Skip to content
  1. Sep 04, 2017
  2. Sep 03, 2017
  3. Sep 02, 2017
    • Patrick Monnerat's avatar
      mime: new MIME API. · ce0881ed
      Patrick Monnerat authored
      Available in HTTP, SMTP and IMAP.
      Deprecates the FORM API.
      See CURLOPT_MIMEPOST.
      Lib code and associated documentation.
      ce0881ed
  4. Aug 30, 2017
  5. Aug 28, 2017
    • Johannes Schindelin's avatar
      version: add the CURL_VERSION_MULTI_SSL feature flag · 9d96a5f0
      Johannes Schindelin authored
      
      
      This new feature flag reports When cURL was built with multiple SSL
      backends.
      
      Signed-off-by: default avatarJohannes Schindelin <johannes.schindelin@gmx.de>
      9d96a5f0
    • Johannes Schindelin's avatar
      vtls: introduce curl_global_sslset() · 1328f69d
      Johannes Schindelin authored
      
      
      Let's add a compile time safe API to select an SSL backend. This
      function needs to be called *before* curl_global_init(), and can be
      called only once.
      
      Side note: we do not explicitly test that it is called before
      curl_global_init(), but we do verify that it is not called multiple times
      (even implicitly).
      
      If SSL is used before the function was called, it will use whatever the
      CURL_SSL_BACKEND environment variable says (or default to the first
      available SSL backend), and if a subsequent call to
      curl_global_sslset() disagrees with the previous choice, it will fail
      with CURLSSLSET_TOO_LATE.
      
      The function also accepts an "avail" parameter to point to a (read-only)
      NULL-terminated list of available backends. This comes in real handy if
      an application wants to let the user choose between whatever SSL backends
      the currently available libcurl has to offer: simply call
      
      	curl_global_sslset(-1, NULL, &avail);
      
      which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail
      variable to point to the relevant information to present to the user.
      
      Just like with the HTTP/2 push functions, we have to add the function
      declaration of curl_global_sslset() function to the header file
      *multi.h* because VMS and OS/400 require a stable order of functions
      declared in include/curl/*.h (where the header files are sorted
      alphabetically). This looks a bit funny, but it cannot be helped.
      
      Signed-off-by: default avatarJohannes Schindelin <johannes.schindelin@gmx.de>
      1328f69d
    • Johannes Schindelin's avatar
      vtls: refactor out essential information about the SSL backends · b59288f8
      Johannes Schindelin authored
      
      
      There is information about the compiled-in SSL backends that is really
      no concern of any code other than the SSL backend itself, such as which
      function (if any) implements SHA-256 summing.
      
      And there is information that is really interesting to the user, such as
      the name, or the curl_sslbackend value.
      
      Let's factor out the latter into a publicly visible struct. This
      information will be used in the upcoming API to set the SSL backend
      globally.
      
      Signed-off-by: default avatarJohannes Schindelin <johannes.schindelin@gmx.de>
      b59288f8
  6. Aug 17, 2017
  7. Jun 28, 2017
    • Kamil Dudka's avatar
      CURLOPT_SOCKS5_AUTH: allowed methods for SOCKS5 proxy auth · 8924f58c
      Kamil Dudka authored
      If libcurl was built with GSS-API support, it unconditionally advertised
      GSS-API authentication while connecting to a SOCKS5 proxy.  This caused
      problems in environments with improperly configured Kerberos: a stock
      libcurl failed to connect, despite libcurl built without GSS-API
      connected fine using username and password.
      
      This commit introduces the CURLOPT_SOCKS5_AUTH option to control the
      allowed methods for SOCKS5 authentication at run time.
      
      Note that a new option was preferred over reusing CURLOPT_PROXYAUTH
      for compatibility reasons because the set of authentication methods
      allowed by default was different for HTTP and SOCKS5 proxies.
      
      Bug: https://curl.haxx.se/mail/lib-2017-01/0005.html
      Closes https://github.com/curl/curl/pull/1454
      8924f58c
  8. Jun 21, 2017
  9. Jun 19, 2017
    • Daniel Stenberg's avatar
      http: add --strip-path-slash and CURLOPT_STRIP_PATH_SLASH · b778ae4c
      Daniel Stenberg authored
      ... to enable sending "OPTIONS *" which wasn't possible previously.
      
      This option currently only works for HTTP.
      
      Added test cases 1298 + 1299 to verify
      
      Fixes #1280
      Closes #1462
      b778ae4c
    • Daniel Stenberg's avatar
      getinfo: return sizes as curl_off_t · 3b80d3ca
      Daniel Stenberg authored
      This change introduces new alternatives for the existing six
      curl_easy_getinfo() options that return sizes or speeds as doubles. The
      new versions are named like the old ones but with an appended '_T':
      
      CURLINFO_CONTENT_LENGTH_DOWNLOAD_T
      CURLINFO_CONTENT_LENGTH_UPLOAD_T
      CURLINFO_SIZE_DOWNLOAD_T
      CURLINFO_SIZE_UPLOAD_T
      CURLINFO_SPEED_DOWNLOAD_T
      CURLINFO_SPEED_UPLOAD_T
      
      Closes #1511
      3b80d3ca
  10. Jun 14, 2017
  11. Jun 01, 2017
  12. Apr 03, 2017
    • Daniel Stenberg's avatar
      include: curl/system.h is a run-time version of curlbuild.h · 9506d01e
      Daniel Stenberg authored
      system.h is aimed to replace curlbuild.h at a later point in time when
      we feel confident system.h works sufficiently well.
      
      curl/system.h is currently used in parallel with curl/curlbuild.h
      
      curl/system.h determines a data sizes, data types and include file
      status based on available preprocessor defines instead of getting
      generated at build-time. This, in order to avoid relying on a build-time
      generated file that makes it complicated to do 32 and 64 bit bields from
      the same installed set of headers.
      
      Test 1541 verifies that system.h comes to the same conclusion that
      curlbuild.h offers.
      
      Closes #1373
      9506d01e
  13. Mar 26, 2017
  14. Mar 12, 2017
  15. Mar 08, 2017
  16. Jan 19, 2017
    • Richy Kim's avatar
      CURLOPT_BUFFERSIZE: support enlarging receive buffer · 6b761669
      Richy Kim authored
      Replace use of fixed macro BUFSIZE to define the size of the receive
      buffer.  Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive
      buffer size.  Upon setting, resize buffer if larger than the current
      default size up to a MAX_BUFSIZE (512KB). This can benefit protocols
      like SFTP.
      
      Closes #1222
      6b761669
  17. Jan 16, 2017
  18. Jan 13, 2017
    • Isaac Boukris's avatar
      unix_socket: add support for abstract unix domain socket · 1d786fae
      Isaac Boukris authored
      
      
      In addition to unix domain sockets, Linux also supports an
      abstract namespace which is independent of the filesystem.
      
      In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET
      option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH
      internally, along with a flag to specify abstract socket.
      
      On non-supporting platforms, the abstract address will be
      interpreted as an empty string and fail gracefully.
      
      Also add new --abstract-unix-socket tool parameter.
      
      Signed-off-by: default avatarIsaac Boukris <iboukris@gmail.com>
      Reported-by: Chungtsun Li (typeless)
      Reviewed-by: Daniel Stenberg
      Reviewed-by: Peter Wu
      Closes #1197
      Fixes #1061
      1d786fae
  19. Dec 29, 2016
  20. Dec 16, 2016
  21. Dec 13, 2016
  22. Nov 26, 2016
  23. Nov 25, 2016
  24. Nov 24, 2016
    • Frank Gevaerts's avatar
      add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme} · ba410f6c
      Frank Gevaerts authored
      Adds access to the effectively used protocol/scheme to both libcurl and
      curl, both in string and numeric (CURLPROTO_*) form.
      
      Note that the string form will be uppercase, as it is just the internal
      string.
      
      As these strings are declared internally as const, and all other strings
      returned by curl_easy_getinfo() are de-facto const as well, string
      handling in getinfo.c got const-ified.
      
      Closes #1137
      ba410f6c
    • Daniel Stenberg's avatar
      dbadaebf
    • Alex Rousskov's avatar
      proxy: Support HTTPS proxy and SOCKS+HTTP(s) · cb4e2be7
      Alex Rousskov authored
      * HTTPS proxies:
      
      An HTTPS proxy receives all transactions over an SSL/TLS connection.
      Once a secure connection with the proxy is established, the user agent
      uses the proxy as usual, including sending CONNECT requests to instruct
      the proxy to establish a [usually secure] TCP tunnel with an origin
      server. HTTPS proxies protect nearly all aspects of user-proxy
      communications as opposed to HTTP proxies that receive all requests
      (including CONNECT requests) in vulnerable clear text.
      
      With HTTPS proxies, it is possible to have two concurrent _nested_
      SSL/TLS sessions: the "outer" one between the user agent and the proxy
      and the "inner" one between the user agent and the origin server
      (through the proxy). This change adds supports for such nested sessions
      as well.
      
      A secure connection with a proxy requires its own set of the usual SSL
      options (their actual descriptions differ and need polishing, see TODO):
      
        --proxy-cacert FILE        CA certificate to verify peer against
        --proxy-capath DIR         CA directory to verify peer against
        --proxy-cert CERT[:PASSWD] Client certificate file and password
        --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
        --proxy-ciphers LIST       SSL ciphers to use
        --proxy-crlfile FILE       Get a CRL list in PEM format from the file
        --proxy-insecure           Allow connections to proxies with bad certs
        --proxy-key KEY            Private key file name
        --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
        --proxy-pass PASS          Pass phrase for the private key
        --proxy-ssl-allow-beast    Allow security flaw to improve interop
        --proxy-sslv2              Use SSLv2
        --proxy-sslv3              Use SSLv3
        --proxy-tlsv1              Use TLSv1
        --proxy-tlsuser USER       TLS username
        --proxy-tlspassword STRING TLS password
        --proxy-tlsauthtype STRING TLS authentication type (default SRP)
      
      All --proxy-foo options are independent from their --foo counterparts,
      except --proxy-crlfile which defaults to --crlfile and --proxy-capath
      which defaults to --capath.
      
      Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
      similar to the existing %{ssl_verify_result} variable.
      
      Supported backends: OpenSSL, GnuTLS, and NSS.
      
      * A SOCKS proxy + HTTP/HTTPS proxy combination:
      
      If both --socks* and --proxy options are given, Curl first connects to
      the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
      proxy.
      
      TODO: Update documentation for the new APIs and --proxy-* options.
      Look for "Added in 7.XXX" marks.
      cb4e2be7
  25. Nov 07, 2016
  26. Sep 22, 2016
  27. Sep 08, 2016
  28. Aug 09, 2016
  29. Jul 31, 2016
    • Daniel Stenberg's avatar
      include: revert 9adf3c47 and make public types void * again · d6604524
      Daniel Stenberg authored
      Many applications assume the actual contents of the public types and use
      that do for example forward declarations (saving them from including our
      public header) which then breaks when we switch from void * to a struct
      *.
      
      I'm not convinced we were wrong, but since this practise seems
      widespread enough I'm willing to (partly) step down.
      
      Now libcurl uses the struct itself when it is built and it allows
      applications to use the struct type if CURL_STRICTER is defined at the
      time of the #include.
      
      Reported-by: Peter Frühberger
      Fixes #926
      d6604524
  30. Jun 22, 2016
  31. May 30, 2016