Skip to content
  1. Aug 16, 2012
    • Gokhan Sengun's avatar
      ftp: active conn, allow application to set sockopt after accept() call · 23ef5e4b
      Gokhan Sengun authored
      For active FTP connections, applications may need setting the sockopt after accept() call returns successful. This fix gives a call to the callback registered with CURL_SOCKOPTFUNCTION option. Also a new sock type - CURLSOCKTYPE_ACCEPT - is added. This type is to be passed to application callbacks with - purpose - parameter. Applications may use this parameter to distinguish between socket types.
      23ef5e4b
  2. Aug 08, 2012
  3. Jun 11, 2012
    • Daniel Stenberg's avatar
      Revert: 634f7cfe partially · af0888aa
      Daniel Stenberg authored
      Make sure CURL_VERSION_SSPI is present and works as in previous releases
      for ABI and API compatibility reasons.
      af0888aa
    • Marc Hoersken's avatar
      version: Replaced SSPI feature information with version string details · 634f7cfe
      Marc Hoersken authored
      Added Windows SSPI version information to the curl version string when
      SCHANNEL SSL is not enabled, as the version of the library should also
      be included when SSPI is used to generate security contexts.
      
      Removed SSPI from the feature list as the features are GSS-Negotiate,
      NTLM and SSL depending on the usage of the SSPI library.
      634f7cfe
  4. Apr 18, 2012
  5. Apr 05, 2012
  6. Feb 14, 2012
    • Steve Holme's avatar
      smtp_mail: Added support to MAIL FROM for the optional AUTH parameter · 0cf0ab6f
      Steve Holme authored
      Added a new CURLOPT_MAIL_AUTH option that allows the calling program to
      set the optional AUTH parameter in the MAIL FROM command.
      
      When this option is specified and an authentication mechanism is used
      to communicate with the mail server then the AUTH parameter will be
      included in the MAIL FROM command. This is particularly useful when the
      calling program is acting as a relay in a trusted environment and
      performing server to server communication, as it allows the relaying
      server to specify the address of the mailbox that was used to
      authenticate and send the original email.
      0cf0ab6f
  7. Feb 09, 2012
    • Daniel Stenberg's avatar
      CURLOPT_SSL_OPTIONS: added · 2a699bc6
      Daniel Stenberg authored
      Allow an appliction to set libcurl specific SSL options. The first and
      only options supported right now is CURLSSLOPT_ALLOW_BEAST.
      
      It will make libcurl to disable any work-arounds the underlying SSL
      library may have to address a known security flaw in the SSL3 and TLS1.0
      protocol versions.
      
      This is a reaction to us unconditionally removing that behavior after
      this security advisory:
      
      http://curl.haxx.se/docs/adv_20120124B.html
      
      ... it did however cause a lot of programs to fail because of old
      servers not liking this work-around. Now programs can opt to decrease
      the security in order to interoperate with old servers better.
      2a699bc6
    • Dave Reisner's avatar
      add library support for tuning TCP_KEEPALIVE · 705f0f7a
      Dave Reisner authored
      This adds three new options to control the behavior of TCP keepalives:
      
      - CURLOPT_TCP_KEEPALIVE: enable/disable probes
      - CURLOPT_TCP_KEEPIDLE: idle time before sending first probe
      - CURLOPT_TCP_KEEPINTVL: delay between successive probes
      
      While not all operating systems support the TCP_KEEPIDLE and
      TCP_KEEPINTVL knobs, the library will still allow these options to be
      set by clients, silently ignoring the values.
      705f0f7a
  8. Jan 05, 2012
    • Daniel Stenberg's avatar
      curl.h: provide backwards compatible symbols · 52824ed1
      Daniel Stenberg authored
      In commit c834213a we re-used some obsolete error codes, and here are
      two defines that makes sure existing source codes that happen to use any
      of these deprecated ones will still compile.
      
      As usual, define CURL_NO_OLDIES to avoid getting these "precaution
      defines".
      52824ed1
  9. Dec 20, 2011
    • Gokhan Sengun's avatar
      FTP: perform active connections non-blocking · c834213a
      Gokhan Sengun authored
      1- Two new error codes are introduced.
      
      CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
      FTP server connected.
      
      CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.
      
      Neither of these errors are considered fatal and control connection
      remains OK because it could just be a firewall blocking server to
      connect to the client.
      
      2- One new setopt option was introduced.
      
      CURLOPT_ACCEPTTIMEOUT_MS
      
      It sets the maximum amount of time FTP client is going to wait for a
      server to connect. Internal default accept timeout is 60 seconds.
      c834213a
    • Cédric Deltheil's avatar
      curl.h: add __ANDROID__ macro check · bedfafe3
      Cédric Deltheil authored
      When working with the Android Standalone Toolchain the compiler defines
      this macro:
      
        /path/to/arm-linux-androideabi-gcc -E -dM - < /dev/null \
        | grep -i android
        #define __ANDROID__ 1
      
      We really need to check both ANDROID and __ANDROID__ since I've observed
      that:
      
      * if you use Android.mk file(s) and the 'ndk-build' script (aka vanilla
      way), ANDROID is predefined (see -DANDROID extra C flag),
      
      * if you use the Android Standalone Toolchain, then __ANDROID__ is
      predefined as stated by the compiler
      bedfafe3
  10. Nov 17, 2011
  11. Oct 03, 2011
    • Daniel Stenberg's avatar
      share: don't use SSL unless enabled · 15e3e451
      Daniel Stenberg authored
      Don't even declare the struct members for disabled features
      
      Introducing the CURLSHE_NOT_BUILT_IN return code for the share interface
      when trying to set a sharing option that has been disabled (or not
      enabled) in the library.
      15e3e451
  12. Sep 26, 2011
  13. Sep 25, 2011
  14. Aug 26, 2011
    • Yang Tse's avatar
      NTLM single-sign on adjustments (X) · 407e08ba
      Yang Tse authored
      Functions renamed:
      
      Curl_output_ntlm_sso -> Curl_output_ntlm_wb
      sso_ntlm_close -> wb_ntlm_close
      sso_ntlm_response -> wb_ntlm_response
      sso_ntlm_initiate -> wb_ntlm_initiate
      
      Preprocessor symbols renamed:
      
      CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
      CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
      407e08ba
  15. Aug 09, 2011
  16. Aug 05, 2011
  17. Aug 04, 2011
  18. Aug 03, 2011
  19. Jul 18, 2011
  20. May 18, 2011
  21. May 09, 2011
    • Daniel Stenberg's avatar
      include: cleanup · 2ef7a28a
      Daniel Stenberg authored
      Made the public headers checksrc compliant
      
      Removed types.h (it's been unused since April 2004)
      
      Made the root makefile do make in include by default as well, so that
      TAGS and the checksrc will work better.
      2ef7a28a
  22. May 04, 2011
  23. Apr 21, 2011
  24. Apr 18, 2011
  25. Apr 05, 2011
    • Dan Fandrich's avatar
      5b716b7c
    • Daniel Stenberg's avatar
      return code cleanup: build, init and run-time errors · 01f05d0c
      Daniel Stenberg authored
      Stop the abuse of CURLE_FAILED_INIT as return code for things not being
      init related by introducing two new return codes:
      
      CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION
      
      CURLE_NOT_BUILT_IN replaces return code 4 that has been obsoleted for
      several years. It is used for returning error when something is
      attempted to be used but the feature/option was not enabled or
      explictitly disabled at build-time. Getting this error mostly means that
      libcurl needs to be rebuilt.
      
      CURLE_FAILED_INIT is now saved and used strictly for init
      failures. Getting this problem means something went seriously wrong,
      like a resource shortage or similar.
      
      CURLE_UNKNOWN_OPTION is the option formerly known as
      CURLE_UNKNOWN_TELNET_OPTION (and the old name is still present,
      separately defined to be removed in a very distant future). This error
      code is meant to be used to return when an option is given to libcurl
      that isn't known. This problem would mostly indicate a problem in the
      program that uses libcurl.
      01f05d0c
  26. Feb 17, 2011
  27. Feb 09, 2011
    • Quinn Slack's avatar
      CURLE_TLSAUTH_FAILED: removed · 3cffcba3
      Quinn Slack authored
      On second thought, I think CURLE_TLSAUTH_FAILED should be eliminated. It
      was only being raised when an internal error occurred while allocating
      or setting the GnuTLS SRP client credentials struct. For TLS
      authentication failures, the general CURLE_SSL_CONNECT_ERROR seems
      appropriate; its error string already includes "passwords" as a possible
      cause. Having a separate TLS auth error code might also cause people to
      think that a TLS auth failure means the wrong username or password was
      entered, when it could also be a sign of a man-in-the-middle attack.
      3cffcba3
  28. Jan 19, 2011
  29. Nov 11, 2010
    • Daniel Stenberg's avatar
      HTTP Auth: Add CURLAUTH_ONLY · 86367422
      Daniel Stenberg authored
      This is a meta symbol. OR this value together with a single specific
      auth value to force libcurl to probe for un-restricted auth and if not,
      only that single auth algorithm is acceptable.
      
      For example you can use CURLAUTH_DIGEST|CURLAUTH_ONLY to make libcurl
      first probe for what method to use, but yet only consider Digest to be
      acceptable.
      
      Using _only_ CURLAUTH_DIGEST without the CURLAUTH_ONLY field, will make
      libcurl explicitly use Digest right away and not do any probing.
      86367422
  30. Nov 08, 2010
    • Daniel Stenberg's avatar
      CURLOPT_RESOLVE: added · 1b24b89c
      Daniel Stenberg authored
      CURLOPT_RESOLVE is a new option that sends along a curl_slist with
      name:port:address sets that will populate the DNS cache with entries so
      that request can be "fooled" to use another host than what otherwise
      would've been used. Previously we've encouraged the use of Host: for
      that when dealing with HTTP, but this new feature has the added bonus
      that it allows the name from the URL to be used for TLS SNI and server
      certificate name checks as well.
      
      This is a first change. Surely more will follow to make it decent.
      1b24b89c
  31. Aug 25, 2010
  32. Jun 04, 2010