Skip to content
  1. Jan 19, 2017
    • Richy Kim's avatar
      CURLOPT_BUFFERSIZE: support enlarging receive buffer · 6b761669
      Richy Kim authored
      Replace use of fixed macro BUFSIZE to define the size of the receive
      buffer.  Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive
      buffer size.  Upon setting, resize buffer if larger than the current
      default size up to a MAX_BUFSIZE (512KB). This can benefit protocols
      like SFTP.
      
      Closes #1222
      6b761669
  2. Jan 16, 2017
  3. Jan 13, 2017
    • Isaac Boukris's avatar
      unix_socket: add support for abstract unix domain socket · 1d786fae
      Isaac Boukris authored
      
      
      In addition to unix domain sockets, Linux also supports an
      abstract namespace which is independent of the filesystem.
      
      In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET
      option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH
      internally, along with a flag to specify abstract socket.
      
      On non-supporting platforms, the abstract address will be
      interpreted as an empty string and fail gracefully.
      
      Also add new --abstract-unix-socket tool parameter.
      
      Signed-off-by: default avatarIsaac Boukris <iboukris@gmail.com>
      Reported-by: Chungtsun Li (typeless)
      Reviewed-by: Daniel Stenberg
      Reviewed-by: Peter Wu
      Closes #1197
      Fixes #1061
      1d786fae
  4. Dec 29, 2016
  5. Dec 23, 2016
  6. Dec 21, 2016
  7. Dec 16, 2016
  8. Dec 13, 2016
  9. Nov 26, 2016
  10. Nov 25, 2016
  11. Nov 24, 2016
    • Frank Gevaerts's avatar
      add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme} · ba410f6c
      Frank Gevaerts authored
      Adds access to the effectively used protocol/scheme to both libcurl and
      curl, both in string and numeric (CURLPROTO_*) form.
      
      Note that the string form will be uppercase, as it is just the internal
      string.
      
      As these strings are declared internally as const, and all other strings
      returned by curl_easy_getinfo() are de-facto const as well, string
      handling in getinfo.c got const-ified.
      
      Closes #1137
      ba410f6c
    • Daniel Stenberg's avatar
    • Daniel Stenberg's avatar
      dbadaebf
    • Alex Rousskov's avatar
      proxy: Support HTTPS proxy and SOCKS+HTTP(s) · cb4e2be7
      Alex Rousskov authored
      * HTTPS proxies:
      
      An HTTPS proxy receives all transactions over an SSL/TLS connection.
      Once a secure connection with the proxy is established, the user agent
      uses the proxy as usual, including sending CONNECT requests to instruct
      the proxy to establish a [usually secure] TCP tunnel with an origin
      server. HTTPS proxies protect nearly all aspects of user-proxy
      communications as opposed to HTTP proxies that receive all requests
      (including CONNECT requests) in vulnerable clear text.
      
      With HTTPS proxies, it is possible to have two concurrent _nested_
      SSL/TLS sessions: the "outer" one between the user agent and the proxy
      and the "inner" one between the user agent and the origin server
      (through the proxy). This change adds supports for such nested sessions
      as well.
      
      A secure connection with a proxy requires its own set of the usual SSL
      options (their actual descriptions differ and need polishing, see TODO):
      
        --proxy-cacert FILE        CA certificate to verify peer against
        --proxy-capath DIR         CA directory to verify peer against
        --proxy-cert CERT[:PASSWD] Client certificate file and password
        --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
        --proxy-ciphers LIST       SSL ciphers to use
        --proxy-crlfile FILE       Get a CRL list in PEM format from the file
        --proxy-insecure           Allow connections to proxies with bad certs
        --proxy-key KEY            Private key file name
        --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
        --proxy-pass PASS          Pass phrase for the private key
        --proxy-ssl-allow-beast    Allow security flaw to improve interop
        --proxy-sslv2              Use SSLv2
        --proxy-sslv3              Use SSLv3
        --proxy-tlsv1              Use TLSv1
        --proxy-tlsuser USER       TLS username
        --proxy-tlspassword STRING TLS password
        --proxy-tlsauthtype STRING TLS authentication type (default SRP)
      
      All --proxy-foo options are independent from their --foo counterparts,
      except --proxy-crlfile which defaults to --crlfile and --proxy-capath
      which defaults to --capath.
      
      Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
      similar to the existing %{ssl_verify_result} variable.
      
      Supported backends: OpenSSL, GnuTLS, and NSS.
      
      * A SOCKS proxy + HTTP/HTTPS proxy combination:
      
      If both --socks* and --proxy options are given, Curl first connects to
      the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
      proxy.
      
      TODO: Update documentation for the new APIs and --proxy-* options.
      Look for "Added in 7.XXX" marks.
      cb4e2be7
  12. Nov 09, 2016
  13. Nov 07, 2016
    • Kamil Dudka's avatar
      vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3 · 6ad3add6
      Kamil Dudka authored
      Fully implemented with the NSS backend only for now.
      
      Reviewed-by: Ray Satiro
      6ad3add6
    • Daniel Stenberg's avatar
      s/cURL/curl · 27302abb
      Daniel Stenberg authored
      We're mostly saying just "curl" in lower case these days so here's a big
      cleanup to adapt to this reality. A few instances are left as the
      project could still formally be considered called cURL.
      27302abb
  14. Nov 03, 2016
  15. Sep 22, 2016
  16. Sep 08, 2016
  17. Sep 07, 2016
  18. Aug 09, 2016
  19. Aug 03, 2016
  20. Jul 31, 2016
    • Daniel Stenberg's avatar
      include: revert 9adf3c47 and make public types void * again · d6604524
      Daniel Stenberg authored
      Many applications assume the actual contents of the public types and use
      that do for example forward declarations (saving them from including our
      public header) which then breaks when we switch from void * to a struct
      *.
      
      I'm not convinced we were wrong, but since this practise seems
      widespread enough I'm willing to (partly) step down.
      
      Now libcurl uses the struct itself when it is built and it allows
      applications to use the struct type if CURL_STRICTER is defined at the
      time of the #include.
      
      Reported-by: Peter Frühberger
      Fixes #926
      d6604524
  21. Jul 21, 2016
  22. Jun 22, 2016
  23. May 30, 2016
  24. May 18, 2016
  25. Apr 25, 2016
  26. Apr 22, 2016
  27. Apr 18, 2016
  28. Apr 17, 2016
  29. Apr 12, 2016
  30. Apr 09, 2016
  31. Apr 03, 2016