| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
+ a libcurl warning in the debug output
Assisted-by: Jay Satiro
Ref: https://curl.se/mail/lib-2023-01/0039.html
Closes #10278
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
|
| |
|
|
|
|
|
|
|
| |
Commit 3b16575ae938dec2a29454631a12aa52b6ab9c67 removed support for
building on Novell Netware, but a few leftover traces remained. This
removes the last bits.
Closes: #9966
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
| |
|
|
|
|
|
|
| |
If the run-time libcurl is too old to support feature names, the name
array is created locally from the bit masks. This is the only sequence
left that uses feature bit masks.
Closes #9583
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace bit mask protocol sets by null-terminated arrays of protocol
tokens. These are the addresses of the protocol names returned by
curl_version_info().
Protocol names are sorted case-insensitively before output to satisfy CI
tests matches consistency.
The protocol list returned by curl_version_info() is augmented with all
RTMP protocol variants.
Test 1401 adjusted for new alpha ordered output.
Closes #9546
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As they are now rejected by the library, take care of not passing
disabled protocol names to CURLOPT_PROTOCOLS_STR and
CURLOPT_REDIR_PROTOCOLS_STR.
Rather than using the CURLPROTO_* constants, dynamically assign protocol
numbers based on the order they are listed by curl_version_info().
New type proto_set_t implements prototype bit masks: it should therefore
be large enough to accomodate all library-enabled protocols. If not,
protocol numbers beyond the bit count of proto_set_t are recognized but
"inaccessible": when used, a warning is displayed and the value is
ignored. Should proto_set_t overflows, enabled protocols are reordered to
force those having a public CURLPROTO_* representation to be accessible.
Code has been added to subordinate RTMP?* protocols to the presence of
RTMP in the enabled protocol list, being returned by curl_version_info()
or not.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Referring to Daniel's article [1], making the init function thread-safe
was the last bit to make libcurl thread-safe as a whole. So the name of
the feature may as well be the more concise 'threadsafe', also telling
the story that libcurl is now fully thread-safe, not just its init
function. Chances are high that libcurl wants to remain so in the
future, so there is little likelihood of ever needing any other distinct
`threadsafe-<name>` feature flags.
For consistency we also shorten `CURL_VERSION_THREADSAFE_INIT` to
`CURL_VERSION_THREADSAFE`, update its description and reference libcurl's
thread safety documentation.
[1]: https://daniel.haxx.se/blog/2022/06/08/making-libcurl-init-more-thread-safe/
Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Closes #8989
|
| |
|
|
|
|
|
|
|
|
|
| |
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
|
| |
|
|
|
|
|
|
|
|
| |
This flag can be used to make sure that curl_global_init() is
thread-safe.
This can be useful for libraries that can't control what other
dependencies are doing with Curl.
Closes #8680
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In CMakeLists.txt there is an attempt to detect `stricmp()`, and in
certain cases, this attempt is the only successful one to detect a
case-insensitive comparison function. `HAVE_STRICMP` is defined as
a result, but this macro wasn't used anywhere in the source. This
patch makes use of it as an alternative when alpha-sorting the
`--version` feature list.
Reviewed-by: Daniel Stenberg
Closes #8916
|
| |
|
|
|
|
|
| |
Does not overwrite output files if they already exist
Closes #7708
Co-authored-by: Daniel Stenberg
|
| |
|
|
|
|
|
| |
... not a size_t!
Detected by Coverity: CID 1492331.
Closes #7823
|
| |
|
|
|
|
|
|
| |
Adjust the description position to make an aligned column when doing
help listings, which is more pleasing to the eye.
Suggested-by: Gisle Vanem
Closes #7792
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tool_listhelp.c is now a separate file with only the command line --help
output, exactly as generated by gen.pl. This makes it easier to generate
updates according to what's in the docs/cmdline-opts docs.
cd $srcroot/docs/cmdline-opts
./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
With a configure build, this also works:
make -C src listhelp
Closes #7787
|
| |
|
|
|
|
|
| |
Added support for SHA256 fingerprint in command line curl and in
libcurl.
Closes #7646
|
| |
|
|
|
|
|
|
|
|
|
| |
The file format for each option now features a "Example:" header that
can provide one or more examples that get rendered appropriately in the
output. All options MUST have at least one example or gen.pl complains
at build-time.
This fix also does a few other minor format and consistency cleanups.
Closes #7654
|
| |
|
|
|
|
| |
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Closes #7413
|
| |
|
|
|
|
|
| |
The PRINT_LINES_PAUSE macro is no longer used, and has been mostly
cleaned out but one occurrence remained.
Closes https://github.com/curl/curl/pull/7380
|
| |
|
|
|
|
|
|
| |
This is a followup to commit f410b9e538129e77607fef1 fixing a few
more commands which takes arguments.
Closes #7382
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
| |
|
|
|
| |
Closes #7378
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Warning: this will make existing curl command lines that use metalink to
stop working.
Reasons for removal:
1. We've found several security problems and issues involving the
metalink support in curl. The issues are not detailed here. When
working on those, it become apparent to the team that several of the
problems are due to the system design, metalink library API and what
the metalink RFC says. They are very hard to fix on the curl side
only.
2. The metalink usage with curl was only very briefly documented and was
not following the "normal" curl usage pattern in several ways, making
it surprising and non-intuitive which could lead to further security
issues.
3. The metalink library was last updated 6 years ago and wasn't so
active the years before that either. An unmaintained library means
there's a security problem waiting to happen. This is probably reason
enough.
4. Metalink requires an XML parsing library, which is complex code (even
the smaller alternatives) and to this day often gets security
updates.
5. Metalink is not a widely used curl feature. In the 2020 curl user
survey, only 1.4% of the responders said that they'd are using it. In
2021 that number was 1.2%. Searching the web also show very few
traces of it being used, even with other tools.
6. The torrent format and associated technology clearly won for
downloading large files from multiple sources in parallel.
Cloes #7176
|
| |
|
|
| |
Closes #7112
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Disable auto credentials by default. This is a breaking change
for clients that are using it, wittingly or not.
- New libcurl ssl option value CURLSSLOPT_AUTO_CLIENT_CERT tells libcurl
to automatically locate and use a client certificate for
authentication, when requested by the server.
- New curl tool options --ssl-auto-client-cert and
--proxy-ssl-auto-client-cert map to CURLSSLOPT_AUTO_CLIENT_CERT.
This option is only supported for Schannel (the native Windows SSL
library). Prior to this change Schannel would, with no notification to
the client, attempt to locate a client certificate and send it to the
server, when requested by the server. Since the server can request any
certificate that supports client authentication in the OS certificate
store it could be a privacy violation and unexpected.
Fixes https://github.com/curl/curl/issues/2262
Reported-by: Jeroen Ooms
Assisted-by: Wes Hinsley
Assisted-by: Rich FitzJohn
Ref: https://curl.se/mail/lib-2021-02/0066.html
Reported-by: Morten Minde Neergaard
Closes https://github.com/curl/curl/pull/6673
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change the required argument was not shown.
curl.1 before: --stderr
curl.1 after: --stderr <file>
curl --help before:
--stderr Where to redirect stderr
curl --help after:
--stderr <file> Where to redirect stderr
Closes https://github.com/curl/curl/pull/6692
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Increase the minimum number of spaces between the option and the
description from 1 to 2.
Before:
~~~
-u, --user <user:password> Server user and password
-A, --user-agent <name> Send User-Agent <name> to server
-v, --verbose Make the operation more talkative
-V, --version Show version number and quit
-w, --write-out <format> Use output FORMAT after completion
--xattr Store metadata in extended file attributes
~~~
After:
~~~
-u, --user <user:password> Server user and password
-A, --user-agent <name> Send User-Agent <name> to server
-v, --verbose Make the operation more talkative
-V, --version Show version number and quit
-w, --write-out <format> Use output FORMAT after completion
--xattr Store metadata in extended file attributes
~~~
Closes https://github.com/curl/curl/pull/6674
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST,
CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the
same as their respective counterparts.
- New curl tool options --doh-insecure and --doh-cert-status do the same
as their respective counterparts.
Prior to this change DOH SSL certificate verification settings for
verifyhost and verifypeer were supposed to be inherited respectively
from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug
were not. As a result DOH verification remained at the default, ie
enabled, and it was not possible to disable. This commit changes
behavior so that the DOH verification settings are independent and not
inherited.
Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676
Fixes https://github.com/curl/curl/issues/4578
Closes https://github.com/curl/curl/pull/6597
|
| |
|
|
| |
Closes #6592
|
| |
|
|
|
|
|
|
| |
Prevent both --fail and --fail-with-body on the same command line.
Verify with test 349, 360 and 361.
Closes #6449
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this change the required argument was not shown in curl --help.
before:
--create-file-mode File mode for created files
after:
--create-file-mode <mode> File mode (octal) for created files
Reported-by: ZimCodes@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/6590
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add support services without region and service prefixes in
the URL endpoint (ex. Min.IO, GCP, Yandex Cloud, Mail.Ru Cloud Solutions, etc)
by providing region and service parameters via aws-sigv4 option.
- Add [:region[:service]] suffix to aws-sigv4 option;
- Fix memory allocation errors.
- Refactor memory management.
- Use Curl_http_method instead() STRING_CUSTOMREQUEST.
- Refactor canonical headers generating.
- Remove repeated sha256_to_hex() usage.
- Add some docs fixes.
- Add some codestyle fixes.
- Add overloaded strndup() for debug - curl_dbg_strndup().
- Update tests.
Closes #6524
|
| |
|
|
|
|
| |
This commit bumps the help to the current state of the project.
Closes #6437
|
| |
|
|
| |
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
|
| |
|
|
|
|
|
|
| |
This option sets the (octal) mode to use for the remote file when one is
created, using the SFTP, SCP or FILE protocols. When not set, the
default is 0644.
Closes #6244
|
| |
|
|
| |
Closes #6172
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle
Closes #5896
|
| |
|
|
|
|
|
| |
Currently the description of "output" is misleading when comparing it
"verbose".
Closes #6118
|
| |
|
|
|
|
|
|
| |
The cmdline opts delegation and suppress-connect-headers
fit better into auth and proxy rather than misc.
Follow-up to aa8777f63febc
Closes #6038
|
| |
|
|
|
|
|
|
|
| |
The OS is deprecated. I see no traces of anyone having actually built
curl for Symbian after 2012.
The public headers are unmodified.
Closes #5989
|
| |
|
|
|
|
|
|
|
|
| |
... since it is converted and the original pointer is freed on Windows
unicode handling.
Follow-up to aa8777f63febc
Fixes #5977
Closes #5978
Reported-by: xwxbug on github
|
| |
|
|
|
|
| |
This commit is a part of "--help me if you can"
Closes #5680
|
| |
|
|
| |
Closes #5892
|
| |
|
|
|
|
|
|
| |
Works with --create-dirs and with -J
Add test 3008, 3009, 3011, 3012 and 3013 to verify.
Closes #5637
|
| |
|
|
|
|
|
| |
Reviewed-by: Marcel Raad
Reviewed-by: Marc Hörsken
Closes #5491
|
| |
|
|
|
|
|
|
|
| |
include zstd curl patch for Makefile.m32 from vszakats
and include Add CMake support for zstd from Peter Wu
Helped-by: Viktor Szakats
Helped-by: Peter Wu
Closes #5453
|
| |
|
|
|
|
|
|
| |
--happy-eyeballs-timeout-ms, --resolve and --ssl-revoke-best-effort
gen.pl already warned about these lines but we didn't listen
Closes #5379
|
| |
|
|
|
|
|
|
| |
Follow-up to b995bb5 from a few moments ago.
Reported-by: Daniel Stenberg
Ref: https://github.com/curl/curl/commit/b995bb5#r39108929
|
| |
|
|
|
|
| |
The "sledgehammer" of retrying.
Closes https://github.com/curl/curl/pull/5185
|
| |
|
|
|
|
| |
Considered experimental and therefore we can do this.
Closes #5157
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously it rendered the page from files matching "*.d" in the correct
directory, which worked fine in git builds when the files were added but
made it easy to forget adding the files to the dist.
Now, only man page sections listed in DPAGES in Makefile.inc will be
used, thus "forcing" us to update this to get the man page right and get
it included in the dist at the same time.
Ref: #5146
Closes #5149
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
--ssl-revoke-best-effort to allow a "best effort" revocation check.
A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.
---
When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:
Unknown error (0x80092012) - The revocation function was unable
to check revocation for the certificate.
Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.
This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.
In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.
Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).
To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.
Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.
The test 2070 was added to verify this behavior, adapted from 310.
Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes https://github.com/curl/curl/pull/4981
|
