server may also be configured to limit IPv4 connections but
leave IPv6 connections wide open. In some cases, the CURL_IPRESOLVE_V4 option
can be used to limit resolved addresses to IPv4 only and bypass these issues.
.IP Uploads
When uploading, a redirect can cause a local (or remote) file to be
overwritten. Apps must not allow any unsanitized URL to be passed in
@@ -1250,7 +1263,7 @@ using the Content-disposition: header to generate a file name. An application
could also use CURLINFO_EFFECTIVE_URL to generate a file name from a
server-supplied redirect URL. Special care must be taken to sanitize such
names to avoid the possibility of a malicious server supplying one like
"/etc/passwd", "\autoexec.bat" or even ".bashrc".
"/etc/passwd", "\\autoexec.bat", "prn:" or even ".bashrc".
.IP "Server Certificates"
A secure application should never use the CURLOPT_SSL_VERIFYPEER option to
@@ -1263,10 +1276,15 @@ validated certificates is potentially as insecure as a plain HTTP connection.
On a related issue, be aware that even in situations like when you have
problems with libcurl and ask someone for help, everything you reveal in order
to get best possible help might also impose certain security related
risks. Host names, user names, paths, operating system specifics, etc (not to
risks. Host names, user names, paths, operating system specifics, etc. (not to
mention passwords of course) may in fact be used by intruders to gain
additional information of a potential target.
Be sure to limit access to application logs if they could hold private or
security-related data. Besides the obvious candidates like user names and
passwords, things like URLs, cookies or even file names could also hold
sensitive data.
To avoid this problem, you must of course use your common sense. Often, you
can just edit out the sensitive data or just search/replace your true
information with faked data.
@@ -1347,10 +1365,10 @@ automatically share a lot of the data that otherwise would be kept on a
per-easy handle basis when the easy interface is used.
The DNS cache is shared between handles within a multi handle, making
subsequent name resolvings faster and the connection pool that is kept to
better allow persistent connections and connection re-use is shared. If you're
using the easy interface, you can still share these between specific easy
handles by using the share interface, see \fIlibcurl-share(3)\fP.
subsequent name resolving faster, and the connection pool that is kept to
better allow persistent connections and connection re-use is also shared. If
you're using the easy interface, you can still share these between specific
easy handles by using the share interface, see \fIlibcurl-share(3)\fP.
Some things are never shared automatically, not within multi handles, like for
example cookies so the only way to share that is with the share interface.

Some files were not shown because too many files have changed in this diff Show More