diff options
author | George Hazan <george.hazan@gmail.com> | 2015-07-25 13:12:20 +0000 |
---|---|---|
committer | George Hazan <george.hazan@gmail.com> | 2015-07-25 13:12:20 +0000 |
commit | dae9bc184b44c2b0c70b7996f202d6a7fa2dd4a4 (patch) | |
tree | 2aa80518d791c24e939e6525901da4dea39d46df /libs/libcurl/docs | |
parent | bc55bf103dc79145ddd24e93a8f96fc6e8cf46d7 (diff) |
libcurl extracted to the separate lib
git-svn-id: http://svn.miranda-ng.org/main/trunk@14683 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c
Diffstat (limited to 'libs/libcurl/docs')
39 files changed, 19082 insertions, 0 deletions
diff --git a/libs/libcurl/docs/BINDINGS b/libs/libcurl/docs/BINDINGS new file mode 100644 index 0000000000..466c36bd0f --- /dev/null +++ b/libs/libcurl/docs/BINDINGS @@ -0,0 +1,242 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + libcurl bindings + + Creative people have written bindings or interfaces for various environments + and programming languages. Using one of these allows you to take advantage of + curl powers from within your favourite language or system. + + This is a list of all known interfaces as of this writing. + + The bindings listed below are not part of the curl/libcurl distribution + archives, but must be downloaded and installed separately. + +Ada95 + + Writtten by Andreas Almroth + http://www.almroth.com/adacurl/index.html + +Basic + + ScriptBasic bindings to libcurl. Writtten by Peter Verhas + http://scriptbasic.com/ + +C + libcurl is a C library in itself! + http://curl.haxx.se/libcurl/ + +C++ + + Written by Jean-Philippe Barrette-LaPierre + http://curlpp.org/ + +Ch + + Written by Stephen Nestinger and Jonathan Rogado + http://chcurl.sourceforge.net/ + +Cocoa + + BBHTTP: written by Bruno de Carvalho + https://github.com/brunodecarvalho/BBHTTP + + curlhandle: Written by Dan Wood + http://curlhandle.sourceforge.net/ + +D + + Written by Kenneth Bogert + http://curl.haxx.se/libcurl/d/ + +Dylan + + Written by Chris Double + http://dylanlibs.sourceforge.net/ + +Eiffel + + Written by Eiffel Software + http://curl.haxx.se/libcurl/eiffel/ + +Euphoria + + Written by Ray Smith + http://rays-web.com/eulibcurl.htm + +Falcon + + http://www.falconpl.org/index.ftd?page_id=prjs&prj_id=curl + +Ferite + + Written by Paul Querna + http://www.ferite.org/ + +Gambas + + http://gambas.sourceforge.net + +glib/GTK+ + + Written by Richard Atterer + http://atterer.net/glibcurl/ + +Guile: + + Written by Michael L. Gran + http://www.lonelycactus.com/guile-curl.html + +Haskell + + Written by Galois, Inc + http://hackage.haskell.org/cgi-bin/hackage-scripts/package/curl + +Java + + Maintained by [blank] + http://curl.haxx.se/libcurl/java/ + +Julia + + Written by Paul Howe + https://github.com/forio/Curl.jl + +Lisp + + Written by Liam Healy + http://common-lisp.net/project/cl-curl/ + +Lua + + luacurl by Alexander Marinov + http://luacurl.luaforge.net/ + + Lua-cURL by Jürgen Hötzel + http://luaforge.net/projects/lua-curl/ + +Mono + + Written by Jeffrey Phillips + http://forge.novell.com/modules/xfmod/project/?libcurl-mono + +.NET + + libcurl-net by Jeffrey Phillips + http://sourceforge.net/projects/libcurl-net/ + +Object-Pascal + + Free Pascal, Delphi and Kylix binding written by Christophe Espern. + http://www.tekool.com/opcurl + +O'Caml + + Written by Lars Nilsson + http://sourceforge.net/projects/ocurl/ + +Pascal + + Free Pascal, Delphi and Kylix binding written by Jeffrey Pohlmeyer. + http://houston.quik.com/jkp/curlpas/ + +Perl + + Maintained by Cris Bailiff + http://curl.haxx.se/libcurl/perl/ + +PHP + + Written by Sterling Hughes + http://curl.haxx.se/libcurl/php/ + +PostgreSQL + + Written by Gian Paolo Ciceri + http://gborg.postgresql.org/project/pgcurl/projdisplay.php + +Python + + PycURL by Kjetil Jacobsen + http://pycurl.sourceforge.net/ + +R + + RCurl by Duncan Temple Lang + http://www.omegahat.org/RCurl/ + +Rexx + + Written Mark Hessling + http://rexxcurl.sourceforge.net/ + +RPG + + Support for ILE/RPG on OS/400 is included in source distribution + http://curl.haxx.se/libcurl/ + See packages/OS400/README.OS400 and packages/OS400/curl.inc.in + +Ruby + + curb - written by Ross Bamford + http://curb.rubyforge.org/ + + ruby-curl-multi - written by Kristjan Petursson and Keith Rarick + http://curl-multi.rubyforge.org/ + +Scheme + + Bigloo binding by Kirill Lisovsky + http://curl.haxx.se/libcurl/scheme/ + +S-Lang + + S-Lang binding by John E Davis + http://www.jedsoft.org/slang/modules/curl.html + +Smalltalk + + Smalltalk binding by Danil Osipchuk + http://www.squeaksource.com/CurlPlugin/ + +SP-Forth + + SP-Forth binding by ygrek + http://www.forth.org.ru/~ac/lib/lin/curl/ + +SPL + + SPL binding by Clifford Wolf + http://www.clifford.at/spl/ + +Tcl + + Tclcurl by Andrés García + http://personal1.iddeo.es/andresgarci/tclcurl/english/docs.html + +Visual Basic + + libcurl-vb by Jeffrey Phillips + http://sourceforge.net/projects/libcurl-vb/ + +Visual Foxpro + + by Carlos Alloatti + http://www.ctl32.com.ar/libcurl.asp + +Q + The libcurl module is part of the default install + http://q-lang.sourceforge.net/ + +wxWidgets + + Written by Casey O'Donnell + http://wxcode.sourceforge.net/components/wxcurl/ + +XBLite + + Written by David Szafranski + http://perso.wanadoo.fr/xblite/libraries.html diff --git a/libs/libcurl/docs/BUGS b/libs/libcurl/docs/BUGS new file mode 100644 index 0000000000..c0c6fa82a9 --- /dev/null +++ b/libs/libcurl/docs/BUGS @@ -0,0 +1,148 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +BUGS + + 1. Bugs + 1.1 There are still bugs + 1.2 Where to report + 1.3 What to report + 1.4 libcurl problems + 1.5 Who will fix the problems + 1.6 How to get a stack trace + 1.7 Bugs in libcurl bindings + +============================================================================== + +1.1 There are still bugs + + Curl and libcurl have grown substantially since the beginning. At the time + of writing (January 2013), there are about 83,000 lines of source code, and + by the time you read this it has probably grown even more. + + Of course there are lots of bugs left. And lots of misfeatures. + + To help us make curl the stable and solid product we want it to be, we need + bug reports and bug fixes. + +1.2 Where to report + + If you can't fix a bug yourself and submit a fix for it, try to report an as + detailed report as possible to a curl mailing list to allow one of us to + have a go at a solution. You can optionally also post your bug/problem at + curl's bug tracking system over at + + https://sourceforge.net/p/curl/bugs/ + + Please read the rest of this document below first before doing that! Also, + you need to login to your sourceforge account before being able to submit a + bug report (necessary evil done to avoid spam). + + If you feel you need to ask around first, find a suitable mailing list and + post there. The lists are available on http://curl.haxx.se/mail/ + +1.3 What to report + + When reporting a bug, you should include all information that will help us + understand what's wrong, what you expected to happen and how to repeat the + bad behavior. You therefore need to tell us: + + - your operating system's name and version number + + - what version of curl you're using (curl -V is fine) + + - versions of the used libraries that libcurl is built to use + + - what URL you were working with (if possible), at least which protocol + + and anything and everything else you think matters. Tell us what you + expected to happen, tell use what did happen, tell us how you could make it + work another way. Dig around, try out, test. Then include all the tiny bits + and pieces in your report. You will benefit from this yourself, as it will + enable us to help you quicker and more accurately. + + Since curl deals with networks, it often helps us if you include a protocol + debug dump with your bug report. The output you get by using the -v or + --trace options. + + If curl crashed, causing a core dump (in unix), there is hardly any use to + send that huge file to anyone of us. Unless we have an exact same system + setup as you, we can't do much with it. Instead we ask you to get a stack + trace and send that (much smaller) output to us instead! + + The address and how to subscribe to the mailing lists are detailed in the + MANUAL file. + +1.4 libcurl problems + + First, post all libcurl problems on the curl-library mailing list. + + When you've written your own application with libcurl to perform transfers, + it is even more important to be specific and detailed when reporting bugs. + + Tell us the libcurl version and your operating system. Tell us the name and + version of all relevant sub-components like for example the SSL library + you're using and what name resolving your libcurl uses. If you use SFTP or + SCP, the libssh2 version is relevant etc. + + Showing us a real source code example repeating your problem is the best way + to get our attention and it will greatly increase our chances to understand + your problem and to work on a fix (if we agree it truly is a problem). + + Lots of problems that appear to be libcurl problems are actually just abuses + of the libcurl API or other malfunctions in your applications. It is advised + that you run your problematic program using a memory debug tool like + valgrind or similar before you post memory-related or "crashing" problems to + us. + +1.5 Who will fix the problems + + If the problems or bugs you describe are considered to be bugs, we want to + have the problems fixed. + + There are no developers in the curl project that are paid to work on bugs. + All developers that take on reported bugs do this on a voluntary basis. We + do it out of an ambition to keep curl and libcurl excellent products and out + of pride. + + But please do not assume that you can just lump over something to us and it + will then magically be fixed after some given time. Most often we need + feedback and help to understand what you've experienced and how to repeat a + problem. Then we may only be able to assist YOU to debug the problem and to + track down the proper fix. + + We get reports from many people every month and each report can take a + considerable amount of time to really go to the bottom with. + +1.6 How to get a stack trace + + First, you must make sure that you compile all sources with -g and that you + don't 'strip' the final executable. Try to avoid optimizing the code as + well, remove -O, -O2 etc from the compiler options. + + Run the program until it cores. + + Run your debugger on the core file, like '<debugger> curl core'. <debugger> + should be replaced with the name of your debugger, in most cases that will + be 'gdb', but 'dbx' and others also occur. + + When the debugger has finished loading the core file and presents you a + prompt, enter 'where' (without the quotes) and press return. + + The list that is presented is the stack trace. If everything worked, it is + supposed to contain the chain of functions that were called when curl + crashed. Include the stack trace with your detailed bug report. It'll help a + lot. + +1.7 Bugs in libcurl bindings + + There will of course pop up bugs in libcurl bindings. You should then + primarily approach the team that works on that particular binding and see + what you can do to help them fix the problem. + + If you suspect that the problem exists in the underlying libcurl, then + please convert your program over to plain C and follow the steps outlined + above. diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES new file mode 100644 index 0000000000..a384fadba8 --- /dev/null +++ b/libs/libcurl/docs/CHANGES @@ -0,0 +1,5575 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + Changelog + +Version 7.33.0 (13 Oct 2013) + +Daniel Stenberg (13 Oct 2013) +- RELEASE-NOTES: synced with 92cf6141ed0de + +- curl: fix --oauth2-bearer in the --help output + + After the option rename in 5df04bfafd1 + +- OpenSSL: improve the grammar of the language in 39beaa5ffbcc + + Reported-by: Petr Pisar + +- [Andrej E Baranov brought this change] + + OpenSSL: use failf() when subjectAltName mismatches + + Write to CURLOPT_ERRORBUFFER information about mismatch alternative + certificate subject names. + + Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru> + +- curl: rename --bearer to --oauth2-bearer + + The option '--bearer' might be slightly ambiguous in name. It doesn't + create any conflict that I am aware of at the moment, however, OAUTH v2 + is not the only authentication mechanism which uses "bearer" tokens. + + Reported-by: Kyle L. Huff + URL: http://curl.haxx.se/mail/lib-2013-10/0064.html + +- [Kamil Dudka brought this change] + + ssh: improve the logic for detecting blocking direction + + This fixes a regression introduced by commit 0feeab78 limiting the speed + of SCP upload to 16384 B/s on a fast connection (such as localhost). + +Dan Fandrich (12 Oct 2013) +- Fixed typo in Makefile.inc that left http2.h out of the tar ball + +Daniel Stenberg (11 Oct 2013) +- [Heinrich Schaefer brought this change] + + minor fix in doc + +- [Gisle Vanem brought this change] + + curl_setup_once: fix errno access for lwip on Windows + + lib/curl_setup_once.h assumed lwIP on Windows uses 'SetLastError()' to + set network errors. It doesn't; it uses 'errno'. + +- test1239: verify 4cd444e01ad and the simulated 304 response + +- [Derek Higgins brought this change] + + HTTP: Output http response 304 when modified time is too old + + When using the -w '%{http_code}' flag and simulating a Not Modified then + 304 should be output. + +- contributors: helper script to dig out contributors from git + +- RELEASE-NOTES: add twos refs to bug reports + +- RELEASE-NOTES: synced with 173160c0d068 + +Nick Zitzmann (2 Oct 2013) +- darwinssl: block TLS_RSA_WITH_NULL_SHA256 cipher + + Credit (for catching a cipher I forgot to add to the blocked ciphers list): + https://www.ssllabs.com/ssltest/viewMyClient.html + +Daniel Stenberg (2 Oct 2013) +- OpenSSL: acknowledge CURLOPT_SSL_VERIFYHOST without VERIFYPEER + + Setting only CURLOPT_SSL_VERIFYHOST without CURLOPT_SSL_VERIFYPEER set + should still verify that the host name fields in the server certificate + is fine or return failure. + + Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html + Reported-by: Ishan SinghLevett + +- KNOWN_BUGS: #84: CURLINFO_SSL_VERIFYRESULT + + CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS + backends and not for any other! + +- [François Charlier brought this change] + + xattr: add support for FreeBSD xattr API + +- curl_easy_setopt.3: slight clarification of SEEKFUNCTION + +Steve Holme (29 Sep 2013) +- tests: Fixed typos from commit 25a0c96a494297 + +- tests: Updated email addresses in SMTP tests following recent changes + +- test909: Removed custom EHLO response after recent changes + + ...as it is no longer required following capability and authentication + changes and is now causing problems following commit 49341628b50007 as + the test number is obtained from the client address in the EHLO. + +- ftpserver.pl: Fixed compilation error from commit 49341628b50007 + +- ftpserver.pl: Moved specifying the test number from the RCPT address + + ...to the client address as this frees the RCPT strings to contain + just an email address and by passing the test number into curl as the + client address remains consistent with POP3 and IMAP tests as they are + specified in the URL. + +- ftpserver.pl: Added unwanted argument check to SMTP DATA command handler + +Daniel Stenberg (29 Sep 2013) +- getinmemory: remove a comment + + The comment mentioned the need to free the data, but the example already + does that free + +- postinmemory: new example + + This is similar to getinmemory.c but with an initial POST. + + Combined-by: Ulf Samuelsson + +- win32: fix Visual Studio 2010 build with WINVER >= 0x600 + + If no WINVER and/or _WIN32_IWNNT define was set, the Windows platform + SDK often defaults to high value, e.g. 0x601 (whoch may probably depend + on the Windows version being used, in my case Windows 7). + + If WINVER >= 0x600 then winsock2.h includes some defines for WSAPoll(), + e.g. POLLIN, POLLPRI, POLLOUT etc. These defines clash with cURL's + lib/select.h. + + Make sure HAVE_STRUCT_POLLFD is defined then. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1282 + Reported-by: "kdekker" + Patch-by: Marcel Raad + +Steve Holme (28 Sep 2013) +- ssluse.c: Fixed compilation warnings when ENGINE not supported + + The function "ssl_ui_reader" was declared but never referenced + The function "ssl_ui_writer" was declared but never referenced + +Daniel Stenberg (27 Sep 2013) +- configure: use icc options without space + + The latest version(s) of the icc compiler no longer accept the extra + space in the -we (warning enable), -wd (warning disable), etc. + + Reported-by: Elmira A Semenova + Bug: http://curl.haxx.se/mail/lib-2013-09/0182.html + +Steve Holme (25 Sep 2013) +- imap: Added clarification to the code about odd continuation responses + +- ftp.c: Fixed compilation warning + + There is an implicit conversion from "unsigned long" to "long" + +- sasl: Centralised the authentication mechanism strings + + Moved the standard SASL mechanism strings into curl_sasl.h rather than + hard coding the same values over and over again in the protocols that + use SASL authentication. + + For more information about the mechanism strings see: + + http://www.iana.org/assignments/sasl-mechanisms + +Daniel Stenberg (23 Sep 2013) +- RELEASE-NOTES: added recent contributors missing + +Steve Holme (23 Sep 2013) +- test906: Fixed type-2 response + +- test915: Corrected test number from commit 22bccb0edaf041 + +- test906: Fixed type-1 message not handled error + + ...from commit f81d1e16664976 due to copy paste error. + +- tests: Added SMTP AUTH NTLM test + +- tests: Added SMTP multiple and invalid --mail-rcpt test + +- tests: Added SMTP multiple --mail-rcpt test + +- tests: Added SMTP invalid --mail-rcpt test + +- tests: Regrouping of SMTP tests + +Daniel Stenberg (22 Sep 2013) +- [Benoit Sigoure brought this change] + + test1112: Increase the timeout from 7s to 16s + + As someone reported on the mailing list a while back, the hard-coded + arbitrary timeout of 7s in test 1112 is not sufficient in some build + environments. At Arista Networks we build and test curl as part of our + automated build system, and we've run into this timeout 170 times so + far. Our build servers are typically quite busy building and testing a + lot of code in parallel, so despite being beefy machines with 32 cores + and 128GB of RAM we still hit this 7s timeout regularly. + + URL: http://curl.haxx.se/mail/lib-2010-02/0200.html + +Steve Holme (22 Sep 2013) +- tests: Fixed smtp rcpt to addresses + +- ftpserver.pl: Expanded the SMTP RCPT handler to validate TO addresses + + RCPT_smtp() will now check for a correctly formatted TO address which + allows for invalid recipient addresses to be added. + +- ftpserver.pl: Added cURL SMTP server detection to HELO command handler + + As curl will send a HELO command after an negative EHLO response, added + the same detection from commit b07709f7417c3e to the HELO handler to + ensure the test server is identified correctly and an upload isn't + performed. + +- ftpserver.pl: Corrected response code for successful RCPT command + +- ftpserver.pl: Moved invalid RCPT TO: address detection to RCPT handler + + Rather than detecting the TO address as missing in the DATA handler, + moved the detection to the RCPT command handler where an error response + can be generated. + +- RELEASE-NOTES: Corrected missed addition + + Somehow commit 60a20461629fda missed the last item in the sync list + even though I'm sure I added it during editing. + +- RELEASE-NOTES: Synced with 6dd8bd8d2f9729 + +- curl.1: Added information about optional login options to --user in manpage + + Added missing information, from curl 7.31.0, regarding the use of the + optional login options that may be specified as part of --user. + + For example: + + --user 'user:password;auth=NTLM' in IMAP, POP3 and SMTP protocols. + +- ftpserver.pl: Moved cURL SMTP server detection into EHLO command handler + + Moved the special SMTP server detection code from the DATA command + handler, which happens further down the operation chain after EHLO, + MAIL and RCPT commands, to the EHLO command as it is the first command + to be generated by a SMTP operation as well as containing the special + "verifiedserver" string from the URL. + + This not only makes it easier and quicker to detect but also means that + cURL doesn't need to specify "verifiedserver" as --mail-from and + --mail-rcpt arguments. + + More importantly, this also makes the upcoming verification changes to + the RCPT handler easier to implement. + +Daniel Stenberg (21 Sep 2013) +- openssl: use correct port number in error message + + In ossl_connect_step2() when the "Unknown SSL protocol error" occurs, it + would output the local port number instead of the remote one which + showed when doing SSL over a proxy (but with the correct remote host + name). As libcurl only speaks SSL to the remote we know it is the remote + port. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1281 + Reported-by: Gordon Marler + +- test1415: adjusted to work for 32bit time_t + + The libcurl date parser returns INT_MAX for all dates > 2037 so this + test is now made to use 2037 instead of 2038 to work the same for both + 32bit and 64bit time_t systems. + +Steve Holme (21 Sep 2013) +- tests: Reworked existing SMTP tests to be single recipient based + + ...in preparation of upcoming multiple recipient tests. + +- ftpserver.pl: Corrected SMTP QUIT response to be more realistic + +Daniel Stenberg (20 Sep 2013) +- curl_easy_setopt.3: clarify that TIMEOUT and TIMEOUT_MS set the same value + +- [Kim Vandry brought this change] + + Documented --dns-* options in curl manpage + +Steve Holme (20 Sep 2013) +- pop3: Added basic SASL XOAUTH2 support + + Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for + authentication using RFC6749 "OAuth 2.0 Authorization Framework". + + The bearer token is expected to be valid for the user specified in + conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has + an advertised auth mechanism of "XOAUTH2", the user and access token are + formatted as a base64 encoded string and sent to the server as + "AUTH XOAUTH2 <bearer token>". + +- curl: Added clarification to the --mail options in the --help output + + ... that these options apply to SMTP only. + +- ftpserver.pl: Moved SMTP RCPT response text into command handler + +- tests: Added SMTP invalid --mail-from test + +Nick Zitzmann (19 Sep 2013) +- darwinssl: enable BEAST workaround on iOS 7 & later + + iOS 7 finally added the option to enable 1/n-1 when using TLS 1.0 + and a CBC cipher, so we now always turn that on unless the user + manually turns it off using CURLSSLOPT_ALLOW_BEAST. + + It appears Apple also added some new PSK ciphers, but no interface to + use them yet, so we at least support printing them if we find them. + +Steve Holme (19 Sep 2013) +- tests: Updated SMTP AUTH tests to use the new AUTH directive + + ...rather than specify a customised EHLO response. + +- tests: Corrected test913 as the QUIT response is received + +- tests: Added SMTP large message SIZE test + +- ftpserver.pl: Updated email regex from commit 98f7ca7e971006 + + ...to not be as strict as it was rejecting valid numeric email + addresses. + +- tests: Fixed smtp mail from addresses + +- ftpserver.pl: Standardised CAPA and AUTH responses + +- ftpserver.pl: Corrected POP3 QUIT reply to be more realistic + +- runtests.pl: Fixed syntax error in commit c873375123343e + + Possible unintended interpolation in string at line 796 + +- runtests.pl: Fixed smtp mail from address + + Following changes to ftpserver.pl fixed the mail from address to be a + correctly formatted address otherwise the server response will be 501 + Invalid address. + +- ftpserver.pl: Fixed syntax error in commit 98f7ca7e971006 + + Can't modify constant item in scalar assignment line 779, near "0;" + +- ftpserver.pl: Expanded the SMTP MAIL handler to validate messages + + MAIl_smtp() will now check for a correctly formatted FROM address as + well as the optional SIZE parameter comparing it against the server + capability when specified. + +Daniel Stenberg (17 Sep 2013) +- [YAMADA Yasuharu brought this change] + + cookies: add expiration + + Implement: Expired Cookies These following situation, curl removes + cookie(s) from struct CookieInfo if the cookie expired. + - Curl_cookie_add() + - Curl_cookie_getlist() + - cookie_output() + +Steve Holme (17 Sep 2013) +- ftpserver.pl: Corrected response code for successful MAIL command + +- ftpserver.pl: Moved SMTP MAIL handler into own function + +- dns: fix compilation with MinGW from commit df69440d05f113 + + Avoid 'interface' literal that some MinGW versions define as a macro + + Additionally, corrected some very, very minor coding style errors. + +- tests: Fixed test 1406 following recent changes in ftpserver.pl + + By default the mail server doesn't send the SIZE capability but instead + it has to be specified as a supported capability. + +- tests: Added test for SMTP SIZE capability + +- ftpserver.pl: Added the ability to include spaces in capabilities + + For example: + + CAPA "SIZE 1048576" 8BITMIME BINARYMIME + + will populate the capabilities list with the following in: + + SIZE 1048576 + 8BITMIME + BINARYMIME + +- ftpserver.pl: Corrected response code for successful SMTP QUIT command + +- ftpserver.pl: Fixed syntax error in commit 33c1f2876b9029 + + Can't modify constant item in postincrement line 727, near "i++" + +- ftpserver.pl: Added CAPA & AUTH directive support to the SMTP EHLO handler + +- ftpserver.pl: Fixed SMTP QUIT handler from dadc495540946e + +- ftpserver.pl: Moved SMTP EHLO and QUIT handlers in own functions + +- ftpserver.pl: Added support for SMTP HELO command + + ...and updated test902 as explicit HELO response is no longer required. + +- ftpserver.pl: Added mailbox check to IMAP SELECT handler + +- ftpserver.pl: Corrected invalid user details check + + ...in both the IMAP LOGIN and POP3 PASS handlers introduced in commit + 187ac693744949 and 84ad1569e5fc93 respectively. + +- ftpserver.pl: Moved IMAP LOGIN handler into own function + +- ftpserver.pl: Moved POP3 USER and PASS handlers into own functions + +- ftpserver.pl: Corrected invalid argument check in POP3 TOP handler + + ...which was accidentally introduced in commit 4d6ef6297ae9b6. + +- ftpserver.pl: Added capability prerequisite for extended POP3 commands + +- tests: Updated descriptions to be more meaningful + +- ftpserver.pl: Added support for IMAP NOOP command + +- imap: Fixed response check for NOOP command + +- tests: Updated descriptions to be more meaningful + +Daniel Stenberg (13 Sep 2013) +- curl.1: detail how short/long options work + + URL: http://curl.haxx.se/bug/view.cgi?id=1279 + Suggested-by: Jerry Krinock + +Steve Holme (13 Sep 2013) +- curl: Fixed usage of DNS options when not using c-ares resolver + + Commit 32352ed6adddcb introduced various DNS options, however, these + would cause curl to exit with CURLE_NOT_BUILT_IN when c-ares wasn't + being used as the backend resolver even if the options weren't set + by the user. + + Additionally corrected some minor coding style errors from the same + commit. + +Daniel Stenberg (13 Sep 2013) +- curl_easy_setopt.3: mention RTMP URL quirks + + URL: http://curl.haxx.se/bug/view.cgi?id=1278 + Reported-by: Gorilla Maguila + +- [Ben Greear brought this change] + + curl: Add support for various DNS binding options. + + (Passed on to c-ares.) + + Allows something like this: + + curl --dns-interface sta8 --dns-ipv4-addr 8.8.1.111 --interface sta8 \ + --localaddr 8.8.1.111 --dns-servers 8.8.8.1 www.google.com + + Signed-off-by: Ben Greear <greearb@candelatech.com> + +- [Kim Vandry brought this change] + + libcurl: New options to bind DNS to local interfaces or IP addresses + +- libcurl.3: for multi interface connections are held in the multi handle + + ... and a few more cleanups/clarifications + +Steve Holme (12 Sep 2013) +- ftpserver.pl: Fixed missing comma from 7fd84b14d219b1 + +- ftpserver.pl: Fixed variable error introduced in 7fd84b14d219b1 + + Global symbol "$mailbox" requires explicit package name + +- ftpserver.pl: Added support for UID command + +- ftpserver.pl: Added support for LSUB command + +- imap: Fixed response check for LSUB and UID commands + +- ftpserver.pl: Added support for IMAP COPY command + +- ftpserver.pl: Added support for IMAP CLOSE and EXPUNGE commands + +- ftpserver.pl: Added support for POP3 RSET command + +- ftpserver.pl: Added the ability to remember what messages are deleted + + ...as this will be required for IMAP CLOSE and EXPUNGE commands as well + as the POP3 RSET command. + +Daniel Stenberg (10 Sep 2013) +- NI_MAXSERV: remove all use of it + + Solaris with the SunStudio Compiler is reportedly missing this define, + but as we're using it without any good reason on all the places it was + used I've now instead switched to just use sensible buffer sizes that + fit a 32 bit decimal number. Which also happens to be smaller than the + common NI_MAXSERV value which is 32 on most machines. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1277 + Reported-by: D.Flinkmann + +- http2: use the support HTTP2 draft version in the upgrade header + + ... instead of HTTP/2.0 to work fine with the nghttpx proxy/server. + +Steve Holme (10 Sep 2013) +- ldap.c: Fix compilation warning + + warning: comparison between signed and unsigned integer expressions + +- [Jiri Hruska brought this change] + + imap/pop3/smtp: Speed up SSL connection initialization + + Don't wait for the next callback call (usually 1 second) before + continuing with protocol specific connection initialization. + +- ldap.c: Corrected build error from commit 857f999353f333 + +- RELEASE-NOTES: Corrected duplicate in bfefe2400a16b8 + +- RELEASE-NOTES: Corrected typo from bfefe2400a16b8 + +- RELEASE-NOTES: synced with 25c68903756d6b + +Daniel Stenberg (10 Sep 2013) +- README.http2: explain nghttp2 a little + +Steve Holme (9 Sep 2013) +- tests: Added test for POP3 TOP command + +- ftpserver.pl: Added support for POP3 TOP command + +- tests: Added test for POP3 UIDL command + +- ftpserver.pl: Added support for POP3 UIDL command + +Daniel Stenberg (9 Sep 2013) +- http2: adjust to new nghttp2_pack_settings_payload proto + + This function was modified in nghttp2 git commit a1c3f89c72e51 + +Kamil Dudka (9 Sep 2013) +- url: handle abortion by read/write callbacks, too + + Otherwise, the FTP protocol would unnecessarily hang 60 seconds if + aborted in the CURLOPT_HEADERFUNCTION callback. + + Reported by: Tomas Mlcoch + Bug: https://bugzilla.redhat.com/1005686 + +Daniel Stenberg (9 Sep 2013) +- ldap: fix the build for systems with ldap_url_parse() + + Make sure that the custom struct fields are only used by code that + doesn't use a struct defintion from the outside. + + Attempts to fix the problem introduced in 3dc6fc42bfc61b + +Steve Holme (9 Sep 2013) +- [Jiri Hruska brought this change] + + pingpong: Check SSL library buffers for already read data + + Otherwise the connection can get stuck during various phases, waiting + for new data on the socket using select() etc., but it will never be + received as the data has already been read into SSL library. + +- imap: Fixed calculation of transfer when partial FETCH received + + The transfer size would be calculated incorrectly if the email contained + within the FETCH response, had been partially received by the pingpong + layer. As such the following, example output, would be seen if the + amount remaining was smaller than the amount received: + + * Excess found in a non pipelined read: excess = 1394, size = 262, + maxdownload = 262, bytecount = 1374 + * transfer closed with -1112 bytes remaining to read + + Bug: http://curl.haxx.se/mail/lib-2013-08/0170.html + Reported-by: John Dunn + +- ftpserver.pl: Fixed empty array checks + + ...from commits 28427b408326a1 and e8313697b6554b. + +- ftpserver: Reworked AUTH support to allow for specifying the mechanisms + + Renamed SUPPORTAUTH to AUTH and added support for specifying a list of + supported SASL mechanisms to return to the client. + + Additionally added the directive to the FILEFORMAT document. + +- ftpserver: Reworked CAPA support to allow for specifying the capabilities + + Renamed SUPPORTCAPA to CAPA and added support for specifying a list of + supported capabilities to return to the client. + + Additionally added the directive to the FILEFORMAT document. + +- ftpserver.pl: Corrected POP3 LIST as message numbers should be contiguous + + The message numbers given in the LIST response are an index into the + list, which are only valid for the current session, rather than being a + unique message identifier. An index would only be missing from the LIST + response if a DELE command had been issued within the same session and + had not been committed by the end of session QUIT command. Once + committed the POP3 server will regenerate the message numbers in the + next session to be contiguous again. As such our LIST response should + list message numbers contiguously until we support a DELE command in the + same session. + + Should a POP3 user require the unique message ID for any or all + messages then they should use the extended UIDL command. This command + will be supported by the test ftpserver in an upcoming commit. + +Daniel Stenberg (8 Sep 2013) +- [Clemens Gruber brought this change] + + curl_easy_pause: suggest one way to unpause + +Steve Holme (8 Sep 2013) +- tests: Updated descriptions to be more meaningful + +- tests: Added test for POP3 NOOP command + +- ftpserver.pl: Added support for POP3 NOOP command + +- ftpserver.pl: Fixed 'Use of uninitialized value $args in string ne' + +- tests: Added test for POP3 STAT command + +- ftpserver.pl: Added support for POP STAT command + +- ftpserver.pl: Moved POP3 QUIT handler into own function + +- ftpserver.pl: Reordered the POP3 handlers to be alphabetical + + In preparation for additional POP3 tests, re-ordered the command + function defintions to be sorted alphabetically. + +- ftpserver.pl: Corrected misaligned indentation in POP3 handlers + + Fixed incorrect indentation used in both the RETR_pop3 and LIST_pop3 + functions which was 5 and 9 characters rather than 4 and 8. + +- tests: Added test for POP3 DELE command + +unknown (7 Sep 2013) +- [Steve Holme brought this change] + + ftpserver.pl: Added support for POP3 DELE command + +Daniel Stenberg (7 Sep 2013) +- http2: include curl_memory.h + + Detected by test 1132 + +Nick Zitzmann (7 Sep 2013) +- http: fix build warning under LLVM + + When building the code using LLVM Clang without NGHTTP2, I was getting + this warning: + ../lib/http.h:155:1: warning: empty struct is a GNU extension [-Wgnu] + Placing a dummy variable into the data structure silenced the warning. + +Daniel Stenberg (7 Sep 2013) +- http2: actually init nghttp2 and send HTTP2-Settings properly + +- README.http2: how to use it best with the multi API? + +- http2: first embryo toward Upgrade: + +- http: rename use_http_1_1 to use_http_1_1plus + + Since it now actually says if 1.1 or a later version should be used. + +- configure: improve CURL_CHECK_COMPILER_PROTOTYPE_MISMATCH + + The compiler test used a variable before it was assigned when it tried + to see how it acts on a mismatching prototype, which could cause a false + positive. + +- [Petr PÃsaÅ™ brought this change] + + Pass password to OpenSSL engine by user interface + + Recent OpenSSL uses user interface abstraction to negotiate access to + private keys in the cryprographical engines. An OpenSSL application is + expected to implement the user interface. Otherwise a default one + provided by OpenSSL (interactive standard I/O) will be used and the + aplication will have no way how to pass a password to the engine. + + Longer-desc: http://curl.haxx.se/mail/lib-2013-08/0265.html + +- urlglob: improved error messages and column number on bad use + + Introduce a convenience macro and keep of the column better so that it + can point out the offending column better. + + Updated test 75 accordingly. + +- urlglob: avoid error code translation + + By using the correct values from the start we don't have to translate + them! + +- urlglob: avoid NULL pointer dereference + + Thanks to clang-analyzer + +- [Gisle Vanem brought this change] + + http2: use correct include for snprintf + + Using the first little merge of nghttp2 into libcurl, I stumbeled on the + missing 'snprintf' in MSVCRT. Isn't this how we do it for other libcurl + files? I.e. use 'curl_msnprintf' and not 'snprintf' directly: + +- --data: mention CRLF treatment when reading from file + +- [Geoff Beier brought this change] + + LDAP: fix bad free() when URL parsing failed + + When an error occurs parsing an LDAP URL, The ludp->lud_attrs[i] entries + could be freed even though they sometimes point to data within an + allocated area. + + This change introduces a lud_attrs_dup[] array for the duplicated string + pointers, and it removes the unused lud_exts array. + + Bug: http://curl.haxx.se/mail/lib-2013-08/0209.html + +Nick Zitzmann (5 Sep 2013) +- darwinssl: add support for PKCS#12 files for client authentication + + I also documented the fact that the OpenSSL engine also supports them. + +Daniel Stenberg (5 Sep 2013) +- symbols: added HTTP2 symbols and sorted list + + CURL_HTTP_VERSION_2_0 and CURL_VERSION_HTTP2 are new + +- configure: add HTTP2 as a curl-config --feature output + + Fixes the test 1014 failure + +- curl: unbreak --http1.0 again + + I broke it in 2eabb7d590 + +- SASL: fix compiler warnings + + comparison between signed and unsigned integer expressions + + suggest parentheses around '&&' within '||' (twice) + +- curl: add --http1.1 and --http2.0 options + +- Curl_setopt: refuse CURL_HTTP_VERSION_2_0 if built without support + +- http2: add http2.[ch] and add nghttp2 version output + +- curl -V: output HTTP2 as a feature if present + +- curl.h: add CURL_VERSION_HTTP2 as a feature + + It isn't added as a separate protocol as HTTP2 will be done over HTTP:// + URLs that can be upgraded to HTTP2 if the server supports it as well. + +Steve Holme (4 Sep 2013) +- imap/smtp: Fixed incorrect SASL mechanism selection with XOAUTH2 servers + + XOAUTH2 would be selected in preference to LOGIN and PLAIN if the IMAP + or SMTP server advertised support for it even though a user's password + was supplied but bearer token wasn't. + + Modified the selection logic so that XOAUTH2 will only be selected if + the server supports it and A) The curl user/libcurl programmer has + specifically asked for XOAUTH via the ;AUTH=XOAUTH login option or 2) + The bearer token is specified. Obviously if XOAUTH is asked for via + the login option but no token is specified the user will receive a + authentication failure which makes more sense than no known + authentication mechanisms supported! + +Daniel Stenberg (4 Sep 2013) +- curl.h: added CURL_HTTP_VERSION_2_0 + + Initial library considerations documented in lib/README.http2 + +- configure: added --with-nghttp2 + +- acinclude: fix --without-ca-path when cross-compiling + + The commit 7b074a460b64811 to CURL_CHECK_CA_BUNDLE in 7.31 (don't check + for paths when cross-compiling) causes --without-ca-path to no longer + works when cross-compiling, since ca and capath only ever get set to + "no" when not cross-compiling, I attach a patch that works for me. Also + in the cross-compilation case, no ca-path seems to be a better default + (IMVHO) than empty ca-path. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1273 + Patch-by: Stefan Neis + +Steve Holme (2 Sep 2013) +- lib1512.c: Fixed compilation warning + + An enumerated type is mixed with another type. + + ...as well as a small coding style error. + +Guenter Knauf (1 Sep 2013) +- Killed warning 'res' might be used uninitialized. + +Steve Holme (1 Sep 2013) +- url.c: Fixed compilation warning + + An enumerated type is mixed with another type + +- easy.c: Fixed compilation warning + + warning: `code' might be used uninitialized in this function + +Daniel Stenberg (31 Aug 2013) +- -x: rephrased the --proxy section somewhat + +Steve Holme (31 Aug 2013) +- tests: Added test for IMAP CHECK command + +- ftpserver.pl: Added support for the IMAP CHECK command + +Guenter Knauf (31 Aug 2013) +- Removed reference to krb4.c. + +Steve Holme (31 Aug 2013) +- ftpserver.pl: Corrected flawed logic in commit 1ca6ed7b75cad0 + +- imap: Fixed response check for EXPUNGE command + +- ftpserver.pl: Added argument check to IMAP command handlers + + Added BAD argument check to the following IMAP command handlers: + + APPEND, STORE, LIST, EXAMINE, STATUS and SEARCH + +- ftpserver.pl: More whitespace corrections + + LIST_imap() had a second level of indentation at 9 characters and not 8. + +- ftpserver.pl: Small correction tidy up + + Corrected some IMAP variable names and whitespace issues. + +- [Kyle L. Huff brought this change] + + docs: Added documentation for CURLOPT_BEARER + +- [Kyle L. Huff brought this change] + + curl.1: Add usage of '--bearer' option + +- tests: Added tests for IMAP CREATE, DELETE and RENAME commands + +Daniel Stenberg (30 Aug 2013) +- ftpserver: Bareword "to_mailbox" not allowed + + Added missing $ + +Steve Holme (30 Aug 2013) +- ftpserver.pl: Added support for IMAP CREATE, DELETE and RENAME commands + +Daniel Stenberg (29 Aug 2013) +- FTP: fix getsock during DO_MORE state + + ... when doing upload it would return the wrong values at times. This + commit attempts to cleanup the mess. + + Bug: http://curl.haxx.se/mail/lib-2013-08/0109.html + Reported-by: Mike Mio + +- curl_multi_remove_handle: allow multiple removes + + When removing an already removed handle, avoid that to ruin the + internals and just return OK instead. + +Steve Holme (29 Aug 2013) +- ftpserver.pl: Updated IMAP EXAMINE handler to use dynamic test data + +Daniel Stenberg (29 Aug 2013) +- unit1304: include memdebug and free everything correctly + +- Curl_parsenetrc: document that the arguments must be allocated + +- easy: rename struct monitor to socketmonitor + + 'struct monitor', introduced in 6cf8413e, already exists in an IRIX + header file (sys/mon.h) which gets included via various standard headers + by lib/easy.c + + cc-1101 cc: ERROR File = ../../curl/lib/easy.c, Line = 458 + "monitor" has already been declared in the current scope. + + Reported-by: Tor Arntsen + +Steve Holme (29 Aug 2013) +- ftpserver.pl: Added SELECT check to IMAP FETCH and STORE handlers + +- ftpserver.pl: Corrected accidental move of logmsg() call + + Corrected the call to logmsg() in the IMAP SEARCH handler from commit + 4ae7b7ea691497 as it should have been outputting the what argument and + not the test number. + +Daniel Stenberg (28 Aug 2013) +- ftpserver: add missing '}' from 4ae7b7ea69149 + +Steve Holme (28 Aug 2013) +- ftpserver.pl: Added SELECT check to IMAP SEARCH command + +- ftpserver.pl: Fixed IMAP SEARCH command + +Daniel Stenberg (28 Aug 2013) +- bump: next release is 7.33.0 due to added features + +- symbols-in-versions: add CURLOPT_XOAUTH2_BEARER + +Steve Holme (28 Aug 2013) +- tests: Added test for IMAP SEARCH command + +Daniel Stenberg (28 Aug 2013) +- valgrind.supp: fix for regular curl_easy_perform too + + When we introduced curl_easy_perform_ev, this got a slightly modified + call trace. Without this, test 165 causes a false positive valgrind + error. + +- valgrind.supp: add the event-based call stack-trace too + + Without this, test 165 triggers a valgrind error when ran with + curl_easy_perform_ev + +- multi_socket: improved 100-continue timeout handling + + When waiting for a 100-continue response from the server, the + Curl_readwrite() will refuse to run if called until the timeout has been + reached. + + We timeout code in multi_socket() allows code to run slightly before the + actual timeout time, so for test 154 it could lead to the function being + executed but refused in Curl_readwrite() and then the application would + just sit idling forever. + + This was detected with runtests.pl -e on test 154. + +Steve Holme (27 Aug 2013) +- ftpserver.pl: Added support for IMAP SEARCH command + +- tool_operate.c: Fixed compilation warning + + warning: implicit declaration of function 'checkpasswd' + +- curl: Moved check for password out of get parameter loop + + Moved the calls to checkpasswd() out of the getparameter() function + which allows for any related arguments to be specified on the command + line before or after --user (and --proxy-user). + + For example: --bearer doesn't need to be specified before --user to + prevent curl from asking for an unnecessary password as is the case + with commit e7dcc454c67a2f. + +- RELEASE-NOTES: synced with acf59be7f09a7 + +- [Kyle L. Huff brought this change] + + curl: added --bearer option to help + + Added the --bearer option to the help output + +- [Kyle L. Huff brought this change] + + curl: added basic SASL XOAUTH2 support + + Added the ability to specify an XOAUTH2 bearer token [RFC6750] via the + --bearer option. + + Example usage: + curl --url "imaps://imap.gmail.com:993/INBOX/;UID=1" --ssl-reqd + --bearer ya29.AHES6Z...OMfsHYI --user username@example.com + +- tool_urlglob.c: Fixed compiler warnings + + warning: 'variable' may be used uninitialized in this function + +Daniel Stenberg (26 Aug 2013) +- security.h: rename to curl_sec.h to avoid name collision + + I brought back security.h in commit bb5529331334e. As we actually + already found out back in 2005 in commit 62970da675249, the file name + security.h causes problems so I renamed it curl_sec.h instead. + +- runtests.pl: allow -vc point to a separate curl binary to verify with + + The specified curl binary will then be used to verify the running + server(s) instead of the development version. This is very useful in + some cases when the development version fails to verify correctly as + then the test case may not run at all. + + The actual test will still be run with the "normal" curl executable + (unless the test case specifies something differently). + +Steve Holme (26 Aug 2013) +- [Kyle L. Huff brought this change] + + smtp: added basic SASL XOAUTH2 support + + Added the ability to use an XOAUTH2 bearer token [RFC6750] with SMTP for + authentication using RFC6749 "OAuth 2.0 Authorization Framework". + + The bearer token is expected to be valid for the user specified in + conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has + an advertised auth mechanism of "XOAUTH2", the user and access token are + formatted as a base64 encoded string and sent to the server as + "AUTH XOAUTH2 <bearer token>". + +- [Kyle L. Huff brought this change] + + imap: added basic SASL XOAUTH2 support + + Added the ability to use an XOAUTH2 bearer token [RFC6750] with IMAP for + authentication using RFC6749 "OAuth 2.0 Authorization Framework". + + The bearer token is expected to be valid for the user specified in + conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has + an advertised auth mechanism of "XOAUTH2", the user and access token are + formatted as a base64 encoded string and sent to the server as + "A001 AUTHENTICATE XOAUTH2 <bearer token>". + +- security.h: Fixed compilation warning + + ISO C forbids forward references to 'enum' types + +Daniel Stenberg (26 Aug 2013) +- KNOWN_BUGS: refer to bug numbers with the existing number series + + The old numbers would still redirect but who knows for how long... + +Steve Holme (25 Aug 2013) +- [Kyle L. Huff brought this change] + + options: added basic SASL XOAUTH2 support + + Added the ability to specify an XOAUTH2 bearer token [RFC6750] via the + option CURLOPT_XOAUTH2_BEARER for authentication using RFC6749 "OAuth + 2.0 Authorization Framework". + +- [Kyle L. Huff brought this change] + + sasl: added basic SASL XOAUTH2 support + + Added the ability to generated a base64 encoded XOAUTH2 token + containing: "user=<username>^Aauth=Bearer <bearer token>^A^A" + as per RFC6749 "OAuth 2.0 Authorization Framework". + +Daniel Stenberg (25 Aug 2013) +- FTP: remove krb4 support + + We've announced this pending removal for a long time and we've + repeatedly asked if anyone would care or if anyone objects. Nobody has + objected. It has probably not even been working for a good while since + nobody has tested/used this code recently. + + The stuff in krb4.h that was generic enough to be used by other sources + is now present in security.h + +- easy: define away easy_events() for non-debug builds + +- FAQ: editorial updates + + Several language fixes. Several reformats that should make the HTML + generation of this document look better. + + Reported-by: Dave Thompson + +- RELEASE-NOTES: synced with 22adb46a32bee + +- multi: move on from STATE_DONE faster + + Make sure we always return CURLM_CALL_MULTI_PERFORM when we reach + CURLM_STATE_DONE since the state is transient and it can very well + continue executing as there is nothing to wait for. + + Bug: http://curl.haxx.se/mail/lib-2013-08/0211.html + Reported-by: Yi Huang + +- curl.h: name space pollution by "enum type" + + Renamed to "enum curl_khtype" now. Will break compilation for programs + that rely on the enum name. + + Bug: https://github.com/bagder/curl/pull/76 + Reported-by: Shawn Landden + +- TFTP: make the CURLOPT_LOW_SPEED* options work + + ... this also makes sure that the progess callback gets called more + often during TFTP transfers. + + Added test 1238 to verify. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1269 + Reported-by: Jo3 + +- tftpd: support "writedelay" within <servercmd> + +- tftpd: convert 6 global variables into local ones + +- [Gisle Vanem brought this change] + + curl_easy_perform_ev: make it CURL_EXTERN + + I build curl.exe (using MingW) with '-DCURLDEBUG' and by importing from + libcurl.dll. Which means the new curl_easy_perform_ev() must be + exported from libcurl.dll. + +- CURLM_ADDED_ALREADY: new error code + + Doing curl_multi_add_handle() on an easy handle that is already added to + a multi handle now returns this error code. It previously returned + CURLM_BAD_EASY_HANDLE for this condition. + +- multi_init: moved init code here from add_handle + + The closure_handle is "owned" by the multi handle and it is + unconditional so the setting up of it should be in the Curl_multi_handle + function rather than curl_multi_add_handle. + +- multi: remove dns cache creation code from *add_handle + + As it is done unconditionally in multi_init() this code will never run! + +- curl_easy_perform_ev: debug/test function + + This function is meant to work *exactly* as curl_easy_perform() but will + use the event-based libcurl API internally instead of + curl_multi_perform(). To avoid relying on an actual event-based library + and to not use non-portable functions (like epoll or similar), there's a + rather inefficient emulation layer implemented on top of Curl_poll() + instead. + + There's currently some convenience logging done in curl_easy_perform_ev + which helps when tracking down problems. They may be suitable to remove + or change once things seem to be fine enough. + + curl has a new --test-event option when built with debug enabled that + then uses curl_easy_perform_ev() instead of curl_easy_perform(). If + built without debug, using --test-event will only output a warning + message. + + NOTE: curl_easy_perform_ev() is not part if the public API on purpose. + It is only present in debug builds of libcurl and MUST NOT be considered + stable even then. Use it for libcurl-testing purposes only. + + runtests.pl now features an -e command line option that makes it use + --test-event for all curl command line tests. The man page is updated. + +- [Gisle Vanem brought this change] + + transfer: the recent sessionhandle change broke CURL_DOES_CONVERSIONS + +- test1237: verify 1000+ letter user name + passwords + +- [Jonathan Nieder brought this change] + + url: handle arbitrary-length username and password before '@' + + libcurl quietly truncates usernames, passwords, and options from + before an '@' sign in a URL to 255 (= MAX_CURL_PASSWORD_LENGTH - 1) + characters to fit in fixed-size buffers on the stack. Allocate a + buffer large enough to fit the parsed fields on the fly instead to + support longer passwords. + + After this change, there are no more uses of MAX_CURL_OPTIONS_LENGTH + left, so stop defining that constant while at it. The hardcoded max + username and password length constants, on the other hand, are still + used in HTTP proxy credential handling (which this patch doesn't + touch). + + Reported-by: Colby Ranger + +- [Jonathan Nieder brought this change] + + url: handle exceptional cases first in parse_url_login() + + Instead of nesting "if(success)" blocks and leaving the reader in + suspense about what happens in the !success case, deal with failure + cases early, usually with a simple goto to clean up and return from + the function. + + No functional change intended. The main effect is to decrease the + indentation of this function slightly. + +- [Jonathan Nieder brought this change] + + Curl_setopt: handle arbitrary-length username and password + + libcurl truncates usernames, passwords, and options set with + curl_easy_setopt to 255 (= MAX_CURL_PASSWORD_LENGTH - 1) characters. + This doesn't affect the return value from curl_easy_setopt(), so from + the caller's point of view, there is no sign anything strange has + happened, except that authentication fails. + + For example: + + # Prepare a long (300-char) password. + s=0123456789; s=$s$s$s$s$s$s$s$s$s$s; s=$s$s$s; + # Start a server. + nc -l -p 8888 | tee out & pid=$! + # Tell curl to pass the password to the server. + curl --user me:$s http://localhost:8888 & sleep 1; kill $pid + # Extract the password. + userpass=$( + awk '/Authorization: Basic/ {print $3}' <out | + tr -d '\r' | + base64 -d + ) + password=${userpass#me:} + echo ${#password} + + Expected result: 300 + Actual result: 255 + + The fix is simple: allocate appropriately sized buffers on the heap + instead of trying to squeeze the provided values into fixed-size + on-stack buffers. + + Bug: http://bugs.debian.org/719856 + Reported-by: Colby Ranger + +- [Jonathan Nieder brought this change] + + netrc: handle longer username and password + + libcurl truncates usernames and passwords it reads from .netrc to + LOGINSIZE and PASSWORDSIZE (64) characters without any indication to + the user, to ensure the values returned from Curl_parsenetrc fit in a + caller-provided buffer. + + Fix the interface by passing back dynamically allocated buffers + allocated to fit the user's input. The parser still relies on a + 256-character buffer to read each line, though. + + So now you can include an ~246-character password in your .netrc, + instead of the previous limit of 63 characters. + + Reported-by: Colby Ranger + +- [Jonathan Nieder brought this change] + + url: allocate username, password, and options on the heap + + This makes it possible to increase the size of the buffers when needed + in later patches. No functional change yet. + +- [Jonathan Nieder brought this change] + + url: use goto in create_conn() for exception handling + + Instead of remembering before each "return" statement which temporary + allocations, if any, need to be freed, take care to set pointers to + NULL when no longer needed and use a goto to a common block to exit + the function and free all temporaries. + + No functional change intended. Currently the only temporary buffer in + this function is "proxy" which is already correctly freed when + appropriate, but there will be more soon. + +- [Jonathan Nieder brought this change] + + sasl: allow arbitrarily long username and password + + Use appropriately sized buffers on the heap instead of fixed-size + buffers on the stack, to allow for longer usernames and passwords. + + Callers never pass anything longer than MAX_CURL_USER_LENGTH (resp. + MAX_CURL_PASSWORD_LENGTH), so no functional change inteded yet. + +Steve Holme (19 Aug 2013) +- [Alex McLellan brought this change] + + imap: Fixed response check for SEARCH command + + Adding this line allows libcurl to return the server response when + performing a search command via a custom request. + +Daniel Stenberg (16 Aug 2013) +- glob: error out on range overflow + + The new multiply() function detects range value overflows. 32bit + machines will overflow on a 32bit boundary while 64bit hosts support + ranges up to the full 64 bit range. + + Added test 1236 to verify. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1267 + Reported-by: Will Dietz + +- urlglob: better detect unclosed braces, empty lists and overflows + + A rather big overhaul and cleanup. + + 1 - curl wouldn't properly detect and reject globbing that ended with an + open brace if there were brackets or braces before it. Like "{}{" or + "[0-1]{" + + 2 - curl wouldn't properly reject empty lists so that "{}{}" would + result in curl getting (nil) strings in the output. + + 3 - By using strtoul() instead of sscanf() the code will now detected + over and underflows. It now also better parses the step argument to only + accept positive numbers and only step counters that is smaller than the + delta between the maximum and minimum numbers. + + 4 - By switching to unsigned longs instead of signed ints for the + counters, the max values for []-ranges are now very large (on 64bit + machines). + + 5 - Bumped the maximum number of globs in a single URL to 100 (from 10) + + 6 - Simplified the code somewhat and now it stores fixed strings as + single- entry lists. That's also one of the reasons why I did (5) as now + all strings between "globs" will take a slot in the array. + + Added test 1234 and 1235 to verify. Updated test 87. + + This commit fixes three separate bug reports. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1264 + Bug: http://curl.haxx.se/bug/view.cgi?id=1265 + Bug: http://curl.haxx.se/bug/view.cgi?id=1266 + Reported-by: Will Dietz + +- [John Malmberg brought this change] + + VMS: Add RELEASE-NOTES to vms document + + Add the curl release notes to the release note document generated for + VMS packages. + + Add the different filenames generated by a daily build to the + cleanup procedures. + +- [Tor Arntsen brought this change] + + tests 2032, 2033: Don't hardcode port in expected output + +- ftp: convert state names to a global array + + ... just to make them easier to print in debug ouputs while debugging. + They are still within #ifdef [debugbuild]. + +- --help: fix the --sasl-ir in the help output + +- ftp_domore_getsock: when passive mode, the second conn is already there + + This makes the socket callback get called with the proper bitmask as + otherwise the application could be left hanging waiting for reading on + an upload connection! + + Bug: http://curl.haxx.se/mail/lib-2013-08/0043.html + Reported-by: Bill Doyle + +- curl: make --no-[option] work properly for several options + + --create-dirs, --crlf, --socks5-gssapi-nec and --sasl-ir + +Kamil Dudka (12 Aug 2013) +- nss: make sure that NSS is initialized + + ... prior to calling PK11_GenerateRandom() + +Daniel Stenberg (12 Aug 2013) +- multi: s/easy/data + + With everything being struct SessionHandle pointers now, this rename + makes multi.c use the library-wide practise of calling that pointer + 'data' instead of the previously used 'easy'. + +- cleanup: removed one function, made one static + + Moved Curl_easy_addmulti() from easy.c to multi.c, renamed it to + easy_addmulti and made it static. + + Removed Curl_easy_initHandleData() and uses of it since it was emptied + in commit cdda92ab67b47d74a. + +- SessionHandle: the protocol specific pointer is now a void * + + All protocol handler structs are now opaque (void *) in the + SessionHandle struct and moved in the request-specific sub-struct + 'SingleRequest'. The intension is to keep the protocol specific + knowledge in their own dedicated source files [protocol].c etc. + + There's some "leakage" where this policy is violated, to be addressed at + a later point in time. + +- urldata: clean up the use of the protocol specific structs + + 1 - always allocate the struct in protocol->setup_connection. Some + protocol handlers had to get this function added. + + 2 - always free at the end of a request. This is also an attempt to keep + less memory in the handle after it is completed. + +- version number: bump to 7.32.1 for now + + Start working on the next version and up some counters. + +Version 7.32.0 (11 Aug 2013) + +Daniel Stenberg (11 Aug 2013) +- THANKS: added contributors from the 7.32.0 release notes + +- [Fabian Keil brought this change] + + test1228: add 'HTTP proxy' to the keywords + +- [Fabian Keil brought this change] + + tests: add keywords for a couple of FILE tests + +- [Fabian Keil brought this change] + + tests: add 'FAILURE' keywords to tests 1409 and 1410 + +- [Fabian Keil brought this change] + + tests: add keywords for a couple of HTTP tests + +- [Fabian Keil brought this change] + + tests: add keywords for a couple of FTP tests + +- [Fabian Keil brought this change] + + test1511: consistently terminate headers with CRLF + +- DISABLED: shut of test 1512 for now + + It shows intermittent failures and I haven't been able to track them + down yet. Disable this test for now. + +- curl_multi_add_handle.3: ... that timer callback is for event-based + +- comments: remove old and wrong multi/easy interface statements + +- curl_multi_add_handle.3: mention the CURLMOPT_TIMERFUNCTION use + +- [John E. Malmberg brought this change] + + KNOWN_BUGS: 22 and 57 have been fixed and committed + +- RELEASE-NOTES: synced with d20def20462e7 + +- global dns cache: fix memory leak + + The take down of the global dns cache didn't take CURLOPT_RESOLVE names + into account. + +- global dns cache: didn't work [regression] + + CURLOPT_DNS_USE_GLOBAL_CACHE broke in commit c43127414d89ccb (been + broken since the libcurl 7.29.0 release). While this option has been + documented as deprecated for almost a decade and nobody even reported + this bug, it should remain functional. + + Added test case 1512 to verify + +Yang Tse (8 Aug 2013) +- [John Malmberg brought this change] + + packages/vms: update VMS build files + + VMS modified files either missing from a previous commit and changes + to remove references to CVS repositories. + +Daniel Stenberg (8 Aug 2013) +- FTP: renamed several local functions + + The previous naming scheme ftp_state_post_XXXX() wasn't really helpful + as it wasn't always immediately after 'xxxx' and it wasn't easy to + understand what it does based on such a name. + + This new one is instead ftp_state_yyyy() where yyyy describes what it + does or sends. + +- mk-ca-bundle.1: don't install on make install + + Since the mk-ca-bundle tool itself isn't installed with make install, + there's no point in installing its documentation. + + Bug: http://curl.haxx.se/mail/lib-2013-08/0057.html + Reported-by: Guenter Knauf + +Yang Tse (7 Aug 2013) +- packages/vms/Makefile.am: add latest file additions to EXTRA_DIST + +- [John Malmberg brought this change] + + Building_vms_pcsi_kit + + These are the files needed to build VMS distribution packages known as + PCSI kits. + + Also minor update to the existing files, mainly to the documentation and + file clean up code. + +Daniel Stenberg (6 Aug 2013) +- LIBCURL-STRUCTS: new document + + This is the first version of this new document, detailing the seven + perhaps most important internal structs in libcurl source code: + + 1.1 SessionHandle + 1.2 connectdata + 1.3 Curl_multi + 1.4 Curl_handler + 1.5 conncache + 1.6 Curl_share + 1.7 CookieInfo + +- CONTRIBUTE: minor language polish + +- FTP: when EPSV gets a 229 but fails to connect, retry with PASV + + This is a regression as this logic used to work. It isn't clear when it + broke, but I'm assuming in 7.28.0 when we went all-multi internally. + + This likely never worked with the multi interface. As the failed + connection is detected once the multi state has reached DO_MORE, the + Curl_do_more() function was now expanded somewhat so that the + ftp_do_more() function can request to go "back" to the previous state + when it makes another attempt - using PASV. + + Added test case 1233 to verify this fix. It has the little issue that it + assumes no service is listening/accepting connections on port 1... + + Reported-by: byte_bucket in the #curl IRC channel + +Nick Zitzmann (5 Aug 2013) +- md5: remove use of CommonCrypto-to-OpenSSL macros for the benefit of Leopard + + For some reason, OS X 10.5's GCC suddenly stopped working correctly with + macros that change MD5_Init etc. in the code to CC_MD5_Init etc., so I + worked around this by removing use of the macros and inserting static + functions that just call CommonCrypto's implementations of the functions + instead. + +Guenter Knauf (5 Aug 2013) +- Simplify check for trusted certificates. + + This changes the previous check for untrusted certs to a check for + certs explicitely marked as trusted. + The change is backward-compatible (tested with certdata.txt v1.80). + +Daniel Stenberg (5 Aug 2013) +- configure: warn on bad env variable use, don't error + + Use XC_CHECK_BUILD_FLAGS instead XC_CHECK_USER_FLAGS. + +- Revert "configure: don't error out on variable confusions, just warn" + + This reverts commit 6b27703b5f525eccdc0a8409f51de8595c75132a. + +- formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used + + The internal function that's used to detect known file extensions for + the default Content-Type got the the wrong pointer passed in when + CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that + strlen() would be used which could lead to an out-of-bounds read (and + thus segfault). In most cases it would only lead to it not finding or + using the correct default content-type. + + It also showed that test 554 and test 587 were testing for the + previous/wrong behavior and now they're updated as well. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1262 + Reported-by: Konstantin Isakov + +Guenter Knauf (4 Aug 2013) +- Skip more untrusted certificates. + + Christian Heimes brought to our attention that the certdata.txt + format has recently changed [1], causing ca-bundle.crt created + with mk-ca-bundle.[pl|vbs] to include untrusted certs. + + [1] http://lists.debian.org/debian-release/2012/11/msg00411.html + +Daniel Stenberg (4 Aug 2013) +- configure: don't error out on variable confusions, just warn + +- configure: rephrase the notice in _XC_CHECK_VAR_* + + Instead of claiming it is an error, we call it a "note" to reduce the + severity level. But the following text now says the [variable] "*should* + only be used to specify"... instead of previously having said "may". + +- multi: remove data->state.current_conn struct field + + Not needed + +- multi: remove the one_easy struct field + + Since the merge of SessionHandle with Curl_one_easy, this indirection + isn't used anymore. + +- multi: rename all Curl_one_easy to SessionHandle + +- multi: remove the multi_pos struct field + + Since Curl_one_easy is really a SessionHandle now, this indirection + doesn't exist anymore. + +- multi: remove easy_handle struct field + + It isn't needed anymore + +- multi: remove 'Curl_one_easy' struct, phase 1 + + The motivation for having a separate struct that keep track of an easy + handle when using the multi handle was removed when we switched to + always using the multi interface internally. Now they were just two + separate struct that was always allocated for each easy handle. + + This first step just moves the Curl_one_easy struct members into the + SessionHandle struct and hides this somehow (== keeps the source code + changes to a minimum) by defining Curl_one_easy to SessionHandle + + The biggest changes in this commit are: + + 1 - the linked list of easy handles had to be changed somewhat due + to the new struct layout. This made the main linked list pointer + get renamed to 'easyp' and there's also a new pointer to the last + node, called easylp. It is no longer circular but ends with ->next + pointing to NULL. New nodes are still added last. + + 2 - easy->state is now called easy->mstate to avoid name collision + +Steve Holme (2 Aug 2013) +- Revert "DOCS: Added IMAP URL example for listing new messages" + + This reverts commit 82ab5f1b0c7c3f as this was the wrong place to + document the complexity of IMAP URLs and Custom Requests. + +- DOCS: Added IMAP URL example for listing new messages + + In addition to listing the folder contents, in the URL examples, added + an example to list the new messages waiting in the user's inbox. + +Yang Tse (1 Aug 2013) +- packages/vms/Makefile.am: add latest file additions to EXTRA_DIST + +- [John Malmberg brought this change] + + Add in the files needed to build libcurl shared images on VMS. + + Update the packages/vms/readme file to be current. + + Also some files for the GNV based build were either missing or needed an + update. + + curl_crtl_init.c is a special file that is run before main() to + set up the proper C runtime behavior. + + generate_vax_transfer.com generates the VAX transfer vector modules from + the gnv_libcurl_symbols.opt file. + + gnv_conftest.c_first is a helper file needed for configure scripts to + come up with the expected answers on VMS. + + gnv_libcurl_symbols.opt is the public symbols for the libcurl shared + image. + + gnv_link_curl.com builds the shared libcurl image and rebuilds other + programs to use it. + + macro32_exactcase.patch is a hack to make a local copy of the VMS Macro32 + assembler case sensitive, which is needed to build the VAX transfer modules. + + report_openssl_version.c is a tool for help verify that the libcurl + shared image is being built for a minium version of openssl. + +- curl: second follow-up for commit 5af2bfb9 + + Display progress-bar unconditionally on first call + +- curl: follow-up for commit 5af2bfb9 + + Use tvnow() and tvdiff() to avoid introducing new linkage issues + +Daniel Stenberg (31 Jul 2013) +- curl: --progress-bar max update frequency now at 5Hz + +- curl: make --progress-bar update the line less frequently + + Also, use memset() instead of a lame loop. + + The previous logic that tried to avoid too many updates were very + ineffective for really fast transfers, as then it could easily end up + doing hundreds of updates per second that would make a significant + impact in transfer performance! + + Bug: http://curl.haxx.se/mail/archive-2013-07/0031.html + Reported-by: Marc Doughty + +Nick Zitzmann (30 Jul 2013) +- darwinssl: added LFs to some strings passed into infof() + + (This doesn't need to appear in the release notes.) I noticed a few places + where infof() was called, and there should've been an LF at the end of the + string, but there wasn't. + +- darwinssl: fix build error in crypto authentication under Snow Leopard + + It turns out Snow Leopard not only has SecItemCopyMatching() defined in + a header not included by the omnibus header, but it won't work for our + purposes, because searching for SecIdentityRef objects wasn't added + to that API until Lion. So we now use the old SecKeychainSearch API + instead if the user is building under, or running under, Snow Leopard. + + Bug: http://sourceforge.net/p/curl/bugs/1255/ + Reported by: Edward Rudd + +- md5 & metalink: use better build macros on Apple operating systems + + Previously we used __MAC_10_X and __IPHONE_X to mark digest-generating + code that was specific to OS X and iOS. Now we use + __MAC_OS_X_VERSION_MAX_ALLOWED and __IPHONE_OS_VERSION_MAX_ALLOWED + instead of those macros. + + Bug: http://sourceforge.net/p/curl/bugs/1255/ + Reported by: Edward Rudd + +Yang Tse (29 Jul 2013) +- tool_operhlp.c: fix add_file_name_to_url() OOM handling + +- tool_operate.c: fix brace placement for vi/emacs delimiter matching + +- tool_operate.c: move <fabdef.h> header inclusion location + +Daniel Stenberg (29 Jul 2013) +- RELEASE-NOTES: synced with b5478a0e033e7 + +- curl_easy_pause: on unpause, trigger mulit-socket handling + + When the multi-socket API is used, we need the handle to be checked + again when it gets unpaused. + + Bug: http://curl.haxx.se/mail/lib-2013-07/0239.html + Reported-by: Justin Karneges + +- [John E. Malmberg brought this change] + + curl_formadd: fix file upload on VMS + + For the standard VMS text file formats, VMS needs to read the file to + get the actual file size. + + For the standard VMS binary file formats, VMS needs a special format of + fopen() call so that it stops reading at the logical end of file instead + of at the end of the blocks allocated to the file. + + I structured the patch this way as I was not sure about changing the + structures or parameters to the routines, but would prefer to only call + the stat() function once and pass the information to where the fopen() + call is made. + + Bug: https://sourceforge.net/p/curl/bugs/758/ + +- formadd: CURLFORM_FILECONTENT wrongly rejected some option combos + + The code for CURLFORM_FILECONTENT had its check for duplicate options + wrong so that it would reject CURLFORM_PTRNAME if used in combination + with it (but not CURLFORM_COPYNAME)! The flags field used for this + purpose cannot be interpreted that broadly. + + Bug: http://curl.haxx.se/mail/lib-2013-07/0258.html + Reported-by: Byrial Jensen + +Yang Tse (25 Jul 2013) +- packages/vms/Makefile.am: add latest file additions to EXTRA_DIST + +- [John E. Malmberg brought this change] + + VMS: intial set of files to allow building using GNV toolkit. + +- string formatting: fix too many arguments for format + +- string formatting: fix zero-length printf format string + +- easy.c: curl_easy_getinfo() fix va_start/va_end matching + +- imap.c: imap_sendf() fix va_start/va_end matching + +- string formatting: fix 15+ printf-style format strings + +Patrick Monnerat (24 Jul 2013) +- OS400: sync ILE/RPG binding with current curl.h + +Yang Tse (24 Jul 2013) +- string formatting: fix 25+ printf-style format strings + +Daniel Stenberg (23 Jul 2013) +- Makefile.am: use LDFLAGS as well when linking libcurl + + Linking on Solaris 10 x86 with Sun Studio 12 failed when we upgraded + automake for the release builds. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1217 + Reported-by: Dagobert Michelsen + +- [Fabian Keil brought this change] + + url.c: Fix dot file path cleanup when using an HTTP proxy + + Previously the path was cleaned, but the URL wasn't properly updated. + +- [Fabian Keil brought this change] + + tests: test1232 verifies dotdot removal from path with proxy + +- [Fabian Keil brought this change] + + dotdot.c: Fix a RFC section number in a comment for Curl_dedotdotify() + +- [John E. Malmberg brought this change] + + build_vms.com: fix debug and float options + + In the reorganization of the build_vms.com the debug and float options + were not fixed up correctly. + +- [John E. Malmberg brought this change] + + curl: fix upload of a zip file in OpenVMS + + Two fixes: + + 1. Force output file format to be stream-lf so that partial downloads + can be continued. + + This should have minor impact as if the file does not exist, it was + created with stream-lf format. The only time this was an issue is if + there was already an existing file with a different format. + + 2. Fix file uploads are now fixed. + + a. VMS binary files such as ZIP archives are now uploaded + correctly. + + b. VMS text files are read once to get the correct size + and then converted to line-feed terminated records as + they are read into curl. + + The default VMS text formats do not contain either line-feed or + carriage-return terminated records. Those delimiters are added by the + operating system file read calls if the application requests them. + + Bug: http://curl.haxx.se/bug/view.cgi?id=496 + +Yang Tse (22 Jul 2013) +- libtest: fix data type of some *_setopt() 'long' arguments + +- curl: fix symbolic names for CURL_NETRC_* enum in --libcurl output + +- curl: fix symbolic names for CURLUSESSL_* enum in --libcurl output + +- tool_operate.c: fix passing curl_easy_setopt long arg on some x64 ABIs + + We no longer pass our 'bool' data type variables nor constants as + an argument to my_setopt(), instead we use proper 1L or 0L values. + + This also fixes macro used to pass string argument for CURLOPT_SSLCERT, + CURLOPT_SSLKEY and CURLOPT_EGDSOCKET using my_setopt_str() instead of + my_setopt(). + + This also casts enum or int argument data types to long when passed to + my_setopt_enum(). + +Daniel Stenberg (21 Jul 2013) +- curl_multi_wait: fix revents + + Commit 6d30f8ebed34e7276 didn't work properly. First, it used the wrong + array index, but this fix also: + + 1 - only does the copying if indeed there was any activity + + 2 - makes sure to properly translate between internal and external + bitfields, which are not guaranteed to match + + Reported-by: Evgeny Turnaev + +- RELEASE-NOTES: synced with d529f3882b9bca + +- curl_easy_perform: gradually increase the delay time + + Instead of going 50,100,150 etc millisecond delay time when nothing has + been found to do or wait for, we now start lower and double each loop as + in 4,8,16,32 etc. + + This lowers the minimum wait without sacrifizing the longer wait too + much with unnecessary CPU cycles burnt. + + Bug: http://curl.haxx.se/mail/lib-2013-07/0103.html + Reported-by: Andreas Malzahn + +- ftp_do_more: consider DO_MORE complete when server connects back + + In the case of an active connection when ftp_do_more() detects that the + server has connected back, it must make sure to mark it as complete so + that the multi_runsingle() function will detect this and move on to the + next state. + + Bug: http://curl.haxx.se/mail/lib-2013-07/0115.html + Reported-by: Clemens Gruber + +Yang Tse (19 Jul 2013) +- Makefile.b32: Borland makefile adjustments. Tested with BCC 5.5.1 + +- WIN32 MemoryTracking: require UNICODE for wide strdup code support + +Daniel Stenberg (18 Jul 2013) +- CURLOPT_XFERINFOFUNCTION: introducing a new progress callback + + CURLOPT_XFERINFOFUNCTION is now the preferred progress callback function + and CURLOPT_PROGRESSFUNCTION is considered deprecated. + + This new callback uses pure 'curl_off_t' arguments to pass on full + resolution sizes. It otherwise retains the same characteristics: the + same call rate, the same meanings for the arguments and the return code + is used the same way. + + The progressfunc.c example is updated to show how to use the new + callback for newer libcurls while supporting the older one if built with + an older libcurl or even built with a newer libcurl while running with + an older. + +Yang Tse (18 Jul 2013) +- Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage". + + This reverts commit 7ed25cc, reinstating commit 8ec2cb5. + + As of 18-jul-2013 we still do have code in libcurl that makes use of these + memory functions. Commit 8ec2cb5 comment still applies and is yet valid. + + These memory functions are solely used in Windows builds, so all related + code is protected with '#ifdef WIN32' preprocessor conditional compilation + directives. + + Specifically, wcsdup() _wcsdup() are used when building a Windows target with + UNICODE and USE_WINDOWS_SSPI preprocessor symbols defined. This is the case + when building a Windows UNICODE target with Windows native SSL/TLS support + enabled. + + Realizing that wcsdup() _wcsdup() are used is a bit tricky given that usage + of these is hidden behind _tcsdup() which is MS way of dealing with code + that must tolerate UNICODE and non-UNICODE compilation. Additionally, MS + header files and those compatible from other compilers use this preprocessor + conditional compilation directive in order to select at compilation time + whether 'wide' or 'ansi' MS API functions are used. + + Without this code, Windows build targets with Windows native SSL/TLS support + enabled and MemoryTracking support enabled misbehave in tracking memory usage, + regardless of being a UNICODE enabled build or not. + +- xc-am-iface.m4: comments refinement + +- configure: fix 'subdir-objects' distclean related issue + + See XC_AMEND_DISTCLEAN comments for details. + +Daniel Stenberg (18 Jul 2013) +- [Evgeny Turnaev brought this change] + + curl_multi_wait: set revents for extra fds + + Pass back the revents that happened for the user-provided file + descriptors. + +- [Ben Greear brought this change] + + asyn-ares: Don't blank ares servers if none configured. + + Best to just let c-ares use it's defaults if none are configured + in (lib)curl. + + Signed-off-by: Ben Greear <greearb@candelatech.com> + +- [Sergei Nikulov brought this change] + + cmake: Fix for MSVC2010 project generation + + Fixed issue with static build for MSVC2010. + + After some investigation I've discovered known issue + http://public.kitware.com/Bug/view.php?id=11240 When .rc file is linked + to static lib it fails with following linker error + + LINK : warning LNK4068: /MACHINE not specified; defaulting to X86 + file.obj : fatal error LNK1112: module machine type 'x64' conflicts with + target machine type 'X86' + + Fix add target property /MACHINE: for MSVC generation. + + Also removed old workarounds - it caused errors during msvc build. + + Bug: http://curl.haxx.se/mail/lib-2013-07/0046.html + +- mk-ca-bundle.1: point out certdata.txt format docs + +Yang Tse (16 Jul 2013) +- slist.c: Curl_slist_append_nodup() OOM handling fix + +Daniel Stenberg (16 Jul 2013) +- test1414: FTP PORT download without SIZE support + +Yang Tse (16 Jul 2013) +- tests/Makefile.am: add configurehelp.pm to DISTCLEANFILES + +Patrick Monnerat (15 Jul 2013) +- curl_slist_append(): fix error detection + +- slist.c: fix indentation + +- OS400: new SSL backend GSKit + +- OS400: add slist and certinfo EBCDIC support + +- config-os400.h: enable system strdup(), strcmpi(), etc. + +- x509asn1.c,x509asn1.h: new module to support ASN.1/X509 parsing & info extract + Use from qssl backend + +- ssluse.c,sslgen.c,sslgen.h: move certinfo support to generic SSL + +- Merge branch 'master' of github.com:bagder/curl + + Merge for resync + +- slist.c, slist.h, cookie.c: new internal procedure Curl_slist_append_nodup() + +Yang Tse (15 Jul 2013) +- sslgen.c: fix Curl_rand() compiler warning + + Use simple seeding method upon RANDOM_FILE seeding method failure. + +- sslgen.c: fix unreleased Curl_rand() infinite recursion + +Daniel Stenberg (14 Jul 2013) +- [Dave Reisner brought this change] + + src/tool: allow timeouts to accept decimal values + + Implement wrappers around strtod to convert the user argument to a + double with sane error checking. Use this to allow --max-time and + --connect-timeout to accept decimal values instead of strictly integers. + + The manpage is updated to make mention of this feature and, + additionally, forewarn that the actual timeout of the operation can + vary in its precision (particularly as the value increases in its + decimal precision). + +- [Dave Reisner brought this change] + + curl.1: fix long line, found by checksrc.pl + +- [Dave Reisner brought this change] + + src/tool_paramhlp: try harder to catch negatives + + strto* functions happily chomp off leading whitespace, so simply + checking for str[0] can lead to false negatives. Do the full parse and + check the out value instead. + +- [John E. Malmberg brought this change] + + build_vms.com: detect and use zlib shared image + + Update the build_vms.com to detect and use zlib shared image installed + by the ZLIB kit produced by Jean-Francois Pieronne, and the also the + future ZLIB 1.2.8 kit in addition to the older ZLIB kits. + + Also fix the indentation to match one of the common standards used for + VMS DCL command files and removed the hard tab characters. + + Tested on OpenVMS 8.4 Alpha and IA64, and OpenVMS 7.3 VAX. + +Yang Tse (14 Jul 2013) +- url.c: fix parse_url_login() OOM handling + +- http_digest.c: SIGSEGV and OOM handling fixes + +- url.c: fix parse_login_details() OOM handling + +- [John E. Malmberg brought this change] + + setup-vms.h: sk_pop symbol tweak + + Newer versions of curl are referencing a sk_pop symbol while the HP + OpenSSL library has the symbol in uppercase only. + +- getinfo.c: fix enumerated type mixed with another type + +- test 1511: fix enumerated type mixed with another type + +- url.c: fix SIGSEGV + +- dotdot.c: fix global declaration shadowing + +- easy.c: fix global declaration shadowing + +Kamil Dudka (9 Jul 2013) +- Revert "curl.1: document the --time-cond option in the man page" + + This reverts commit 3a0e931fc715a80004958794a96b12cf90503f99 because + the documentation of --time-cond was duplicated by mistake. + + Reported by: Dave Reisner + +- curl.1: document the --sasl-ir option in the man page + +- curl.1: document the --post303 option in the man page + +- curl.1: document the --time-cond option in the man page + +Yang Tse (9 Jul 2013) +- configure: automake 1.14 compatibility tweak (use XC_AUTOMAKE) + +- xc-am-iface.m4: provide XC_AUTOMAKE macro + +Guenter Knauf (8 Jul 2013) +- Added winssl-zlib target to VC builds. + +- Synced Makefile.vc6 with recent changes. + + Issue posted to the list by malinowsky AT FTW DOT at. + +- Added libmetalink URL; added Android versions. + +Dan Fandrich (3 Jul 2013) +- examples: Moved usercertinmem.c to COMPLICATED_EXAMPLES + + This prevents it from being built during a "make check" since it + depends on OpenSSL. + +Nick Zitzmann (2 Jul 2013) +- Merge branch 'master' of https://github.com/bagder/curl + +- darwinssl: SSLv2 connections are aborted if unsupported by the OS + + I just noticed that OS X no longer supports SSLv2. Other TLS engines return + an error if the requested protocol isn't supported by the underlying + engine, so we do that now for SSLv2 if the framework returns an error + when trying to turn on SSLv2 support. (Note: As always, SSLv2 support is + only enabled in curl when starting the app with the -2 argument; it's off + by default. SSLv2 is really old and insecure.) + +Marc Hoersken (1 Jul 2013) +- lib506.c: Fixed possible use of uninitialized variables + +Kamil Dudka (30 Jun 2013) +- url: restore the functionality of 'curl -u :' + + This commit fixes a regression introduced in + fddb7b44a79d78e05043e1c97e069308b6b85f79. + + Reported by: Markus Moeller + Bug: http://curl.haxx.se/mail/archive-2013-06/0052.html + +Daniel Stenberg (25 Jun 2013) +- digest: append the timer to the random for the nonce + +- digest: improve nonce generation + + Use the new improved Curl_rand() to generate better random nonce for + Digest auth. + +- curl.1: fix typo in --xattr description + + Bug: http://curl.haxx.se/bug/view.cgi?id=1252 + Reported-by: Jean-Noël Rouvignac + +- RELEASE-NOTES: synced with 365c5ba39591 + + The 10 first bug fixes for the pending release... + +- formpost: better random boundaries + + When doing multi-part formposts, libcurl used a pseudo-random value that + was seeded with time(). This turns out to be bad for users who formpost + data that is provided with users who then can guess how the boundary + string will look like and then they can forge a different formpost part + and trick the receiver. + + My advice to such implementors is (still even after this change) to not + rely on the boundary strings being cryptographically strong. Fix your + code and logic to not depend on them that much! + + I moved the Curl_rand() function into the sslgen.c source file now to be + able to take advantage of the SSL library's random function if it + provides one. If not, try to use the RANDOM_FILE for seeding and as a + last resort keep the old logic, just modified to also add microseconds + which makes it harder to properly guess the exact seed. + + The formboundary() function in formdata.c is now using 64 bit entropy + for the boundary and therefore the string of dashes was reduced by 4 + letters and there are 16 hex digits following it. The total length is + thus still the same. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1251 + Reported-by: "Floris" + +- printf: make sure %x are treated unsigned + + When using %x, the number must be treated as unsigned as otherwise it + would get sign-extended on for example 64bit machines and do wrong + output. This problem showed when doing printf("%08x", 0xffeeddcc) on a + 64bit host. + +- tests: add test1395 to the tarball + +- SIGPIPE: don't use 'data' in sigpipe restore + + Follow-up fix from 7d80ed64e43515. + + The SessionHandle may not be around to use when we restore the sigpipe + sighandler so we store the no_signal boolean in the local struct to know + if/how to restore. + +- TODO: 1.8 Modified buffer size approach + + Thoughts around buffer sizes and what might be possible to do... + +- c-ares: improve error message on failed resolve + + When the c-ares based resolver backend failed to resolve a name, it + tried to show the name that failed from existing structs. This caused + the wrong output and shown hostname when for example --interface + [hostname] was used and that name resolving failed. + + Now we use the hostname used in the actual resolve attempt in the error + message as well. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1191 + Reported-by: Kim Vandry + +- ossl_recv: check for an OpenSSL error, don't assume + + When we recently started to treat a zero return code from SSL_read() as + an error we also got false positives - which primarily looks to be + because the OpenSSL documentation is wrong and a zero return code is not + at all an error case in many situations. + + Now ossl_recv() will check with ERR_get_error() to see if there is a + stored error and only then consider it to be a true error if SSL_read() + returned zero. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1249 + Reported-by: Nach M. S. + Patch-by: Nach M. S. + +Nick Zitzmann (22 Jun 2013) +- Merge branch 'master' of https://github.com/bagder/curl + +- darwinssl: fix crash that started happening in Lion + + Something (a recent security update maybe?) changed in Lion, and now it + has changed SSLCopyPeerTrust such that it may return noErr but also give + us a null trust, which caught us off guard and caused an eventual crash. + +Daniel Stenberg (22 Jun 2013) +- SIGPIPE: ignored while inside the library + + ... and restore the ordinary handling again when it returns. This is + done for curl_easy_perform() and curl_easy_cleanup() only for now - and + only when built to use OpenSSL as backend as this is the known culprit + for the spurious SIGPIPEs people have received. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1180 + Reported by: LluÃs Batlle i Rossell + +- KNOWN_BUGS: #83 unable to load non-default openssl engines + +- test1396: invoke the correct test tool! + + This erroneously run unit test 1310 instead of 1396! + +Kamil Dudka (22 Jun 2013) +- test1230: avoid using hard-wired port number + + ... to prevent failure when a non-default -b option is given + +- curl-config.in: replace tabs by spaces + +Nick Zitzmann (22 Jun 2013) +- darwinssl: reform OS-specific #defines + + This doesn't need to be in the release notes. I cleaned up a lot of the #if + lines in the code to use MAC_OS_X_VERSION_MIN_REQUIRED and + MAC_OS_X_VERSION_MAX_ALLOWED instead of checking for whether things like + __MAC_10_6 or whatever were defined, because for some SDKs Apple has released + they were defined out of place. + +Daniel Stenberg (22 Jun 2013) +- [Alessandro Ghedini brought this change] + + docs: fix typo in curl_easy_getinfo manpage + +- dotdot: introducing dot file path cleanup + + RFC3986 details how a path part passed in as part of a URI should be + "cleaned" from dot sequences before getting used. The described + algorithm is now implemented in lib/dotdot.c with the accompanied test + case in test 1395. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1200 + Reported-by: Alex Vinnik + +- bump: start working towards what most likely will become 7.32.0 + +- THANKS: added 24 new contributors from the 7.31.0 release + +Version 7.31.0 (22 Jun 2013) + +Daniel Stenberg (22 Jun 2013) +- RELEASE-NOTES: synced with 0de7249bb39a2 - 7.31.0 + +- unit1396: unit tests to verify curl_easy_(un)escape + +- Curl_urldecode: no peeking beyond end of input buffer + + Security problem: CVE-2013-2174 + + If a program would give a string like "%FF" to curl_easy_unescape() but + ask for it to decode only the first byte, it would still parse and + decode the full hex sequence. The function then not only read beyond the + allowed buffer but it would also deduct the *unsigned* counter variable + for how many more bytes there's left to read in the buffer by two, + making the counter wrap. Continuing this, the function would go on + reading beyond the buffer and soon writing beyond the allocated target + buffer... + + Bug: http://curl.haxx.se/docs/adv_20130622.html + Reported-by: Timo Sirainen + +Guenter Knauf (20 Jun 2013) +- Use opened body.out file and write content to it. + +Daniel Stenberg (20 Jun 2013) +- multi_socket: react on socket close immediately + + As a remedy to the problem when a socket gets closed and a new one is + opened with the same file descriptor number and as a result + multi.c:singlesocket() doesn't detect the difference, the new function + Curl_multi_closed() gets told when a socket is closed so that it can be + removed from the socket hash. When the old one has been removed, a new + socket should be detected fine by the singlesocket() on next invoke. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1248 + Reported-by: Erik Johansson + +- RELEASE-NOTES: synced with e305f5ec715f + +- TODO: mention the DANE patch from March + +- CURLOPT_COOKIELIST: take cookie share lock + + When performing COOKIELIST operations the cookie lock needs to be taken + for the cases where the cookies are shared among multiple handles! + + Verified by Benjamin Gilbert's updated test 506 + + Bug: http://curl.haxx.se/bug/view.cgi?id=1215 + Reported-by: Benjamin Gilbert + +- [Benjamin Gilbert brought this change] + + test506: verify that CURLOPT_COOKIELIST takes share lock + + It doesn't right now: http://curl.haxx.se/bug/view.cgi?id=1215 + +- TODO: HTTP2/SPDY support + +- curl_easy_setopt.3: clarify CURLOPT_PROGRESSFUNCTION frequency + + Make it clearer that the CURLOPT_PROGRESSFUNCTION callback will be + called more frequently than once per second when things are happening. + +- RELEASE-NOTES: synced with 9c3e098259b82 + + Mention 7 recent bug fixes and their associated contributors + +- curl_multi_wait.3: clarify the numfds counter + +- curl_easy_perform: avoid busy-looping + + When curl_multi_wait() finds no file descriptor to wait for, it returns + instantly and this must be handled gracefully within curl_easy_perform() + or cause a busy-loop. Starting now, repeated fast returns without any + file descriptors is detected and a gradually increasing sleep will be + used (up to a max of 1000 milliseconds) before continuing the loop. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1238 + Reported-by: Miguel Angel + +- [YAMADA Yasuharu brought this change] + + cookies: follow-up fix for path checking + + The initial fix to only compare full path names were done in commit + 04f52e9b4db0 but found out to be incomplete. This takes should make the + change more complete and there's now two additional tests to verify + (test 31 and 62). + +- [Sergei Nikulov brought this change] + + lib1900: use tutil_tvnow instead of gettimeofday + + Makes it build on windows + +- [Eric Hu brought this change] + + axtls: now done non-blocking + +- [Eric Hu brought this change] + + test2033: requires NTLM support + +- KNOWN_BUGS: #82 failed build with Borland compiler + +- Curl_output_digest: support auth-int for empty entity body + + By always returning the md5 for an empty body when auth-int is asked + for, libcurl now at least sometimes does the right thing. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1235 + Patched-by: Nach M. S. + +- multi_socket: reduce timeout inaccuracy margin + + Allow less room for "triggered too early" mistakes by applications / + timers on non-windows platforms. Starting now, we assume that a timeout + call is never made earlier than 3 milliseconds before the actual + timeout. This greatly improves timeout accuracy on Linux. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1228 + Reported-by: Hang Su + +- cert_stuff: avoid double free in the PKCS12 code + + In the pkcs12 code, we get a list of x509 records returned from + PKCS12_parse but when iterating over the list and passing each to + SSL_CTX_add_extra_chain_cert() we didn't also properly remove them from + the "stack", which made them get freed twice (both in sk_X509_pop_free() + and then later in SSL_CTX_free). + + This isn't really documented anywhere... + + Bug: http://curl.haxx.se/bug/view.cgi?id=1236 + Reported-by: Nikaiw + +- cert_stuff: remove code duplication in the pkcs12 logic + +- [Aleksey Tulinov brought this change] + + axtls: honor disabled VERIFYHOST + + When VERIFYHOST == 0, libcurl should let invalid certificates to pass. + +- [Peter Gal brought this change] + + curl_easy_setopt.3: HTTP header with no content + + Update the documentation on how to specify a HTTP header with no + content. + +- RELEASE-NOTES: synced with 87cf677eca55 + + Added 11 bugs and 7 contributors + +- lib1500: remove bad check + + After curl_multi_wait() returns, this test checked that we got exactly + one file descriptor told to read from, but we cannot be sure that is + true. curl_multi_wait() will sometimes return earlier without any file + descriptor to handle, just just because it is a suitable time to call + *perform(). + + This problem showed up with commit 29bf0598. + + Bug: http://curl.haxx.se/mail/lib-2013-06/0029.html + Reported-by: Fabian Keil + +- tests/Makefile: typo in the perlcheck target + + Bug: http://curl.haxx.se/bug/view.cgi?id=1239 + Reported-by: Christian Weisgerber + +- test1230: verify CONNECT to a numerical ipv6-address + +- sws: support extracting test number from CONNECT ipv6-address! + + If an ipv6-address is provided to CONNECT, the last hexadecimal group in + the address will be used as the test number! For example the address + "[1234::ff]" would be treated as test case 255. + +- curl_multi_wait: only use internal timer if not -1 + + commit 29bf0598aad5 introduced a problem when the "internal" timeout is + prefered to the given if shorter, as it didn't consider the case where + -1 was returned. Now the internal timeout is only considered if not -1. + + Reported-by: Tor Arntsen + Bug: http://curl.haxx.se/mail/lib-2013-06/0015.html + +Dan Fandrich (3 Jun 2013) +- libcurl-tutorial.3: added a section on IPv6 + + Also added a (correctly-escaped) backslash to the autoexec.bat + example file and a new Windows character device name with + a colon as examples of other characters that are special + and potentially dangerous (this reverts and reworks commit + 7d8d2a54). + +Daniel Stenberg (3 Jun 2013) +- curl_multi_wait: reduce timeout if the multi handle wants to + + If the multi handle's pending timeout is less than what is passed into + this function, it will now opt to use the shorter time anyway since it + is a very good hint that the handle wants to process something in a + shorter time than what otherwise would happen. + + curl_multi_wait.3 was updated accordingly to clarify + + This is the reason for bug #1224 + + Bug: http://curl.haxx.se/bug/view.cgi?id=1224 + Reported-by: Andrii Moiseiev + +- multi_runsingle: switch an if() condition for readability + + ... because there's an identical check right next to it so using the + operators in the check in the same order increases readability. + +Marc Hoersken (2 Jun 2013) +- curl_schannel.c: Removed variable unused since 35874298e4 + +- curl_setup.h: Fixed redefinition warning using mingw-w64 + +Daniel Stenberg (30 May 2013) +- multi_runsingle: add braces to clarify the code + +- libcurl-tutorial.3: remove incorrect backslash + + A single backslash in the content is not legal nroff syntax. + + Reported and fixed by: Eric S. Raymond + Bug: http://curl.haxx.se/bug/view.cgi?id=1234 + +- curl_formadd.3: fixed wrong "end-marker" syntax + + Reported and fixed by: Eric S. Raymond + Bug: http://curl.haxx.se/bug/view.cgi?id=1233 + +- curl.1: clarify that --silent still outputs data + +- Digest auth: escape user names with \ or " in them + + When sending the HTTP Authorization: header for digest, the user name + needs to be escaped if it contains a double-quote or backslash. + + Test 1229 was added to verify + + Reported and fixed by: Nach M. S + Bug: http://curl.haxx.se/bug/view.cgi?id=1230 + +- [Mike Giancola brought this change] + + ossl_recv: SSL_read() returning 0 is an error too + + SSL_read can return 0 for "not successful", according to the open SSL + documentation: http://www.openssl.org/docs/ssl/SSL_read.html + +- [Mike Giancola brought this change] + + ossl_send: SSL_write() returning 0 is an error too + + We found that in specific cases if the connection is abruptly closed, + the underlying socket is listed in a close_wait state. We continue to + call the curl_multi_perform, curl_mutli_fdset etc. None of these APIs + report the socket closed / connection finished. Since we have cases + where the multi connection is only used once, this can pose a problem + for us. I've read that if another connection was to come in, curl would + see the socket as bad and attempt to close it at that time - + unfortunately, this does not work for us. + + I found that in specific situations, if SSL_write returns 0, curl did + not recognize the socket as closed (or errored out) and did not report + it to the application. I believe we need to change the code slightly, to + check if ssl_write returns 0. If so, treat it as an error - the same as + a negative return code. + + For OpenSSL - the ssl_write documentation is here: + http://www.openssl.org/docs/ssl/SSL_write.html + +- KNOWN_BUGS: curl -OJC- fails to resume + + Bug: http://curl.haxx.se/bug/view.cgi?id=1169 + +- Curl_cookie_add: handle IPv6 hosts + + 1 - don't skip host names with a colon in them in an attempt to bail out + on HTTP headers in the cookie file parser. It was only a shortcut anyway + and trying to parse a file with HTTP headers will still be handled, only + slightly slower. + + 2 - don't skip domain names based on number of dots. The original + netscape cookie spec had this oddity mentioned and while our code + decreased the check to only check for two, the existing cookie spec has + no such dot counting required. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1221 + Reported-by: Stefan Neis + +- curl_easy_setopt.3: expand the PROGRESSFUNCTION section + + Explain the callback and its arguments better and with more descriptive + text. + +- tests: add test1394 file to the tarball + +- tarball: include the xmlstream example + +- [David Strauss brought this change] + + xmlstream: XML stream parsing example source code + + Add an XML stream parsing example using Expat. Add missing ignore for + the binary from an unrelated example. + +- [YAMADA Yasuharu brought this change] + + cookies: only consider full path matches + + I found a bug which cURL sends cookies to the path not to aim at. + For example: + - cURL sends a request to http://example.fake/hoge/ + - server returns cookie which with path=/hoge; + the point is there is NOT the '/' end of path string. + - cURL sends a request to http://example.fake/hogege/ with the cookie. + + The reason for this old "feature" is because that behavior is what is + described in the original netscape cookie spec: + http://curl.haxx.se/rfc/cookie_spec.html + + The current cookie spec (RFC6265) clarifies the situation: + http://tools.ietf.org/html/rfc6265#section-5.2.4 + +- [Eric Hu brought this change] + + axtls: prevent memleaks on SSL handshake failures + +- Revert "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage" + + This reverts commit 8ec2cb5544b86306b702484ea785b6b9596562ab. + + We don't have any code anywhere in libcurl (or the curl tool) that use + wcsdup so there's no such memory use to track. It seems to cause mild + problems with the Borland compiler though that we may avoid by reverting + this change again. + + Bug: http://curl.haxx.se/mail/lib-2013-05/0070.html + +- RELEASE-NOTES: synced with ae26ee3489588f0 + +Guenter Knauf (11 May 2013) +- Updated zlib version in build files. + +Daniel Stenberg (9 May 2013) +- [Renaud Guillard brought this change] + + OS X framework: fix invalid symbolic link + +Kamil Dudka (9 May 2013) +- [Daniel Stenberg brought this change] + + nss: give PR_INTERVAL_NO_WAIT instead of -1 to PR_Recv/PR_Send + + Reported by: David Strauss + Bug: http://curl.haxx.se/mail/lib-2013-05/0088.html + +Daniel Stenberg (8 May 2013) +- libtest: gitignore more binary files + +- servercert: allow empty subject + + Bug: http://curl.haxx.se/bug/view.cgi?id=1220 + Patch by: John Gardiner Myers + +- [Steve Holme brought this change] + + tests: Added new SMTP tests to verify commit 99b40451836d + +- runtests.pl: support nonewline="yes" in client/stdin sections + +- build: fixed unit1394 for debug and metlink builds + +Kamil Dudka (6 May 2013) +- unit1394.c: plug the curl tool unit test in + +- [Jared Jennings brought this change] + + unit1394.c: basis of a unit test for parse_cert_parameter() + +- src/Makefile.am: build static lib for unit tests if enabled + +- tool_getparam: ensure string termination in parse_cert_parameter() + +- tool_getparam: fix memleak in handling the -E option + +- tool_getparam: describe what parse_cert_parameter() does + + ... and de-duplicate the code initializing *passphrase + +- curl.1: document escape sequences recognized by -E + +- [Jared Jennings brought this change] + + curl -E: allow to escape ':' in cert nickname + +Marc Hoersken (5 May 2013) +- curl_schannel.c: Fixed invalid memory access during SSL shutdown + +Steve Holme (4 May 2013) +- smtp: Fix trailing whitespace warning + +- smtp: Fix compilation warning + + comparison between signed and unsigned integer expressions + +- RELEASE-NOTES: synced with 92ef5f19c801 + +- smtp: Updated RFC-2821 references to RFC-5321 + +- smtp: Fixed sending of double CRLF caused by first in EOB + + If the mail sent during the transfer contains a terminating <CRLF> then + we should not send the first <CRLF> of the EOB as specified in RFC-5321. + + Additionally don't send the <CRLF> if there is "no mail data" as the + DATA command already includes it. + +- tests: Corrected MAIL SIZE for CRLF line endings + + ... which was missed in commit: f5c3d9538452 + +- tests: Corrected infilesize for CRLF line endings + + ... which was missed in commit: f5c3d9538452 + +- tests: Corrected test1406 to be RFC2821 compliant + +- tests: Corrected test1320 to be RFC2821 compliant + +- tests: Corrected typo in test909 + + Introduced in commit: 514817669e9e + +- tests: Corrected test909 to be RFC2821 compliant + +- tests: Updated test references to 909 from 1411 + + ...and removed references to libcurl and test1406. + +- tests: Renamed test1411 to test909 as this is a main SMTP test + +Daniel Stenberg (1 May 2013) +- [Lars Johannesen brought this change] + + bindlocal: move brace out of #ifdef + + The code within #ifdef HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID wrongly had two + closing braces when it should only have one, so builds without that + define would fail. + + Bug: http://curl.haxx.se/mail/lib-2013-05/0000.html + +Steve Holme (30 Apr 2013) +- smtp: Tidy up to move the eob counter to the per-request structure + + Move the eob counter from the smtp_conn structure to the SMTP structure + as it is associated with a SMTP payload on a per-request basis. + +- TODO: Updated following the addition of CURLOPT_SASL_IR + +- smtp: Fixed unknown percentage complete in progress bar + + The curl command line utility would display the the completed progress + bar with a percentage of zero as the progress routines didn't know the + size of the transfer. + +Daniel Stenberg (29 Apr 2013) +- ftpserver: silence warnings + + Fix regressions in commit b56e3d43e5d. Make @data local and filter off + non-numerical digits from $testno in STATUS_imap. + +Steve Holme (29 Apr 2013) +- ftpserver.pl: Corrected the imap LOGIN response + + ...to be more realistic and consistent with the other imap responses. + +- tests: Added imap STATUS command test + +- tests: Corrected the SMTP tests to be RFC2821 compliant + + The emails that are sent to the server during these tests were + incorrectly formatted as they contained one or more LF terminated lines + rather than being CRLF terminated as per Section 2.3.7 of RFC-2821. + + This wasn't a problem for the test suite as the <stdin> data matched the + <upload> data but anyone using these tests as reference would be sending + incorrect data to a server. + +- email: Tidy up of *_perform_authenticate() + + Removed the hard returns from imap and pop3 by using the same style for + sending the authentication string as smtp. Moved the "Other mechanisms + not supported" check in smtp to match that of imap and pop3 to provide + consistency between the three email protocols. + +- smtp: Updated limit check to be more readable like the check in pop3 + +- pop3: Added 255 octet limit check when sending initial response + + Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034. + +- DOCS: Corrected line length of recent Secure Transport changes + +Nick Zitzmann (27 Apr 2013) +- darwinssl: add TLS crypto authentication + + Users using the Secure Transport (darwinssl) back-end can now use a + certificate and private key to authenticate with a site using TLS. Because + Apple's security system is based around the keychain and does not have any + non-public function to create a SecIdentityRef data structure from data + loaded outside of the Keychain, the certificate and private key have to be + loaded into the Keychain first (using the certtool command line tool or + the Security framework's C API) before we can find it and use it. + +Steve Holme (27 Apr 2013) +- Corrected version numbers after bump + +Daniel Stenberg (27 Apr 2013) +- bump version + + Since we're adding new stuff, the next release will bump the minor + version and we're looking forward to 7.31.0 + +Steve Holme (27 Apr 2013) +- RELEASE-NOTES: synced with f4e6e201b146 + +- DOCS: Updated following the addition of CURLOPT_SASL_IR + + Documented the the option in curl_easy_setopt() and added it to + symbols-in-versions. + +- tests: Corrected command line arguments in test907 and test908 + +- tests: Added SMTP AUTH with initial response tests + +- tests: Updated SMTP tests to decouple client initial response + + Updated test903 and test904 following the addition of CURLOPT_SASL_IR + as the default behaviour of SMTP AUTH responses is now to not include + the initial response. New tests with --sasl-ir support to follow. + +- imap: Added support for overriding the SASL initial response + + In addition to checking for the SASL-IR capability the user can override + the sending of the client's initial response in the AUTHENTICATION + command with the use of CURLOPT_SASL_IR should the server erroneously + not report SASL-IR when it does support it. + +- smtp: Added support for disabling the SASL initial response + + Updated the default behaviour of sending the client's initial response in the AUTH + command to not send it and added support for CURLOPT_SASL_IR to allow the user to + specify including the response. + + Related Bug: http://curl.haxx.se/mail/lib-2012-03/0114.html + Reported-by: Gokhan Sengun + +- pop3: Added support for enabling the SASL initial response + + Allowed the user to specify whether to send the client's intial response + in the AUTH command via CURLOPT_SASL_IR. + +- sasl-ir: Added --sasl-ir option to curl command line tool + +- sasl-ir: Added CURLOPT_SASL_IR to enable/disable the SASL initial response + +Daniel Stenberg (26 Apr 2013) +- curl_easy_init: use less mallocs + + By introducing an internal alternative to curl_multi_init() that accepts + parameters to set the hash sizes, easy handles will now use tiny socket + and connection hash tables since it will only ever add a single easy + handle to that multi handle. + + This decreased the number mallocs in test 40 (which is a rather simple + and typical easy interface use case) from 1142 to 138. The maximum + amount of memory allocated used went down from 118969 to 78805. + +Steve Holme (26 Apr 2013) +- ftpserver.pl: Fixed imap logout confirmation data + + An IMAP server should response with the BYE continuation response before + confirming the LOGOUT command was successful. + +Daniel Stenberg (26 Apr 2013) +- ftp_state_pasv_resp: connect through proxy also when set by env + + When connecting back to an FTP server after having sent PASV/EPSV, + libcurl sometimes didn't use the proxy properly even though the proxy + was used for the initial connect. + + The function wrongly checked for the CURLOPT_PROXY variable to be set, + which made it act wrongly if the proxy information was set with an + environment variable. + + Added test case 711 to verify (based on 707 which uses --socks5). Also + added test712 to verify another variation of setting the proxy: with + --proxy socks5:// + + Bug: http://curl.haxx.se/bug/view.cgi?id=1218 + Reported-by: Zekun Ni + +Kamil Dudka (26 Apr 2013) +- [Zdenek Pavlas brought this change] + + url: initialize speed-check data for file:// protocol + + ... in order to prevent an artificial timeout event based on stale + speed-check data from a previous network transfer. This commit fixes + a regression caused by 9dd85bced56f6951107f69e581c872c1e7e3e58e. + + Bug: https://bugzilla.redhat.com/906031 + +Daniel Stenberg (25 Apr 2013) +- test709: clarify the test in the name + +- sshserver: disable StrictHostKeyChecking + + I couldn't figure out why the host key logic isn't working, but having + it set to yes prevents my SSH-based test cases to run. I also don't see + a strong need to use strict host key checking on this test server. + + So I disabled it. + +- runtests: log more commands in verbose mode + + ... to aid tracking down failures + +Steve Holme (25 Apr 2013) +- TODO: Corrected copy/paste typo + +- TODO: Added new ideas for future SMTP, POP3 and IMAP features + +- TODO: Updated following the addition of ;auth=<MECH> support + +- DOCS: Minor rewording / clarification of host name protocol detection + +- RELEASE-NOTES: synced with a8c92cb60890 + +- DOCS: Added reference to IETF draft for SMTP URL Interface + + ...when mentioning login options. Additional minor clarification of + "Windows builds" to be "Windows builds with SSPI"as a way of enabling + NTLM as Windows builds may be built with OpenSSL to enable NTLM or + without NTLM support altogether. + +Linus Nielsen Feltzing (23 Apr 2013) +- HISTORY: Fix spelling error. + +Steve Holme (23 Apr 2013) +- DOCS: Reworked the scheme calculation explanation under CURLOPT_URL + +- url: Added smtp and pop3 hostnames to the protocol detection list + +Daniel Stenberg (23 Apr 2013) +- HISTORY: correct some years/dates + + Thanks to archive.org's wayback machine I updated this document with + some facts from the early httpget/urlget web page: + + http://web.archive.org/web/19980216125115/http://www.inf.ufrgs.br/~sagula/urlget.html + +- [Alessandro Ghedini brought this change] + + tests: add test1511 to check timecond clean-up + + Verifies the timecond fix in commit c49ed0b6c0f + +- [Alessandro Ghedini brought this change] + + getinfo.c: reset timecond when clearing session-info variables + + Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705783 + Reported-by: Ludovico Cavedon <cavedon@debian.org> + +Steve Holme (22 Apr 2013) +- DOCS: Added information about login options to CURLOPT_USERPWD + +- DOCS: Added information about login options in the URL + +- url: Fixed missing length check in parse_proxy() + + Commit 11332577b3cb removed the length check that was performed by the + old scanf() code. + +- url: Fixed crash when no username or password supplied for proxy + + Fixed an issue in parse_proxy(), introduced in commit 11332577b3cb, + where an empty username or password (For example: http://:@example.com) + would cause a crash. + +- url: Removed unused text length constants + +- url: Updated proxy URL parsing to use parse_login_details() + +- url: Tidy up of setstropt_userpwd() parameters + + Updated the naming convention of the login parameters to match those of + other functions. + +- url: Tidy up of code and comments following recent changes + + Tidy up of variable names and comments in setstropt_userpwd() and + parse_login_details(). + +- url: Simplified setstropt_userpwd() following recent changes + + There is no need to perform separate clearing of data if a NULL option + pointer is passed in. Instead this operation can be performed by simply + not calling parse_login_details() and letting the rest of the code do + the work. + +- url: Correction to scope of if statements when setting data + +- url: Fixed memory leak in setstropt_userpwd() + + setstropt_userpwd() was calling setstropt() in commit fddb7b44a79d to + set each of the login details which would duplicate the strings and + subsequently cause a memory leak. + +- RELEASE-NOTES: synced with d535c4a2e1f7 + +- url: Added overriding of URL login options from CURLOPT_USERPWD + +- tool_paramhlp: Fixed options being included in username + + Fix to prevent the options from being displayed when curl requests the + user's password if the following command line is specified: + + --user username;options + +- url: Added support for parsing login options from the CURLOPT_USERPWD + + In addition to parsing the optional login options from the URL, added + support for parsing them from CURLOPT_USERPWD, to allow the following + supported command line: + + --user username:password;options + +- url: Added bounds checking to parse_login_details() + + Added bounds checking when searching for the separator characters within + the login string as this string may not be NULL terminated (For example + it is the login part of a URL). We do this in preference to allocating a + new string to copy the login details into which could then be passed to + parse_login_details() for performance reasons. + +- url: Added size_t cast to pointer based length calculations + +- url: Corrected minor typo in comment + +Daniel Stenberg (18 Apr 2013) +- CURL_CHECK_CA_BUNDLE: don't check for paths when cross-compiling + + When cross-compiling we can't scan and detect existing files or paths. + + Bug: http://curl.haxx.se/mail/lib-2013-04/0294.html + +- [Ishan SinghLevett brought this change] + + usercertinmem.c: add example showing user cert in memory + + Relies on CURLOPT_SSL_CTX_FUNCTION, which is OpenSSL specific + +Steve Holme (18 Apr 2013) +- url: Fix chksrc longer than 79 columns warning + +- url: Fix incorrect variable type for result code + +- url: Fix compiler warning + + signed and unsigned type in conditional expression + +- url: Moved parsing of login details out of parse_url_login() + + Separated the parsing of login details from the processing of them in + parse_url_login() ready for use by setstropt_userpwd(). + +- url: Re-factored set_userpass() and parse_url_userpass() + + Re-factored these functions to reflect their new behaviour following the + addition of login options. + +- url: Reworked URL parsing to allow overriding by CURLOPT_USERPWD + +Daniel Stenberg (18 Apr 2013) +- maketgz: make bzip2 creation work with Parallel BZIP2 too + + Apparently the previous usage didn't work with that implementation, + while this updated version works with at least both Parallel BZIP2 + v1.1.8 and regular bzip "Version 1.0.6, 6-Sept-2010". + +Linus Nielsen Feltzing (18 Apr 2013) +- Add tests/http_pipe.py to the tarball build + +Steve Holme (16 Apr 2013) +- smtp: Re-factored all perform based functions + + Standardised the naming of all perform based functions to be in the form + smtp_perform_something(). + +- smtp: Added description comments to all perform based functions + +- smtp: Moved smtp_quit() to be with the other perform functions + +- smtp: Moved smtp_rcpt_to() to be with the other perform functions + +- smtp: Moved smtp_mail() to be with the other perform functions + +Daniel Stenberg (16 Apr 2013) +- [Wouter Van Rooy brought this change] + + curl-config: don't output static libs when they are disabled + + Curl-config outputs static libraries even when they are disabled in + configure. + + This causes problems with the build of pycurl. + +- [Dave Reisner brought this change] + + docs/libcurl: fix formatting in manpage + + Commit c3ea3eb6 introduced some minor cosmetic errors in + curl_mutli_socket_action(3). + +- [Paul Howarth brought this change] + + Add extra libs for lib1900 and lib2033 test programs + + These are needed in cases where clock_gettime is used, from librt. + +Dan Fandrich (15 Apr 2013) +- FAQ: mention that the network connection can be monitored + + Also note the prohibition on sharing handles across threads. + +Steve Holme (15 Apr 2013) +- pop3: Added missing comment for pop3_state_apop_resp() + +- smtp: Updated the coding style of smtp_state_servergreet_resp() + + Updated the coding style, in this function, to be consistant with other + response functions rather then performing a hard return on failure. + +- pop3: Updated the coding style of pop3_state_servergreet_resp() + + Updated the coding style, in this function, to be consistent with other + response functions rather then performing a hard return on failure. + +- pop3: Re-factored all perform based functions + + Standardised the naming of all perform based functions to be in the form + pop3_perform_something() following the changes made to IMAP. + +- pop3: Added description comments to all perform based functions + +- pop3: Moved pop3_quit() to be with the other perform functions + +- pop3: Moved pop3_command() to be with the other perform functions + + Started to apply the same tidy up to the POP3 code as applied to the + IMAP code in the 7.30.0 release. + +- RELEASE-NOTES: Removed erroneous spaces + +- RELEASE-NOTES: synced with 8723cade21fb + +- smtp: Added support for ;auth=<mech> in the URL + + Added support for specifying the preferred authentication mechanism in + the URL as per Internet-Draft 'draft-earhart-url-smtp-00'. + +- pop3: Reworked authentication type constants + + ... to use left-shifted values, like those defined in curl.h, rather + than 16-bit hexadecimal values. + +- pop3: Small consistency tidy up + +- pop3: Added support for ;auth=<mech> in the URL + + Added support for specifying the preferred authentication type and SASL + mechanism in the URL as per RFC-2384. + +- imap: Added support for ;auth=<mech> in the URL + + Added support for specifying the preferred authentication mechanism in + the URL as per RFC-5092. + +- sasl: Reworked SASL mechanism constants + + ... to use left-shifted values, like those defined in curl.h, rather + than 16-bit hexadecimal values. + +- sasl: Added predefined preferred mechanism values + + In preparation for the upcoming changes to IMAP, POP3 and SMTP added + preferred mechanism values. + +- url: Added support for parsing login options from the URL + + As well as parsing the username and password from the URL, added support + for parsing the optional options part from the login details, to allow + the following supported URL format: + + schema://username:password;options@example.com/path?q=foobar + + This will only be used by IMAP, POP3 and SMTP at present but any + protocol that may be given login options in the URL will be able to + add support for them. + +- smtp: Fix compiler warning + + warning: unused variable 'smtp' introduced in commit 73cbd21b5ee6. + +- smtp: Moved parsing of url path into separate function + +Daniel Stenberg (12 Apr 2013) +- FTP: handle a 230 welcome response + + ...instead of the 220 we otherwise expect. + + Made the ftpserver.pl support sending a custom "welcome" and then + created test 1219 to verify this fix with such a 230 welcome. + + Bug: http://curl.haxx.se/mail/lib-2013-02/0102.html + Reported by: Anders Havn + +- configure: try pthread_create without -lpthread + + For libc variants without a spearate pthread lib (like bionic), try + using pthreads without the pthreads lib first and only if that fails try + the -lpthread linker flag. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1216 + Reported by: Duncan + +- FTP: access files in root dir correctly + + Accessing a file with an absolute path in the root dir but with no + directory specified was not handled correctly. This fix comes with four + new test cases that verify it. + + Bug: http://curl.haxx.se/mail/lib-2013-04/0142.html + Reported by: Sam Deane + +Steve Holme (12 Apr 2013) +- pop3: Reworked the function description for Curl_pop3_write() + +- pop3: Added function description to pop3_parse_custom_request() + +- pop3: Moved utility functions to end of pop3.c + +Nick Zitzmann (12 Apr 2013) +- darwinssl: add TLS session resumption + + This ought to speed up additional TLS handshakes, at least in theory. + +Steve Holme (12 Apr 2013) +- imap: Added function description to imap_parse_custom_request() + +- imap: Moved utility functions to end of imap.c (Part 3/3) + + Moved imap_is_bchar() be with the other utility based functions. + +- imap: Moved utility functions to end of imap.c (Part 2/3) + + Moved imap_parse_url_path() and imap_parse_custom_request() to the end of the + file allowing all utility functions to be grouped together. + +- imap: Moved utility functions to end of imap.c (Part 1/3) + + Moved imap_atom() and imap_sendf() to the end of the file allowing all + utility functions to be grouped together. + +- imap: Corrected function description for imap_connect() + +Kamil Dudka (12 Apr 2013) +- tests: prevent test206, test1060, and test1061 from failing + + ... in case runtests.pl is invoked with non-default -b option + + Fixes a regression caused by 1e29d275c643ef6aab7948f0f55a7a9397e56b42. + +Daniel Stenberg (12 Apr 2013) +- [David Strauss brought this change] + + libcurl-share.3: update what it does and does not share. + + Update sharing interface documentation to provide exhaustive list of + what it does and does not share. + +- THANKS: remove duplicated names + +- bump: start working towards next release + +- THANKS: added people from the 7.30.0 RELEASE-NOTES + +Version 7.30.0 (12 Apr 2013) + +Daniel Stenberg (12 Apr 2013) +- RELEASE-NOTES: cleaned up for 7.30 (synced with 5c5e1a1cd20) + + Most notable the security advisory: + http://curl.haxx.se/docs/adv_20130412.html + +- test1218: another cookie tailmatch test + + ... and make 1216 also verify it with a file input + + These tests verify commit 3604fde3d3c9b0d, the fix for the "cookie + domain tailmatch" vulnerability. See + http://curl.haxx.se/docs/adv_20130412.html + +- [YAMADA Yasuharu brought this change] + + cookie: fix tailmatching to prevent cross-domain leakage + + Cookies set for 'example.com' could accidentaly also be sent by libcurl + to the 'bexample.com' (ie with a prefix to the first domain name). + + This is a security vulnerabilty, CVE-2013-1944. + + Bug: http://curl.haxx.se/docs/adv_20130412.html + +Guenter Knauf (11 Apr 2013) +- Enabled MinGW sync resolver builds. + +Yang Tse (10 Apr 2013) +- if2ip.c: fix compiler warning + +Guenter Knauf (10 Apr 2013) +- Fixed lost OpenSSL output with "-t" - followup. + + The previously applied patch didnt work on Windows; we cant rely + on shell commands like 'echo' since they act diffently on each + platform and each shell. + In order to keep this script platform-independent the code must + only use pure Perl. + +Daniel Stenberg (9 Apr 2013) +- test1217: verify parsing 257 responses with "rubbish" before path + + Test 1217 verifies commit e0fb2d86c9f78, and without that change this + test fails. + +- [Bill Middlecamp brought this change] + + FTP: handle "rubbish" in front of directory name in 257 responses + + When doing PWD, there's a 257 response which apparently some servers + prefix with a comment before the path instead of after it as is + otherwise the norm. + + Failing to parse this, several otherwise legitimate use cases break. + + Bug: http://curl.haxx.se/mail/lib-2013-04/0113.html + +Guenter Knauf (9 Apr 2013) +- Fixed ares-enabled builds with static makefiles. + +- Fixed lost OpenSSL output with "-t". + + The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM + output wrote to a temporary file. Consequently, the OpenSSL output was + lost when the temp file was renamed to the final file at script finish + (overwriting the final file written earlier by openssl). + Patch posted to the list by Richard Michael (rmichael edgeofthenet org). + +Daniel Stenberg (9 Apr 2013) +- test1216: test tailmatching cookie domains + + This test is an attempt to repeat the problem YAMADA Yasuharu reported + at http://curl.haxx.se/mail/lib-2013-04/0108.html + +- RELEASe-NOTES: synced with 29fdb2700f797 + + added "tcpkeepalive on Mac OS X" + +Nick Zitzmann (8 Apr 2013) +- darwinssl: disable insecure ciphers by default + + I noticed that aria2's SecureTransport code disables insecure ciphers such + as NULL, anonymous, IDEA, and weak-key ciphers used by SSLv3 and later. + That's a good idea, and now we do the same thing in order to prevent curl + from accessing a "secure" site that only negotiates insecure ciphersuites. + +Daniel Stenberg (8 Apr 2013) +- [Robert Wruck brought this change] + + tcpkeepalive: Support CURLOPT_TCP_KEEPIDLE on OSX + + MacOS X doesn't have TCP_KEEPIDLE/TCP_KEEPINTVL but only a single + TCP_KEEPALIVE (see + http://developer.apple.com/library/mac/#DOCUMENTATION/Darwin/Reference/ManPages/man4/tcp.4.html). + Here is a patch for CURLOPT_TCP_KEEPIDLE on OSX platforms. + +- configure: remove CURL_CHECK_FUNC_RECVFROM + + 1 - We don't use the results from the test and we never did. recvfrom() + is only used by the TFTP code and it has not caused any problems. + + 2 - the CURL_CHECK_FUNC_RECVFROM function is extremely slow + +Steve Holme (8 Apr 2013) +- RELEASE-NOTES: Corrected duplicate NTLM memory leaks + +- RELEASE-NOTES: Removed trailing full stop + +Daniel Stenberg (8 Apr 2013) +- [Fabian Keil brought this change] + + proxy: make ConnectionExists() check credential of proxyconnections too + + Previously it only compared credentials if the requested needle + connection wasn't using a proxy. This caused NTLM authentication + failures when using proxies as the authentication code wasn't send on + the connection where the challenge arrived. + + Added test 1215 to verify: NTLM server authentication through a proxy + (This is a modified copy of test 67) + +- RELEASE-NOTES: sync with 704a5dfca9 + +- TODO-RELEASE: cleaned up, not really maintained lately + +Marc Hoersken (7 Apr 2013) +- if2ip.c: Fixed another warning: unused parameter 'remote_scope' + +Daniel Stenberg (7 Apr 2013) +- [Marc Hoersken brought this change] + + cookie.c: Made cookie sort function more deterministic + + Since qsort implementations vary with regards to handling the order + of similiar elements, this change makes the internal sort function + more deterministic by comparing path length first, then domain length + and finally the cookie name. Spotted with testcase 62 on Windows. + +Marc Hoersken (7 Apr 2013) +- curl_schannel.c: Follow up on memory leak fix ae4558d + +- Revert "getpart.pm: Strip carriage returns to fix Windows support" + + This reverts commit e51b23c925a2721cf7c29b2b376d3d8903cfb067. + As discussed on the mailinglist, this was not the correct approach. + +- http_negotiate.c: Fixed passing argument from incompatible pointer type + +- ftp.c: Added missing brackets around ABOR command logic + +- sockfilt.c: Fixed detection of client-side connection close + + WINSOCK only: + Since FD_CLOSE is only signaled once, it may trigger at the same + time as FD_READ. Data actually being available makes it impossible + to detect that the connection was closed by checking that recv returns + zero. Another recv attempt could block the connection if it was + not closed. This workaround abuses exceptfds in conjunction with + readfds to signal that the connection has actually closed. + +- curl_schannel.c: Fixed memory leak if connection was not successful + +- if2ip.c: Fixed warning: unused parameter 'remote_scope' + +- runtests.pl: Fixed --verbose parameter passed to http_pipe.py + +- sockfilt.c: Reduce CPU load while running under a Windows PIPE + +- tftpd.c: Apply sread timeout to the whole data transfer session + +- getpart.pm: Strip carriage returns to fix Windows support + +Daniel Stenberg (6 Apr 2013) +- ftp tests: libcurl returns CURLE_FTP_ACCEPT_FAILED better now + + Since commit 57aeabcc1a20f, it handles errors on the control connection + while waiting for the data connection better. + + Test 591 and 592 are updated accordingly. + +- FTP: wait on both connections during active STOR state + + When doing PORT and upload (STOR), this function needs to extract the + file descriptor for both connections so that it will respond immediately + when the server eventually connects back. + + This flaw caused active connections to become unnecessary slow but they + would still often work due to the normal polling on a timeout. The bug + also would not occur if the server connected back very fast, like when + testing on local networks. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1183 + Reported by: Daniel Theron + +Marc Hoersken (6 Apr 2013) +- tftpd.c: Follow up cleanup and restore of previous sockopt + +Daniel Stenberg (6 Apr 2013) +- [Kim Vandry brought this change] + + connect: treat an interface bindlocal() problem as a non-fatal error + + I am using curl_easy_setopt(CURLOPT_INTERFACE, "if!something") to force + transfers to use a particular interface but the transfer fails with + CURLE_INTERFACE_FAILED, "Failed binding local connection end" if the + interface I specify has no IPv6 address. The cause is as follows: + + The remote hostname resolves successfully and has an IPv6 address and an + IPv4 address. + + cURL attempts to connect to the IPv6 address first. + + bindlocal (in lib/connect.c) fails because Curl_if2ip cannot find an + IPv6 address on the interface. + + This is a fatal error in singleipconnect() + + This change will make cURL try the next IP address in the list. + + Also included are two changes related to IPv6 address scope: + + - Filter the choice of address in Curl_if2ip to only consider addresses + with the same scope ID as the connection address (mismatched scope for + local and remote address does not result in a working connection). + + - bindlocal was ignoring the scope ID of addresses returned by + Curl_if2ip . Now it uses them. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1189 + +Marc Hoersken (6 Apr 2013) +- tftpd.c: Fixed sread timeout on Windows by setting it manually + +- ftp.pm: Added tskill to support Windows XP Home + +- runtests.pl: Modularization of MinGW/Msys compatibility functions + +- ftp.pm: Made Perl testsuite able to handle Windows processes + +- util.c: Revert workaround eeefcdf, 6eb56e7 and e3787e8 + +- ftp.pm: Made Perl testsuite able to kill Windows processes + +- util.c: Follow up cleanup on eeefcdf + +Daniel Stenberg (6 Apr 2013) +- cpp: use #ifdef __MINGW32__ to avoid compiler complaints + + ... instead of just #if + +Marc Hoersken (6 Apr 2013) +- util.c: Made write_pidfile write the correct PID on MinGW/Msys + + This workaround fixes an issue on MinGW/Msys regarding the Perl + testsuite scripts not being able to signal or control the server + processes. The MinGW Perl runtime only sees the Msys processes and + their corresponding PIDs, but sockfilt (and other servers) wrote the + Windows PID into their PID-files. Since this PID is useless to the + testsuite, the write_pidfile function was changed to search for the + Msys PID and write that into the PID-file. + +Daniel Stenberg (5 Apr 2013) +- RELEASE-NOTES: synced with 5e722b2d09087 + + 3 more bug fixes, 6 more contributors + +Marc Hoersken (5 Apr 2013) +- sockfilt.c: Fixed handling of multiple fds being signaled + +Kamil Dudka (5 Apr 2013) +- curl_global_init.3: improve description of CURL_GLOBAL_ALL + + Reported by: Tomas Mlcoch + +- examples/multi-single.c: fix the order of destructions + + ... so that it adheres to the API documentation. + + Reported by: Tomas Mlcoch + +Daniel Stenberg (5 Apr 2013) +- Curl_open: restore default MAXCONNECTS to 5 + + At some point recently we lost the default value for the easy handle's + connection cache, and this change puts it back to 5 - which is the + former default value and it is documented in the curl_easy_setopt.3 man + page. + +Marc Hoersken (4 Apr 2013) +- sockfilt.c: Added wrapper functions to fix Windows console issues + + The new read and write wrapper functions support reading from stdin + and writing to stdout/stderr on Windows by using the appropriate + Windows API functions and data types. + +Yang Tse (4 Apr 2013) +- lib1509.c: fix compiler warnings + +- easy.c: fix compiler warning + +Daniel Stenberg (4 Apr 2013) +- --engine: spellfix the help message + + Reported by: Fredrik Thulin + +Yang Tse (4 Apr 2013) +- http_negotiate.c: follow-up for commit 3dcc1a9c + +Linus Nielsen Feltzing (4 Apr 2013) +- easy: Fix the broken CURLOPT_MAXCONNECTS option + + Copy the CURLOPT_MAXCONNECTS option to CURLMOPT_MAXCONNECTS in + curl_easy_perform(). + + Bug: http://curl.haxx.se/bug/view.cgi?id=1212 + Reported-by: Steven Gu + +Guenter Knauf (4 Apr 2013) +- Updated copyright date. + +- Another small output fix for --help and --version. + +Yang Tse (4 Apr 2013) +- http_negotiate.c: fix several SPNEGO memory handling issues + +Guenter Knauf (4 Apr 2013) +- Added a cont to specify base64 line wrap. + +- Fixed version output. + +- Added support for --help and --version options. + +- Added option to specify length of base64 output. + + Based on a patch posted to the list by Richard Michael. + +Daniel Stenberg (3 Apr 2013) +- curl_easy_setopt.3: CURLOPT_HTTPGET disables CURLOPT_UPLOAD + +- [Yasuharu Yamada brought this change] + + Curl_cookie_add: only increase numcookies for new cookies + + Count up numcookies in Curl_cookie_add() only when cookie is new one + +- SO_SNDBUF: don't set SNDBUF for win32 versions vista or later + + The Microsoft knowledge-base article + http://support.microsoft.com/kb/823764 describes how to use SNDBUF to + overcome a performance shortcoming in winsock, but it doesn't apply to + Windows Vista and later versions. If the described SNDBUF magic is + applied when running on those more recent Windows versions, it seems to + instead have the reversed effect in many cases and thus make libcurl + perform less good on those systems. + + This fix thus adds a run-time version-check that does the SNDBUF magic + conditionally depending if it is deemed necessary or not. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1188 + Reported by: Andrew Kurushin + Tested by: Christian Hägele + +Nick Zitzmann (1 Apr 2013) +- darwinssl: additional descriptive messages of SSL handshake errors + + (This doesn't need to appear in the release notes.) + +Guenter Knauf (1 Apr 2013) +- Added dns and connect time to output. + +Daniel Stenberg (1 Apr 2013) +- RELEASE-NOTES: synced with 0614b902136 + +- code-policed + +- tcpkeepalive: support TCP_KEEPIDLE/TCP_KEEPINTVL on win32 + + Patch by: Robert Wruck + Bug: http://curl.haxx.se/bug/view.cgi?id=1209 + +- BINDINGS: BBHTTP is a cocoa binding, Julia has a binding + +- ftp_sendquote: use PPSENDF, not FTPSENDF + + The last remaining code piece that still used FTPSENDF now uses PPSENDF. + In the problematic case, a PREQUOTE series was done on a re-used + connection when Curl_pp_init() hadn't been called so it had messed up + pointers. The init call is done properly from Curl_pp_sendf() so this + change fixes this particular crash. + + Bug: http://curl.haxx.se/mail/lib-2013-03/0319.html + Reported by: Sam Deane + +Steve Holme (27 Mar 2013) +- RELEASE-NOTES: Corrected typo + +Daniel Stenberg (27 Mar 2013) +- [Clemens Gruber brought this change] + + multi-uv.c: remove unused variable + +- RELEASE-NOTES: add two references + +- test1509: verify proxy header response headers count + + Modified sws to support and use custom CONNECT responses instead of the + previously naive hard-coded version. Made the HTTP test server able to + extract test case number from the host name in a CONNECT request by + finding the number after the last dot. It makes 'machine.moo.123' use + test case 123. + + Adapted a larger amount of tests to the new <connect> style. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1204 + Reported by: Martin Jansen + +- [Clemens Gruber brought this change] + + Added libuv example multi-uv.c + +Yang Tse (25 Mar 2013) +- NTLM: fix several NTLM code paths memory leaks + +- WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage + + As of 25-mar-2013 wcsdup() _wcsdup() and _tcsdup() are only used in + WIN32 specific code, so tracking of these has not been extended for + other build targets. Without this fix, memory tracking system on + WIN32 builds, when using these functions, would provide misleading + results. + + In order to properly extend this support for all targets curl.h + would have to define curl_wcsdup_callback prototype and consequently + wchar_t should be visible before that in curl.h. IOW curl_wchar_t + defined in curlbuild.h and this pulling whatever system header is + required to get wchar_t definition. + + Additionally a new curl_global_init_mem() function that also receives + user defined wcsdup() callback would be required. + +- curl_ntlm_msgs.c: revert commit 463082bea4 + + reverts unreleased invalid memory leak fix + +Daniel Stenberg (23 Mar 2013) +- RELEASE-NOTES: synced with bc6037ed3ec02 + + More changes, bugfixes and contributors! + +- [Martin Jansen brought this change] + + Curl_proxyCONNECT: count received headers + + Proxy servers tend to add their own headers at the beginning of + responses. The size of these headers was not taken into account by + CURLINFO_HEADER_SIZE before this change. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1204 + +Steve Holme (21 Mar 2013) +- sasl: Corrected a few violations of the curl coding standards + + Corrected some incorrectly positioned pointer variable declarations to + be "char *" rather than "char* ". + +- multi.c: Corrected a couple of violations of the curl coding standards + + Corrected some incorrectly positioned pointer variable declarations to + be "type *" rather than "type* ". + +- imap-tests: Added CRLF to reply data to be compliant with RFC-822 + + Updated the reply data in tests: 800, 801, 802, 804 and 1321 to possess + the CRLF as per RFC-822. + +- multi.c: Fix compilation warning + + warning: an enumerated type is mixed with another type + +- multi.c: fix compilation error + + warning: conversion from enumeration type to different enumeration type + +- lib1900.c: fix compilation warning + + warning: declaration of 'time' shadows a global declaration + +Yang Tse (20 Mar 2013) +- [John E. Malmberg brought this change] + + build_vms.com: use existing curlbuild.h and parsing fix + + This patch removes building curlbuild.h from the build_vms.com procedure + and uses the one in the daily or release tarball instead. + + packages/vms/build_curlbuild_h.com is obsolete with this change. + + Accessing the library module name "tool_main" needs different handling + when the optional extended parsing is enabled. + + Tested on IA64/VMS 8.4 and VAX/VMS 7.3 + +Nick Zitzmann (19 Mar 2013) +- darwinssl: disable ECC ciphers under Mountain Lion by default + + I found out that ECC doesn't work as of OS X 10.8.3, so those ciphers are + turned off until the next point release of OS X. + +Steve Holme (18 Mar 2013) +- FEATURES: Small tidy up for constancy and grammar + +Daniel Stenberg (18 Mar 2013) +- [Oliver Schindler brought this change] + + Curl_proxyCONNECT: clear 'rewindaftersend' on success + + After having done a POST over a CONNECT request, the 'rewindaftersend' + boolean could be holding the previous value which could lead to badness. + + This should be tested for in a new test case! + + Bug: https://groups.google.com/d/msg/msysgit/B31LNftR4BI/KhRTz0iuGmUJ + +Steve Holme (18 Mar 2013) +- TODO: Reordered the protocol and security sections + + Moved SMTP, POP3, IMAP and New Protocol sections to be listed after the + other protocols (FTP, HTTP and TELNET) and SASL to be after SSL and + GnuTLS as these are all security related. + + Additionally fixed numbering of the SSL and GnuTLS sections as they + weren't consecutive. + +Yang Tse (18 Mar 2013) +- tests: specify 'text' mode for some output files in verify section + +Steve Holme (17 Mar 2013) +- imap: Fixed incorrect initial response generation for SASL AUTHENTICATE + + Fixed incorrect initial response generation for the NTLM and LOGIN SASL + authentication mechanisms when the SASL-IR was detected. + + Introduced in commit: 6da7dc026c14. + +- FEATURES: Expanded the supported enhanced IMAP command list + +- TODO: Corrected typo in TOC + +- TODO: Added IMAP section and removed unused Other protocols section + +- TODO: Added graceful base64 decoding failure to SMTP and POP3 + +- TODO: Corrected typo on section 10.2 heading + +Yang Tse (16 Mar 2013) +- tests: 96, 558, 1330: strip build subdirectory dependent leading path + +Steve Holme (15 Mar 2013) +- TODO: Added section 10.2 Initial response to POP3 to do list + +- imap-tests: Corrected copy/paste error in test808 reply data + +Yang Tse (15 Mar 2013) +- unit1330.c: fix date + +- tests: add #96 #558 and #1330 + + These verfy that the 'memory tracking' subsystem is actually doing its + job when using curl tool (#96), a test in libtest (#558) and also a unit + test (#1330), in order to prevent regressions in this functionallity. + +Steve Holme (15 Mar 2013) +- imap-tests: Added test808 for custom EXAMINE command + +Daniel Stenberg (15 Mar 2013) +- HTTP proxy: insert slash in URL if missing + + curl has been accepting URLs using slightly wrong syntax for a long + time, such as when completely missing as slash "http://example.org" or + missing a slash when a query part is given + "http://example.org?q=foobar". + + curl would translate these into a legitimate HTTP request to servers, + although as was shown in bug #1206 it was not adjusted properly in the + cases where a HTTP proxy was used. + + Test 1213 and 1214 were added to the test suite to verify this fix. + + The test HTTP server was adjusted to allow us to specify test number in + the host name only without using any slashes in a given URL. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1206 + Reported by: ScottJi + +Steve Holme (14 Mar 2013) +- ftpserver.pl: Added EXAMINE_imap() for IMAP EXAMINE commands + + Used hard coded data from RFC-3501 section 6.3.2. + +Yang Tse (14 Mar 2013) +- curl_memory.h: introduce CURLX_NO_MEMORY_CALLBACKS usage possibility + + This commit alone does not fix anything nor modifies existing + interfaces or behaviors, although it is a prerequisite for other + fixes. + +- Makefile.vc6: add missing files + +Linus Nielsen Feltzing (14 Mar 2013) +- pipelining: Remove dead code. + +- Multiple pipelines and limiting the number of connections. + + Introducing a number of options to the multi interface that + allows for multiple pipelines to the same host, in order to + optimize the balance between the penalty for opening new + connections and the potential pipelining latency. + + Two new options for limiting the number of connections: + + CURLMOPT_MAX_HOST_CONNECTIONS - Limits the number of running connections + to the same host. When adding a handle that exceeds this limit, + that handle will be put in a pending state until another handle is + finished, so we can reuse the connection. + + CURLMOPT_MAX_TOTAL_CONNECTIONS - Limits the number of connections in total. + When adding a handle that exceeds this limit, + that handle will be put in a pending state until another handle is + finished. The free connection will then be reused, if possible, or + closed if the pending handle can't reuse it. + + Several new options for pipelining: + + CURLMOPT_MAX_PIPELINE_LENGTH - Limits the pipeling length. If a + pipeline is "full" when a connection is to be reused, a new connection + will be opened if the CURLMOPT_MAX_xxx_CONNECTIONS limits allow it. + If not, the handle will be put in a pending state until a connection is + ready (either free or a pipe got shorter). + + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE - A pipelined connection will not + be reused if it is currently processing a transfer with a content + length that is larger than this. + + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE - A pipelined connection will not + be reused if it is currently processing a chunk larger than this. + + CURLMOPT_PIPELINING_SITE_BL - A blacklist of hosts that don't allow + pipelining. + + CURLMOPT_PIPELINING_SERVER_BL - A blacklist of server types that don't allow + pipelining. + + See the curl_multi_setopt() man page for details. + +Yang Tse (13 Mar 2013) +- tool_main.c: remove redundant vms_show storage-class specifier + + vms_show 'extern' storage-class specifier removed from tool_main.c due to... + + - Advice from Tor Arntsen: http://curl.haxx.se/mail/lib-2013-03/0164.html + + - HP OpenVMS docs stating that 'Extern is the default storage class for + variables declared outside a function.' + http://h71000.www7.hp.com/commercial/c/docs/dec_c_help_5.html + (Storage_Classes section) + +- test509: libcurl initialization with memory callbacks and actual usage + +Steve Holme (13 Mar 2013) +- pop3: Removed unnecessary transfer cancellation + + Following commit e450f66a02d8 and the changes in the multi interface + being used internally, from 7.29.0, the transfer cancellation in + pop3_dophase_done() is no longer required. + +Yang Tse (13 Mar 2013) +- Makefile.am: add VMS files not being included in tarball + +- [Tom Grace brought this change] + + build_vms.com: VMS build fixes + + Added missing slash in cc_full_list. + Removed unwanted extra quotes inside symbol tool_main + for non-VAX architectures that triggered link failure. + Replaced curl_sys_inc with sys_inc. + +- [Tom Grace brought this change] + + tool_main.c: fix VMS global variable storage-class specifier + + An extern submits a psect and a global reference to the linker to point + to it. Using "extern int vms_show = 0" also creates a globaldef. + + The use of the extern by itself does declare a psect but does not declare + a globalsymbol. It does declare a globalref. But the linker needs one and + only one globaldef or there is an error. + +Patrick Monnerat (12 Mar 2013) +- OS400: synchronize RPG binding + +Steve Holme (12 Mar 2013) +- pop3: Fixed continuous wait when using --ftp-list + + Don't initiate a transfer when using --ftp-list. + +Kamil Dudka (12 Mar 2013) +- [Zdenek Pavlas brought this change] + + curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag + + The flag can be used in pycurl-based applications where using the multi + interface would not be acceptable because of the performance lost caused + by implementing the select() loop in python. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1168 + Downstream Bug: https://bugzilla.redhat.com/919127 + +- easy: do not ignore poll() failures other than EINTR + +Yang Tse (12 Mar 2013) +- curl.h: stricter CURL_EXTERN linkage decorations logic + + No API change involved. + + Info: http://curl.haxx.se/mail/lib-2013-02/0234.html + +Daniel Stenberg (11 Mar 2013) +- THANKS: Latin-1'ified Jiri's name + +Steve Holme (11 Mar 2013) +- test806: Added CRLF to reply data to be compliant with RFC-822 + +Daniel Stenberg (11 Mar 2013) +- test805: added crlf newlines to make data size match + + since mails sent are supposed to have CRLF line endings I added them and + now the data size after (\Seen) matches again properly + +- test: fix newline for the data check of 807 + +Yang Tse (11 Mar 2013) +- test801 to test807: fix protocol section line endings + +Steve Holme (10 Mar 2013) +- Makefile.am: Corrected a couple of spurious tab characters + + Corrected a couple of tab characters between test702 and test703, and + between test900 and test901 which should be spaces. + +- [Jiri Hruska brought this change] + + imap: Added test807 for custom request functionality (STORE) + +- [Jiri Hruska brought this change] + + imap: Added test806 for IMAP (folder) LIST command + +- [Jiri Hruska brought this change] + + imap: Added test805 for APPEND functionality + +- [Jiri Hruska brought this change] + + imap: Added test804 for skipping SELECT if in the same mailbox + +- [Jiri Hruska brought this change] + + imap: Added test802 and test803 for UIDVALIDITY verification + + Added one test for a request with matching UIDVALIDITY and one which is + a mismatched request that will fail. + +- [Jiri Hruska brought this change] + + imap: Added test801 for UID and SECTION URL parameters + +- [Jiri Hruska brought this change] + + imap-tests: Accept quoted parameters in ftpserver.pl + + Any IMAP parameter can come in escaped and in double quotes. Added a + simple function to unquote the command parameters and applied it to + the IMAP command handlers. + +- [Jiri Hruska brought this change] + + tests: Fix ftpserver.pl indentation + + The whole of FETCH_imap() had one extra space of indentation, whilst + APPEND_imap() used indentation of 2 instead of 4 in places. + +- Makefile.am: Corrected end of line filler character + + The majority of lines, that specify a test file for inclusion, end with + a tab character before the slash whilst some end with a space. Corrected + those that end with a space to end with a tab character as well. + +- email-tests: Updated the test data that corresponds to the test number + + Finished segregating the email protocol tests, into their own protocol + based ranges, in preparation of adding more e-mail related tests to the + test suite. + +- email-tests: Renamed the IMAP test to be 800 + + Continued segregating the email protocol tests, into their own protocol + based ranges, in preparation of adding more e-mail related tests to the + test suite. + +- email-tests: Renamed the SMTP tests to be in the range 900-906 + + Continued segregating the email protocol tests, into their own protocol + based ranges, in preparation of adding more e-mail related tests to the + test suite. + +- email-tests: Renamed the POP3 tests to be in the range 850-857 + + Started segregating the email protocol tests, into their own protocol + based ranges, in preparation of adding more e-mail related tests to the + test suite. + +Daniel Stenberg (10 Mar 2013) +- hiperfifo: updated to use current libevent API + + Patch by: Myk Taylor + +Steve Holme (10 Mar 2013) +- imap: Reworked some function descriptions + +- imap: Added some missing comments to imap_sendf() + +- email: Removed hard returns from init functions + +Daniel Stenberg (9 Mar 2013) +- curl_multi_wait: avoid second loop if nothing to do + + ... hopefully this will also make clang-analyzer stop warning on + potentional NULL dereferences (which were false positives anyway). + +- multi_runsingle: avoid NULL dereference + + When Curl_do() returns failure, the connection pointer could be NULL so + the code path following needs to that that into account. + + Bug: http://curl.haxx.se/mail/lib-2013-03/0062.html + Reported by: Eric Hu + +Steve Holme (9 Mar 2013) +- imap: Re-factored all perform based functions + + Standardised the naming of all perform based functions to be in the form + imap_perform_something(). + +Daniel Stenberg (9 Mar 2013) +- [Cédric Deltheil brought this change] + + examples/getinmemory.c: abort the transfer if not enough memory + + No more use exit(3) but instead tell libcurl that no byte has been + written to let it return a `CURLE_WRITE_ERROR`. In addition, check + curl easy handle return code. + +- RELEASE-NOTES: synced with ca3c0ed3a9c + + 8 more bugfixes, one change and a bunch of contributors + +Yang Tse (9 Mar 2013) +- Makefile.am: empty AM_LDFLAGS definition for automake 1.7 compatibility + +Steve Holme (9 Mar 2013) +- imap: Added description comments to all perform based functions + +- imap: Removed the need for separate custom request functions + + Moved the custom request processing into the LIST command as the logic + is the same. + +- imap: Corrected typo in comment + +Yang Tse (9 Mar 2013) +- Makefile.am: empty AM_LDFLAGS definition for automake 1.7 compatibility + +Steve Holme (9 Mar 2013) +- imap: Moved imap_logout() to be grouped with the other perform functions + +- email: Updated the function descriptions for the logout / quit functions + + Updated the function description comments following commit 4838d196fdbf. + +- email: Simplified the logout / quit functions + + Moved the blocking state machine to the disconnect functions so that the + logout / quit functions are only responsible for sending the actual + command needed to logout or quit. + + Additionally removed the hard return on failure. + +- email: Tidied up the *_regular_transfer() functions + + Added comments and simplified convoluted dophase_done comparison. + +- email: Simplified nesting of if statements in *_doing() functions + +Daniel Stenberg (8 Mar 2013) +- RELEASE-NOTES: mention that krb4 is up for consideration + +Steve Holme (8 Mar 2013) +- imap: Fixed handling of untagged responses for the STORE custom command + + Added an exception, for the STORE command, to the untagged response + processor in imap_endofresp() as servers will back respones containing + the FETCH keyword instead. + +Yang Tse (8 Mar 2013) +- curlbuild.h.dist: enhance non-configure GCC ABI detection logic + + GCC specific adjustments: + + - check __ILP32__ before 32 and 64bit processor architectures in + order to detect ILP32 programming model on 64 bit processors + which, of course, also support LP64 programming model, when using + gcc 4.7 or newer. + + - keep 32bit processor architecture checks in order to support gcc + versions older than 4.7 which don't define __ILP32__ + + - check __LP64__ for gcc 3.3 and newer, while keeping 64bit processor + architecture checks for older versions which don't define __LP64__ + +- curlbuild.h.dist: fix GCC build on ARM systems without configure script + + Bug: http://curl.haxx.se/bug/view.cgi?id=1205 + Reported by: technion + +- [Gisle Vanem brought this change] + + polarssl.c: fix header filename typo + +- configure: use XC_LIBTOOL for portability across libtool versions + +- xc-lt-iface.m4: provide XC_LIBTOOL macro + +Steve Holme (7 Mar 2013) +- imap: Fixed SELECT not being performed for custom requests + +- email: Minor code tidy up following recent changes + + Removed unwanted braces and added variable initialisation. + +- DOCS: Corrected the IMAP URL grammar of the UIDVALIDITY parameter + +- FEATURES: Provided a little clarity in some IMAP features + +- email: Optimised block_statemach() functions + + Optimised the result test in each of the block_statemach() functions. + +- DOCS: Added the list command to the IMAP URL section + + Added examples of the list command and clarified existing example URLs + following recent changes. + +- FEATURES: Updated for recent imap additions + + Updated the imap features list, corrected a typo in the smtp features + and clarified a pop3 feature. + +Daniel Stenberg (7 Mar 2013) +- version bump: the next release will be 7.30.0 + +- checksrc: ban unsafe functions + + The list of unsafe functions currently consists of sprintf, vsprintf, + strcat, strncat and gets. + + Subsequently, some existing code needed updating to avoid warnings on + this. + +Steve Holme (7 Mar 2013) +- RELEASE-NOTES: Added missing imap fixes and additions + + With all the recent imap changes it wasn't clear what new features and + fixes should be included in the release notes. + +Nick Zitzmann (6 Mar 2013) +- RELEASE-NOTES: brought this up-to-date with the latest changes + +Steve Holme (6 Mar 2013) +- [Jiri Hruska brought this change] + + imap: Fixed test801 and test1321 to specify a message UID + + Just a folder list would be retrieved if UID was not specified now. + +- [Jiri Hruska brought this change] + + imap: Fixed ftpserver.pl to allow verification even through LIST command + + Commit 198012ee inadvertently broke LIST_imap(). + +- imap: Tidied up the APPEND and final APPEND response functions + + Removed unnecessary state changes on failure and setting of result codes + on success. + +- imap: Tidied up the final FETCH response function + + Removed unnecessary state change on failure and setting of result code on + success. + +- imap: Tidied up the LIST response function + + Reworked comments as they referenced custom commands, removed + unnecessary state change on failure and setting of result code on + success. + +- imap: Removed the custom request response function + + Removed imap_state_custom_resp() as imap_state_list_resp() provides the + same functionality. + +- [Jiri Hruska brought this change] + + imap: Updated ftpserver.pl to be more compliant, added new commands + + Enriched IMAP capabilities of ftpserver.pl in order to be able to + add tests for the new IMAP features. + + * Added support for APPEND - Saves uploaded data to log/upload.$testno + * Added support for LIST - Returns the contents of <reply/> section in + the current test, like e.g FETCH. + * Added support for STORE - Returns hardcoded updated flags + * Changed handling of SELECT - Returns much more information in the + usual set of untagged responses; uses hardcoded data from an example + in the IMAP RFC + * Changed handling of FETCH - Fixed response format + +- imap: Added check for empty UID in FETCH command + + As the UID has to be specified by the user for the FETCH command to work + correctly, added a check to imap_fetch(), although strictly speaking it + is protected by the call from imap_perform(). + +Kamil Dudka (6 Mar 2013) +- nss: fix misplaced code enabling non-blocking socket mode + + The option needs to be set on the SSL socket. Setting it on the model + takes no effect. Note that the non-blocking mode is still not enabled + for the handshake because the code is not yet ready for that. + +Daniel Stenberg (6 Mar 2013) +- imap: fix compiler warning + + imap.c:694:21: error: unused variable 'imapc' [-Werror=unused-variable] + +Steve Holme (5 Mar 2013) +- imap: Added support for list command + +- imap: Added list perform and response handler functions + +- imap: Introduced IMAP_LIST state + +- imap: Small tidy up of imap_select() to match imap_append() + + Updated the style of imap_select() before adding the LIST command. + +- imap: Moved mailbox check from the imap_do() function + + In preparation for the addition of the LIST command, moved the mailbox + check from imap_do() to imap_select() and imap_append(). + +- curl_setup.h: Added S_IRDIR() macro for compilers that don't support it + + Commit 26eaa8383001 introduces the use of S_ISDIR() yet some compilers, + such as MSVC don't support it, so we must define a substitute using + file flags and mask. + +Daniel Stenberg (4 Mar 2013) +- AddFormData: prevent only directories from being posted + + Commit f4cc54cb4746ae5a6d (shipped as part of the 7.29.0 release) was a + bug fix that introduced a regression in that while trying to avoid + allowing directory names, it also forbade "special" files like character + devices and more. like "/dev/null" as was used by Oliver who reported + this regression. + + Reported by: Oliver Gondža + Bug: http://curl.haxx.se/mail/archive-2013-02/0040.html + +Nick Zitzmann (3 Mar 2013) +- darwinssl: fix infinite loop if server disconnected abruptly + + If the server hung up the connection without sending a closure alert, + then we'd keep probing the socket for data even though it's dead. Now + we're ready for this situation. + + Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html + Reported by: Aki Koskinen + +Steve Holme (3 Mar 2013) +- imap: Added comments to imap_append() + +- [Jiri Hruska brought this change] + + imap: Added required mailbox check for FETCH and APPEND commands + +- pingpong.c: Fix enumerated type mixed with another type + +- smtp: Updated the coding style for state changes after a send operation + + Some state changes would be performed after a failure test that + performed a hard return, whilst others would be performed within a test + for success. Updated the code, for consistency, so all instances are + performed within a success test. + +- pop3: Updated the coding style for state changes after a send operation + + Some state changes would be performed after a failure test that + performed a hard return, whilst others would be performed within a test + for success. Updated the code, for consistency, so all instances are + performed within a success test. + +- imap: Fixed typo in variable assignment + +- [Jiri Hruska brought this change] + + imap: Fixed custom request handling in imap_done() + + Fixed imap_done() so that neither the FINAL states are not entered when + a custom command has been performed. + +- [Jiri Hruska brought this change] + + imap: Enabled custom requests in imap_select_resp() + + Changed imap_select_resp() to invoke imap_custom() instead of + imap_fetch() after the mailbox has been selected if a custom + command has been set. + +- [Jiri Hruska brought this change] + + imap: Enabled custom requests in imap_perform() + + Modified imap_perform() to start with the custom command instead of + SELECT when a custom command is to be performed and no mailbox has + been given. + +- [Jiri Hruska brought this change] + + imap: Added custom request perform and response handler functions + + Added imap_custom(), which initiates the custom command processing, + and an associated response handler imap_state_custom_resp(), which + handles any responses by sending them to the client as body data. + + All untagged responses with the same name as the first word of the + custom request string are accepted, with the exception of SELECT and + EXAMINE which have responses that cannot be easily identified. An + extra check has been provided for them so that any untagged responses + are accepted for them. + +- pop3: Fixed unnecessary parent structure reference + + Updated pop3 code following recent imap changes. + +- [Jiri Hruska brought this change] + + imap: Added custom request parsing + + Added imap_parse_custom_request() for parsing the CURLOPT_CUSTOMREQUEST + parameter which URL decodes the value and separates the request from + any parameters - This makes it easier to filter untagged responses + by the request command. + +- [Jiri Hruska brought this change] + + imap: Introduced custom request parameters + + Added custom request parameters to the per-request structure. + +- [Jiri Hruska brought this change] + + imap: Introduced IMAP_CUSTOM state + +- imap: Minor code tidy up + + Minor tidy up of code layout and comments following recent changes. + +- imap: Simplified the imap_state_append_resp() function + + Introduced the result code variable to simplify the state changes and + remove the hard returns. + +- imap: Changed successful response logic in imap_state_append_resp() + + For consistency changed the logic of the imap_state_append_resp() + function to test for an unsucessful continuation response rather than a + succesful one. + +- imap: Standardised imapcode condition tests + + For consistency changed two if(constant != imapcode) tests to be + if(imapcode != constant). + +- imap: Moved imap_append() to be with the other perform functions + +- [Jiri Hruska brought this change] + + imap: Enabled APPEND support in imap_perform() + + Added logic in imap_perform() to perform an APPEND rather than SELECT + and FETCH if an upload has been specified. + +- [Jiri Hruska brought this change] + + imap: Implemented APPEND final processing + + The APPEND operation needs to be performed in several steps: + 1) We send "<tag> APPEND <mailbox> <flags> {<size>}\r\n" + 2) Server responds with continuation respose "+ ...\r\n" + 3) We start the transfer and send <size> bytes of data + 4) Only now we end the request command line by sending "\r\n" + 5) Server responds with "<tag> OK ...\r\n" + + This commit performs steps 4 and 5, in the DONE phase, as more + processing is required after the transfer. + +- [Jiri Hruska brought this change] + + imap: Added APPEND perform and response handler functions + + Added imap_append() function to initiate upload and imap_append_resp() + to handle the continuation response and start the transfer. + +- [Jiri Hruska brought this change] + + imap: Introduced IMAP_APPEND and IMAP_APPEND_FINAL states + +- [Jiri Hruska brought this change] + + imap: Updated setting of transfer variables in imap_state_fetch_resp() + + Add number of bytes retrieved from the PP cache to req.bytecount and set + req.maxdownload only when starting a proper download. + +- [Jiri Hruska brought this change] + + imap: Improved FETCH response parsing + + Added safer parsing of the untagged FETCH response line and the size of + continuation data. + +- imap: Fixed accidentally lossing the result code + + Accidentally lost the result code in imap_state_capability() and + imap_state_login() with commit b06a78622609. + +- imap: Another minor comment addition / tidy up + +- imap: Updated the coding style for state changes after a send operation + + Some state changes would be performed after a failure test that + performed a hard return, whilst others would be performed within a test + for success. Updated the code, for consistency, so all instances are + performed within a success test. + +- pop3 / smtp: Small comment tidy up + + Small tidy up to keep some comments consistant across each of the email + protocols. + +- [Jiri Hruska brought this change] + + imap: FETCH response handler cleanup before further changes + + Removed superfluous NULL assignment after Curl_safefree() and rewrote + some comments and logging messages. + +- pop3: Small tidy up of function arguments + +- imap: Small tidy up of function arguments + +- smtp: Corrected debug message for POP3_AUTH_FINAL constant + + Following commit ad3177da24b8 corrected the debug message in state() + from AUTH to AUTH_FINAL. + +- pop3: Corrected debug message for POP3_AUTH_FINAL constant + + Following commit afad1ce753a1 corrected the debug message in state() + from AUTH to AUTH_FINAL. + +- imap: Corrected debug message for IMAP_AUTHENTICATE_FINAL constant + + Following commit 13006f3de9ec corrected the debug message in state() + from AUTHENTICATE to AUTHENTICATE_FINAL. + +- [Jiri Hruska brought this change] + + imap: Fixed error code returned for invalid FETCH response + + If the FETCH command does not result in an untagged response the the + UID is probably invalid. As such do not return CURLE_OK. + +- [Jiri Hruska brought this change] + + imap: Added processing of the final FETCH responses + + Not processing the final FETCH responses was not optimal, not only + because the response code would be ignored but it would also leave data + unread on the socket which would prohibit connection reuse. + +- [Jiri Hruska brought this change] + + imap: Introduced FETCH_FINAL state for processing final fetch responses + + A typical FETCH response can be broken down into four parts: + + 1) "* <uid> FETCH (<what> {<size>}\r\n", using continuation syntax + 2) <size> bytes of the actual message + 3) ")\r\n", finishing the untagged response + 4) "<tag> OK ...", finishing the command + + Part 1 is read in imap_fetch_resp(), part 2 is consumed in the PERFORM + phase by the transfer subsystem, parts 3 and 4 are currently ignored. + +- imap: fix autobuild warning + + Removed whitespace from imap_perform() + +- imap: fix compiler warning + + error: declaration of 'imap' shadows a previous local + +- smtp: Re-factored the final SMTP_AUTH constant + + Changed the final SMTP_AUTH constant to SMTP_AUTH_FINAL for consistency + with the response function. + +- pop3: Re-factored the final POP3_AUTH constant + + Changed the final POP3_AUTH constant to POP3_AUTH_FINAL for consistency + with the response function. + +- imap: Re-factored final IMAP_AUTHENTICATE constant + + Changed the final IMAP_AUTHENTICATE constant to IMAP_AUTHENTICATE_FINAL + for consistency with the response function. + +- imap: Updated the coding style of imap_state_servergreet_resp() + + Updated the coding style, in this function, to be consistant with other + response functions rather then performing a hard return on failure. + +- imap: Reversed the logic of the (un)successful tagged SELECT response + + Reversed the logic of the unsuccessful vs successful tagged SELECT + response in imap_state_select_resp() to be more logical to read. + +- imap: Reversed the logic of the (un)successful tagged CAPABILITY response + + Reversed the logic of the unsuccessful vs successful tagged CAPABILITY + response in imap_state_capability_resp() to be more logical to read. + +- imap: Corrected char* references with char * + + Corrected char* references made in commit: 709b3506cd9b. + +- [Jiri Hruska brought this change] + + imap: Added processing of more than one response when sent in same packet + + Added a loop to imap_statemach_act() in which Curl_pp_readresp() is + called until the cache is drained. Without this multiple responses + received in a single packet could result in a hang or delay. + +- [Jiri Hruska brought this change] + + imap: Added skipping of SELECT command if already in the same mailbox + + Added storage and checking of the last mailbox userd to prevent + unnecessary switching. + +- [Jiri Hruska brought this change] + + imap: Introduced the mailbox variable + + Added the mailbox variable to the per-connection structure in + preparation for checking for an already selected mailbox. + +- email: Slight reordering of connection based variables + + Reordered the state and ssl_done variables in order to provide more + consistency between the email protocols as well as for for an upcoming + change. + +- imap: Tidied up comments for connection based variables + +- DOCS: Added the IMAP UIDVALIDITY property to the CURLOPT_URL section + +- [Jiri Hruska brought this change] + + imap: Added verification of UIDVALIDITY mailbox attribute + + Added support for checking the UIDVALIDITY, and aborting the request, if + it has been specified in the URL and the server response is different. + +- [Jiri Hruska brought this change] + + imap: Added support for parsing the UIDVALIDITY property + + Added support for parsing the UIDVALIDITY property from the SELECT + response and storing it in the per-connection structure. + +- [Jiri Hruska brought this change] + + imap: Introduced the mailbox_uidvalidity variable + + Added the mailbox_uidvalidity variable to the per-connection structure + in preparation for checking the UIDVALIDITY mailbox attribute. + +- imap: Corrected comment in imap_endofresp() + +- imap: Corrected whitespace + +- [Jiri Hruska brought this change] + + imap: Added filtering of CAPABILITY and FETCH untagged responses + + Only responses that contain "CAPABILITY" and "FETCH", respectively, + will be sent to their response handler. + +- [Jiri Hruska brought this change] + + imap: Added a helper function for upcoming untagged response filtering + + RFC 3501 states that "the client MUST be prepared to accept any response + at all times" yet we assume anything received with "* " at the beginning + is the untagged response we want. + + Introduced a helper function that checks whether the input looks like a + response to specified command, so that we may filter the ones we are + interested in according to the current state. + +- [Jiri Hruska brought this change] + + imap: Moved CAPABILITY response handling to imap_state_capability_resp() + + Introduced similar handling to the FETCH responses, where even the + untagged data responses are handled by the response handler of the + individual state. + +Linus Nielsen Feltzing (26 Feb 2013) +- Remove unused variable in smtp_state_data_resp() + +Steve Holme (25 Feb 2013) +- email: Small tidy up following recent changes + +- smtp: Removed bytecountp from the per-request structure + + Removed this pointer to a downloaded bytes counter because it was set in + smtp_init() to point to the same variable the transfer functions keep + the count in (k->bytecount), effectively making the code in transfer.c + "*k->bytecountp = k->bytecount" a no-op. + +- pop3: Removed bytecountp from the per-request structure + + Removed this pointer to a downloaded bytes counter because it was set in + pop3_init() to point to the same variable the transfer functions keep + the count in (k->bytecount), effectively making the code in transfer.c + "*k->bytecountp = k->bytecount" a no-op. + +- [Jiri Hruska brought this change] + + imap: Removed bytecountp from the per-request structure + + Removed this pointer to a downloaded bytes counter because it was set in + imap_init() to point to the same variable the transfer functions keep + the count in (k->bytecount), effectively making the code in transfer.c + "*k->bytecountp = k->bytecount" a no-op. + +- [Jiri Hruska brought this change] + + imap: Adjusted SELECT and FETCH function order + + Moved imap_select() and imap_fetch() to be grouped with the other + perform functions. + +- [Jiri Hruska brought this change] + + imap: Adjusted SELECT and FETCH state order in imap_statemach_act() + + Exchanged the position of these states in the switch statements to + match the state enum, execution and function order. + +- imap: Minor tidy up of comments in imap_parse_url_path() + + Tidy up of comments before next round of imap changes. + +- imap: Fixed incorrect comparison for STARTTLS in imap_endofresp() + + Corrected the comparison type in addition to commit 1dac29fa83a9. + +- DOCS: Corrected IMAP URL examples according to RFC5092 + + URL examples that included the UID weren't technically correct although + would pass the curl parser. + +Nick Zitzmann (24 Feb 2013) +- darwinssl: fix undefined $ssllib warning in runtests.pl + + I also added --with-darwinssl to the list of SSL options in configure. + +Steve Holme (24 Feb 2013) +- imap: Added check for new internal imap response code + +- imap: Changed the order of the response types in imap_endofresp() + + From a maintenance point of view the code reads better to view tagged + responses, then untagged followed by continuation responses. + + Additionally, this matches the order of responses in POP3. + +- [Jiri Hruska brought this change] + + imap: Added stricter parsing of continuation responses + + Enhanced the parsing to only allow continuation responses in some + states. + +- imap: Simplified memcmp() in tagged response parsing + +- [Jiri Hruska brought this change] + + imap: Reworked the logic of untagged command responses + +- imap: Corrected spacing of trailing brace + +- [Jiri Hruska brought this change] + + imap: Added stricter parsing of tagged command responses + + Enhanced the parsing of tagged responses which must start with "OK", + "NO" or "BAD" + +- [Jiri Hruska brought this change] + + imap: Simplified command response test in imap_endofresp() + +- [Jiri Hruska brought this change] + + imap: Corrected comment in imap_endofresp() + +- DOCS: Corrected layout of POP3 and IMAP URL examples + + Corrected layout issues with the POP3 and IMAP URL examples introduced + in commit cb3ae6894fb2. + +- DOCS: Updated CURLOPT_URL section following recent POP3 and IMAP changes + + Updated the POP3 sub-section to refer to message ID rather than mailbox. + + Added an IMAP sub-section with example URLs depicting the specification + of mailbox, uid and section. + +- pop3: Refactored the mailbox variable as it didn't reflect it's purpose + + Updated the mailbox variable to correctly reflect it's purpose. The + name mailbox was a leftover from when IMAP and POP3 support was + initially added to curl. + +- FEATURES: Updated following recent IMAP changes + +- [Jiri Hruska brought this change] + + imap: Added the ability to FETCH a specific UID and SECTION + + Updated the FETCH command to send the UID and SECTION parsed from the + URL. By default the BODY specifier doesn't include a section, BODY[] is + now sent whereas BODY[TEXT] was previously sent. In my opinion + retrieving just the message text is rarely useful when dealing with + emails, as the headers are required for example, so that functionality + is not retained. In can however be simulated by adding SECTION=TEXT to + the URL. + + Also updated test801 and test1321 due to the BODY change. + +- email: Additional tidy up of comments following recent changes + +- smtp: Removed some FTP heritage leftovers + + Removed user and passwd from the SMTP struct as these cannot be set on + a per-request basis and are leftover from legacy FTP code. + + Changed some comments still using FTP terminology. + +- smtp: Moved the per-request variables to the per-request data structure + + Moved the rcpt variable from the per-connection struct smtp_conn to the + new per-request struct and fixed references accordingly. + +- pop3: Introduced a custom SMTP structure for per-request data + + Created a new SMTP structure and changed the type of the smtp proto + variable in connectdata from FTP* to SMTP*. + +unknown (23 Feb 2013) +- [Steve Holme brought this change] + + imap: Minor correction of comments for max line length + +Daniel Stenberg (23 Feb 2013) +- strcasestr: remove check for this unused function + +- pop3: fix compiler warning + + error: declaration of 'pop3' shadows a previous local + +Steve Holme (23 Feb 2013) +- [Jiri Hruska brought this change] + + imap: Added URL parsing of new variables + + Updated the imap_parse_url_path() function to parse uidvalidity, uid and + section parameters based on RFC-5092. + +- [Jiri Hruska brought this change] + + imap: Introduced imap_is_bchar() function + + Added imap_is_bchar() for testing if a given character is a valid bchar + or not. + +- [Jiri Hruska brought this change] + + imap: Introduced new per-request veriables + + Added uidvalidity, uid and section variables to the per-request IMAP + structure in preparation for upcoming URL parsing. + +- pingpong: Renamed curl_ftptransfer to curl_pp_transfer + +- pop3: Removed some FTP heritage leftovers + + Removed user and passwd from the POP3 struct as these cannot be set on + a per-request basis and are leftover from legacy FTP code. + + Changed some comments still using FTP terminology. + +- pop3: Moved the per-request variables to the per-request data structure + + Moved the mailbox and custom request variables from the per-connection + struct pop3_conn to the new per-request struct and fixed references + accordingly. + +- pop3: Introduced a custom POP3 structure for per-request data + + Created a new POP3 structure and changed the type of the pop3 proto + variable in connectdata from FTP* to POP*. + +- [Jiri Hruska brought this change] + + imap: Fixed escaping of mailbox names + + Used imap_atom() to escape mailbox names in imap_select(). + +- pingpong: Moved curl_ftptransfer definition to pingpong.h + + Moved the ftp transfer structure into pingpong.h so other protocols that + require it don't have to include ftp.h. + +- urldata.h: Fixed comment for opt_no_body variable + + Corrected comment for opt_no_body variable to CURLOPT_NOBODY. + +- email: Minor tidy up following IMAP changes + +- [Jiri Hruska brought this change] + + imap: Removed more FTP leftovers + + Changed some variables and comments still using FTP terminology. + +- [Jiri Hruska brought this change] + + imap: Removed some FTP heritage leftovers + + Removed user and passwd from the IMAP struct as these cannot be set on + a per-request basis and are leftover from legacy FTP code. + +- [Jiri Hruska brought this change] + + imap: Introduced a custom IMAP structure for per-request data + + Created a new IMAP structure and changed the type of the imap proto + variable in connectdata from FTP* to the new IMAP*. + + Moved the mailbox variable from the per-connection struct imap_conn to + the new per-request struct and fixed references accordingly. + +- pop3: Updated do phrase clean-up comment + + Following commit 65644b833532 for the IMAP module updated the clean-up + comment in POP3. + +- imap: Fixed memory leak when performing multiple selects + + Moved the clean-up of the mailbox variable from imap_disconnect() to + imap_done() as this variable is allocated in the do phase, yet would + have only been freed only once if multiple selects where preformed + on a single connection. + +Daniel Stenberg (22 Feb 2013) +- [Alexander Klauer brought this change] + + Documentation: Typo in docs/CONTRIBUTE + + Fixes a typo get → git in docs/CONTRIBUTE. + +- [Alexander Klauer brought this change] + + repository: ignore patch files generated by git + + Ignores the patch files generated by the 'git format-patch' command. + +- [Alexander Klauer brought this change] + + libcurl documentation: clarifications and typos + + * Elaborates on default values of some curl_easy_setopt() options. + * Reminds the user to cast variadic arguments to curl_easy_setopt() to + 'void *' where curl internally interprets them as such. + * Clarifies the working of the CURLOPT_SEEKFUNCTION option for + curl_easy_setopt(). + * Fixes typo 'forth' → 'fourth'. + * Elaborates on CURL_SOCKET_TIMEOUT. + * Adds some missing periods. + * Notes that the return value of curl_version() must not be passed to + free(). + +- [Alexander Klauer brought this change] + + lib/url.c: Generic read/write data pointers + + Always interprets the pointer passed with the CURLOPT_WRITEDATA or + CURLOPT_READDATA options of curl_easy_setopt() as a void pointer in + order to avoid problems in environments where FILE and void pointers + have non-trivial conversion. + +- [Alexander Klauer brought this change] + + libcurl documentation: updates HTML index + + * Adds several links to documentation of library functions which were + missing. + * Marks documentation of deprecated library functions "(deprecated)". + * Removes spurious .html suffixes. + +- ossl_seed: avoid recursive seeding! + +Steve Holme (22 Feb 2013) +- [Jiri Hruska brought this change] + + Fixed checking the socket if there is data waiting in the cache + + Use Curl_pp_moredata() in Curl_pp_multi_statemach() to check if there is + more data to be received, rather than the socket state, as a task could + hang waiting for more data from the socket itself. + +- imap.c: Fixed an incorrect variable reference + + Fixed an incorrect variable reference which was introduced in commit + a1701eea289f as a result of a copy and paste from SMTP/POP3. + +- [Jiri Hruska brought this change] + + pingpong: Introduce Curl_pp_moredata() + + A simple function to test whether the PP is not sending and there are + still more data in its receiver cache. This will be later utilized to: + + 1) Change Curl_pp_multi_statemach() and Curl_pp_easy_statemach() to + not test socket state and just call user's statemach_act() function + when there are more data to process, because otherwise the task would + just hang, waiting for more data from the socket. + + 2) Allow PP users to read multiple responses by looping as long as there + are more data available and current phase is not finished. + (Currently needed for correct processing of IMAP SELECT responses.) + +Nick Zitzmann (19 Feb 2013) +- FEATURES: why yes, we do support metalink + + I just noticed Metalink support wasn't listed as a feature of the tool. + +- metalink: fix improbable crash parsing metalink filename + + The this_url pointer wasn't being initialized, so if strdup() would return + null when copying the filename in a metalink file, then hilarity would + ensue during the cleanup phase. This change was brought to you by clang, + which noticed this and raised a warning. + +Yang Tse (19 Feb 2013) +- smtp.c: fix enumerated type mixed with another type + +- polarssl threadlock cleanup + +Nick Zitzmann (18 Feb 2013) +- docs: schannel and darwinssl documentation improvements + + Schannel and darwinssl use the certificates built into the + OS to do vert verification instead of bundles. darwinssl + is thread-safe. Corrected typos in the NSS docs. + +Daniel Stenberg (18 Feb 2013) +- resolver_error: remove wrong error message output + + The attempt to use gai_strerror() or alternative function didn't work as + the 'sock_error' field didn't contain the proper error code. But since + this hasn't been reported and thus isn't really a big deal I decided to + just scrap the whole attempt to output the detailed resolver error and + instead remain with just stating that the resolving of the name failed. + +- [Kim Vandry brought this change] + + Curl_resolver_is_resolved: show proper host name on failed resolve + +- Curl_resolver_is_resolved: fix compiler warning + + conversion to 'int' from 'long int' may alter its value + +- compiler warning fix + + follow-up to commit ed7174c6f66, rename 'wait' to 'block' + +- compiler warning fix: declaration of 'wait' shadows a global declaration + + It seems older gcc installations (at least) will cause warnings if we + name a variable 'wait'. Now changed to 'block' instead. + + Reported by: Jiřà HruÅ¡ka + Bug: http://curl.haxx.se/mail/lib-2013-02/0247.html + +Nick Zitzmann (17 Feb 2013) +- MacOSX-Framework: Make script work in Xcode 4.0 and later + + Apple made a number of changes to Xcode 4. The SDKs were moved, the entire + Developer folder was moved, and PowerPC support was removed. The script + will now adapt to those changes and should be future-proofed against + additional changes in case Apple moves the Developer folder ever again. + Also, the minimum OS X version compiler option was removed, so that the + framework can be built against the latest SDK but still run in older cats. + +Daniel Stenberg (17 Feb 2013) +- docs: refer to CURLOPT_ACCEPT_ENCODING instead of the old name + +Steve Holme (16 Feb 2013) +- email: Tidied up result code variables + + Tidied up result variables to be consistent in name, declaration order + and default values. + +Nick Zitzmann (16 Feb 2013) +- ntlm_core: fix compiler warning when building with clang + + Fixed a 64-to-32 compiler warning raised when building with + clang and the --with-darwinssl option. + +Daniel Stenberg (16 Feb 2013) +- Guile-curl: a new libcurl binding + +- polarsslthreadlock: #include the proper memory and debug includes + + Pointed out by Steve Holme + +Steve Holme (16 Feb 2013) +- email: Removed unnecessary forward declaration + + Due to the reordering of functions in commit 586f5d361474 the forward + declaration to state_upgrade_tls() are no longer required. + +- pop3.c: Added reference to RFC-5034 + +Daniel Stenberg (15 Feb 2013) +- [Willem Sparreboom brought this change] + + PolarSSL: Change to cURL coding style + + Repaired all curl/lib/checksrc.pl warnings in the previous four patches + +- [Willem Sparreboom brought this change] + + PolarSSL: WIN32 threading support for entropy + + Added WIN32 threading support for PolarSSL entropy if + --enable-threaded-resolver config flag is set and process.h can be found. + +- [Willem Sparreboom brought this change] + + PolarSSL: pthread support for entropy + + Added pthread support for polarssl entropy if --enable-threaded-resolver + config flag is set and pthread.h can be found. + +- [Willem Sparreboom brought this change] + + PolarSSL: changes to entropy/ctr_drbg/HAVEGE_RANDOM + + Add non-threaded entropy and ctr_drbg and removed HAVEGE_RANDOM define + +- [Willem Sparreboom brought this change] + + PolarSSL: added human readable error strings + + Print out human readable error strings for PolarSSL related errors + +Steve Holme (15 Feb 2013) +- pop3: Removed unnecessary state changes on failure + +- imap: Removed unnecessary state change on failure + +Daniel Stenberg (15 Feb 2013) +- metalink_cleanup: yet another follow-up fix + +- metalink_cleanup: define it without argument + + Since the function takes no argument, the macro shouldn't take one as + some compilers will error out on that. + +- rename "easy" statemachines: call them block instead + + ... since they're not used by the easy interface really, I wanted to + remove the association. Also, I unified the pingpong statemachine driver + into a single function with a 'wait' argument: Curl_pp_statemach. + +Yang Tse (15 Feb 2013) +- [Gisle Vanem brought this change] + + curl_setup_once.h: definition of HAVE_CLOSE_S defines sclose() to close_s() + +- [Gisle Vanem brought this change] + + config-dos.h: define HAVE_CLOSE_S for MSDOS/Watt-32 + +- [Gisle Vanem brought this change] + + config-dos.h: define strerror() to strerror_s_() for High-C + +- [Gisle Vanem brought this change] + + config-dos.h: define HAVE_TERMIOS_H only for djgpp + +Steve Holme (14 Feb 2013) +- smtp.c: Fixed a trailing whitespace + + Remove tailing whitespace introduced in commit 7ed689d24a4e. + +- pop3: Fixed blocking SSL connect when connecting via POP3S + + A call to Curl_ssl_connect() was accidentally left in when the SSL/TLS + connection layer was reworked in 7.29. Not only would this cause the + connection to block but had the additional overhead of calling the + non-blocking connect a little bit later. + +- smtp: Refactored the smtp_state_auth_resp() function + + Renamed smtp_state_auth_resp() function to match the implementations in + IMAP and POP3. + +Daniel Stenberg (14 Feb 2013) +- remove ifdefs + + Clarify the code by reducing ifdefs + +- strlcat: remove function + + This function was only used twice, both in places where performance + isn't crucial (socks + if2ip). Removing the use of this function removes + the need to have our private version for systems without it == reduced + amount of code. + + Also, in the SOCKS case it is clearly better to fail gracefully rather + than to truncate the results. + + This work was triggered by a bug report on the strcal prototype in + strequal.h. + + strlcat was added in commit db70cd28 in February 2001! + + Bug: http://curl.haxx.se/bug/view.cgi?id=1192 + Reported by: Jeremy Huddleston + +- Curl_FormBoundary: made static + + As Curl_FormBoundary() is no longer used outside of this file (since + commit ad7291c1a9d), it is now renamed to formboundary() and is made + static. + +- ossl_seed: fix the last resort PRNG seeding + + Instead of just abusing the pseudo-randomizer from Curl_FormBoundary(), + this now uses Curl_ossl_random() to get entropy. + +Steve Holme (13 Feb 2013) +- email: Tidy up before additional IMAP work + + Replaced two explicit comparisons of CURLE_OK with boolean alternatives. + + General tidy up of comments. + +- smtp: Removed duplicate pingpong structure initialisation + + The smtp_connect() function was setting the member variables of the + pingpong structure twice, once before calling Curl_pp_init() and once + after! + +Yang Tse (13 Feb 2013) +- move msvc IDE related files to 'vs' directory tree + + Use 'vs' directory tree given that 'vc' intended one clashes + with an already existing build target in file Makefile.dist. + +Daniel Stenberg (13 Feb 2013) +- install-sh: updated to support multiple source files as arguments + + Version 7.29.0 uses Makefiles generated with a newer version of the + autotools than the previous 7.28.1. These Makefiles try to install + e.g. header files by calling install-sh with multiple source files as + arguments. The bundled install-sh is to old and does not support this. + + The problem only occurs, if install-sh is actually being used, ie. the + platform install executable is to old or not usable. Example: Solaris + 10. + + The files install-sh and mkinstalldirs are now updated with the automake + 1.11.3 versions. A better fix might be to completely remove them from + git and force the files to be added/created during buildconf. + + Bug: http://curl.haxx.se/bug/view.cgi?id=1195 + Reported by: Rainer Jung + +Yang Tse (13 Feb 2013) +- move msvc IDE related files to 'vc' directory tree + +- msvc IDE 'vc' directory tree preparation + +Steve Holme (12 Feb 2013) +- imap: Corrected a whitespace issue from previous commit + + Fixed a small whitespace issue that crept in there in commit + 508cdf4da4d7. + +- email: Another post optimisation of endofresp() tidy up + +- sasl: Fixed null pointer reference when decoding empty digest challenge + + Fixed a null pointer reference when an empty challenge is passed to the + Curl_sasl_create_digest_md5_message() function. + + Bug: http://sourceforge.net/p/curl/bugs/1193/ + Reported by: Saran Neti + +- email: Post optimisation of endofresp() tidy up + + Removed unnecessary end of line check and return. + +Nick Zitzmann (12 Feb 2013) +- darwinssl: Fix send glitchiness with data > 32 or so KB + + An ambiguity in the SSLWrite() documentation lead to a bad inference in the + code where we assumed SSLWrite() returned the amount of bytes written to + the socket, when that is not actually true; it returns the amount of data + that is buffered for writing to the socket if it returns errSSLWouldBlock. + Now darwinssl_send() returns CURLE_AGAIN if data is buffered but not written. + + Reference URL: http://curl.haxx.se/mail/lib-2013-02/0145.html + +Steve Holme (12 Feb 2013) +- pingpong.h: Fixed line length over 78 characters from b56c9eb48e3c + +- pingpong: Optimised the endofresp() function + + Reworked the pp->endofresp() function so that the conndata, line and + line length are passed down to it just as with Curl_client_write() + rather than each implementation of the function having to query + these values. + + Additionally changed the int return type to bool as this is more + representative of the function's usage. + +- email: Post STARTLS capability code tidy up (Part Three) + + Corrected the order of the upgrade_tls() functions and moved the handler + upgrade and getsock() functions out from the middle of the state related + functions. + +- email: Post STARTLS capability code tidy up (Part Two) + + Corrected the order of the pop3_state_capa() / imap_state_capability() + and the pop3_state_capa_resp() / imap_state_capability_resp() functions + to match the execution order. + +Daniel Stenberg (11 Feb 2013) +- [ulion brought this change] + + SOCKS: fix socks proxy when noproxy matched + + Test 1212 added to verify + + Bug: http://curl.haxx.se/bug/view.cgi?id=1190 + +Steve Holme (11 Feb 2013) +- ntlm: Updated comments for the addition of SASL support to IMAP in v7.29 + +- RELEASE-NOTES: Updated following the recent imap/pop3/smtp changes + +Linus Nielsen Feltzing (10 Feb 2013) +- Fix NULL pointer reference when closing an unused multi handle. + +Steve Holme (10 Feb 2013) +- email: Post STARTLS capability code tidy up (Part One) + + Corrected the order of the CAPA / CAPABILITY state machine constants to + match the execution order. + +- imap: Fixed memory leak following commit f6010d9a0359 + +- smtp: Added support for the STARTTLS capability (Part Two) + + Added honoring of the tls_supported flag when starting a TLS upgrade + rather than unconditionally attempting it. If the use_ssl flag is set + to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the + connection will continue to authenticate. If this flag is set to + CURLUSESSL_ALL then the connection will complete with a failure as it + did previously. + +- pop3: Added support for the STLS capability (Part Three) + + Added honoring of the tls_supported flag when starting a TLS upgrade + rather than unconditionally attempting it. If the use_ssl flag is set + to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the + connection will continue to authenticate. If this flag is set to + CURLUSESSL_ALL then the connection will complete with a failure as it + did previously. + +- imap: Added support for the STARTTLS capability (Part Three) + + Added honoring of the tls_supported flag when starting a TLS upgrade + rather than unconditionally attempting it. If the use_ssl flag is set + to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the + connection will continue to authenticate. If this flag is set to + CURLUSESSL_ALL then the connection will complete with a failure as it + did previously. + +Daniel Stenberg (10 Feb 2013) +- [Alessandro Ghedini brought this change] + + htmltitle: fix suggested build command + +Steve Holme (10 Feb 2013) +- pop3: Added support for the STLS capability (Part Two) + + Added sending of initial CAPA command before STLS is sent. This allows + for the detection of the capability before trying to upgrade the + connection. + +- imap: Added support for the STARTTLS capability (Part Two) + + Added sending of initial CAPABILITY command before STARTTLS is sent. + This allows for the detection of the capability before trying to + upgrade the connection. + +- smtp: Added support for the STLS capability (Part One) + + Introduced detection of the STARTTLS capability, in order to add support + for TLS upgrades without unconditionally sending the STARTTLS command. + +- pop3: Added support for the STLS capability (Part One) + + Introduced detection of the STLS capability, in order to add support + for TLS upgrades without unconditionally sending the STLS command. + +- imap: Added support for the STARTTLS capability (Part One) + + Introduced detection of the STARTTLS capability, in order to add support + for TLS upgrades without unconditionally sending the STARTTLS command. diff --git a/libs/libcurl/docs/CONTRIBUTE b/libs/libcurl/docs/CONTRIBUTE new file mode 100644 index 0000000000..75e7ebbb93 --- /dev/null +++ b/libs/libcurl/docs/CONTRIBUTE @@ -0,0 +1,310 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + When Contributing Source Code + + This document is intended to offer guidelines that can be useful to keep in + mind when you decide to contribute to the project. This concerns new features + as well as corrections to existing flaws or bugs. + + 1. Learning cURL + 1.1 Join the Community + 1.2 License + 1.3 What To Read + + 2. cURL Coding Standards + 2.1 Naming + 2.2 Indenting + 2.3 Commenting + 2.4 Line Lengths + 2.5 General Style + 2.6 Non-clobbering All Over + 2.7 Platform Dependent Code + 2.8 Write Separate Patches + 2.9 Patch Against Recent Sources + 2.10 Document + 2.11 Test Cases + + 3. Pushing Out Your Changes + 3.1 Write Access to git Repository + 3.2 How To Make a Patch with git + 3.3 How To Make a Patch without git + 3.4 How to get your changes into the main sources + 3.5 Write good commit messages + 3.6 Please don't send pull requests + +============================================================================== + +1. Learning cURL + +1.1 Join the Community + + Skip over to http://curl.haxx.se/mail/ and join the appropriate mailing + list(s). Read up on details before you post questions. Read this file before + you start sending patches! We prefer patches and discussions being held on + the mailing list(s), not sent to individuals. + + Before posting to one of the curl mailing lists, please read up on the mailing + list etiquette: http://curl.haxx.se/mail/etiquette.html + + We also hang out on IRC in #curl on irc.freenode.net + +1.2. License + + When contributing with code, you agree to put your changes and new code under + the same license curl and libcurl is already using unless stated and agreed + otherwise. + + If you add a larger piece of code, you can opt to make that file or set of + files to use a different license as long as they don't enforce any changes to + the rest of the package and they make sense. Such "separate parts" can not be + GPL licensed (as we don't want copyleft to affect users of libcurl) but they + must use "GPL compatible" licenses (as we want to allow users to use libcurl + properly in GPL licensed environments). + + When changing existing source code, you do not alter the copyright of the + original file(s). The copyright will still be owned by the original + creator(s) or those who have been assigned copyright by the original + author(s). + + By submitting a patch to the curl project, you are assumed to have the right + to the code and to be allowed by your employer or whatever to hand over that + patch/code to us. We will credit you for your changes as far as possible, to + give credit but also to keep a trace back to who made what changes. Please + always provide us with your full real name when contributing! + +1.3 What To Read + + Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS, the + most recent CHANGES. Just lurking on the curl-library mailing list is gonna + give you a lot of insights on what's going on right now. Asking there is a + good idea too. + +2. cURL Coding Standards + +2.1 Naming + + Try using a non-confusing naming scheme for your new functions and variable + names. It doesn't necessarily have to mean that you should use the same as in + other places of the code, just that the names should be logical, + understandable and be named according to what they're used for. File-local + functions should be made static. We like lower case names. + + See the INTERNALS document on how we name non-exported library-global + symbols. + +2.2 Indenting + + Use the same indenting levels and bracing method as all the other code + already does. It makes the source code easier to follow if all of it is + written using the same style. We don't ask you to like it, we just ask you to + follow the tradition! ;-) This mainly means: 2-level indents, using spaces + only (no tabs) and having the opening brace ({) on the same line as the if() + or while(). + + Also note that we use if() and while() with no space before the parenthesis. + +2.3 Commenting + + Comment your source code extensively using C comments (/* comment */), DO NOT + use C++ comments (// this style). Commented code is quality code and enables + future modifications much more. Uncommented code risk having to be completely + replaced when someone wants to extend things, since other persons' source + code can get quite hard to read. + +2.4 Line Lengths + + We write source lines shorter than 80 columns. + +2.5 General Style + + Keep your functions small. If they're small you avoid a lot of mistakes and + you don't accidentally mix up variables etc. + +2.6 Non-clobbering All Over + + When you write new functionality or fix bugs, it is important that you don't + fiddle all over the source files and functions. Remember that it is likely + that other people have done changes in the same source files as you have and + possibly even in the same functions. If you bring completely new + functionality, try writing it in a new source file. If you fix bugs, try to + fix one bug at a time and send them as separate patches. + +2.7 Platform Dependent Code + + Use #ifdef HAVE_FEATURE to do conditional code. We avoid checking for + particular operating systems or hardware in the #ifdef lines. The + HAVE_FEATURE shall be generated by the configure script for unix-like systems + and they are hard-coded in the config-[system].h files for the others. + +2.8 Write Separate Patches + + It is annoying when you get a huge patch from someone that is said to fix 511 + odd problems, but discussions and opinions don't agree with 510 of them - or + 509 of them were already fixed in a different way. Then the patcher needs to + extract the single interesting patch from somewhere within the huge pile of + source, and that gives a lot of extra work. Preferably, all fixes that + correct different problems should be in their own patch with an attached + description exactly what they correct so that all patches can be selectively + applied by the maintainer or other interested parties. + + Also, separate patches enable bisecting much better when we track problems in + the future. + +2.9 Patch Against Recent Sources + + Please try to get the latest available sources to make your patches + against. It makes the life of the developers so much easier. The very best is + if you get the most up-to-date sources from the git repository, but the + latest release archive is quite OK as well! + +2.10 Document + + Writing docs is dead boring and one of the big problems with many open source + projects. Someone's gotta do it. It makes it a lot easier if you submit a + small description of your fix or your new features with every contribution so + that it can be swiftly added to the package documentation. + + The documentation is always made in man pages (nroff formatted) or plain + ASCII files. All HTML files on the web site and in the release archives are + generated from the nroff/ASCII versions. + +2.11 Test Cases + + Since the introduction of the test suite, we can quickly verify that the main + features are working as they're supposed to. To maintain this situation and + improve it, all new features and functions that are added need to be tested + in the test suite. Every feature that is added should get at least one valid + test case that verifies that it works as documented. If every submitter also + posts a few test cases, it won't end up as a heavy burden on a single person! + + If you don't have test cases or perhaps you have done something that is very + hard to write tests for, do explain exactly how you have otherwise tested and + verified your changes. + +3. Pushing Out Your Changes + +3.1 Write Access to git Repository + + If you are a frequent contributor, or have another good reason, you can of + course get write access to the git repository and then you'll be able to push + your changes straight into the git repo instead of sending changes by mail as + patches. Just ask if this is what you'd want. You will be required to have + posted a few quality patches first, before you can be granted push access. + +3.2 How To Make a Patch with git + + You need to first checkout the repository: + + git clone git://github.com/bagder/curl.git + + You then proceed and edit all the files you like and you commit them to your + local repository: + + git commit [file] + + As usual, group your commits so that you commit all changes that at once that + constitutes a logical change. See also section "3.5 Write good commit + messages". + + Once you have done all your commits and you're happy with what you see, you + can make patches out of your changes that are suitable for mailing: + + git format-patch remotes/origin/master + + This creates files in your local directory named NNNN-[name].patch for each + commit. + + Now send those patches off to the curl-library list. You can of course opt to + do that with the 'git send-email' command. + +3.3 How To Make a Patch without git + + Keep a copy of the unmodified curl sources. Make your changes in a separate + source tree. When you think you have something that you want to offer the + curl community, use GNU diff to generate patches. + + If you have modified a single file, try something like: + + diff -u unmodified-file.c my-changed-one.c > my-fixes.diff + + If you have modified several files, possibly in different directories, you + can use diff recursively: + + diff -ur curl-original-dir curl-modified-sources-dir > my-fixes.diff + + The GNU diff and GNU patch tools exist for virtually all platforms, including + all kinds of Unixes and Windows: + + For unix-like operating systems: + + http://www.gnu.org/software/patch/patch.html + http://www.gnu.org/directory/diffutils.html + + For Windows: + + http://gnuwin32.sourceforge.net/packages/patch.htm + http://gnuwin32.sourceforge.net/packages/diffutils.htm + +3.4 How to get your changes into the main sources + + Submit your patch to the curl-library mailing list. + + Make the patch against as recent sources as possible. + + Make sure your patch adheres to the source indent and coding style of already + existing source code. Failing to do so just adds more work for me. + + Respond to replies on the list about the patch and answer questions and/or + fix nits/flaws. This is very important. I will take lack of replies as a sign + that you're not very anxious to get your patch accepted and I tend to simply + drop such patches from my TODO list. + + If you've followed the above paragraphs and your patch still hasn't been + incorporated after some weeks, consider resubmitting it to the list. + +3.5 Write good commit messages + + A short guide to how to do fine commit messages in the curl project. + + ---- start ---- + [area]: [short line describing the main effect] + + [separate the above single line from the rest with an empty line] + + [full description, no wider than 72 columns that describe as much as + possible as to why this change is made, and possibly what things + it fixes and everything else that is related] + ---- stop ---- + + Don't forget to use commit --author="" if you commit someone else's work, + and make sure that you have your own user and email setup correctly in git + before you commit + +3.6 Please don't send pull requests + + With git (and especially github) it is easy and tempting to send a pull + request to one or more people in the curl project to have changes merged this + way instead of mailing patches to the curl-library mailing list. + + We don't like that. We want them mailed for these reasons: + + - Peer review. Anyone and everyone on the list can review, comment and + improve on the patch. Pull requests limit this ability. + + - Anyone can merge the patch into their own trees for testing and those who + have push rights can push it to the main repo. It doesn't have to be anyone + the patch author knows beforehand. + + - Commit messages can be tweaked and changed if merged locally instead of + using github. Merges directly on github requires the changes to be perfect + already, which they seldom are. + + - Merges on github prevents rebases and even enforces --no-ff which is a git + style we don't otherwise use in the project + + However: once patches have been reviewed and deemed fine on list they are + perfectly OK to be pulled from a published git tree. diff --git a/libs/libcurl/docs/COPYING b/libs/libcurl/docs/COPYING new file mode 100644 index 0000000000..85d122ecf0 --- /dev/null +++ b/libs/libcurl/docs/COPYING @@ -0,0 +1,21 @@ +COPYRIGHT AND PERMISSION NOTICE + +Copyright (c) 1996 - 2013, Daniel Stenberg, <daniel@haxx.se>. + +All rights reserved. + +Permission to use, copy, modify, and distribute this software for any purpose +with or without fee is hereby granted, provided that the above copyright +notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN +NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of a copyright holder shall not +be used in advertising or otherwise to promote the sale, use or other dealings +in this Software without prior written authorization of the copyright holder. diff --git a/libs/libcurl/docs/DISTRO-DILEMMA b/libs/libcurl/docs/DISTRO-DILEMMA new file mode 100644 index 0000000000..108e6bad12 --- /dev/null +++ b/libs/libcurl/docs/DISTRO-DILEMMA @@ -0,0 +1,176 @@ + Date: February 11, 2007 + Author: Daniel Stenberg <daniel@haxx.se> + URL: http://curl.haxx.se/legal/distro-dilemma.html + +Condition + + This document is written to describe the situation as it is right now. + libcurl 7.16.1 is currently the latest version available. Things may of + course change in the future. + + This document reflects my view and understanding of these things. Please tell + me where and how you think I'm wrong, and I'll try to correct my mistakes. + +Background + + The Free Software Foundation has deemed the Original BSD license[1] to be + "incompatible"[2] with GPL[3]. I'd rather say it is the other way around, but + the point is the same: if you distribute a binary version of a GPL program, + it MUST NOT be linked with any Original BSD-licensed parts or libraries. + Doing so will violate the GPL license. For a long time, very many GPL + licensed programs have avoided this license mess by adding an exception[8] to + their license. And many others have just closed their eyes for this problem. + + libcurl is MIT-style[4] licensed - how on earth did this dilemma fall onto + our plates? + + libcurl is only a little library. libcurl can be built to use OpenSSL for its + SSL/TLS capabilities. OpenSSL is basically Original BSD licensed[5]. + + If libcurl built to use OpenSSL is used by a GPL-licensed application and you + decide to distribute a binary version of it (Linux distros - for example - + tend to), you have a clash. GPL vs Original BSD. + + This dilemma is not libcurl-specific nor is it specific to any particular + Linux distro. (This article mentions and refers to Debian several times, but + only because Debian seems to be the only Linux distro to have faced this + issue yet since no other distro is shipping libcurl built with two SSL + libraries.) + +Part of the Operating System + + This would not be a problem if the used lib would be considered part of the + underlying operating system, as then the GPL license has an exception + clause[6] that allows applications to use such libs without having to be + allowed to distribute it or its sources. Possibly some distros will claim + that OpenSSL is part of their operating system. + + Debian does however not take this stance and has officially(?) claimed that + OpenSSL is not a required part of the Debian operating system + + Some people claim that this paragraph cannot be exploited this way by a Linux + distro, but I am not a lawyer and that is a discussion left outside of this + document. + +GnuTLS + + Since May 2005 libcurl can get built to use GnuTLS instead of OpenSSL. GnuTLS + is an LGPL[7] licensed library that offers a matching set of features as + OpenSSL does. Now, you can build and distribute an TLS/SSL capable libcurl + without including any Original BSD licensed code. + + I believe Debian is the first (only?) distro that provides libcurl/GnutTLS + packages. + +yassl + + libcurl can get also get built to use yassl for the TLS/SSL layer. yassl is a + GPL[3] licensed library. + + +GnuTLS vs OpenSSL vs yassl + + While these three libraries offer similar features, they are not equal. + libcurl does not (yet) offer a standardized stable ABI if you decide to + switch from using libcurl-openssl to libcurl-gnutls or vice versa. The GnuTLS + and yassl support is very recent in libcurl and it has not been tested nor + used very extensively, while the OpenSSL equivalent code has been used and + thus matured since 1999. + + GnuTLS + - LGPL licensened + - supports SRP + - lacks SSLv2 support + - lacks MD2 support (used by at least some CA certs) + - lacks the crypto functions libcurl uses for NTLM + + OpenSSL + - Original BSD licensened + - lacks SRP + - supports SSLv2 + - older and more widely used + - provides crypto functions libcurl uses for NTLM + - libcurl can do non-blocking connects with it in 7.15.4 and later + + yassl + - GPL licensed + - much untested and unproven in the real work by (lib)curl users so we don't + know a lot about restrictions or benefits from using this + +The Better License, Original BSD, GPL or LGPL? + + It isn't obvious or without debate to any objective interested party that + either of these licenses are the "better" or even the "preferred" one in a + generic situation. + + Instead, I think we should accept the fact that the SSL/TLS libraries and + their different licenses will fit different applications and their authors + differently depending on the applications' licenses and their general usage + pattern (considering how GPL and LGPL libraries for example can be burdensome + for embedded systems usage). + + In Debian land, there seems to be a common opinion that LGPL is "maximally + compatible" with apps while Original BSD is not. Like this: + + http://lists.debian.org/debian-devel/2005/09/msg01417.html + +More SSL Libraries + + In libcurl, there's no stopping us here. There are more Open Source/Free + SSL/TLS libraries out there and we would very much like to support them as + well, to offer application authors an even wider scope of choice. + +Application Angle of this Problem + + libcurl is built to use one SSL/TLS library. It uses a single fixed name (by + default) on the built/created lib file, and applications are built/linked to + use that single lib. Replacing one libcurl instance with another one that + uses the other SSL/TLS library might break one or more applications (due to + ABI differences and/or different feature set). You want your application to + use the libcurl it was built for. + +Project cURL Angle of this Problem + + We distribute libcurl and everyone may build libcurl with either library at + their choice. This problem is not directly a problem of ours. It merely + affects users - GPL application authors only - of our lib as it comes + included and delivered on some distros. + + libcurl has different ABI when built with different SSL/TLS libraries due to + these reasons: + + 1. No one has worked on fixing this. The mutex/lock callbacks should be set + with a generic libcurl function that should use the proper underlying + functions. + + 2. The CURLOPT_SSL_CTX_FUNCTION option is not possible to "emulate" on GnuTLS + but simply requires OpenSSL. + + 3. There might be some other subtle differences just because nobody has yet + tried to make a fixed ABI like this. + +Distro Angle of this Problem + + To my knowledge there is only one distro that ships libcurl built with either + OpenSSL or GnuTLS. + + Debian Linux is now (since mid September 2005) providing two different + libcurl packages, one for libcurl built with OpenSSL and one built with + GnuTLS. They use different .so names and can this both be installed in a + single system simultaneously. This has been said to be a transitional system + not desired to keep in the long run. + +Footnotes + + [1] = http://www.xfree86.org/3.3.6/COPYRIGHT2.html#6 + [2] = http://www.fsf.org/licensing/essays/bsd.html + [3] = http://www.fsf.org/licensing/licenses/gpl.html + [4] = http://curl.haxx.se/docs/copyright.html + [5] = http://www.openssl.org/source/license.html + [6] = http://www.fsf.org/licensing/licenses/gpl.html end of section 3 + [7] = http://www.fsf.org/licensing/licenses/lgpl.html + [8] = http://en.wikipedia.org/wiki/OpenSSL_exception + +Feedback/Updates provided by + + Eric Cooper diff --git a/libs/libcurl/docs/FAQ b/libs/libcurl/docs/FAQ new file mode 100644 index 0000000000..b6f8958afc --- /dev/null +++ b/libs/libcurl/docs/FAQ @@ -0,0 +1,1476 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +FAQ + + 1. Philosophy + 1.1 What is cURL? + 1.2 What is libcurl? + 1.3 What is curl not? + 1.4 When will you make curl do XXXX ? + 1.5 Who makes curl? + 1.6 What do you get for making curl? + 1.7 What about CURL from curl.com? + 1.8 I have a problem who do I mail? + 1.9 Where do I buy commercial support for curl? + 1.10 How many are using curl? + 1.11 Why don't you update ca-bundle.crt + 1.12 I have a problem who can I chat with? + 1.13 curl's ECCN number? + 1.14 How do I submit my patch? + + 2. Install Related Problems + 2.1 configure doesn't find OpenSSL even when it is installed + 2.1.1 native linker doesn't find OpenSSL + 2.1.2 only the libssl lib is missing + 2.2 Does curl work/build with other SSL libraries? + 2.3 Where can I find a copy of LIBEAY32.DLL? + 2.4 Does curl support SOCKS (RFC 1928) ? + + 3. Usage Problems + 3.1 curl: (1) SSL is disabled, https: not supported + 3.2 How do I tell curl to resume a transfer? + 3.3 Why doesn't my posting using -F work? + 3.4 How do I tell curl to run custom FTP commands? + 3.5 How can I disable the Accept: */* header? + 3.6 Does curl support ASP, XML, XHTML or HTML version Y? + 3.7 Can I use curl to delete/rename a file through FTP? + 3.8 How do I tell curl to follow HTTP redirects? + 3.9 How do I use curl in my favorite programming language? + 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? + 3.11 How do I POST with a different Content-Type? + 3.12 Why do FTP specific features over HTTP proxy fail? + 3.13 Why does my single/double quotes fail? + 3.14 Does curl support Javascript or PAC (automated proxy config)? + 3.15 Can I do recursive fetches with curl? + 3.16 What certificates do I need when I use SSL? + 3.17 How do I list the root dir of an FTP server? + 3.18 Can I use curl to send a POST/PUT and not wait for a response? + 3.19 How do I get HTTP from a host using a specific IP address? + 3.20 How to SFTP from my user's home directory? + 3.21 Protocol xxx not supported or disabled in libcurl + 3.22 curl -X gives me HTTP problems + + 4. Running Problems + 4.1 Problems connecting to SSL servers. + 4.2 Why do I get problems when I use & or % in the URL? + 4.3 How can I use {, }, [ or ] to specify multiple URLs? + 4.4 Why do I get downloaded data even though the web page doesn't exist? + 4.5 Why do I get return code XXX from a HTTP server? + 4.5.1 "400 Bad Request" + 4.5.2 "401 Unauthorized" + 4.5.3 "403 Forbidden" + 4.5.4 "404 Not Found" + 4.5.5 "405 Method Not Allowed" + 4.5.6 "301 Moved Permanently" + 4.6 Can you tell me what error code 142 means? + 4.7 How do I keep user names and passwords secret in Curl command lines? + 4.8 I found a bug! + 4.9 Curl can't authenticate to the server that requires NTLM? + 4.10 My HTTP request using HEAD, PUT or DELETE doesn't work! + 4.11 Why does my HTTP range requests return the full document? + 4.12 Why do I get "certificate verify failed" ? + 4.13 Why is curl -R on Windows one hour off? + 4.14 Redirects work in browser but not with curl! + 4.15 FTPS doesn't work + 4.16 My HTTP POST or PUT requests are slow! + 4.17 Non-functional connect timeouts on Windows + 4.18 file:// URLs containing drive letters (Windows, NetWare) + 4.19 Why doesn't cURL return an error when the network cable is unplugged? + + 5. libcurl Issues + 5.1 Is libcurl thread-safe? + 5.2 How can I receive all data into a large memory chunk? + 5.3 How do I fetch multiple files with libcurl? + 5.4 Does libcurl do Winsock initing on win32 systems? + 5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ? + 5.6 What about Keep-Alive or persistent connections? + 5.7 Link errors when building libcurl on Windows! + 5.8 libcurl.so.X: open failed: No such file or directory + 5.9 How does libcurl resolve host names? + 5.10 How do I prevent libcurl from writing the response to stdout? + 5.11 How do I make libcurl not receive the whole HTTP response? + 5.12 Can I make libcurl fake or hide my real IP address? + 5.13 How do I stop an ongoing transfer? + 5.14 Using C++ non-static functions for callbacks? + 5.15 How do I get an FTP directory listing? + 5.16 I want a different time-out! + 5.17 Can I write a server with libcurl? + + 6. License Issues + 6.1 I have a GPL program, can I use the libcurl library? + 6.2 I have a closed-source program, can I use the libcurl library? + 6.3 I have a BSD licensed program, can I use the libcurl library? + 6.4 I have a program that uses LGPL libraries, can I use libcurl? + 6.5 Can I modify curl/libcurl for my program and keep the changes secret? + 6.6 Can you please change the curl/libcurl license to XXXX? + 6.7 What are my obligations when using libcurl in my commercial apps? + + 7. PHP/CURL Issues + 7.1 What is PHP/CURL? + 7.2 Who wrote PHP/CURL? + 7.3 Can I perform multiple requests using the same handle? + +============================================================================== + +1. Philosophy + + 1.1 What is cURL? + + cURL is the name of the project. The name is a play on 'Client for URLs', + originally with URL spelled in uppercase to make it obvious it deals with + URLs. The fact it can also be pronounced 'see URL' also helped, it works as + an abbreviation for "Client URL Request Library" or why not the recursive + version: "Curl URL Request Library". + + The cURL project produces two products: + + libcurl + + A free and easy-to-use client-side URL transfer library, supporting DICT, + FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, + POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP. + + libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, + kerberos, HTTP form based upload, proxies, cookies, user+password + authentication, file transfer resume, http proxy tunneling and more! + + libcurl is highly portable, it builds and works identically on numerous + platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HPUX, + IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOS, Mac + OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF, + Android, Minix, IBM TPF and more... + + libcurl is free, thread-safe, IPv6 compatible, feature rich, well + supported and fast. + + curl + + A command line tool for getting or sending files using URL syntax. + + Since curl uses libcurl, curl supports the same wide range of common + Internet protocols that libcurl does. + + We pronounce curl and cURL with an initial k sound: [kurl]. + + There are numerous sub-projects and related projects that also use the word + curl in the project names in various combinations, but you should take + notice that this FAQ is directed at the command-line tool named curl (and + libcurl the library), and may therefore not be valid for other curl-related + projects. (There is however a small section for the PHP/CURL in this FAQ.) + + 1.2 What is libcurl? + + libcurl is a reliable and portable library which provides you with an easy + interface to a range of common Internet protocols. + + You can use libcurl for free in your application, be it open source, + commercial or closed-source. + + libcurl is most probably the most portable, most powerful and most often + used C-based multi-platform file transfer library on this planet - be it + open source or commercial. + + 1.3 What is curl not? + + Curl is not a wget clone. That is a common misconception. Never, during + curl's development, have we intended curl to replace wget or compete on its + market. Curl is targeted at single-shot file transfers. + + Curl is not a web site mirroring program. If you want to use curl to mirror + something: fine, go ahead and write a script that wraps around curl to make + it reality (like curlmirror.pl does). + + Curl is not an FTP site mirroring program. Sure, get and send FTP with curl + but if you want systematic and sequential behavior you should write a + script (or write a new program that interfaces libcurl) and do it. + + Curl is not a PHP tool, even though it works perfectly well when used from + or with PHP (when using the PHP/CURL module). + + Curl is not a program for a single operating system. Curl exists, compiles, + builds and runs under a wide range of operating systems, including all + modern Unixes (and a bunch of older ones too), Windows, Amiga, BeOS, OS/2, + OS X, QNX etc. + + 1.4 When will you make curl do XXXX ? + + We love suggestions of what to change in order to make curl and libcurl + better. We do however believe in a few rules when it comes to the future of + curl: + + Curl -- the command line tool -- is to remain a non-graphical command line + tool. If you want GUIs or fancy scripting capabilities, you should look for + another tool that uses libcurl. + + We do not add things to curl that other small and available tools already do + very fine at the side. Curl's output is fine to pipe into another program or + redirect to another file for the next program to interpret. + + We focus on protocol related issues and improvements. If you wanna do more + magic with the supported protocols than curl currently does, chances are big + we will agree. If you wanna add more protocols, we may very well agree. + + If you want someone else to make all the work while you wait for us to + implement it for you, that is not a very friendly attitude. We spend a + considerable time already on maintaining and developing curl. In order to + get more out of us, you should consider trading in some of your time and + efforts in return. + + If you write the code, chances are bigger that it will get into curl faster. + + 1.5 Who makes curl? + + curl and libcurl are not made by any single individual. Daniel Stenberg is + project leader and main developer, but other persons' submissions are + important and crucial. Anyone can contribute and post their changes and + improvements and have them inserted in the main sources (of course on the + condition that developers agree on that the fixes are good). + + The full list of all contributors is found in the docs/THANKS file. + + curl is developed by a community, with Daniel at the wheel. + + 1.6 What do you get for making curl? + + Project cURL is entirely free and open. No person gets paid for developing + (lib)curl on full or even part time. We do this voluntarily on our spare + time. Occasionally companies pay individual developers to work on curl, but + that's up to each company and developer. It is not controlled by nor + supervised in any way by the project. + + We still get help from companies. Haxx provides web site, bandwidth, mailing + lists etc, sourceforge.net hosts project services we take advantage from, + like the bug tracker and github hosts the primary git repository. Also + again, some companies have sponsored certain parts of the development in the + past and I hope some will continue to do so in the future. + + If you want to support our project, consider a donation or a banner-program + or even better: by helping us coding, documenting, testing etc. + + 1.7 What about CURL from curl.com? + + During the summer 2001, curl.com was busy advertising their client-side + programming language for the web, named CURL. + + We are in no way associated with curl.com or their CURL programming + language. + + Our project name curl has been in effective use since 1998. We were not the + first computer related project to use the name "curl" and do not claim any + rights to the name. + + We recognize that we will be living in parallel with curl.com and wish them + every success. + + 1.8 I have a problem who do I mail? + + Please do not mail any single individual unless you really need to. Keep + curl-related questions on a suitable mailing list. All available mailing + lists are listed in the MANUAL document and online at + http://curl.haxx.se/mail/ + + Keeping curl-related questions and discussions on mailing lists allows + others to join in and help, to share their ideas, contribute their + suggestions and spread their wisdom. Keeping discussions on public mailing + lists also allows for others to learn from this (both current and future + users thanks to the web based archives of the mailing lists), thus saving us + from having to repeat ourselves even more. Thanks for respecting this. + + If you have found or simply suspect a security problem in curl or libcurl, + mail curl-security at haxx.se (closed list of receivers, mails are not + disclosed) and tell. Then we can produce a fix in a timely manner before the + flaw is announced to the world, thus lessen the impact the problem will have + on existing users. + + 1.9 Where do I buy commercial support for curl? + + curl is fully open source. It means you can hire any skilled engineer to fix + your curl-related problems. + + We list available alternatives on the curl web site: + http://curl.haxx.se/support.html + + 1.10 How many are using curl? + + It is impossible to tell. + + We don't know how many users that knowingly have installed and use curl. + + We don't know how many users that use curl without knowing that they are in + fact using it. + + We don't know how many users that downloaded or installed curl and then + never use it. + + In May 2012 Daniel did a counting game and came up with a number that may + be completely wrong or somewhat accurate. Over 500 million! + + See http://daniel.haxx.se/blog/2012/05/16/300m-users/ + + 1.11 Why don't you update ca-bundle.crt + + The ca cert bundle that used to shipped with curl was very outdated and must + be replaced with an up-to-date version by anyone who wants to verify + peers. It is no longer provided by curl. The last curl release ever that + shipped a ca cert bundle was curl 7.18.0. + + In the cURL project we've decided not to attempt to keep this file updated + (or even present anymore) since deciding what to add to a ca cert bundle is + an undertaking we've not been ready to accept, and the one we can get from + Mozilla is perfectly fine so there's no need to duplicate that work. + + Today, with many services performed over HTTPS, every operating system + should come with a default ca cert bundle that can be deemed somewhat + trustworthy and that collection (if reasonably updated) should be deemed to + be a lot better than a private curl version. + + If you want the most recent collection of ca certs that Mozilla Firefox + uses, we recommend that you extract the collection yourself from Mozilla + Firefox (by running 'make ca-bundle), or by using our online service setup + for this purpose: http://curl.haxx.se/docs/caextract.html + + 1.12 I have a problem who can I chat with? + + There's a bunch of friendly people hanging out in the #curl channel on the + IRC network irc.freenode.net. If you're polite and nice, chances are big + that you can get -- or provide -- help instantly. + + 1.13 curl's ECCN number? + + The US government restricts exports of software that contains or uses + cryptography. When doing so, the Export Control Classification Number (ECCN) + is used to identify the level of export control etc. + + ASF gives a good explanation at http://www.apache.org/dev/crypto.html + + We believe curl's number might be ECCN 5D002, another possibility is + 5D992. It seems necessary to write them, asking to confirm. + + Comprehensible explanations of the meaning of such numbers and how to + obtain them (resp.) are here + + http://www.bis.doc.gov/licensing/exportingbasics.htm + http://www.bis.doc.gov/licensing/do_i_needaneccn.html + + An incomprehensible description of the two numbers above is here + http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf + + 1.14 How do I submit my patch? + + When you have made a patch or a change of whatever sort, and want to submit + that to the project, there are a few different ways we prefer: + + o send a patch to the curl-library mailing list. We're many subscribers + there and there are lots of people who can review patches, comment on them + and "receive" them properly. + + o if your patch changes or fixes a bug, you can also opt to submit a bug + report in the bug tracker and attach your patch there. There are less + people involved there. + + Lots of more details are found in the CONTRIBUTE and INTERNALS docs. + + +2. Install Related Problems + + 2.1 configure doesn't find OpenSSL even when it is installed + + This may be because of several reasons. + + 2.1.1 native linker doesn't find openssl + + Affected platforms: + Solaris (native cc compiler) + HPUX (native cc compiler) + SGI IRIX (native cc compiler) + SCO UNIX (native cc compiler) + + When configuring curl, I specify --with-ssl. OpenSSL is installed in + /usr/local/ssl Configure reports SSL in /usr/local/ssl, but fails to find + CRYPTO_lock in -lcrypto + + Cause: The cc for this test places the -L/usr/local/ssl/lib AFTER + -lcrypto, so ld can't find the library. This is due to a bug in the GNU + autoconf tool. + + Workaround: Specifying "LDFLAGS=-L/usr/local/ssl/lib" in front of + ./configure places the -L/usr/local/ssl/lib early enough in the command + line to make things work + + 2.1.2 only the libssl lib is missing + + If all include files and the libcrypto lib is present, with only the + libssl being missing according to configure, this is mostly likely because + a few functions are left out from the libssl. + + If the function names missing include RSA or RSAREF you can be certain + that this is because libssl requires the RSA and RSAREF libs to build. + + See the INSTALL file section that explains how to add those libs to + configure. Make sure that you remove the config.cache file before you + rerun configure with the new flags. + + 2.2 Does curl work/build with other SSL libraries? + + Curl has been written to use a generic SSL function layer internally, and + that SSL functionality can then be provided by one out of many different SSL + backends. + + curl can be built to use one of the following SSL alternatives: OpenSSL, + GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X), + schannel (native Windows) or qssl (native IBM i). They all have their pros + and cons, and we try to maintain a comparison of them here: + http://curl.haxx.se/docs/ssl-compared.html + + 2.3 Where can I find a copy of LIBEAY32.DLL? + + That is an OpenSSL binary built for Windows. + + Curl can be built with OpenSSL to do the SSL stuff. The LIBEAY32.DLL is then + what curl needs on a windows machine to do https:// etc. Check out the curl + web site to find accurate and up-to-date pointers to recent OpenSSL DLLs and + other binary packages. + + 2.4 Does curl support SOCKS (RFC 1928) ? + + Yes, SOCKS 4 and 5 are supported. + + +3. Usage problems + + 3.1 curl: (1) SSL is disabled, https: not supported + + If you get this output when trying to get anything from a https:// server, + it means that the instance of curl/libcurl that you're using was built + without support for this protocol. + + This could've happened if the configure script that was run at build time + couldn't find all libs and include files curl requires for SSL to work. If + the configure script fails to find them, curl is simply built without SSL + support. + + To get the https:// support into a curl that was previously built but that + reports that https:// is not supported, you should dig through the document + and logs and check out why the configure script doesn't find the SSL libs + and/or include files. + + Also, check out the other paragraph in this FAQ labelled "configure doesn't + find OpenSSL even when it is installed". + + 3.2 How do I tell curl to resume a transfer? + + Curl supports resumed transfers both ways on both FTP and HTTP. + Try the -C option. + + 3.3 Why doesn't my posting using -F work? + + You can't simply use -F or -d at your choice. The web server that will + receive your post expects one of the formats. If the form you're trying to + submit uses the type 'multipart/form-data', then and only then you must use + the -F type. In all the most common cases, you should use -d which then + causes a posting with the type 'application/x-www-form-urlencoded'. + + This is described in some detail in the MANUAL and TheArtOfHttpScripting + documents, and if you don't understand it the first time, read it again + before you post questions about this to the mailing list. Also, try reading + through the mailing list archives for old postings and questions regarding + this. + + 3.4 How do I tell curl to run custom FTP commands? + + You can tell curl to perform optional commands both before and/or after a + file transfer. Study the -Q/--quote option. + + Since curl is used for file transfers, you don't normally use curl to + perform FTP commands without transferring anything. Therefore you must + always specify a URL to transfer to/from even when doing custom FTP + commands, or use -I which implies the "no body" option sent to libcurl. + + 3.5 How can I disable the Accept: */* header? + + You can change all internally generated headers by adding a replacement with + the -H/--header option. By adding a header with empty contents you safely + disable that one. Use -H "Accept:" to disable that specific header. + + 3.6 Does curl support ASP, XML, XHTML or HTML version Y? + + To curl, all contents are alike. It doesn't matter how the page was + generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML + files. There's no difference to curl and it doesn't even know what kind of + language that generated the page. + + See also item 3.14 regarding javascript. + + 3.7 Can I use curl to delete/rename a file through FTP? + + Yes. You specify custom FTP commands with -Q/--quote. + + One example would be to delete a file after you have downloaded it: + + curl -O ftp://download.com/coolfile -Q '-DELE coolfile' + + or rename a file after upload: + + curl -T infile ftp://upload.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname" + + 3.8 How do I tell curl to follow HTTP redirects? + + Curl does not follow so-called redirects by default. The Location: header + that informs the client about this is only interpreted if you're using the + -L/--location option. As in: + + curl -L http://redirector.com + + Not all redirects are HTTP ones, see 4.14 + + 3.9 How do I use curl in my favorite programming language? + + There exist many language interfaces/bindings for curl that integrates it + better with various languages. If you are fluid in a script language, you + may very well opt to use such an interface instead of using the command line + tool. + + Find out more about which languages that support curl directly, and how to + install and use them, in the libcurl section of the curl web site: + http://curl.haxx.se/libcurl/ + + All the various bindings to libcurl are made by other projects and people, + outside of the cURL project. The cURL project itself only produces libcurl + with its plain C API. If you don't find anywhere else to ask you can ask + about bindings on the curl-library list too, but be prepared that people on + that list may not know anything about bindings. + + In October 2009, there were interfaces available for the following + languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Dylan, Eiffel, Euphoria, + Ferite, Gambas, glib/GTK+, Haskell, ILE/RPG, Java, Lisp, Lua, Mono, .NET, + Object-Pascal, O'Caml, Pascal, Perl, PHP, PostgreSQL, Python, R, Rexx, Ruby, + Scheme, S-Lang, Smalltalk, SP-Forth, SPL, Tcl, Visual Basic, Visual FoxPro, + Q, wxwidgets and XBLite. By the time you read this, additional ones may have + appeared! + + 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? + + Curl adheres to the HTTP spec, which basically means you can play with *any* + protocol that is built on top of HTTP. Protocols such as SOAP, WEBDAV and + XML-RPC are all such ones. You can use -X to set custom requests and -H to + set custom headers (or replace internally generated ones). + + Using libcurl is of course just as fine and you'd just use the proper + library options to do the same. + + 3.11 How do I POST with a different Content-Type? + + You can always replace the internally generated headers with -H/--header. + To make a simple HTTP POST with text/xml as content-type, do something like: + + curl -d "datatopost" -H "Content-Type: text/xml" [URL] + + 3.12 Why do FTP specific features over HTTP proxy fail? + + Because when you use a HTTP proxy, the protocol spoken on the network will + be HTTP, even if you specify a FTP URL. This effectively means that you + normally can't use FTP specific features such as FTP upload and FTP quote + etc. + + There is one exception to this rule, and that is if you can "tunnel through" + the given HTTP proxy. Proxy tunneling is enabled with a special option (-p) + and is generally not available as proxy admins usually disable tunneling to + other ports than 443 (which is used for HTTPS access through proxies). + + 3.13 Why does my single/double quotes fail? + + To specify a command line option that includes spaces, you might need to + put the entire option within quotes. Like in: + + curl -d " with spaces " url.com + + or perhaps + + curl -d ' with spaces ' url.com + + Exactly what kind of quotes and how to do this is entirely up to the shell + or command line interpreter that you are using. For most unix shells, you + can more or less pick either single (') or double (") quotes. For + Windows/DOS prompts I believe you're forced to use double (") quotes. + + Please study the documentation for your particular environment. Examples in + the curl docs will use a mix of both these ones as shown above. You must + adjust them to work in your environment. + + Remember that curl works and runs on more operating systems than most single + individuals have ever tried. + + 3.14 Does curl support Javascript or PAC (automated proxy config)? + + Many web pages do magic stuff using embedded Javascript. Curl and libcurl + have no built-in support for that, so it will be treated just like any other + contents. + + .pac files are a netscape invention and are sometimes used by organizations + to allow them to differentiate which proxies to use. The .pac contents is + just a Javascript program that gets invoked by the browser and that returns + the name of the proxy to connect to. Since curl doesn't support Javascript, + it can't support .pac proxy configuration either. + + Some workarounds usually suggested to overcome this Javascript dependency: + + Depending on the Javascript complexity, write up a script that translates it + to another language and execute that. + + Read the Javascript code and rewrite the same logic in another language. + + Implement a Javascript interpreter, people have successfully used the + Mozilla Javascript engine in the past. + + Ask your admins to stop this, for a static proxy setup or similar. + + 3.15 Can I do recursive fetches with curl? + + No. curl itself has no code that performs recursive operations, such as + those performed by wget and similar tools. + + There exist wrapper scripts with that functionality (for example the + curlmirror perl script), and you can write programs based on libcurl to do + it, but the command line tool curl itself cannot. + + 3.16 What certificates do I need when I use SSL? + + There are three different kinds of "certificates" to keep track of when we + talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl. + + CLIENT CERTIFICATE + + The server you communicate may require that you can provide this in order to + prove that you actually are who you claim to be. If the server doesn't + require this, you don't need a client certificate. + + A client certificate is always used together with a private key, and the + private key has a pass phrase that protects it. + + SERVER CERTIFICATE + + The server you communicate with has a server certificate. You can and should + verify this certificate to make sure that you are truly talking to the real + server and not a server impersonating it. + + CERTIFICATE AUTHORITY CERTIFICATE ("CA cert") + + You often have several CA certs in a CA cert bundle that can be used to + verify a server certificate that was signed by one of the authorities in the + bundle. curl does not come with a CA cert bundle but most curl installs + provide one. You can also override the default. + + The server certificate verification process is made by using a Certificate + Authority certificate ("CA cert") that was used to sign the server + certificate. Server certificate verification is enabled by default in curl + and libcurl and is often the reason for problems as explained in FAQ entry + 4.12 and the SSLCERTS document + (http://curl.haxx.se/docs/sslcerts.html). Server certificates that are + "self-signed" or otherwise signed by a CA that you do not have a CA cert + for, cannot be verified. If the verification during a connect fails, you are + refused access. You then need to explicitly disable the verification to + connect to the server. + + 3.17 How do I list the root dir of an FTP server? + + There are two ways. The way defined in the RFC is to use an encoded slash + in the first path part. List the "/tmp" dir like this: + + curl ftp://ftp.sunet.se/%2ftmp/ + + or the not-quite-kosher-but-more-readable way, by simply starting the path + section of the URL with a slash: + + curl ftp://ftp.sunet.se//tmp/ + + 3.18 Can I use curl to send a POST/PUT and not wait for a response? + + No. + + But you could easily write your own program using libcurl to do such stunts. + + 3.19 How do I get HTTP from a host using a specific IP address? + + For example, you may be trying out a web site installation that isn't yet in + the DNS. Or you have a site using multiple IP addresses for a given host + name and you want to address a specific one out of the set. + + Set a custom Host: header that identifies the server name you want to reach + but use the target IP address in the URL: + + curl --header "Host: www.example.com" http://127.0.0.1/ + + You can also opt to add faked host name entries to curl with the --resolve + option. That has the added benefit that things like redirects will also work + properly. The above operation would instead be done as: + + curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/ + + 3.20 How to SFTP from my user's home directory? + + Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to + work with. It means that if you don't specify that you want the user's home + directory, you get the actual root directory. + + To specify a file in your user's home directory, you need to use the correct + URL syntax which for sftp might look similar to: + + curl -O -u user:password sftp://example.com/~/file.txt + + and for SCP it is just a different protocol prefix: + + curl -O -u user:password scp://example.com/~/file.txt + + 3.21 Protocol xxx not supported or disabled in libcurl + + When passing on a URL to curl to use, it may respond that the particular + protocol is not supported or disabled. The particular way this error message + is phrased is because curl doesn't make a distinction internally of whether + a particular protocol is not supported (i.e. never got any code added that + knows how to speak that protocol) or if it was explicitly disabled. curl can + be built to only support a given set of protocols, and the rest would then + be disabled or not supported. + + Note that this error will also occur if you pass a wrongly spelled protocol + part as in "htpt://example.com" or as in the less evident case if you prefix + the protocol part with a space as in " http://example.com/". + + 3.22 curl -X gives me HTTP problems + + In normal circumstances, -X should hardly ever be used. + + By default you use curl without explicitly saying which request method to + use when the URL identifies a HTTP transfer. If you just pass in a URL like + "curl http://example.com" it will use GET. If you use -d or -F curl will use + POST, -I will cause a HEAD and -T will make it a PUT. + + If for whatever reason you're not happy with these default choices that curl + does for you, you can override those request methods by specifying -X + [WHATEVER]. This way you can for example send a DELETE by doing "curl -X + DELETE [URL]". + + It is thus pointless to do "curl -XGET [URL]" as GET would be used + anyway. In the same vein it is pointless to do "curl -X POST -d data + [URL]"... But you can make a fun and somewhat rare request that sends a + request-body in a GET request with something like "curl -X GET -d data + [URL]" + + Note that -X doesn't change curl's behavior. It only modifies the actual + string sent in the request. + + Accordingly, by using -XPOST on a command line that for example would follow + a 303 redirect, you will effectively prevent curl from behaving + correctly. Be aware. + + +4. Running Problems + + 4.1 Problems connecting to SSL servers. + + It took a very long time before we could sort out why curl had problems to + connect to certain SSL servers when using SSLeay or OpenSSL v0.9+. The + error sometimes showed up similar to: + + 16570:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233: + + It turned out to be because many older SSL servers don't deal with SSLv3 + requests properly. To correct this problem, tell curl to select SSLv2 from + the command line (-2/--sslv2). + + There have also been examples where the remote server didn't like the SSLv2 + request and instead you had to force curl to use SSLv3 with -3/--sslv3. + + 4.2 Why do I get problems when I use & or % in the URL? + + In general unix shells, the & symbol is treated specially and when used, it + runs the specified command in the background. To safely send the & as a part + of a URL, you should quote the entire URL by using single (') or double (") + quotes around it. Similar problems can also occur on some shells with other + characters, including ?*!$~(){}<>\|;`. When in doubt, quote the URL. + + An example that would invoke a remote CGI that uses &-symbols could be: + + curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl' + + In Windows, the standard DOS shell treats the percent sign specially and you + need to use TWO percent signs for each single one you want to use in the + URL. + + If you want a literal percent sign to be part of the data you pass in a POST + using -d/--data you must encode it as '%25' (which then also needs the + percent sign doubled on Windows machines). + + 4.3 How can I use {, }, [ or ] to specify multiple URLs? + + Because those letters have a special meaning to the shell, and to be used in + a URL specified to curl you must quote them. + + An example that downloads two URLs (sequentially) would do: + + curl '{curl,www}.haxx.se' + + To be able to use those letters as actual parts of the URL (without using + them for the curl URL "globbing" system), use the -g/--globoff option: + + curl -g 'www.site.com/weirdname[].html' + + 4.4 Why do I get downloaded data even though the web page doesn't exist? + + Curl asks remote servers for the page you specify. If the page doesn't exist + at the server, the HTTP protocol defines how the server should respond and + that means that headers and a "page" will be returned. That's simply how + HTTP works. + + By using the --fail option you can tell curl explicitly to not get any data + if the HTTP return code doesn't say success. + + 4.5 Why do I get return code XXX from a HTTP server? + + RFC2616 clearly explains the return codes. This is a short transcript. Go + read the RFC for exact details: + + 4.5.1 "400 Bad Request" + + The request could not be understood by the server due to malformed + syntax. The client SHOULD NOT repeat the request without modifications. + + 4.5.2 "401 Unauthorized" + + The request requires user authentication. + + 4.5.3 "403 Forbidden" + + The server understood the request, but is refusing to fulfil it. + Authorization will not help and the request SHOULD NOT be repeated. + + 4.5.4 "404 Not Found" + + The server has not found anything matching the Request-URI. No indication + is given of whether the condition is temporary or permanent. + + 4.5.5 "405 Method Not Allowed" + + The method specified in the Request-Line is not allowed for the resource + identified by the Request-URI. The response MUST include an Allow header + containing a list of valid methods for the requested resource. + + 4.5.6 "301 Moved Permanently" + + If you get this return code and an HTML output similar to this: + + <H1>Moved Permanently</H1> The document has moved <A + HREF="http://same_url_now_with_a_trailing_slash/">here</A>. + + it might be because you request a directory URL but without the trailing + slash. Try the same operation again _with_ the trailing URL, or use the + -L/--location option to follow the redirection. + + 4.6 Can you tell me what error code 142 means? + + All curl error codes are described at the end of the man page, in the + section called "EXIT CODES". + + Error codes that are larger than the highest documented error code means + that curl has exited due to a crash. This is a serious error, and we + appreciate a detailed bug report from you that describes how we could go + ahead and repeat this! + + 4.7 How do I keep user names and passwords secret in Curl command lines? + + This problem has two sides: + + The first part is to avoid having clear-text passwords in the command line + so that they don't appear in 'ps' outputs and similar. That is easily + avoided by using the "-K" option to tell curl to read parameters from a file + or stdin to which you can pass the secret info. curl itself will also + attempt to "hide" the given password by blanking out the option - this + doesn't work on all platforms. + + To keep the passwords in your account secret from the rest of the world is + not a task that curl addresses. You could of course encrypt them somehow to + at least hide them from being read by human eyes, but that is not what + anyone would call security. + + Also note that regular HTTP (using Basic authentication) and FTP passwords + are sent in clear across the network. All it takes for anyone to fetch them + is to listen on the network. Eavesdropping is very easy. Use more secure + authentication methods (like Digest, Negotiate or even NTLM) or consider the + SSL-based alternatives HTTPS and FTPS. + + 4.8 I found a bug! + + It is not a bug if the behavior is documented. Read the docs first. + Especially check out the KNOWN_BUGS file, it may be a documented bug! + + If it is a problem with a binary you've downloaded or a package for your + particular platform, try contacting the person who built the package/archive + you have. + + If there is a bug, read the BUGS document first. Then report it as described + in there. + + 4.9 Curl can't authenticate to the server that requires NTLM? + + NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft + Windows libraries at build-time to provide this functionality. + + NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You + should not use such ones. + + 4.10 My HTTP request using HEAD, PUT or DELETE doesn't work! + + Many web servers allow or demand that the administrator configures the + server properly for these requests to work on the web server. + + Some servers seem to support HEAD only on certain kinds of URLs. + + To fully grasp this, try the documentation for the particular server + software you're trying to interact with. This is not anything curl can do + anything about. + + 4.11 Why does my HTTP range requests return the full document? + + Because the range may not be supported by the server, or the server may + choose to ignore it and return the full document anyway. + + 4.12 Why do I get "certificate verify failed" ? + + You invoke curl 7.10 or later to communicate on a https:// URL and get an + error back looking something similar to this: + + curl: (35) SSL: error:14090086:SSL routines: + SSL3_GET_SERVER_CERTIFICATE:certificate verify failed + + Then it means that curl couldn't verify that the server's certificate was + good. Curl verifies the certificate using the CA cert bundle that comes with + the curl installation. + + To disable the verification (which makes it act like curl did before 7.10), + use -k. This does however enable man-in-the-middle attacks. + + If you get this failure but are having a CA cert bundle installed and used, + the server's certificate is not signed by one of the CA's in the bundle. It + might for example be self-signed. You then correct this problem by obtaining + a valid CA cert for the server. Or again, decrease the security by disabling + this check. + + Details are also in the SSLCERTS file in the release archives, found online + here: http://curl.haxx.se/docs/sslcerts.html + + 4.13 Why is curl -R on Windows one hour off? + + During daylight savings time, when -R is used, curl will set a time that + appears one hour off. This happens due to a flaw in how Windows stores and + uses file modification times and it is not easily worked around. For details + on this problem, read this: http://www.codeproject.com/datetime/dstbugs.asp + + 4.14 Redirects work in browser but not with curl! + + curl supports HTTP redirects fine (see item 3.8). Browsers generally support + at least two other ways to perform redirects that curl does not: + + Meta tags. You can write a HTML tag that will cause the browser to redirect + to another given URL after a certain time. + + Javascript. You can write a Javascript program embedded in a HTML page that + redirects the browser to another given URL. + + There is no way to make curl follow these redirects. You must either + manually figure out what the page is set to do, or you write a script that + parses the results and fetches the new URL. + + 4.15 FTPS doesn't work + + curl supports FTPS (sometimes known as FTP-SSL) both implicit and explicit + mode. + + When a URL is used that starts with FTPS://, curl assumes implicit SSL on + the control connection and will therefore immediately connect and try to + speak SSL. FTPS:// connections default to port 990. + + To use explicit FTPS, you use a FTP:// URL and the --ftp-ssl option (or one + of its related flavours). This is the most common method, and the one + mandated by RFC4217. This kind of connection then of course uses the + standard FTP port 21 by default. + + 4.16 My HTTP POST or PUT requests are slow! + + libcurl makes all POST and PUT requests (except for POST requests with a + very tiny request body) use the "Expect: 100-continue" header. This header + allows the server to deny the operation early so that libcurl can bail out + already before having to send any data. This is useful in authentication + cases and others. + + However, many servers don't implement the Expect: stuff properly and if the + server doesn't respond (positively) within 1 second libcurl will continue + and send off the data anyway. + + You can disable libcurl's use of the Expect: header the same way you disable + any header, using -H / CURLOPT_HTTPHEADER, or by forcing it to use HTTP 1.0. + + 4.17 Non-functional connect timeouts + + In most Windows setups having a timeout longer than 21 seconds make no + difference, as it will only send 3 TCP SYN packets and no more. The second + packet sent three seconds after the first and the third six seconds after + the second. No more than three packets are sent, no matter how long the + timeout is set. + + See option TcpMaxConnectRetransmissions on this page: + http://support.microsoft.com/?scid=kb%3Ben-us%3B175523&x=6&y=7 + + Also, even on non-Windows systems there may run a firewall or anti-virus + software or similar that accepts the connection but does not actually do + anything else. This will make (lib)curl to consider the connection connected + and thus the connect timeout won't trigger. + + 4.18 file:// URLs containing drive letters (Windows, NetWare) + + When using cURL to try to download a local file, one might use a URL + in this format: + + file://D:/blah.txt + + You'll find that even if D:\blah.txt does exist, cURL returns a 'file + not found' error. + + According to RFC 1738 (http://www.faqs.org/rfcs/rfc1738.html), + file:// URLs must contain a host component, but it is ignored by + most implementations. In the above example, 'D:' is treated as the + host component, and is taken away. Thus, cURL tries to open '/blah.txt'. + If your system is installed to drive C:, that will resolve to 'C:\blah.txt', + and if that doesn't exist you will get the not found error. + + To fix this problem, use file:// URLs with *three* leading slashes: + + file:///D:/blah.txt + + Alternatively, if it makes more sense, specify 'localhost' as the host + component: + + file://localhost/D:/blah.txt + + In either case, cURL should now be looking for the correct file. + + 4.19 Why doesn't cURL return an error when the network cable is unplugged? + + Unplugging a cable is not an error situation. The TCP/IP protocol stack + was designed to be fault tolerant, so even though there may be a physical + break somewhere the connection shouldn't be affected, just possibly + delayed. Eventually, the physical break will be fixed or the data will be + re-routed around the physical problem through another path. + + In such cases, the TCP/IP stack is responsible for detecting when the + network connection is irrevocably lost. Since with some protocols it is + perfectly legal for the client wait indefinitely for data, the stack may + never report a problem, and even when it does, it can take up to 20 minutes + for it to detect an issue. The curl option --keepalive-time enables + keep-alive support in the TCP/IP stack which makes it periodically probe the + connection to make sure it is still available to send data. That should + reliably detect any TCP/IP network failure. + + But even that won't detect the network going down before the TCP/IP + connection is established (e.g. during a DNS lookup) or using protocols that + don't use TCP. To handle those situations, curl offers a number of timeouts + on its own. --speed-limit/--speed-time will abort if the data transfer rate + falls too low, and --connect-timeout and --max-time can be used to put an + overall timeout on the connection phase or the entire transfer. + + A libcurl-using application running in a known physical environment (e.g. + an embedded device with only a single network connection) may want to act + immediately if its lone network connection goes down. That can be achieved + by having the application monitor the network connection on its own using an + OS-specific mechanism, then signalling libcurl to abort (see also item 5.13). + + +5. libcurl Issues + + 5.1 Is libcurl thread-safe? + + Yes. + + We have written the libcurl code specifically adjusted for multi-threaded + programs. libcurl will use thread-safe functions instead of non-safe ones if + your system has such. Note that you must never share the same handle in + multiple threads. + + + If you use a OpenSSL-powered libcurl in a multi-threaded environment, you + need to provide one or two locking functions: + + http://www.openssl.org/docs/crypto/threads.html + + If you use a GnuTLS-powered libcurl in a multi-threaded environment, you + need to provide locking function(s) for libgcrypt (which is used by GnuTLS + for the crypto functions). + + http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html + + No special locking is needed with a NSS-powered libcurl. NSS is thread-safe. + + 5.2 How can I receive all data into a large memory chunk? + + [ See also the examples/getinmemory.c source ] + + You are in full control of the callback function that gets called every time + there is data received from the remote server. You can make that callback do + whatever you want. You do not have to write the received data to a file. + + One solution to this problem could be to have a pointer to a struct that you + pass to the callback function. You set the pointer using the + CURLOPT_WRITEDATA option. Then that pointer will be passed to the callback + instead of a FILE * to a file: + + /* imaginary struct */ + struct MemoryStruct { + char *memory; + size_t size; + }; + + /* imaginary callback function */ + size_t + WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data) + { + size_t realsize = size * nmemb; + struct MemoryStruct *mem = (struct MemoryStruct *)data; + + mem->memory = (char *)realloc(mem->memory, mem->size + realsize + 1); + if (mem->memory) { + memcpy(&(mem->memory[mem->size]), ptr, realsize); + mem->size += realsize; + mem->memory[mem->size] = 0; + } + return realsize; + } + + 5.3 How do I fetch multiple files with libcurl? + + libcurl has excellent support for transferring multiple files. You should + just repeatedly set new URLs with curl_easy_setopt() and then transfer it + with curl_easy_perform(). The handle you get from curl_easy_init() is not + only reusable, but you're even encouraged to reuse it if you can, as that + will enable libcurl to use persistent connections. + + 5.4 Does libcurl do Winsock initialization on win32 systems? + + Yes, if told to in the curl_global_init() call. + + 5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ? + + Yes, but you cannot open a FILE * and pass the pointer to a DLL and have + that DLL use the FILE * (as the DLL and the client application cannot access + each others' variable memory areas). If you set CURLOPT_WRITEDATA you must + also use CURLOPT_WRITEFUNCTION as well to set a function that writes the + file, even if that simply writes the data to the specified FILE *. + Similarly, if you use CURLOPT_READDATA you must also specify + CURLOPT_READFUNCTION. + + 5.6 What about Keep-Alive or persistent connections? + + curl and libcurl have excellent support for persistent connections when + transferring several files from the same server. Curl will attempt to reuse + connections for all URLs specified on the same command line/config file, and + libcurl will reuse connections for all transfers that are made using the + same libcurl handle. + + When you use the easy interface, the connection cache is kept within the + easy handle. If you instead use the multi interface, the connection cache + will be kept within the multi handle and will be shared among all the easy + handles that are used within the same multi handle. + + 5.7 Link errors when building libcurl on Windows! + + You need to make sure that your project, and all the libraries (both static + and dynamic) that it links against, are compiled/linked against the same run + time library. + + This is determined by the /MD, /ML, /MT (and their corresponding /M?d) + options to the command line compiler. /MD (linking against MSVCRT dll) seems + to be the most commonly used option. + + When building an application that uses the static libcurl library, you must + add -DCURL_STATICLIB to your CFLAGS. Otherwise the linker will look for + dynamic import symbols. If you're using Visual Studio, you need to instead + add CURL_STATICLIB in the "Preprocessor Definitions" section. + + If you get linker error like "unknown symbol __imp__curl_easy_init ..." you + have linked against the wrong (static) library. If you want to use the + libcurl.dll and import lib, you don't need any extra CFLAGS, but use one of + the import libraries below. These are the libraries produced by the various + lib/Makefile.* files: + + Target: static lib. import lib for libcurl*.dll. + ----------------------------------------------------------- + MingW: libcurl.a libcurldll.a + MSVC (release): libcurl.lib libcurl_imp.lib + MSVC (debug): libcurld.lib libcurld_imp.lib + Borland: libcurl.lib libcurl_imp.lib + + 5.8 libcurl.so.X: open failed: No such file or directory + + This is an error message you might get when you try to run a program linked + with a shared version of libcurl and your run-time linker (ld.so) couldn't + find the shared library named libcurl.so.X. (Where X is the number of the + current libcurl ABI, typically 3 or 4). + + You need to make sure that ld.so finds libcurl.so.X. You can do that + multiple ways, and it differs somewhat between different operating systems, + but they are usually: + + * Add an option to the linker command line that specify the hard-coded path + the run-time linker should check for the lib (usually -R) + + * Set an environment variable (LD_LIBRARY_PATH for example) where ld.so + should check for libs + + * Adjust the system's config to check for libs in the directory where you've + put the dir (like Linux's /etc/ld.so.conf) + + 'man ld.so' and 'man ld' will tell you more details + + 5.9 How does libcurl resolve host names? + + libcurl supports a large a number of different name resolve functions. One + of them is picked at build-time and will be used unconditionally. Thus, if + you want to change name resolver function you must rebuild libcurl and tell + it to use a different function. + + - The non-ipv6 resolver that can use one out of four host name resolve calls + (depending on what your system supports): + + A - gethostbyname() + B - gethostbyname_r() with 3 arguments + C - gethostbyname_r() with 5 arguments + D - gethostbyname_r() with 6 arguments + + - The ipv6-resolver that uses getaddrinfo() + + - The c-ares based name resolver that uses the c-ares library for resolves. + Using this offers asynchronous name resolves. + + - The threaded resolver (default option on Windows). It uses: + + A - gethostbyname() on plain ipv4 hosts + B - getaddrinfo() on ipv6-enabled hosts + + Also note that libcurl never resolves or reverse-lookups addresses given as + pure numbers, such as 127.0.0.1 or ::1. + + 5.10 How do I prevent libcurl from writing the response to stdout? + + libcurl provides a default built-in write function that writes received data + to stdout. Set the CURLOPT_WRITEFUNCTION to receive the data, or possibly + set CURLOPT_WRITEDATA to a different FILE * handle. + + 5.11 How do I make libcurl not receive the whole HTTP response? + + You make the write callback (or progress callback) return an error and + libcurl will then abort the transfer. + + 5.12 Can I make libcurl fake or hide my real IP address? + + No. libcurl operates on a higher level. Besides, faking IP address would + imply sending IP packet with a made-up source address, and then you normally + get a problem with receiving the packet sent back as they would then not be + routed to you! + + If you use a proxy to access remote sites, the sites will not see your local + IP address but instead the address of the proxy. + + Also note that on many networks NATs or other IP-munging techniques are used + that makes you see and use a different IP address locally than what the + remote server will see you coming from. You may also consider using + http://www.torproject.org . + + 5.13 How do I stop an ongoing transfer? + + With the easy interface you make sure to return the correct error code from + one of the callbacks, but none of them are instant. There is no function you + can call from another thread or similar that will stop it immediately. + Instead, you need to make sure that one of the callbacks you use returns an + appropriate value that will stop the transfer. Suitable callbacks that you + can do this with include the progress callback, the read callback and the + write callback. + + If you're using the multi interface, you can also stop a transfer by + removing the particular easy handle from the multi stack at any moment you + think the transfer is done or when you wish to abort the transfer. + + 5.14 Using C++ non-static functions for callbacks? + + libcurl is a C library, it doesn't know anything about C++ member functions. + + You can overcome this "limitation" with a relative ease using a static + member function that is passed a pointer to the class: + + // f is the pointer to your object. + static YourClass::func(void *buffer, size_t sz, size_t n, void *f) + { + // Call non-static member function. + static_cast<YourClass*>(f)->nonStaticFunction(); + } + + // This is how you pass pointer to the static function: + curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass:func); + curl_easy_setopt(hcurl, CURLOPT_WRITEDATA, this); + + 5.15 How do I get an FTP directory listing? + + If you end the FTP URL you request with a slash, libcurl will provide you + with a directory listing of that given directory. You can also set + CURLOPT_CUSTOMREQUEST to alter what exact listing command libcurl would use + to list the files. + + The follow-up question that tend to follow the previous one, is how a + program is supposed to parse the directory listing. How does it know what's + a file and what's a dir and what's a symlink etc. The harsh reality is that + FTP provides no such fine and easy-to-parse output. The output format FTP + servers respond to LIST commands are entirely at the server's own liking and + the NLST output doesn't reveal any types and in many cases don't even + include all the directory entries. Also, both LIST and NLST tend to hide + unix-style hidden files (those that start with a dot) by default so you need + to do "LIST -a" or similar to see them. + + The application thus needs to parse the LIST output. One such existing + list parser is available at http://cr.yp.to/ftpparse.html Versions of + libcurl since 7.21.0 also provide the ability to specify a wildcard to + download multiple files from one FTP directory. + + 5.16 I want a different time-out! + + Time and time again users realize that CURLOPT_TIMEOUT and + CURLOPT_CONNECTIMEOUT are not sufficiently advanced or flexible to cover all + the various use cases and scenarios applications end up with. + + libcurl offers many more ways to time-out operations. A common alternative + is to use the CURLOPT_LOW_SPEED_LIMIT and CURLOPT_LOW_SPEED_TIME options to + specify the lowest possible speed to accept before to consider the transfer + timed out. + + The most flexible way is by writing your own time-out logic and using + CURLOPT_PROGRESSFUNCTION (perhaps in combination with other callbacks) and + use that to figure out exactly when the right condition is met when the + transfer should get stopped. + + 5.17 Can I write a server with libcurl? + + No. libcurl offers no functions or building blocks to build any kind of + internet protocol server. libcurl is only a client-side library. For server + libraries, you need to continue your search elsewhere but there exist many + good open source ones out there for most protocols you could possibly want a + server for. And there are really good stand-alone ones that have been tested + and proven for many years. There's no need for you to reinvent them! + + +6. License Issues + + Curl and libcurl are released under a MIT/X derivate license. The license is + very liberal and should not impose a problem for your project. This section + is just a brief summary for the cases we get the most questions. (Parts of + this section was much enhanced by Bjorn Reese.) + + We are not lawyers and this is not legal advice. You should probably consult + one if you want true and accurate legal insights without our prejudice. Note + especially that this section concerns the libcurl license only; compiling in + features of libcurl that depend on other libraries (e.g. OpenSSL) may affect + the licensing obligations of your application. + + 6.1 I have a GPL program, can I use the libcurl library? + + Yes! + + Since libcurl may be distributed under the MIT/X derivate license, it can be + used together with GPL in any software. + + 6.2 I have a closed-source program, can I use the libcurl library? + + Yes! + + libcurl does not put any restrictions on the program that uses the library. + + 6.3 I have a BSD licensed program, can I use the libcurl library? + + Yes! + + libcurl does not put any restrictions on the program that uses the library. + + 6.4 I have a program that uses LGPL libraries, can I use libcurl? + + Yes! + + The LGPL license doesn't clash with other licenses. + + 6.5 Can I modify curl/libcurl for my program and keep the changes secret? + + Yes! + + The MIT/X derivate license practically allows you to do almost anything with + the sources, on the condition that the copyright texts in the sources are + left intact. + + 6.6 Can you please change the curl/libcurl license to XXXX? + + No. + + We have carefully picked this license after years of development and + discussions and a large amount of people have contributed with source code + knowing that this is the license we use. This license puts the restrictions + we want on curl/libcurl and it does not spread to other programs or + libraries that use it. It should be possible for everyone to use libcurl or + curl in their projects, no matter what license they already have in use. + + 6.7 What are my obligations when using libcurl in my commercial apps? + + Next to none. All you need to adhere to is the MIT-style license (stated in + the COPYING file) which basically says you have to include the copyright + notice in "all copies" and that you may not use the copyright holder's name + when promoting your software. + + You do not have to release any of your source code. + + You do not have to reveal or make public any changes to the libcurl source + code. + + You do not have to broadcast to the world that you are using libcurl within + your app. + + All we ask is that you disclose "the copyright notice and this permission + notice" somewhere. Most probably like in the documentation or in the section + where other third party dependencies already are mentioned and acknowledged. + + As can be seen here: http://curl.haxx.se/docs/companies.html and elsewhere, + more and more companies are discovering the power of libcurl and take + advantage of it even in commercial environments. + + +7. PHP/CURL Issues + + 7.1 What is PHP/CURL? + + The module for PHP that makes it possible for PHP programs to access curl- + functions from within PHP. + + In the cURL project we call this module PHP/CURL to differentiate it from + curl the command line tool and libcurl the library. The PHP team however + does not refer to it like this (for unknown reasons). They call it plain + CURL (often using all caps) or sometimes ext/curl, but both cause much + confusion to users which in turn gives us a higher question load. + + 7.2 Who wrote PHP/CURL? + + PHP/CURL is a module that comes with the regular PHP package. It depends and + uses libcurl, so you need to have libcurl installed properly first before + PHP/CURL can be used. PHP/CURL was initially written by Sterling Hughes. + + 7.3 Can I perform multiple requests using the same handle? + + Yes - at least in PHP version 4.3.8 and later (this has been known to not + work in earlier versions, but the exact version when it started to work is + unknown to me). + + After a transfer, you just set new options in the handle and make another + transfer. This will make libcurl to re-use the same connection if it can. diff --git a/libs/libcurl/docs/FEATURES b/libs/libcurl/docs/FEATURES new file mode 100644 index 0000000000..14d7e78ddb --- /dev/null +++ b/libs/libcurl/docs/FEATURES @@ -0,0 +1,196 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +FEATURES + +curl tool + - config file support + - multiple URLs in a single command line + - range "globbing" support: [0-13], {one,two,three} + - multiple file upload on a single command line + - custom maximum transfer rate + - redirectable stderr + - metalink support (*13) + +libcurl + - full URL syntax with no length limit + - custom maximum download time + - custom least download speed acceptable + - custom output result after completion + - guesses protocol from host name unless specified + - uses .netrc + - progress bar with time statistics while downloading + - "standard" proxy environment variables support + - compiles on win32 (reported builds on 40+ operating systems) + - selectable network interface for outgoing traffic + - IPv6 support on unix and Windows + - persistent connections + - socks5 support + - supports user name and password in proxy environment variables + - operations through proxy "tunnel" (using CONNECT) + - support for large files (>2GB and >4GB) during upload and download + - replaceable memory functions (malloc, free, realloc, etc) + - asynchronous name resolving (*6) + - both a push and a pull style interface + - international domain names (*11) + +HTTP + - HTTP/1.1 compliant (optionally uses 1.0) + - GET + - PUT + - HEAD + - POST + - Pipelining + - multipart formpost (RFC1867-style) + - authentication: Basic, Digest, NTLM (*9), GSS-Negotiate/Negotiate (*3) and + SPNEGO (*4) to server and proxy + - resume (both GET and PUT) + - follow redirects + - maximum amount of redirects to follow + - custom HTTP request + - cookie get/send fully parsed + - reads/writes the netscape cookie file format + - custom headers (replace/remove internally generated headers) + - custom user-agent string + - custom referer string + - range + - proxy authentication + - time conditions + - via http-proxy + - retrieve file modification date + - Content-Encoding support for deflate and gzip + - "Transfer-Encoding: chunked" support in uploads + - data compression (*12) + +HTTPS (*1) + - (all the HTTP features) + - using client certificates + - verify server certificate + - via http-proxy + - select desired encryption + - force usage of a specific SSL version (SSLv2 (*7), SSLv3 (*10) or TLSv1) + +FTP + - download + - authentication + - kerberos4 (*5) + - kerberos5 (*3) + - active/passive using PORT, EPRT, PASV or EPSV + - single file size information (compare to HTTP HEAD) + - 'type=' URL support + - dir listing + - dir listing names-only + - upload + - upload append + - upload via http-proxy as HTTP PUT + - download resume + - upload resume + - custom ftp commands (before and/or after the transfer) + - simple "range" support + - via http-proxy + - all operations can be tunneled through a http-proxy + - customizable to retrieve file modification date + - no dir depth limit + +FTPS (*1) + - implicit ftps:// support that use SSL on both connections + - explicit "AUTH TLS" and "AUTH SSL" usage to "upgrade" plain ftp:// + connection to use SSL for both or one of the connections + +SCP (*8) + - both password and public key auth + +SFTP (*8) + - both password and public key auth + - with custom commands sent before/after the transfer + +TFTP + - download + - upload + +TELNET + - connection negotiation + - custom telnet options + - stdin/stdout I/O + +LDAP (*2) + - full LDAP URL support + +DICT + - extended DICT URL support + +FILE + - URL support + - upload + - resume + +SMTP + - authentication: Plain, Login, CRAM-MD5, Digest-MD5 and NTLM (*9) + - send e-mails + - mail from support + - mail size support + - mail auth support for trusted server-to-server relaying + - multiple recipients + - via http-proxy + +SMTPS (*1) + - implicit smtps:// support + - explicit "STARTTLS" usage to "upgrade" plain smtp:// connections to use SSL + - via http-proxy + +POP3 + - authentication: Clear Text, APOP and SASL + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and + NTLM (*9) + - list e-mails + - retrieve e-mails + - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via + custom requests + - via http-proxy + +POP3S (*1) + - implicit pop3s:// support + - explicit "STLS" usage to "upgrade" plain pop3:// connections to use SSL + - via http-proxy + +IMAP + - authentication: Clear Text and SASL + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5 and + NTLM (*9) + - list the folders of a mailbox + - select a mailbox with support for verifing the UIDVALIDITY + - fetch e-mails with support for specifing the UID and SECTION + - upload e-mails via the append command + - enhanced command support for: EXAMINE, CREATE, DELETE, RENAME, STATUS, + STORE, COPY and UID via custom requests + - via http-proxy + +IMAPS (*1) + - implicit imaps:// support + - explicit "STARTTLS" usage to "upgrade" plain imap:// connections to use SSL + - via http-proxy + +FOOTNOTES +========= + + *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, schannel (native + Windows), Secure Transport (native iOS/OS X) or qssl (native IBM i) + *2 = requires OpenLDAP + *3 = requires a GSSAPI-compliant library, such as Heimdal or similar + *4 = requires FBopenssl + *5 = requires a krb4 library, such as the MIT one or similar + *6 = requires c-ares + *7 = requires OpenSSL, NSS, qssl, schannel or Secure Transport; GnuTLS, for + example, only supports SSLv3 and TLSv1 + *8 = requires libssh2 + *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native + Windows) + *10 = requires any of the SSL libraries in (*1) above other than axTLS, which + does not support SSLv3 + *11 = requires libidn or Windows + *12 = requires libz + *13 = requires libmetalink, and either an Apple or Microsoft operating + system, or OpenSSL, or GnuTLS, or NSS diff --git a/libs/libcurl/docs/HISTORY b/libs/libcurl/docs/HISTORY new file mode 100644 index 0000000000..3c140999ec --- /dev/null +++ b/libs/libcurl/docs/HISTORY @@ -0,0 +1,244 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + How cURL Became Like This + + +Towards the end of 1996, Daniel Stenberg came up with the idea to make +currency-exchange calculations available to Internet Relay Chat (IRC) +users. All the necessary data are published on the Web; he just needed to +automate their retrieval. + +Daniel simply adopted an existing command-line open-source tool, httpget, that +Brazilian Rafael Sagula had written and recently release version 0.1 of. After +a few minor adjustments, it did just what he needed. HttpGet 1.0 was released +on April 8th 1997 with brand new HTTP proxy support. + +We soon found and fixed support for getting currencies over GOPHER. Once FTP +download support was added, the name of the project was changed and urlget 2.0 +was released in August 1997. The http-only days were already passed. + +The project slowly grew bigger. When upload capabilities were added and the +name once again was misleading, a second name change was made and on March 20, +1998 curl 4 was released. (The version numbering from the previous names was +kept.) + +(Unrelated to this project a company called Curl Corporation registered a US +trademark on the name "CURL" on May 18 1998. That company had then already +registered the curl.com domain back in November of the previous year. All this +was revealed to us much later.) + +SSL support was added, powered by the SSLeay library. + +August 1998, first announcement of curl on freshmeat.net. + +October 1998, with the curl 4.9 release and the introduction of cookie +support, curl was no longer released under the GPL license. Now we're at 4000 +lines of code, we switched over to the MPL license to restrict the effects of +"copyleft". + +November 1998, configure script and reported successful compiles on several +major operating systems. The never-quite-understood -F option was added and +curl could now simulate quite a lot of a browser. TELNET support was added. + +Curl 5 was released in December 1998 and introduced the first ever curl man +page. People started making Linux RPM packages out of it. + +January 1999, DICT support added. + +OpenSSL took over where SSLeay was abandoned. + +May 1999, first Debian package. + +August 1999, LDAP:// and FILE:// support added. The curl web site gets 1300 +visits weekly. + +Released curl 6.0 in September. 15000 lines of code. + +December 28 1999, added the project on Sourceforge and started using its +services for managing the project. + +Spring 2000, major internal overhaul to provide a suitable library interface. +The first non-beta release was named 7.1 and arrived in August. This offered +the easy interface and turned out to be the beginning of actually getting +other software and programs to get based on and powered by libcurl. Almost +20000 lines of code. + +August 2000, the curl web site gets 4000 visits weekly. + +The PHP guys adopted libcurl already the same month, when the first ever third +party libcurl binding showed up. CURL has been a supported module in PHP since +the release of PHP 4.0.2. This would soon get followers. More than 16 +different bindings exist at the time of this writing. + +September 2000, kerberos4 support was added. + +In November 2000 started the work on a test suite for curl. It was later +re-written from scratch again. The libcurl major SONAME number was set to 1. + +January 2001, Daniel released curl 7.5.2 under a new license again: MIT (or +MPL). The MIT license is extremely liberal and can be used combined with GPL +in other projects. This would finally put an end to the "complaints" from +people involved in GPLed projects that previously were prohibited from using +libcurl while it was released under MPL only. (Due to the fact that MPL is +deemed "GPL incompatible".) + +curl supports HTTP 1.1 starting with the release of 7.7, March 22 2001. This +also introduced libcurl's ability to do persistent connections. 24000 lines of +code. The libcurl major SONAME number was bumped to 2 due to this overhaul. + +The first experimental ftps:// support was added in March 2001. + +August 2001. curl is bundled in Mac OS X, 10.1. It was already becoming more +and more of a standard utility of Linux distributions and a regular in the BSD +ports collections. The curl web site gets 8000 visits weekly. Curl Corporation +contacted Daniel to discuss "the name issue". After Daniel's reply, they have +never since got in touch again. + +September 2001, libcurl 7.9 introduces cookie jar and curl_formadd(). During +the forthcoming 7.9.x releases, we introduced the multi interface slowly and +without much whistles. + +June 2002, the curl web site gets 13000 visits weekly. curl and libcurl is +35000 lines of code. Reported successful compiles on more than 40 combinations +of CPUs and operating systems. + +To estimate number of users of the curl tool or libcurl library is next to +impossible. Around 5000 downloaded packages each week from the main site gives +a hint, but the packages are mirrored extensively, bundled with numerous OS +distributions and otherwise retrieved as part of other software. + +September 2002, with the release of curl 7.10 it is released under the MIT +license only. + +January 2003. Started working on the distributed curl tests. The autobuilds. + +February 2003, the curl site averages at 20000 visits weekly. At any given +moment, there's an average of 3 people browsing the curl.haxx.se site. + +Multiple new authentication schemes are supported: Digest (May), NTLM (June) +and Negotiate (June). + +November 2003: curl 7.10.8 is released. 45000 lines of code. ~55000 unique +visitors to the curl.haxx.se site. Five official web mirrors. + +December 2003, full-fledged SSL for FTP is supported. + +January 2004: curl 7.11.0 introduced large file support. + +June 2004: + + curl 7.12.0 introduced IDN support. 10 official web mirrors. + + This release bumped the major SONAME to 3 due to the removal of the + curl_formparse() function + +August 2004: + Curl and libcurl 7.12.1 + + Public curl release number: 82 + Releases counted from the very beginning: 109 + Available command line options: 96 + Available curl_easy_setopt() options: 120 + Number of public functions in libcurl: 36 + Amount of public web site mirrors: 12 + Number of known libcurl bindings: 26 + +April 2005: + + GnuTLS can now optionally be used for the secure layer when curl is built. + +September 2005: + + TFTP support was added. + + More than 100,000 unique visitors of the curl web site. 25 mirrors. + +December 2005: + + security vulnerability: libcurl URL Buffer Overflow + +January 2006: + + We dropped support for Gopher. We found bugs in the implementation that + turned out having been introduced years ago, so with the conclusion that + nobody had found out in all this time we removed it instead of fixing it. + +March 2006: + + security vulnerability: libcurl TFTP Packet Buffer Overflow + +April 2006: + + Added the multi_socket() API + +September 2006: + + The major SONAME number for libcurl was bumped to 4 due to the removal of + ftp third party transfer support. + +November 2006: + + Added SCP and SFTP support + +February 2007: + + Added support for the Mozilla NSS library to do the SSL/TLS stuff + +July 2007: + + security vulnerability: libcurl GnuTLS insufficient cert verification + +November 2008: + + Command line options: 128 + curl_easy_setopt() options: 158 + Public functions in libcurl: 58 + Known libcurl bindings: 37 + Contributors: 683 + + 145,000 unique visitors. >100 GB downloaded. + +March 2009: + + security vulnerability: libcurl Arbitrary File Access + +August 2009: + + security vulnerability: libcurl embedded zero in cert name + +December 2009: + + Added support for IMAP, POP3 and SMTP + +January 2010: + + Added support for RTSP + +February 2010: + + security vulnerability: libcurl data callback excessive length + +March 2010: + + The project switched over to use git instead of CVS for source code control + +May 2010: + + Added support for RTMP + + Added support for PolarSSL to do the SSL/TLS stuff + +August 2010: + + Public curl releases: 117 + Command line options: 138 + curl_easy_setopt() options: 180 + Public functions in libcurl: 58 + Known libcurl bindings: 39 + Contributors: 808 + + Gopher support added (re-added actually) diff --git a/libs/libcurl/docs/HTTP-COOKIES b/libs/libcurl/docs/HTTP-COOKIES new file mode 100644 index 0000000000..818e161eef --- /dev/null +++ b/libs/libcurl/docs/HTTP-COOKIES @@ -0,0 +1,123 @@ +Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html) + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + +HTTP Cookies + + 1. HTTP Cookies + 1.1 Cookie overview + 1.2 Cookies saved to disk + 1.3 Cookies with curl the command line tool + 1.4 Cookies with libcurl + 1.5 Cookies with javascript + +============================================================================== + +1. HTTP Cookies + + 1.1 Cookie overview + + HTTP cookies are pieces of 'name=contents' snippets that a server tells the + client to hold and then the client sends back those the server on subsequent + requests to the same domains/paths for which the cookies were set. + + Cookies are either "session cookies" which typically are forgotten when the + session is over which is often translated to equal when browser quits, or + the cookies aren't session cookies they have expiration dates after which + the client will throw them away. + + Cookies are set to the client with the Set-Cookie: header and are sent to + servers with the Cookie: header. + + For a very long time, the only spec explaining how to use cookies was the + original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html + + In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published + and details how cookies work within HTTP. + + 1.2 Cookies saved to disk + + Netscape once created a file format for storing cookies on disk so that they + would survive browser restarts. curl adopted that file format to allow + sharing the cookies with browsers, only to see browsers move away from that + format. Modern browsers no longer use it, while curl still does. + + The netscape cookie file format stores one cookie per physical line in the + file with a bunch of associated meta data, each field separated with + TAB. That file is called the cookiejar in curl terminology. + + When libcurl saves a cookiejar, it creates a file header of its own in which + there is a URL mention that will link to the web version of this document. + + 1.3 Cookies with curl the command line tool + + curl has a full cookie "engine" built in. If you just activate it, you can + have curl receive and send cookies exactly as mandated in the specs. + + Command line options: + + -b, --cookie + + tell curl a file to read cookies from and start the cookie engine, or if + it isn't a file it will pass on the given string. -b name=var works and so + does -b cookiefile. + + -j, --junk-session-cookies + + when used in combination with -b, it will skip all "session cookies" on + load so as to appear to start a new cookie session. + + -c, --cookie-jar + + tell curl to start the cookie engine and write cookies to the given file + after the request(s) + + 1.4 Cookies with libcurl + + libcurl offers several ways to enable and interface the cookie engine. These + options are the ones provided by the native API. libcurl bindings may offer + access to them using other means. + + CURLOPT_COOKIE + + Is used when you want to specify the exact contents of a cookie header to + send to the server. + + CURLOPT_COOKIEFILE + + Tell libcurl to activate the cookie engine, and to read the initial set of + cookies from the given file. Read-only. + + CURLOPT_COOKIEJAR + + Tell libcurl to activate the cookie engine, and when the easy handle is + closed save all known cookies to the given cookiejar file. Write-only. + + CURLOPT_COOKIELIST + + Provide detailed information about a single cookie to add to the internal + storage of cookies. Pass in the cookie as a HTTP header with all the + details set, or pass in a line from a netscape cookie file. This option + can also be used to flush the cookies etc. + + CURLINFO_COOKIELIST + + Extract cookie information from the internal cookie storage as a linked + list. + + 1.5 Cookies with javascript + + These days a lot of the web is built up by javascript. The webbrowser loads + complete programs that render the page you see. These javascript programs + can also set and access cookies. + + Since curl and libcurl are plain HTTP clients without any knowledge of or + capability to handle javascript, such cookies will not be detected or used. + + Often, if you want to mimic what a browser does on such web sites, you can + record web browser HTTP traffic when using such a site and then repeat the + cookie operations using curl or libcurl. diff --git a/libs/libcurl/docs/INSTALL b/libs/libcurl/docs/INSTALL new file mode 100644 index 0000000000..4140359dad --- /dev/null +++ b/libs/libcurl/docs/INSTALL @@ -0,0 +1,1131 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + How To Compile + +Installing Binary Packages +========================== + + Lots of people download binary distributions of curl and libcurl. This + document does not describe how to install curl or libcurl using such a + binary package. This document describes how to compile, build and install + curl and libcurl from source code. + +Building from git +================= + + If you get your code off a git repository, see the GIT-INFO file in the + root directory for specific instructions on how to proceed. + +UNIX +==== + A normal unix installation is made in three or four steps (after you've + unpacked the source archive): + + ./configure + make + make test (optional) + make install + + You probably need to be root when doing the last command. + + If you have checked out the sources from the git repository, read the + GIT-INFO on how to proceed. + + Get a full listing of all available configure options by invoking it like: + + ./configure --help + + If you want to install curl in a different file hierarchy than /usr/local, + you need to specify that already when running configure: + + ./configure --prefix=/path/to/curl/tree + + If you happen to have write permission in that directory, you can do 'make + install' without being root. An example of this would be to make a local + install in your own home directory: + + ./configure --prefix=$HOME + make + make install + + The configure script always tries to find a working SSL library unless + explicitly told not to. If you have OpenSSL installed in the default search + path for your compiler/linker, you don't need to do anything special. If + you have OpenSSL installed in /usr/local/ssl, you can run configure like: + + ./configure --with-ssl + + If you have OpenSSL installed somewhere else (for example, /opt/OpenSSL) + and you have pkg-config installed, set the pkg-config path first, like this: + + env PKG_CONFIG_PATH=/opt/OpenSSL/lib/pkgconfig ./configure --with-ssl + + Without pkg-config installed, use this: + + ./configure --with-ssl=/opt/OpenSSL + + If you insist on forcing a build without SSL support, even though you may + have OpenSSL installed in your system, you can run configure like this: + + ./configure --without-ssl + + If you have OpenSSL installed, but with the libraries in one place and the + header files somewhere else, you have to set the LDFLAGS and CPPFLAGS + environment variables prior to running configure. Something like this + should work: + + (with the Bourne shell and its clones): + + CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" \ + ./configure + + (with csh, tcsh and their clones): + + env CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" \ + ./configure + + If you have shared SSL libs installed in a directory where your run-time + linker doesn't find them (which usually causes configure failures), you can + provide the -R option to ld on some operating systems to set a hard-coded + path to the run-time linker: + + env LDFLAGS=-R/usr/local/ssl/lib ./configure --with-ssl + + MORE OPTIONS + ------------ + + To force configure to use the standard cc compiler if both cc and gcc are + present, run configure like + + CC=cc ./configure + or + env CC=cc ./configure + + To force a static library compile, disable the shared library creation + by running configure like: + + ./configure --disable-shared + + To tell the configure script to skip searching for thread-safe functions, + add an option like: + + ./configure --disable-thread + + To build curl with kerberos4 support enabled, curl requires the krb4 libs + and headers installed. You can then use a set of options to tell + configure where those are: + + --with-krb4-includes[=DIR] Specify location of kerberos4 headers + --with-krb4-libs[=DIR] Specify location of kerberos4 libs + --with-krb4[=DIR] where to look for Kerberos4 + + In most cases, /usr/athena is the install prefix and then it works with + + ./configure --with-krb4=/usr/athena + + If you're a curl developer and use gcc, you might want to enable more + debug options with the --enable-debug option. + + curl can be built to use a whole range of libraries to provide various + useful services, and configure will try to auto-detect a decent + default. But if you want to alter it, you can select how to deal with + each individual library. + + To build with GnuTLS for SSL/TLS, use both --without-ssl and + --with-gnutls. + + To build with Cyassl for SSL/TLS, use both --without-ssl and + --with-cyassl. + + To build with NSS for SSL/TLS, use both --without-ssl and --with-nss. + + To build with PolarSSL for SSL/TLS, use both --without-ssl and + --with-polarssl. + + To build with axTLS for SSL/TLS, use both --without-ssl and --with-axtls. + + To get GSSAPI support, build with --with-gssapi and have the MIT or + Heimdal Kerberos 5 packages installed. + + To get support for SCP and SFTP, build with --with-libssh2 and have + libssh2 0.16 or later installed. + + To get Metalink support, build with --with-libmetalink and have the + libmetalink packages installed. + + SPECIAL CASES + ------------- + Some versions of uClibc require configuring with CPPFLAGS=-D_GNU_SOURCE=1 + to get correct large file support. + + The Open Watcom C compiler on Linux requires configuring with the variables: + + ./configure CC=owcc AR="$WATCOM/binl/wlib" AR_FLAGS=-q \ + RANLIB=/bin/true STRIP="$WATCOM/binl/wstrip" CFLAGS=-Wextra + + +Win32 +===== + + Building Windows DLLs and C run-time (CRT) linkage issues + --------------------------------------------------------- + + As a general rule, building a DLL with static CRT linkage is highly + discouraged, and intermixing CRTs in the same app is something to + avoid at any cost. + + Reading and comprehension of Microsoft Knowledge Base articles + KB94248 and KB140584 is a must for any Windows developer. Especially + important is full understanding if you are not going to follow the + advice given above. + + KB94248 - How To Use the C Run-Time + http://support.microsoft.com/kb/94248/en-us + + KB140584 - How to link with the correct C Run-Time (CRT) library + http://support.microsoft.com/kb/140584/en-us + + KB190799 - Potential Errors Passing CRT Objects Across DLL Boundaries + http://msdn.microsoft.com/en-us/library/ms235460 + + If your app is misbehaving in some strange way, or it is suffering + from memory corruption, before asking for further help, please try + first to rebuild every single library your app uses as well as your + app using the debug multithreaded dynamic C runtime. + + If you get linkage errors read section 5.7 of the FAQ document. + + + MingW32 + ------- + + Make sure that MinGW32's bin dir is in the search path, for example: + + set PATH=c:\mingw32\bin;%PATH% + + then run 'mingw32-make mingw32' in the root dir. There are other + make targets available to build libcurl with more features, use: + 'mingw32-make mingw32-zlib' to build with Zlib support; + 'mingw32-make mingw32-ssl-zlib' to build with SSL and Zlib enabled; + 'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2, SSL, Zlib; + 'mingw32-make mingw32-ssh2-ssl-sspi-zlib' to build with SSH2, SSL, Zlib + and SSPI support. + + If you have any problems linking libraries or finding header files, be sure + to verify that the provided "Makefile.m32" files use the proper paths, and + adjust as necessary. It is also possible to override these paths with + environment variables, for example: + + set ZLIB_PATH=c:\zlib-1.2.8 + set OPENSSL_PATH=c:\openssl-0.9.8y + set LIBSSH2_PATH=c:\libssh2-1.4.3 + + ATTENTION: if you want to build with libssh2 support you have to use latest + version 0.17 - previous versions will NOT work with 7.17.0 and later! + Use 'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2 and SSL enabled. + + It is now also possible to build with other LDAP SDKs than MS LDAP; + currently it is possible to build with native Win32 OpenLDAP, or with the + Novell CLDAP SDK. If you want to use these you need to set these vars: + + set LDAP_SDK=c:\openldap + set USE_LDAP_OPENLDAP=1 + + or for using the Novell SDK: + + set USE_LDAP_NOVELL=1 + + If you want to enable LDAPS support then set LDAPS=1. + + - optional MingW32-built OpenLDAP SDK available from: + http://www.gknw.net/mirror/openldap/ + - optional recent Novell CLDAP SDK available from: + http://developer.novell.com/ndk/cldap.htm + + + Cygwin + ------ + + Almost identical to the unix installation. Run the configure script in the + curl root with 'sh configure'. Make sure you have the sh executable in + /bin/ or you'll see the configure fail toward the end. + + Run 'make' + + Dev-Cpp + ------- + + See the separate INSTALL.devcpp file for details. + + MSVC 6 caveats + -------------- + + If you use MSVC 6 it is required that you use the February 2003 edition PSDK: + http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm + + Building any software with MSVC 6 without having PSDK installed is just + asking for trouble down the road once you have released it, you might notice + the problems in the first corner or ten miles ahead, depending mostly on your + choice of static vs dynamic runtime and third party libraries. Anyone using + software built in such way will at some point regret having done so. + + When someone uses MSVC 6 without PSDK he is using a compiler back from 1998. + + If the compiler has been updated with the installation of a service pack as + those mentioned in http://support.microsoft.com/kb/194022 the compiler can be + safely used to read source code, translate and make it object code. + + But, even with the service packs mentioned above installed, the resulting + software generated in such an environment will be using outdated system + header files and libraries with bugs and security issues which have already + been addressed and fixed long time ago. + + In order to make use of the updated system headers and fixed libraries + for MSVC 6, it is required that 'Platform SDK', PSDK from now onwards, + is installed. The specific PSDK that must be installed for MSVC 6 is the + February 2003 edition, which is the latest one supporting the MSVC 6 compiler, + this PSDK is also known as 'Windows Server 2003 PSDK' and can be downloaded + from http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm + + So, building curl and libcurl with MSVC 6 without PSDK is absolutely + discouraged for the benefit of anyone using software built in such + environment. And it will not be supported in any way, as we could just + be hunting bugs which have already been fixed way back in 2003. + + When building with MSVC 6 we attempt to detect if PSDK is not being used, + and if this is the case the build process will fail hard with an error + message stating that the February 2003 PSDK is required. This is done to + protect the unsuspecting and avoid PEBKAC issues. + + Additionally it might happen that a die hard MSVC hacker still wants to + build curl and libcurl with MSVC 6 without PSDK installed, even knowing + that this is a highly discouraged and unsupported build environment. In + this case the brave of heart will be able to build in such an environment + with the requisite of defining preprocessor symbol ALLOW_MSVC6_WITHOUT_PSDK + in lib/config-win32.h and knowing that LDAP and IPv6 support will be missing. + + MSVC from command line + ---------------------- + + Run the 'vcvars32.bat' file to get a proper environment. The + vcvars32.bat file is part of the Microsoft development environment and + you may find it in 'C:\Program Files\Microsoft Visual Studio\vc98\bin' + provided that you installed Visual C/C++ 6 in the default directory. + + Then run 'nmake vc' in curl's root directory. + + If you want to compile with zlib support, you will need to build + zlib (http://www.gzip.org/zlib/) as well. Please read the zlib + documentation on how to compile zlib. Define the ZLIB_PATH environment + variable to the location of zlib.h and zlib.lib, for example: + + set ZLIB_PATH=c:\zlib-1.2.8 + + Then run 'nmake vc-zlib' in curl's root directory. + + If you want to compile with SSL support you need the OpenSSL package. + Please read the OpenSSL documentation on how to compile and install + the OpenSSL libraries. The build process of OpenSSL generates the + libeay32.dll and ssleay32.dll files in the out32dll subdirectory in + the OpenSSL home directory. OpenSSL static libraries (libeay32.lib, + ssleay32.lib, RSAglue.lib) are created in the out32 subdirectory. + + Before running nmake define the OPENSSL_PATH environment variable with + the root/base directory of OpenSSL, for example: + + set OPENSSL_PATH=c:\openssl-0.9.8y + + Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root + directory. 'nmake vc-ssl' will create a libcurl static and dynamic + libraries in the lib subdirectory, as well as a statically linked + version of curl.exe in the src subdirectory. This statically linked + version is a standalone executable not requiring any DLL at + runtime. This make method requires that you have the static OpenSSL + libraries available in OpenSSL's out32 subdirectory. + 'nmake vc-ssl-dll' creates the libcurl dynamic library and + links curl.exe against libcurl and OpenSSL dynamically. + This executable requires libcurl.dll and the OpenSSL DLLs + at runtime. + Run 'nmake vc-ssl-zlib' to build with both ssl and zlib support. + + MSVC 6 IDE + ---------- + + A minimal VC++ 6.0 reference workspace (vc6curl.dsw) is available with the + source distribution archive to allow proper building of the two included + projects, the libcurl library and the curl tool. + + 1) Open the vs/vc6/vc6curl.dsw workspace with MSVC6's IDE. + 2) Select 'Build' from top menu. + 3) Select 'Batch Build' from dropdown menu. + 4) Make sure that the eight project configurations are 'checked'. + 5) Click on the 'Build' button. + 6) Once the eight project configurations are built you are done. + + Dynamic and static libcurl libraries are built in debug and release flavours, + and can be located each one in its own subdirectory, dll-debug, dll-release, + lib-debug and lib-release, all of them below the 'vs/vc6/lib' subdirectory. + + In the same way four curl executables are created, each using its respective + library. The resulting curl executables are located in its own subdirectory, + dll-debug, dll-release, lib-debug and lib-release, below 'vs/vc6/src' subdir. + + These reference VC++ 6.0 configurations are generated using the dynamic CRT. + + Intentionally, these reference VC++ 6.0 projects and configurations don't use + third party libraries, such as OpenSSL or Zlib, to allow proper compilation + and configuration for all new users without further requirements. + + If you need something more 'involved' you might adjust them for your own use, + or explore the world of makefiles described above 'MSVC from command line'. + + Borland C++ compiler + --------------------- + + Ensure that your build environment is properly set up to use the compiler + and associated tools. PATH environment variable must include the path to + bin subdirectory of your compiler installation, eg: c:\Borland\BCC55\bin + + It is advisable to set environment variable BCCDIR to the base path of + the compiler installation. + + set BCCDIR=c:\Borland\BCC55 + + In order to build a plain vanilla version of curl and libcurl run the + following command from curl's root directory: + + make borland + + To build curl and libcurl with zlib and OpenSSL support set environment + variables ZLIB_PATH and OPENSSL_PATH to the base subdirectories of the + already built zlib and OpenSSL libraries and from curl's root directory + run command: + + make borland-ssl-zlib + + libcurl library will be built in 'lib' subdirectory while curl tool + is built in 'src' subdirectory. In order to use libcurl library it is + advisable to modify compiler's configuration file bcc32.cfg located + in c:\Borland\BCC55\bin to reflect the location of libraries include + paths for example the '-I' line could result in something like: + + -I"c:\Borland\BCC55\include;c:\curl\include;c:\openssl\inc32" + + bcc3.cfg '-L' line could also be modified to reflect the location of + of libcurl library resulting for example: + + -L"c:\Borland\BCC55\lib;c:\curl\lib;c:\openssl\out32" + + In order to build sample program 'simple.c' from the docs\examples + subdirectory run following command from mentioned subdirectory: + + bcc32 simple.c libcurl.lib cw32mt.lib + + In order to build sample program simplessl.c an SSL enabled libcurl + is required, as well as the OpenSSL libeay32.lib and ssleay32.lib + libraries. + + + OTHER MSVC IDEs + --------------- + + If you use VC++, Borland or similar compilers. Include all lib source + files in a static lib "project" (all .c and .h files that is). + (you should name it libcurl or similar) + + Make the sources in the src/ drawer be a "win32 console application" + project. Name it curl. + + + Disabling Specific Protocols in Win32 builds + -------------------------------------------- + + The configure utility, unfortunately, is not available for the Windows + environment, therefore, you cannot use the various disable-protocol + options of the configure utility on this platform. + + However, you can use the following defines to disable specific + protocols: + + HTTP_ONLY disables all protocols except HTTP + CURL_DISABLE_FTP disables FTP + CURL_DISABLE_LDAP disables LDAP + CURL_DISABLE_TELNET disables TELNET + CURL_DISABLE_DICT disables DICT + CURL_DISABLE_FILE disables FILE + CURL_DISABLE_TFTP disables TFTP + CURL_DISABLE_HTTP disables HTTP + + If you want to set any of these defines you have the following + possibilities: + + - Modify lib/config-win32.h + - Modify lib/curl_setup.h + - Modify lib/Makefile.vc6 + - Add defines to Project/Settings/C/C++/General/Preprocessor Definitions + in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project. + + + Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds + -------------------------------------------------------------------- + + In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack + it is necessary to make definition of preprocessor symbol USE_LWIPSOCK + visible to libcurl and curl compilation processes. To set this definition + you have the following alternatives: + + - Modify lib/config-win32.h and src/config-win32.h + - Modify lib/Makefile.vc6 + - Add definition to Project/Settings/C/C++/General/Preprocessor Definitions + in the vc6libcurl.dsw/vc6libcurl.dsp Visual C++ 6 IDE project. + + Once that libcurl has been built with BSD-style lwIP TCP/IP stack support, + in order to use it with your program it is mandatory that your program + includes lwIP header file <lwip/opt.h> (or another lwIP header that includes + this) before including any libcurl header. Your program does not need the + USE_LWIPSOCK preprocessor definition which is for libcurl internals only. + + Compilation has been verified with lwIP 1.4.0 and contrib-1.4.0 from: + + http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip + http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip + + This BSD-style lwIP TCP/IP stack support must be considered experimental + given that it has been verified that lwIP 1.4.0 still needs some polish, + and libcurl might yet need some additional adjustment, caveat emptor. + + Important static libcurl usage note + ----------------------------------- + + When building an application that uses the static libcurl library, you must + add '-DCURL_STATICLIB' to your CFLAGS. Otherwise the linker will look for + dynamic import symbols. + + +Apple iOS and Mac OS X +====================== + On recent Apple operating systems, curl can be built to use Apple's + SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with + Secure Transport for SSL/TLS, use the configure option --with-darwinssl. (It + is not necessary to use the option --without-ssl.) This feature requires iOS + 5.0 or later, or OS X 10.5 ("Leopard") or later. + + When Secure Transport is in use, the curl options --cacert and --capath and + their libcurl equivalents, will be ignored, because Secure Transport uses + the certificates stored in the Keychain to evaluate whether or not to trust + the server. This, of course, includes the root certificates that ship with + the OS. The --cert and --engine options, and their libcurl equivalents, are + currently unimplemented in curl with Secure Transport. + + For OS X users: In OS X 10.8 ("Mountain Lion"), Apple made a major + overhaul to the Secure Transport API that, among other things, added + support for the newer TLS 1.1 and 1.2 protocols. To get curl to support + TLS 1.1 and 1.2, you must build curl on Mountain Lion or later, or by + using the equivalent SDK. If you set the MACOSX_DEPLOYMENT_TARGET + environmental variable to an earlier version of OS X prior to building curl, + then curl will use the new Secure Transport API on Mountain Lion and later, + and fall back on the older API when the same curl binary is executed on + older cats. For example, running these commands in curl's directory in the + shell will build the code such that it will run on cats as old as OS X 10.6 + ("Snow Leopard") (using bash): + + export MACOSX_DEPLOYMENT_TARGET="10.6" + ./configure --with-darwinssl + make + + +IBM OS/2 +======== + Building under OS/2 is not much different from building under unix. + You need: + + - emx 0.9d + - GNU make + - GNU patch + - ksh + - GNU bison + - GNU file utilities + - GNU sed + - autoconf 2.13 + + If you want to build with OpenSSL or OpenLDAP support, you'll need to + download those libraries, too. Dirk Ohme has done some work to port SSL + libraries under OS/2, but it looks like he doesn't care about emx. You'll + find his patches on: http://come.to/Dirk_Ohme + + If during the linking you get an error about _errno being an undefined + symbol referenced from the text segment, you need to add -D__ST_MT_ERRNO__ + in your definitions. + + If everything seems to work fine but there's no curl.exe, you need to add + -Zexe to your linker flags. + + If you're getting huge binaries, probably your makefiles have the -g in + CFLAGS. + + +VMS +=== + (The VMS section is in whole contributed by the friendly Nico Baggus) + + Curl seems to work with FTP & HTTP other protocols are not tested. (the + perl http/ftp testing server supplied as testing too cannot work on VMS + because vms has no concept of fork(). [ I tried to give it a whack, but + that's of no use. + + SSL stuff has not been ported. + + Telnet has about the same issues as for Win32. When the changes for Win32 + are clear maybe they'll work for VMS too. The basic problem is that select + ONLY works for sockets. + + Marked instances of fopen/[f]stat that might become a problem, especially + for non stream files. In this regard, the files opened for writing will be + created stream/lf and will thus be safe. Just keep in mind that non-binary + read/wring from/to files will have a records size limit of 32767 bytes + imposed. + + Stat to get the size of the files is again only safe for stream files & + fixed record files without implied CC. + + -- My guess is that only allowing access to stream files is the quickest + way to get around the most issues. Therefore all files need to to be + checked to be sure they will be stream/lf before processing them. This is + the easiest way out, I know. The reason for this is that code that needs to + report the filesize will become a pain in the ass otherwise. + + Exit status.... Well we needed something done here, + + VMS has a structured exist status: + | 3 | 2 | 1 | 0| + |1098|765432109876|5432109876543|210| + +----+------------+-------------+---+ + |Ctrl| Facility | Error code |sev| + +----+------------+-------------+---+ + + With the Ctrl-bits an application can tell if part or the whole message has + already been printed from the program, DCL doesn't need to print it again. + + Facility - basically the program ID. A code assigned to the program + the name can be fetched from external or internal message libraries + Error code - the err codes assigned by the application + Sev. - severity: Even = error, off = non error + 0 = Warning + 1 = Success + 2 = Error + 3 = Information + 4 = Fatal + <5-7> reserved. + + This all presents itself with: + %<FACILITY>-<Sev>-<Errorname>, <Error message> + + See also the src/curlmsg.msg file, it has the source for the messages In + src/main.c a section is devoted to message status values, the globalvalues + create symbols with certain values, referenced from a compiled message + file. Have all exit function use a exit status derived from a translation + table with the compiled message codes. + + This was all compiled with: + + Compaq C V6.2-003 on OpenVMS Alpha V7.1-1H2 + + So far for porting notes as of: + 13-jul-2001 + N. Baggus + + +QNX +=== + (This section was graciously brought to us by David Bentham) + + As QNX is targeted for resource constrained environments, the QNX headers + set conservative limits. This includes the FD_SETSIZE macro, set by default + to 32. Socket descriptors returned within the CURL library may exceed this, + resulting in memory faults/SIGSEGV crashes when passed into select(..) + calls using fd_set macros. + + A good all-round solution to this is to override the default when building + libcurl, by overriding CFLAGS during configure, example + # configure CFLAGS='-DFD_SETSIZE=64 -g -O2' + + +RISC OS +======= + The library can be cross-compiled using gccsdk as follows: + + CC=riscos-gcc AR=riscos-ar RANLIB='riscos-ar -s' ./configure \ + --host=arm-riscos-aof --without-random --disable-shared + make + + where riscos-gcc and riscos-ar are links to the gccsdk tools. + You can then link your program with curl/lib/.libs/libcurl.a + + +AmigaOS +======= + (This section was graciously brought to us by Diego Casorran) + + To build cURL/libcurl on AmigaOS just type 'make amiga' ... + + What you need is: (not tested with others versions) + + GeekGadgets / gcc 2.95.3 (http://www.geekgadgets.org/) + + AmiTCP SDK v4.3 (http://www.aminet.net/comm/tcp/AmiTCP-SDK-4.3.lha) + + Native Developer Kit (http://www.amiga.com/3.9/download/NDK3.9.lha) + + As no ixemul.library is required you will be able to build it for + WarpOS/PowerPC (not tested by me), as well a MorphOS version should be + possible with no problems. + + To enable SSL support, you need a OpenSSL native version (without ixemul), + you can find a precompiled package at http://amiga.sourceforge.net/OpenSSL/ + + +NetWare +======= + To compile curl.nlm / libcurl.nlm you need: + - either any gcc / nlmconv, or CodeWarrior 7 PDK 4 or later. + - gnu make and awk running on the platform you compile on; + native Win32 versions can be downloaded from: + http://www.gknw.net/development/prgtools/ + - recent Novell LibC SDK available from: + http://developer.novell.com/ndk/libc.htm + - or recent Novell CLib SDK available from: + http://developer.novell.com/ndk/clib.htm + - optional recent Novell CLDAP SDK available from: + http://developer.novell.com/ndk/cldap.htm + - optional zlib sources (static or dynamic linking with zlib.imp); + sources with NetWare Makefile can be obtained from: + http://www.gknw.net/mirror/zlib/ + - optional OpenSSL sources (version 0.9.8 or later build with BSD sockets); + you can find precompiled packages at: + http://www.gknw.net/development/ossl/netware/ + for CLIB-based builds OpenSSL 0.9.8h or later is required - earlier versions + don't support building with CLIB BSD sockets. + - optional SSH2 sources (version 0.17 or later); + + Set a search path to your compiler, linker and tools; on Linux make + sure that the var OSTYPE contains the string 'linux'; set the var + NDKBASE to point to the base of your Novell NDK; and then type + 'make netware' from the top source directory; other targets available + are 'netware-ssl', 'netware-ssl-zlib', 'netware-zlib' and 'netware-ares'; + if you need other combinations you can control the build with the + environment variables WITH_SSL, WITH_ZLIB, WITH_ARES, WITH_SSH2, and + ENABLE_IPV6; you can set LINK_STATIC=1 to link curl.nlm statically. + By default LDAP support is enabled, however currently you will need a patch + in order to use the CLDAP NDK with BSD sockets (Novell Bug 300237): + http://www.gknw.net/test/curl/cldap_ndk/ldap_ndk.diff + I found on some Linux systems (RH9) that OS detection didn't work although + a 'set | grep OSTYPE' shows the var present and set; I simply overwrote it + with 'OSTYPE=linux-rh9-gnu' and the detection in the Makefile worked... + Any help in testing appreciated! + Builds automatically created 8 times a day from current git are here: + http://www.gknw.net/mirror/curl/autobuilds/ + the status of these builds can be viewed at the autobuild table: + http://curl.haxx.se/dev/builds.html + + +eCos +==== + curl does not use the eCos build system, so you must first build eCos + separately, then link curl to the resulting eCos library. Here's a sample + configure line to do so on an x86 Linux box targeting x86: + + GCCLIB=`gcc -print-libgcc-file-name` && \ + CFLAGS="-D__ECOS=1 -nostdinc -I$ECOS_INSTALL/include \ + -I`dirname $GCCLIB`/include" \ + LDFLAGS="-nostdlib -Wl,--gc-sections -Wl,-static \ + -L$ECOS_INSTALL/lib -Ttarget.ld -ltarget" \ + ./configure --host=i386 --disable-shared \ + --without-ssl --without-zlib --disable-manual --disable-ldap + + In most cases, eCos users will be using libcurl from within a custom + embedded application. Using the standard 'curl' executable from + within eCos means facing the limitation of the standard eCos C + startup code which does not allow passing arguments in main(). To + run 'curl' from eCos and have it do something useful, you will need + to either modify the eCos startup code to pass in some arguments, or + modify the curl application itself to retrieve its arguments from + some location set by the bootloader or hard-code them. + + Something like the following patch could be used to hard-code some + arguments. The MTAB_ENTRY line mounts a RAM disk as the root filesystem + (without mounting some kind of filesystem, eCos errors out all file + operations which curl does not take to well). The next section synthesizes + some command-line arguments for curl to use, in this case to direct curl + to read further arguments from a file. It then creates that file on the + RAM disk and places within it a URL to download: a file: URL that + just happens to point to the configuration file itself. The results + of running curl in this way is the contents of the configuration file + printed to the console. + +--- src/main.c 19 Jul 2006 19:09:56 -0000 1.363 ++++ src/main.c 24 Jul 2006 21:37:23 -0000 +@@ -4286,11 +4286,31 @@ + } + + ++#ifdef __ECOS ++#include <cyg/fileio/fileio.h> ++MTAB_ENTRY( testfs_mte1, ++ "/", ++ "ramfs", ++ "", ++ 0); ++#endif + + int main(int argc, char *argv[]) + { + int res; + struct Configurable config; ++#ifdef __ECOS ++ char *args[] = {"ecos-curl", "-K", "curlconf.txt"}; ++ FILE *f; ++ argc = sizeof(args)/sizeof(args[0]); ++ argv = args; ++ ++ f = fopen("curlconf.txt", "w"); ++ if (f) { ++ fprintf(f, "--url file:curlconf.txt"); ++ fclose(f); ++ } ++#endif + memset(&config, 0, sizeof(struct Configurable)); + + config.errors = stderr; /* default errors to stderr */ + + +Minix +===== + curl can be compiled on Minix 3 using gcc or ACK (starting with + ver. 3.1.3). Ensure that GNU gawk and bash are both installed and + available in the PATH. + + ACK + --- + Increase the heap sizes of the compiler with the command: + + binsizes xxl + + then configure and compile curl with: + + ./configure CC=cc LD=cc AR=/usr/bin/aal GREP=grep \ + CPPFLAGS='-D_POSIX_SOURCE=1 -I/usr/local/include' + make + chmem =256000 src/curl + + GCC + --- + Make sure gcc is in your PATH with the command: + + export PATH=/usr/gnu/bin:$PATH + + then configure and compile curl with: + + ./configure CC=gcc AR=/usr/gnu/bin/gar GREP=grep + make + chmem =256000 src/curl + + +Symbian OS +========== + The Symbian OS port uses the Symbian build system to compile. From the + packages/Symbian/group/ directory, run: + + bldmake bldfiles + abld build + + to compile and install curl and libcurl using SBSv1. If your Symbian + SDK doesn't include support for P.I.P.S., you will need to contact + your SDK vendor to obtain that first. + + +VxWorks +======== + Build for VxWorks is performed using cross compilation. + That means you build on Windows machine using VxWorks tools and + run the built image on the VxWorks device. + + To build libcurl for VxWorks you need: + + - CYGWIN (free, http://cygwin.com/) + - Wind River Workbench (commercial) + + If you have CYGWIN and Workbench installed on you machine + follow after next steps: + + 1. Open the Command Prompt window and change directory ('cd') + to the libcurl 'lib' folder. + 2. Add CYGWIN 'bin' folder to the PATH environment variable. + For example, type 'set PATH=C:/embedded/cygwin/bin;%PATH%'. + 3. Adjust environment variables defined in 'Environment' section + of the Makefile.vxworks file to point to your software folders. + 4. Build the libcurl by typing 'make -f ./Makefile.vxworks' + + As a result the libcurl.a library should be created in the 'lib' folder. + To clean the build results type 'make -f ./Makefile.vxworks clean'. + + +Android +======= + Method using the static makefile: + - see the build notes in the packages/Android/Android.mk file. + + Method using a configure cross-compile (tested with Android NDK r7c, r8): + - prepare the toolchain of the Android NDK for standalone use; this can + be done by invoking the script: + ./build/tools/make-standalone-toolchain.sh + which creates a usual cross-compile toolchain. Lets assume that you put + this toolchain below /opt then invoke configure with something like: + export PATH=/opt/arm-linux-androideabi-4.4.3/bin:$PATH + ./configure --host=arm-linux-androideabi [more configure options] + make + - if you want to compile directly from our GIT repo you might run into + this issue with older automake stuff: + checking host system type... + Invalid configuration `arm-linux-androideabi': + system `androideabi' not recognized + configure: error: /bin/sh ./config.sub arm-linux-androideabi failed + this issue can be fixed with using more recent versions of config.sub + and config.guess which can be obtained here: + http://git.savannah.gnu.org/gitweb/?p=config.git;a=tree + you need to replace your system-own versions which usually can be + found in your automake folder: + find /usr -name config.sub + + Wrapper for pkg-config + - In order to make proper use of pkg-config so that configure is able to + find all dependencies you should create a wrapper script for pkg-config; + file /opt/arm-linux-androideabi-4.4.3/bin/arm-linux-androideabi-pkg-config: + + #!/bin/sh + SYSROOT=$(dirname ${0%/*})/sysroot + export PKG_CONFIG_DIR= + export PKG_CONFIG_LIBDIR=${SYSROOT}/usr/local/lib/pkgconfig:${SYSROOT}/usr/share/pkgconfig + export PKG_CONFIG_SYSROOT_DIR=${SYSROOT} + exec pkg-config "$@" + + also create a copy or symlink with name arm-unknown-linux-androideabi-pkg-config. + + +CROSS COMPILE +============= + (This section was graciously brought to us by Jim Duey, with additions by + Dan Fandrich) + + Download and unpack the cURL package. + + 'cd' to the new directory. (e.g. cd curl-7.12.3) + + Set environment variables to point to the cross-compile toolchain and call + configure with any options you need. Be sure and specify the '--host' and + '--build' parameters at configuration time. The following script is an + example of cross-compiling for the IBM 405GP PowerPC processor using the + toolchain from MonteVista for Hardhat Linux. + + (begin script) + + #! /bin/sh + + export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin + export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include" + export AR=ppc_405-ar + export AS=ppc_405-as + export LD=ppc_405-ld + export RANLIB=ppc_405-ranlib + export CC=ppc_405-gcc + export NM=ppc_405-nm + + ./configure --target=powerpc-hardhat-linux \ + --host=powerpc-hardhat-linux \ + --build=i586-pc-linux-gnu \ + --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local \ + --exec-prefix=/usr/local + + (end script) + + You may also need to provide a parameter like '--with-random=/dev/urandom' + to configure as it cannot detect the presence of a random number + generating device for a target system. The '--prefix' parameter + specifies where cURL will be installed. If 'configure' completes + successfully, do 'make' and 'make install' as usual. + + In some cases, you may be able to simplify the above commands to as + little as: + + ./configure --host=ARCH-OS + + +REDUCING SIZE +============= + There are a number of configure options that can be used to reduce the + size of libcurl for embedded applications where binary size is an + important factor. First, be sure to set the CFLAGS variable when + configuring with any relevant compiler optimization flags to reduce the + size of the binary. For gcc, this would mean at minimum the -Os option, + and potentially the -march=X and -mdynamic-no-pic options as well, e.g. + + ./configure CFLAGS='-Os' ... + + Note that newer compilers often produce smaller code than older versions + due to improved optimization. + + Be sure to specify as many --disable- and --without- flags on the configure + command-line as you can to disable all the libcurl features that you + know your application is not going to need. Besides specifying the + --disable-PROTOCOL flags for all the types of URLs your application + will not use, here are some other flags that can reduce the size of the + library: + + --disable-ares (disables support for the C-ARES DNS library) + --disable-cookies (disables support for HTTP cookies) + --disable-crypto-auth (disables HTTP cryptographic authentication) + --disable-ipv6 (disables support for IPv6) + --disable-manual (disables support for the built-in documentation) + --disable-proxy (disables support for HTTP and SOCKS proxies) + --disable-verbose (eliminates debugging strings and error code strings) + --enable-hidden-symbols (eliminates unneeded symbols in the shared library) + --without-libidn (disables support for the libidn DNS library) + --without-ssl (disables support for SSL/TLS) + --without-zlib (disables support for on-the-fly decompression) + + The GNU compiler and linker have a number of options that can reduce the + size of the libcurl dynamic libraries on some platforms even further. + Specify them by providing appropriate CFLAGS and LDFLAGS variables on the + configure command-line, e.g. + CFLAGS="-Os -ffunction-sections -fdata-sections \ + -fno-unwind-tables -fno-asynchronous-unwind-tables" \ + LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections" + + Be sure also to strip debugging symbols from your binaries after + compiling using 'strip' (or the appropriate variant if cross-compiling). + If space is really tight, you may be able to remove some unneeded + sections of the shared library using the -R option to objcopy (e.g. the + .comment section). + + Using these techniques it is possible to create a basic HTTP-only shared + libcurl library for i386 Linux platforms that is only 106 KiB in size, and + an FTP-only library that is 108 KiB in size (as of libcurl version 7.27.0, + using gcc 4.6.3). + + You may find that statically linking libcurl to your application will + result in a lower total size than dynamically linking. + + Note that the curl test harness can detect the use of some, but not all, of + the --disable statements suggested above. Use will cause tests relying on + those features to fail. The test harness can be manually forced to skip + the relevant tests by specifying certain key words on the runtests.pl + command line. Following is a list of appropriate key words: + + --disable-cookies !cookies + --disable-crypto-auth !HTTP\ Digest\ auth !HTTP\ proxy\ Digest\ auth + --disable-manual !--manual + --disable-proxy !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5 + + +PORTS +===== + This is a probably incomplete list of known hardware and operating systems + that curl has been compiled for. If you know a system curl compiles and + runs on, that isn't listed, please let us know! + + - Alpha DEC OSF 4 + - Alpha Digital UNIX v3.2 + - Alpha FreeBSD 4.1, 4.5 + - Alpha Linux 2.2, 2.4 + - Alpha NetBSD 1.5.2 + - Alpha OpenBSD 3.0 + - Alpha OpenVMS V7.1-1H2 + - Alpha Tru64 v5.0 5.1 + - AVR32 Linux + - ARM Android 1.5, 2.1, 2.3, 3.2, 4.x + - ARM INTEGRITY + - ARM iOS + - Cell Linux + - Cell Cell OS + - HP-PA HP-UX 9.X 10.X 11.X + - HP-PA Linux + - HP3000 MPE/iX + - MicroBlaze uClinux + - MIPS IRIX 6.2, 6.5 + - MIPS Linux + - OS/400 + - Pocket PC/Win CE 3.0 + - Power AIX 3.2.5, 4.2, 4.3.1, 4.3.2, 5.1, 5.2 + - PowerPC Darwin 1.0 + - PowerPC INTEGRITY + - PowerPC Linux + - PowerPC Mac OS 9 + - PowerPC Mac OS X + - SH4 Linux 2.6.X + - SH4 OS21 + - SINIX-Z v5 + - Sparc Linux + - Sparc Solaris 2.4, 2.5, 2.5.1, 2.6, 7, 8, 9, 10 + - Sparc SunOS 4.1.X + - StrongARM (and other ARM) RISC OS 3.1, 4.02 + - StrongARM/ARM7/ARM9 Linux 2.4, 2.6 + - StrongARM NetBSD 1.4.1 + - Symbian OS (P.I.P.S.) 9.x + - TPF + - Ultrix 4.3a + - UNICOS 9.0 + - i386 BeOS + - i386 DOS + - i386 eCos 1.3.1 + - i386 Esix 4.1 + - i386 FreeBSD + - i386 HURD + - i386 Haiku OS + - i386 Linux 1.3, 2.0, 2.2, 2.3, 2.4, 2.6 + - i386 Mac OS X + - i386 MINIX 3.1 + - i386 NetBSD + - i386 Novell NetWare + - i386 OS/2 + - i386 OpenBSD + - i386 QNX 6 + - i386 SCO unix + - i386 Solaris 2.7 + - i386 Windows 95, 98, ME, NT, 2000, XP, 2003 + - i486 ncr-sysv4.3.03 (NCR MP-RAS) + - ia64 Linux 2.3.99 + - m68k AmigaOS 3 + - m68k Linux + - m68k uClinux + - m68k OpenBSD + - m88k dg-dgux5.4R3.00 + - s390 Linux + - x86_64 Linux + - XScale/PXA250 Linux 2.4 + - Nios II uClinux + +Useful URLs +=========== + +axTLS http://axtls.sourceforge.net/ +c-ares http://c-ares.haxx.se/ +GNU GSS http://www.gnu.org/software/gss/ +GnuTLS http://www.gnu.org/software/gnutls/ +Heimdal http://www.pdc.kth.se/heimdal/ +libidn http://www.gnu.org/software/libidn/ +libmetalink https://launchpad.net/libmetalink/ +libssh2 http://www.libssh2.org/ +MIT Kerberos http://web.mit.edu/kerberos/www/dist/ +NSS http://www.mozilla.org/projects/security/pki/nss/ +OpenLDAP http://www.openldap.org/ +OpenSSL http://www.openssl.org/ +PolarSSL http://polarssl.org/ +yassl http://www.yassl.com/ +Zlib http://www.zlib.net/ + +MingW http://www.mingw.org/ +MinGW-w64 http://mingw-w64.sourceforge.net/ +OpenWatcom http://www.openwatcom.org/ diff --git a/libs/libcurl/docs/INSTALL.devcpp b/libs/libcurl/docs/INSTALL.devcpp new file mode 100644 index 0000000000..46d1836af9 --- /dev/null +++ b/libs/libcurl/docs/INSTALL.devcpp @@ -0,0 +1,302 @@ +DevCpp-Mingw Install & Compilation Sept 2005 +================================== + +Reference Emails available at curl@haxx.se: + + Libcurl Install and Use Issues + Awaiting an Answer for Win 32 Install + res = curl_easy_perform(curl); Error + Makefile Issues + + +Having previously done a thorough review of what was available that met my +requirements under GPL, I settled for Libcurl as the software of choice for +many reasons not the least of which was the support. + +Background +---------- + +This quest started when I innocently tried to incorporate the libcurl library +into my simple source code. I figured that a few easy steps would accomplish +this without major headaches. I had no idea that I would be facing an almost +insurmountable challenge. + +The main problem lies in two areas. First the bulk of support for libcurl +exists for a Unix/linux command line environments. This is of little help when +it comes to Windows O/S. + +Secondly the help that does exist for the Windows O/S focused around mingw +through a command line argument environment. + +You may ask "Why is this a problem?" + +I'm using a Windows O/S with DevCpp. For those of you who are unfamiliar with +DevCpp, it is a window shell GUI that replaces the command line environment +for gcc. A definite improvement that I am unwilling to give up. However using +DevCpp presented its own set of issues. Inadvertently I also made some +careless errors such as compiling the 7.14 version of Makefile with an older +version of source code. Thanks to Dan Fandrich for picking this up. + +I did eventually with the help of Daniel, Phillipe and others manage to +implement successfully (the only mingw available version) +curl-7.13.0-win32-ssl-devel-mingw32 into the DevCpp environment. Only the +dynamic libcurl.dll libcurldll.a libraries worked. The static library which I +was interested in did not. Furthermore when I tried to implement one of the +examples included with the curl package (get info.c) it caused the executable +to crash. Tracing the bug I found it in the code and function res = +curl_easy_perform(curl);. + +At this point I had to make a choice as to whether invest my limited +time-energy resource to fixing the bug or to compile the new version +available. After searching the archives I found a very similar or the same bug +reported from version 7.12x on. Daniel did inform me that he thought that this +bug had been fixed with the latest version. So I proceeded to compile the +latest SSL version where I faced other challenges. + +In order to make this process unremarkable for others using the same +environment I decided to document the process so that others will find it +routine. It would be a shame if newbies could not implement this excellent +package for their use. + +I would like to thank the many others in this forum and in the DevCpp forum +for their help. Without your help I may either have given up or it would have +taken me many times longer to achieve success. + +The Cookbook Approach +--------------------- + +This discussion will be confined to a SSL static library compilation and +installation. Limited mention and comments will be inserted where appropriate +to help with non-SSL, dynamic libraries and executables. + + + Using Makefile from DevCpp to compile Libcurl libraries + +Preamble +-------- + +Using the latest version release - curl-7.14.0.tar.gz. Curl source code is +platform independent. This simply means that the source code can be compiled +for any Operating System (Linux/Unix Windows etc. and variations of thereof). + +The first thing to note is that inside curl-7.14.0 you will find two folders +lib and src. Both contain Makefile.m32 (required for win mingw library or exe +compilation) files which are different. The main difference between these two +folders and the makefiles is that the src folder contents are used to compile +an executable file(curl.exe) while the lib folder contents are used to compile +a static (libcurl.a) and dynamic (libcurl.dll & libcurldll.a) file that can be +used to compile libcurl with your own source code so that one can use and +access all libcurl functions. + +Before we start please make sure that DevCpp is installed properly. In +particular make sure you have no spaces in the name of any of the directories +and subdirectories where DevCpp is installed. Failure to comply with the +install instructions may produce erratic behaviour in DevCpp. For further info +check the following sites + +http://aditsu.freeunixhost.com/dev-cpp-faq.html +http://sourceforge.net/forum/message.php?msg_id=3252213 + +As I have mentioned before I will confine this to the SSL Library compilations +but the process is very similar for compilation of the executable - curl.exe; +just substitute the src folder makefile in its stead. + +First use a text processor Notepad, or your own favourite text processor. To +engage your favourite text processor, select Makefile.m32 click once with your +mouse on file icon; icon turns blue, press the shift key and right-click on +mouse, menu appears select "Open with", select your favourite text processor. + +Next read the contents of Makefile.m32. It includes instructions on its use. + +Method I - DOS Command Line +--------------------------- + +Note - The only reason I have included this method is that Method II which is +the preferred method for compiling does not allow for the setting of option +switches (e.g. SSL = 1 or SSL =0). At least that's what they tell me at the +Dev-Cpp forum. + +1 - Make a copy of (D:\Dev-Cpp\bin) bin folder and name it "bin Original" +place it in the Dev-Cpp installed directory (D:\Dev-Cpp\ for this example) + +2 - Copy the entire contents of the LIB folder of curl-7.14.0.tar.gz or zip +version into the bin folder above (D:\Dev-Cpp\bin). The reason being is that +the make.exe file resides in this folder. Make.exe will use - Makefile.m32, +Makefile.inc, and the source code included in the lib folder to compile the +source code. There is a PATH issue with make.exe that remains unresolved at +least for me. Unless the entire source code to be compiled is placed entirely +within the directory of make.exe an error message will be generated - "file +xxxx.yyy not available". + +3- Go to Dev-Cpp\bin and double click on make .exe. You will see a DOS window +quickly pop up and close very quickly. Not to worry! Please do not skip this +step. + +4- Click on the start button\Programs\MS-DOS Prompt.Once the DOS Window is up +Type the disk drive letter (e.g. E: ) engage the enter button. The path should +automatically take you to the directory of the make.exe file. + +5- To compile the source code simply type at the DOS prompt make -f +Makefile.m32 as per instructions contained in the Makefile.m32 file (use any +text processor to read instructions). I don't believe that this makefile +allows for the option of non SSL. Ignore any warnings. + +6- Collect and make copies of libcurl.a, libcurl.dll, libcurldll.a and any *.o +compilations you might need in another directory outside of the bin directory +as you will need this files shortly to set up libcurl for use with +Dev-cpp. For most apps *.o is not required. Later on we will show what to do +with these files. + +7- You are finished but before closing we need to do cleanup - erase the bin +folder and rename the "bin Original" folder created in step 1 to bin. + +Note to compile a curl executable the process is probably similar but instead +of using the LIB folder contents use the SRC folder contents and Makefiles in +curl-7.14.0.tar.gz. File directories relative placements must be respected for +compiling to take place successfully. This may not be possible with the PATH +problem that make.exe experiences. If anyone has solved this PATH issue and +please make sure it actually works on Win 9x/2000/XP before letting me +know. Then please let me or Daniel in on the solution so that it can be +included with these instructions. Thanks. + +or + +Method II - Dev-Cpp GUI +----------------------- + +1- Copy the entire contents of the LIB folder of curl-7.14.0.tar.gz or zip +version into any folder outside of (Dev-Cpp\bin). + +2- Drop the File/New/click on Project. + +3- New Project Dialogue box appears. Double click on the Static Library. + +4- Create Project Dialogue box appears. Select the LIB folder location to +place and locate your Project File Name. Placing the Project File Name +elsewhere may cause problems (PATH issue problem again). + +5- Drop down the Project/Project Options. Project Options Dialogue box +appears. + +6- Select the Makefile tab in the Project Options Dialogue Box. Check Box - +Use Custom Makefile. Click on the Folder icon at the extreme right of the +Check Box. Select Makefile.m32 in the folder wherever you have placed the +contents of the LIB Folder. Press OK and close the Dialogue Box. + +7- Drop the Menu Project/Click on Add to Project. Open File Dialogue Box +appears. The Dialogue Box should open in the folder wherever you have placed +the contents of the LIB Folder. If not go there. + +8- Select Crtl-A to select all files in the LIB folder. Click on open to add +files and close box. Wait till all files are added. This may take 30 seconds +or longer. + +9- Drop the Menu Execute/Click on Compile. + +10- That's it. + + + The following steps must be completed if Curl is to work properly + ================================================================= + +LIB folder inclusions (*.a placement) +------------------------------------- + +1- Refer to Method I - DOS Command Line point # 6 Take libcurl.a, libcurldll.a +and install it in the directory C( or whichever drive Dev is installed) +:\Dev-Cpp\lib. + + +Include Folder +-------------- + +1- Create a new folder by the name of curl (do not change the name curl to +some other name as it will cause major issues) in the directory +C:\Dev-Cpp\include. + +2- Copy the entire contents of the curl folder of curl-7.14.0.tar.gz or zip + version into the newly created curl directory - C:\Dev-Cpp\include\curl. + +Links To Include And Lib Folder +------------------------------- + +1- Drop the Menu - Tools\Compiler Options\Directories\Libraries. Make sure +that C( or whichever drive Dev is installed):\DEV-CPP\lib is included. + +2- Next select the Menu - Tools\Compiler Options\Directories\C Includes. Make +sure that C:\DEV-CPP\include and C:\Dev-Cpp\include\curl are included. + +3- Next select the Menu - Tools\Compiler Options\Directories\C++ +Includes. Make sure that C:\DEV-CPP\include and C:\Dev-Cpp\include\curl are +included. + +Linker Links +------------ + +1- Drop the Menu - Tools\Compiler Options\Directories\Compiler. + +2- Make sure that the box "Add these commands to the linker command line" is +checked. + +3- Include in the white space immediately below the box referred in 2 -lcurl +-lws2_32. + +SSL Files +--------- + +1- Get the latest openSSL (as of time of this writing) +openssl-0.9.7e-win32-bin.zip for the minimalist package of the openssl-0.9.7e +binaries ported to MS Windows 95/98/NT/XP using the MingW32/GCC-3.1 +development environment. The file may be downloaded at +http://curl.haxx.se/download/. + +2- Open the above zip file. You will find two files - SDL.dll, +SDL_mixer.dll. Install them in the directory C:\WINDOWS\SYSTEM32 for Win 9x +users and c:\winnt\system32 for NT-family users. + +Multithreading Files +-------------------- + +To be completed + +#define +------- + +1- Make sure that your program includes the following - #define CURL_STATICLIB +must be declared FIRST before any other define functions may be +added. Otherwise you may experience link errors. + +2- Don't forget to include #include "curl/curl.h". + +e.g. + #define CURL_STATICLIB +#include <windows.h> + #include "curl/curl.h" +#include <fstream> +#include <iostream> +#include <vector> +etc... + + +Static or Dynamic Library +------------------------- + +The above steps apply for the use by a static library. Should you choose to +use a dynamic library you will be required to perform these additional steps. + +1- Refer to Method I - DOS Command Line point # 6. Install libcurl.dll in the +directory C:\WINDOWS\SYSTEM32 for Win 9x users and c:\winnt\system32 for +NT-family users. + +2- Refer to Linker Links point 3 - Replace -lcurl with -lcurldll. + +Voila you're done. + +The non-SSL static Library build may not be possible to use at least as of the +time of this writing - v7.14. Check reference emails - Phillipe and I found it +impossible to fully compile as certain files were missing for linking. No big +loss as SSL is a major plus. + +Hope this Helps + +Tom diff --git a/libs/libcurl/docs/INTERNALS b/libs/libcurl/docs/INTERNALS new file mode 100644 index 0000000000..66e11a46b7 --- /dev/null +++ b/libs/libcurl/docs/INTERNALS @@ -0,0 +1,471 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +INTERNALS + + The project is split in two. The library and the client. The client part uses + the library, but the library is designed to allow other applications to use + it. + + The largest amount of code and complexity is in the library part. + +GIT +=== + All changes to the sources are committed to the git repository as soon as + they're somewhat verified to work. Changes shall be committed as independently + as possible so that individual changes can be easier spotted and tracked + afterwards. + + Tagging shall be used extensively, and by the time we release new archives we + should tag the sources with a name similar to the released version number. + +Portability +=========== + + We write curl and libcurl to compile with C89 compilers. On 32bit and up + machines. Most of libcurl assumes more or less POSIX compliance but that's + not a requirement. + + We write libcurl to build and work with lots of third party tools, and we + want it to remain functional and buildable with these and later versions + (older versions may still work but is not what we work hard to maintain): + + OpenSSL 0.9.6 + GnuTLS 1.2 + zlib 1.1.4 + libssh2 0.16 + c-ares 1.6.0 + libidn 0.4.1 + cyassl 2.0.0 + openldap 2.0 + MIT krb5 lib 1.2.4 + qsossl V5R3M0 + NSS 3.12.x + axTLS 1.2.7 + Heimdal ? + + On systems where configure runs, we aim at working on them all - if they have + a suitable C compiler. On systems that don't run configure, we strive to keep + curl running fine on: + + Windows 98 + AS/400 V5R3M0 + Symbian 9.1 + Windows CE ? + TPF ? + + When writing code (mostly for generating stuff included in release tarballs) + we use a few "build tools" and we make sure that we remain functional with + these versions: + + GNU Libtool 1.4.2 + GNU Autoconf 2.57 + GNU Automake 1.7 (we currently avoid 1.10 due to Solaris-related bugs) + GNU M4 1.4 + perl 5.004 + roffit 0.5 + groff ? (any version that supports "groff -Tps -man [in] [out]") + ps2pdf (gs) ? + +Windows vs Unix +=============== + + There are a few differences in how to program curl the unix way compared to + the Windows way. The four perhaps most notable details are: + + 1. Different function names for socket operations. + + In curl, this is solved with defines and macros, so that the source looks + the same at all places except for the header file that defines them. The + macros in use are sclose(), sread() and swrite(). + + 2. Windows requires a couple of init calls for the socket stuff. + + That's taken care of by the curl_global_init() call, but if other libs also + do it etc there might be reasons for applications to alter that behaviour. + + 3. The file descriptors for network communication and file operations are + not easily interchangeable as in unix. + + We avoid this by not trying any funny tricks on file descriptors. + + 4. When writing data to stdout, Windows makes end-of-lines the DOS way, thus + destroying binary data, although you do want that conversion if it is + text coming through... (sigh) + + We set stdout to binary under windows + + Inside the source code, We make an effort to avoid '#ifdef [Your OS]'. All + conditionals that deal with features *should* instead be in the format + '#ifdef HAVE_THAT_WEIRD_FUNCTION'. Since Windows can't run configure scripts, + we maintain a curl_config-win32.h file in lib directory that is supposed to + look exactly as a curl_config.h file would have looked like on a Windows + machine! + + Generally speaking: always remember that this will be compiled on dozens of + operating systems. Don't walk on the edge. + +Library +======= + + (See LIBCURL-STRUCTS for a separate document describing all major internal + structs and their purposes.) + + There are plenty of entry points to the library, namely each publicly defined + function that libcurl offers to applications. All of those functions are + rather small and easy-to-follow. All the ones prefixed with 'curl_easy' are + put in the lib/easy.c file. + + curl_global_init_() and curl_global_cleanup() should be called by the + application to initialize and clean up global stuff in the library. As of + today, it can handle the global SSL initing if SSL is enabled and it can init + the socket layer on windows machines. libcurl itself has no "global" scope. + + All printf()-style functions use the supplied clones in lib/mprintf.c. This + makes sure we stay absolutely platform independent. + + curl_easy_init() allocates an internal struct and makes some initializations. + The returned handle does not reveal internals. This is the 'SessionHandle' + struct which works as an "anchor" struct for all curl_easy functions. All + connections performed will get connect-specific data allocated that should be + used for things related to particular connections/requests. + + curl_easy_setopt() takes three arguments, where the option stuff must be + passed in pairs: the parameter-ID and the parameter-value. The list of + options is documented in the man page. This function mainly sets things in + the 'SessionHandle' struct. + + curl_easy_perform() is just a wrapper function that makes use of the multi + API. It basically curl_multi_init(), curl_multi_add_handle(), + curl_multi_wait(), and curl_multi_perform() until the transfer is done and + then returns. + + Some of the most important key functions in url.c are called from multi.c + when certain key steps are to be made in the transfer operation. + + o Curl_connect() + + Analyzes the URL, it separates the different components and connects to the + remote host. This may involve using a proxy and/or using SSL. The + Curl_resolv() function in lib/hostip.c is used for looking up host names + (it does then use the proper underlying method, which may vary between + platforms and builds). + + When Curl_connect is done, we are connected to the remote site. Then it is + time to tell the server to get a document/file. Curl_do() arranges this. + + This function makes sure there's an allocated and initiated 'connectdata' + struct that is used for this particular connection only (although there may + be several requests performed on the same connect). A bunch of things are + inited/inherited from the SessionHandle struct. + + o Curl_do() + + Curl_do() makes sure the proper protocol-specific function is called. The + functions are named after the protocols they handle. + + The protocol-specific functions of course deal with protocol-specific + negotiations and setup. They have access to the Curl_sendf() (from + lib/sendf.c) function to send printf-style formatted data to the remote + host and when they're ready to make the actual file transfer they call the + Curl_Transfer() function (in lib/transfer.c) to setup the transfer and + returns. + + If this DO function fails and the connection is being re-used, libcurl will + then close this connection, setup a new connection and re-issue the DO + request on that. This is because there is no way to be perfectly sure that + we have discovered a dead connection before the DO function and thus we + might wrongly be re-using a connection that was closed by the remote peer. + + Some time during the DO function, the Curl_setup_transfer() function must + be called with some basic info about the upcoming transfer: what socket(s) + to read/write and the expected file transfer sizes (if known). + + o Curl_readwrite() + + Called during the transfer of the actual protocol payload. + + During transfer, the progress functions in lib/progress.c are called at a + frequent interval (or at the user's choice, a specified callback might get + called). The speedcheck functions in lib/speedcheck.c are also used to + verify that the transfer is as fast as required. + + o Curl_done() + + Called after a transfer is done. This function takes care of everything + that has to be done after a transfer. This function attempts to leave + matters in a state so that Curl_do() should be possible to call again on + the same connection (in a persistent connection case). It might also soon + be closed with Curl_disconnect(). + + o Curl_disconnect() + + When doing normal connections and transfers, no one ever tries to close any + connections so this is not normally called when curl_easy_perform() is + used. This function is only used when we are certain that no more transfers + is going to be made on the connection. It can be also closed by force, or + it can be called to make sure that libcurl doesn't keep too many + connections alive at the same time. + + This function cleans up all resources that are associated with a single + connection. + + + HTTP(S) + + HTTP offers a lot and is the protocol in curl that uses the most lines of + code. There is a special file (lib/formdata.c) that offers all the multipart + post functions. + + base64-functions for user+password stuff (and more) is in (lib/base64.c) and + all functions for parsing and sending cookies are found in (lib/cookie.c). + + HTTPS uses in almost every means the same procedure as HTTP, with only two + exceptions: the connect procedure is different and the function used to read + or write from the socket is different, although the latter fact is hidden in + the source by the use of Curl_read() for reading and Curl_write() for writing + data to the remote server. + + http_chunks.c contains functions that understands HTTP 1.1 chunked transfer + encoding. + + An interesting detail with the HTTP(S) request, is the Curl_add_buffer() + series of functions we use. They append data to one single buffer, and when + the building is done the entire request is sent off in one single write. This + is done this way to overcome problems with flawed firewalls and lame servers. + + FTP + + The Curl_if2ip() function can be used for getting the IP number of a + specified network interface, and it resides in lib/if2ip.c. + + Curl_ftpsendf() is used for sending FTP commands to the remote server. It was + made a separate function to prevent us programmers from forgetting that they + must be CRLF terminated. They must also be sent in one single write() to make + firewalls and similar happy. + + Kerberos + + The kerberos support is mainly in lib/krb4.c and lib/security.c. + + TELNET + + Telnet is implemented in lib/telnet.c. + + FILE + + The file:// protocol is dealt with in lib/file.c. + + LDAP + + Everything LDAP is in lib/ldap.c and lib/openldap.c + + GENERAL + + URL encoding and decoding, called escaping and unescaping in the source code, + is found in lib/escape.c. + + While transferring data in Transfer() a few functions might get used. + curl_getdate() in lib/parsedate.c is for HTTP date comparisons (and more). + + lib/getenv.c offers curl_getenv() which is for reading environment variables + in a neat platform independent way. That's used in the client, but also in + lib/url.c when checking the proxy environment variables. Note that contrary + to the normal unix getenv(), this returns an allocated buffer that must be + free()ed after use. + + lib/netrc.c holds the .netrc parser + + lib/timeval.c features replacement functions for systems that don't have + gettimeofday() and a few support functions for timeval conversions. + + A function named curl_version() that returns the full curl version string is + found in lib/version.c. + +Persistent Connections +====================== + + The persistent connection support in libcurl requires some considerations on + how to do things inside of the library. + + o The 'SessionHandle' struct returned in the curl_easy_init() call must never + hold connection-oriented data. It is meant to hold the root data as well as + all the options etc that the library-user may choose. + o The 'SessionHandle' struct holds the "connection cache" (an array of + pointers to 'connectdata' structs). + o This enables the 'curl handle' to be reused on subsequent transfers. + o When libcurl is told to perform a transfer, it first checks for an already + existing connection in the cache that we can use. Otherwise it creates a + new one and adds that the cache. If the cache is full already when a new + conncetion is added added, it will first close the oldest unused one. + o When the transfer operation is complete, the connection is left + open. Particular options may tell libcurl not to, and protocols may signal + closure on connections and then they won't be kept open of course. + o When curl_easy_cleanup() is called, we close all still opened connections, + unless of course the multi interface "owns" the connections. + + The curl handle must be re-used in order for the persistent connections to + work. + +multi interface/non-blocking +============================ + + The multi interface is a non-blocking interface to the library. To make that + interface work as good as possible, no low-level functions within libcurl + must be written to work in a blocking manner. (There are still a few spots + violating this rule.) + + One of the primary reasons we introduced c-ares support was to allow the name + resolve phase to be perfectly non-blocking as well. + + The FTP and the SFTP/SCP protocols are examples of how we adapt and adjust + the code to allow non-blocking operations even on multi-stage command- + response protocols. They are built around state machines that return when + they would otherwise block waiting for data. The DICT, LDAP and TELNET + protocols are crappy examples and they are subject for rewrite in the future + to better fit the libcurl protocol family. + +SSL libraries +============= + + Originally libcurl supported SSLeay for SSL/TLS transports, but that was then + extended to its successor OpenSSL but has since also been extended to several + other SSL/TLS libraries and we expect and hope to further extend the support + in future libcurl versions. + + To deal with this internally in the best way possible, we have a generic SSL + function API as provided by the sslgen.[ch] system, and they are the only SSL + functions we must use from within libcurl. sslgen is then crafted to use the + appropriate lower-level function calls to whatever SSL library that is in + use. + +Library Symbols +=============== + + All symbols used internally in libcurl must use a 'Curl_' prefix if they're + used in more than a single file. Single-file symbols must be made static. + Public ("exported") symbols must use a 'curl_' prefix. (There are exceptions, + but they are to be changed to follow this pattern in future versions.) Public + API functions are marked with CURL_EXTERN in the public header files so that + all others can be hidden on platforms where this is possible. + +Return Codes and Informationals +=============================== + + I've made things simple. Almost every function in libcurl returns a CURLcode, + that must be CURLE_OK if everything is OK or otherwise a suitable error code + as the curl/curl.h include file defines. The very spot that detects an error + must use the Curl_failf() function to set the human-readable error + description. + + In aiding the user to understand what's happening and to debug curl usage, we + must supply a fair amount of informational messages by using the Curl_infof() + function. Those messages are only displayed when the user explicitly asks for + them. They are best used when revealing information that isn't otherwise + obvious. + +API/ABI +======= + + We make an effort to not export or show internals or how internals work, as + that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI + for our promise to users. + +Client +====== + + main() resides in src/tool_main.c. + + src/tool_hugehelp.c is automatically generated by the mkhelp.pl perl script + to display the complete "manual" and the src/tool_urlglob.c file holds the + functions used for the URL-"globbing" support. Globbing in the sense that the + {} and [] expansion stuff is there. + + The client mostly messes around to setup its 'config' struct properly, then + it calls the curl_easy_*() functions of the library and when it gets back + control after the curl_easy_perform() it cleans up the library, checks status + and exits. + + When the operation is done, the ourWriteOut() function in src/writeout.c may + be called to report about the operation. That function is using the + curl_easy_getinfo() function to extract useful information from the curl + session. + + It may loop and do all this several times if many URLs were specified on the + command line or config file. + +Memory Debugging +================ + + The file lib/memdebug.c contains debug-versions of a few functions. Functions + such as malloc, free, fopen, fclose, etc that somehow deal with resources + that might give us problems if we "leak" them. The functions in the memdebug + system do nothing fancy, they do their normal function and then log + information about what they just did. The logged data can then be analyzed + after a complete session, + + memanalyze.pl is the perl script present in tests/ that analyzes a log file + generated by the memory tracking system. It detects if resources are + allocated but never freed and other kinds of errors related to resource + management. + + Internally, definition of preprocessor symbol DEBUGBUILD restricts code which + is only compiled for debug enabled builds. And symbol CURLDEBUG is used to + differentiate code which is _only_ used for memory tracking/debugging. + + Use -DCURLDEBUG when compiling to enable memory debugging, this is also + switched on by running configure with --enable-curldebug. Use -DDEBUGBUILD + when compiling to enable a debug build or run configure with --enable-debug. + + curl --version will list 'Debug' feature for debug enabled builds, and + will list 'TrackMemory' feature for curl debug memory tracking capable + builds. These features are independent and can be controlled when running + the configure script. When --enable-debug is given both features will be + enabled, unless some restriction prevents memory tracking from being used. + +Test Suite +========== + + The test suite is placed in its own subdirectory directly off the root in the + curl archive tree, and it contains a bunch of scripts and a lot of test case + data. + + The main test script is runtests.pl that will invoke test servers like + httpserver.pl and ftpserver.pl before all the test cases are performed. The + test suite currently only runs on unix-like platforms. + + You'll find a description of the test suite in the tests/README file, and the + test case data files in the tests/FILEFORMAT file. + + The test suite automatically detects if curl was built with the memory + debugging enabled, and if it was it will detect memory leaks, too. + +Building Releases +================= + + There's no magic to this. When you consider everything stable enough to be + released, do this: + + 1. Tag the source code accordingly. + + 2. run the 'maketgz' script (using 'make distcheck' will give you a pretty + good view on the status of the current sources). maketgz requires a + version number and creates the release archive. maketgz uses 'make dist' + for the actual archive building, why you need to fill in the Makefile.am + files properly for which files that should be included in the release + archives. + + 3. When that's complete, sign the output files. + + 4. Upload + + 5. Update web site and changelog on site + + 6. Send announcement to the mailing lists + + NOTE: you must have curl checked out from git to be able to do a proper + release build. The release tarballs do not have everything setup in order to + do releases properly. diff --git a/libs/libcurl/docs/KNOWN_BUGS b/libs/libcurl/docs/KNOWN_BUGS new file mode 100644 index 0000000000..d53d970d96 --- /dev/null +++ b/libs/libcurl/docs/KNOWN_BUGS @@ -0,0 +1,250 @@ +These are problems known to exist at the time of this release. Feel free to +join in and help us correct one or more of these! Also be sure to check the +changelog of the current development status, as one or more of these problems +may have been fixed since this was written! + +84. CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS + backends, so relying on this information in a generic app is flaky. + +83. curl is unable to load non-default openssl engines, because openssl isn't + initialized properly. This seems to require OpenSSL_config() or + CONF_modules_load_file() to be used by libcurl but the first seems to not + work and we've gotten not reports from tests with the latter. Possibly we + need to discuss with OpenSSL developers how this is supposed to be done. We + need users with actual external openssl engines for testing to work on this. + http://curl.haxx.se/bug/view.cgi?id=1208 + +82. When building with the Windows Borland compiler, it fails because the + "tlib" tool doesn't support hyphens (minus signs) in file names and we have + such in the build. + http://curl.haxx.se/bug/view.cgi?id=1222 + +81. When using -J (with -O), automaticly resumed downloading together with "-C + -" fails. Without -J the same command line works! This happens because the + resume logic is worked out before the target file name (and thus its + pre-transfer size) has been figured out! + http://curl.haxx.se/bug/view.cgi?id=1169 + +80. Curl doesn't recognize certificates in DER format in keychain, but it + works with PEM. + http://curl.haxx.se/bug/view.cgi?id=1065 + +79. SMTP. When sending data to multiple recipients, curl will abort and return + failure if one of the recipients indicate failure (on the "RCPT TO" + command). Ordinary mail programs would proceed and still send to the ones + that can receive data. This is subject for change in the future. + http://curl.haxx.se/bug/view.cgi?id=1116 + +78. curl and libcurl don't always signal the client properly when "sending" + zero bytes files - it makes for example the command line client not creating + any file at all. Like when using FTP. + http://curl.haxx.se/bug/view.cgi?id=1063 + +77. CURLOPT_FORBID_REUSE on a handle prevents NTLM from working since it + "abuses" the underlying connection re-use system and if connections are + forced to close they break the NTLM support. + +76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on + that platform), and long is only 32 bits. It makes it impossible for + curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET + option as for all other operating systems. + +75. NTLM authentication involving unicode user name or password only works + properly if built with UNICODE defined together with the schannel/winssl + backend. The original problem was mentioned in: + http://curl.haxx.se/mail/lib-2009-10/0024.html + http://curl.haxx.se/bug/view.cgi?id=896 + + The schannel version verified to work as mentioned in + http://curl.haxx.se/mail/lib-2012-07/0073.html + +73. if a connection is made to a FTP server but the server then just never + sends the 220 response or otherwise is dead slow, libcurl will not + acknowledge the connection timeout during that phase but only the "real" + timeout - which may surprise users as it is probably considered to be the + connect phase to most people. Brought up (and is being misunderstood) in: + http://curl.haxx.se/bug/view.cgi?id=856 + +72. "Pausing pipeline problems." + http://curl.haxx.se/mail/lib-2009-07/0214.html + +70. Problem re-using easy handle after call to curl_multi_remove_handle + http://curl.haxx.se/mail/lib-2009-07/0249.html + +68. "More questions about ares behavior". + http://curl.haxx.se/mail/lib-2009-08/0012.html + +67. When creating multipart formposts. The file name part can be encoded with + something beyond ascii but currently libcurl will only pass in the verbatim + string the app provides. There are several browsers that already do this + encoding. The key seems to be the updated draft to RFC2231: + http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 + +66. When using telnet, the time limitation options don't work. + http://curl.haxx.se/bug/view.cgi?id=846 + +65. When doing FTP over a socks proxy or CONNECT through HTTP proxy and the + multi interface is used, libcurl will fail if the (passive) TCP connection + for the data transfer isn't more or less instant as the code does not + properly wait for the connect to be confirmed. See test case 564 for a first + shot at a test case. + +63. When CURLOPT_CONNECT_ONLY is used, the handle cannot reliably be re-used + for any further requests or transfers. The work-around is then to close that + handle with curl_easy_cleanup() and create a new. Some more details: + http://curl.haxx.se/mail/lib-2009-04/0300.html + +61. If an upload using Expect: 100-continue receives an HTTP 417 response, + it ought to be automatically resent without the Expect:. A workaround is + for the client application to redo the transfer after disabling Expect:. + http://curl.haxx.se/mail/archive-2008-02/0043.html + +60. libcurl closes the connection if an HTTP 401 reply is received while it + is waiting for the the 100-continue response. + http://curl.haxx.se/mail/lib-2008-08/0462.html + +58. It seems sensible to be able to use CURLOPT_NOBODY and + CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is + not working: http://curl.haxx.se/mail/lib-2008-07/0295.html + +56. When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP + server using the multi interface, the commands are not being sent correctly + and instead the connection is "cancelled" (the operation is considered done) + prematurely. There is a half-baked (busy-looping) patch provided in the bug + report but it cannot be accepted as-is. See + http://curl.haxx.se/bug/view.cgi?id=748 + +55. libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's + library header files exporting symbols/macros that should be kept private + to the KfW library. See ticket #5601 at http://krbdev.mit.edu/rt/ + +52. Gautam Kachroo's issue that identifies a problem with the multi interface + where a connection can be re-used without actually being properly + SSL-negotiated: + http://curl.haxx.se/mail/lib-2008-01/0277.html + +49. If using --retry and the transfer timeouts (possibly due to using -m or + -y/-Y) the next attempt doesn't resume the transfer properly from what was + downloaded in the previous attempt but will truncate and restart at the + original position where it was at before the previous failed attempt. See + http://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report + https://qa.mandriva.com/show_bug.cgi?id=22565 + +48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the + connection is meant to be kept alive (like for NTLM proxy auth), the + function will return prematurely and will confuse the rest of the HTTP + protocol code. This should be very rare. + +43. There seems to be a problem when connecting to the Microsoft telnet server. + http://curl.haxx.se/bug/view.cgi?id=649 + +41. When doing an operation over FTP that requires the ACCT command (but not + when logging in), the operation will fail since libcurl doesn't detect this + and thus fails to issue the correct command: + http://curl.haxx.se/bug/view.cgi?id=635 + +39. Steffen Rumler's Race Condition in Curl_proxyCONNECT: + http://curl.haxx.se/mail/lib-2007-01/0045.html + +38. Kumar Swamy Bhatt's problem in ftp/ssl "LIST" operation: + http://curl.haxx.se/mail/lib-2007-01/0103.html + +35. Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very + bad when used with the multi interface. + +34. The SOCKS4 connection codes don't properly acknowledge (connect) timeouts. + Also see #12. According to bug #1556528, even the SOCKS5 connect code does + not do it right: http://curl.haxx.se/bug/view.cgi?id=604 + +31. "curl-config --libs" will include details set in LDFLAGS when configure is + run that might be needed only for building libcurl. Further, curl-config + --cflags suffers from the same effects with CFLAGS/CPPFLAGS. + +30. You need to use -g to the command line tool in order to use RFC2732-style + IPv6 numerical addresses in URLs. + +29. IPv6 URLs with zone ID is not nicely supported. + http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired) + specifies the use of a plus sign instead of a percent when specifying zone + IDs in URLs to get around the problem of percent signs being + special. According to the reporter, Firefox deals with the URL _with_ a + percent letter (which seems like a blatant URL spec violation). + libcurl supports zone IDs where the percent sign is URL-escaped (i.e. %25): + http://curl.haxx.se/bug/view.cgi?id=555 + +26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in + "system context" will make it use wrong(?) user name - at least when compared + to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=535 + +23. SOCKS-related problems: + B) libcurl doesn't support FTPS over a SOCKS proxy. + E) libcurl doesn't support active FTP over a SOCKS proxy + + We probably have even more bugs and lack of features when a SOCKS proxy is + used. + +21. FTP ASCII transfers do not follow RFC959. They don't convert the data + accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1 + clearly describes how this should be done: + + The sender converts the data from an internal character representation to + the standard 8-bit NVT-ASCII representation (see the Telnet + specification). The receiver will convert the data from the standard + form to his own internal form. + + Since 7.15.4 at least line endings are converted. + +16. FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 <user>, + <password>, and <fpath> components, encoded as "%00". The problem is that + curl_unescape does not detect this, but instead returns a shortened C + string. From a strict FTP protocol standpoint, NUL is a valid character + within RFC 959 <string>, so the way to handle this correctly in curl would + be to use a data structure other than a plain C string, one that can handle + embedded NUL characters. From a practical standpoint, most FTP servers + would not meaningfully support NUL characters within RFC 959 <string>, + anyway (e.g., UNIX pathnames may not contain NUL). + +14. Test case 165 might fail on a system which has libidn present, but with an + old iconv version (2.1.3 is a known bad version), since it doesn't recognize + the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the + test pass, but instead makes it fail on Solaris hosts that use its native + iconv. + +13. curl version 7.12.2 fails on AIX if compiled with --enable-ares. + The workaround is to combine --enable-ares with --disable-shared + +12. When connecting to a SOCKS proxy, the (connect) timeout is not properly + acknowledged after the actual TCP connect (during the SOCKS "negotiate" + phase). + +10. To get HTTP Negotiate authentication to work fine, you need to provide a + (fake) user name (this concerns both curl and the lib) because the code + wrongly only considers authentication if there's a user name provided. + http://curl.haxx.se/bug/view.cgi?id=440 How? + http://curl.haxx.se/mail/lib-2004-08/0182.html + +8. Doing resumed upload over HTTP does not work with '-C -', because curl + doesn't do a HEAD first to get the initial size. This needs to be done + manually for HTTP PUT resume to work, and then '-C [index]'. + +6. libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that + such parts should be sent to the server as 'CWD ' (without an argument). + The only exception to this rule, is that we knowingly break this if the + empty part is first in the path, as then we use the double slashes to + indicate that the user wants to reach the root dir (this exception SHALL + remain even when this bug is fixed). + +5. libcurl doesn't treat the content-length of compressed data properly, as + it seems HTTP servers send the *uncompressed* length in that header and + libcurl thinks of it as the *compressed* length. Some explanations are here: + http://curl.haxx.se/mail/lib-2003-06/0146.html + +2. If a HTTP server responds to a HEAD request and includes a body (thus + violating the RFC2616), curl won't wait to read the response but just stop + reading and return back. If a second request (let's assume a GET) is then + immediately made to the same server again, the connection will be re-used + fine of course, and the second request will be sent off but when the + response is to get read, the previous response-body is what curl will read + and havoc is what happens. + More details on this is found in this libcurl mailing list thread: + http://curl.haxx.se/mail/lib-2002-08/0000.html diff --git a/libs/libcurl/docs/LICENSE-MIXING b/libs/libcurl/docs/LICENSE-MIXING new file mode 100644 index 0000000000..f596546da5 --- /dev/null +++ b/libs/libcurl/docs/LICENSE-MIXING @@ -0,0 +1,130 @@ + License Mixing with apps, libcurl and Third Party Libraries + =========================================================== + +libcurl can be built to use a fair amount of various third party libraries, +libraries that are written and provided by other parties that are distributed +using their own licenses. Even libcurl itself contains code that may cause +problems to some. This document attempts to describe what licenses libcurl and +the other libraries use and what possible dilemmas linking and mixing them all +can lead to for end users. + +I am not a lawyer and this is not legal advice! + +One common dilemma is that GPL[1]-licensed code is not allowed to be linked +with code licensed under the Original BSD license (with the announcement +clause). You may still build your own copies that use them all, but +distributing them as binaries would be to violate the GPL license - unless you +accompany your license with an exception[2]. This particular problem was +addressed when the Modified BSD license was created, which does not have the +announcement clause that collides with GPL. + +libcurl http://curl.haxx.se/docs/copyright.html + + Uses an MIT (or Modified BSD)-style license that is as liberal as + possible. Some of the source files that deal with KRB4 have Original + BSD-style announce-clause licenses. You may not distribute binaries + with krb4-enabled libcurl that also link with GPL-licensed code! + +OpenSSL http://www.openssl.org/source/license.html + + (May be used for SSL/TLS support) Uses an Original BSD-style license + with an announcement clause that makes it "incompatible" with GPL. You + are not allowed to ship binaries that link with OpenSSL that includes + GPL code (unless that specific GPL code includes an exception for + OpenSSL - a habit that is growing more and more common). If OpenSSL's + licensing is a problem for you, consider using GnuTLS or yassl + instead. + +GnuTLS http://www.gnutls.org/ + + (May be used for SSL/TLS support) Uses the LGPL[3] license. If this is + a problem for you, consider using OpenSSL instead. Also note that + GnuTLS itself depends on and uses other libs (libgcrypt and + libgpg-error) and they too are LGPL- or GPL-licensed. + +yassl http://www.yassl.com/ + + (May be used for SSL/TLS support) Uses the GPL[1] license. If this is + a problem for you, consider using OpenSSL or GnuTLS instead. + +NSS http://www.mozilla.org/projects/security/pki/nss/ + + (May be used for SSL/TLS support) Is covered by the MPL[4] license, + the GPL[1] license and the LGPL[3] license. You may choose to license + the code under MPL terms, GPL terms, or LGPL terms. These licenses + grant you different permissions and impose different obligations. You + should select the license that best meets your needs. + +axTLS http://axtls.sourceforge.net/ + + (May be used for SSL/TLS support) Uses a Modified BSD-style license. + +c-ares http://daniel.haxx.se/projects/c-ares/license.html + + (Used for asynchronous name resolves) Uses an MIT license that is very + liberal and imposes no restrictions on any other library or part you + may link with. + +zlib http://www.gzip.org/zlib/zlib_license.html + + (Used for compressed Transfer-Encoding support) Uses an MIT-style + license that shouldn't collide with any other library. + +krb4 + + While nothing in particular says that a Kerberos4 library must use any + particular license, the one I've tried and used successfully so far + (kth-krb4) is partly Original BSD-licensed with the announcement + clause. Some of the code in libcurl that is written to deal with + Kerberos4 is Modified BSD-licensed. + +MIT Kerberos http://web.mit.edu/kerberos/www/dist/ + + (May be used for GSS support) MIT licensed, that shouldn't collide + with any other parts. + +Heimdal http://www.pdc.kth.se/heimdal/ + + (May be used for GSS support) Heimdal is Original BSD licensed with + the announcement clause. + +GNU GSS http://www.gnu.org/software/gss/ + + (May be used for GSS support) GNU GSS is GPL licensed. Note that you + may not distribute binary curl packages that uses this if you build + curl to also link and use any Original BSD licensed libraries! + +fbopenssl + + (Used for SPNEGO support) Unclear license. Based on its name, I assume + that it uses the OpenSSL license and thus shares the same issues as + described for OpenSSL above. + +libidn http://josefsson.org/libidn/ + + (Used for IDNA support) Uses the GNU Lesser General Public + License [3]. LGPL is a variation of GPL with slightly less aggressive + "copyleft". This license requires more requirements to be met when + distributing binaries, see the license for details. Also note that if + you distribute a binary that includes this library, you must also + include the full LGPL license text. Please properly point out what + parts of the distributed package that the license addresses. + +OpenLDAP http://www.openldap.org/software/release/license.html + + (Used for LDAP support) Uses a Modified BSD-style license. Since + libcurl uses OpenLDAP as a shared library only, I have not heard of + anyone that ships OpenLDAP linked with libcurl in an app. + +libssh2 http://www.libssh2.org/ + + (Used for scp and sftp support) libssh2 uses a Modified BSD-style + license. + +[1] = GPL - GNU General Public License: http://www.gnu.org/licenses/gpl.html +[2] = http://www.fsf.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on + how to write such an exception to the GPL +[3] = LGPL - GNU Lesser General Public License: + http://www.gnu.org/licenses/lgpl.html +[4] = MPL - Mozilla Public License: + http://www.mozilla.org/MPL/ diff --git a/libs/libcurl/docs/MAIL-ETIQUETTE b/libs/libcurl/docs/MAIL-ETIQUETTE new file mode 100644 index 0000000000..ae1821a89b --- /dev/null +++ b/libs/libcurl/docs/MAIL-ETIQUETTE @@ -0,0 +1,228 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +MAIL ETIQUETTE + + 1. About the lists + 1.1 Mailing Lists + 1.2 Netiquette + 1.3 Do Not Mail a Single Individual + 1.4 Subscription Required + 1.5 Moderation of new posters + 1.6 Handling trolls and spam + 1.7 How to unsubscribe + + 2. Sending mail + 2.1 Reply or New Mail + 2.2 Reply to the List + 2.3 Use a Sensible Subject + 2.4 Do Not Top-Post + 2.5 HTML is not for mails + 2.6 Quoting + 2.7 Digest + 2.8 Please Tell Us How You Solved The Problem! + +============================================================================== + +1. About the lists + + 1.1 Mailing Lists + + The mailing lists we have are all listed and described at + http://curl.haxx.se/mail/ + + Each mailing list is targeted to a specific set of users and subjects, + please use the one or the ones that suit you the most. + + Each mailing list have hundreds up to thousands of readers, meaning that + each mail sent will be received and read by a very large amount of people. + People from various cultures, regions, religions and continents. + + 1.2 Netiquette + + Netiquette is a common name for how to behave on the internet. Of course, in + each particular group and subculture there will be differences in what is + acceptable and what is considered good manners. + + This document outlines what we in the cURL project considers to be good + etiquette, and primarily this focus on how to behave on and how to use our + mailing lists. + + 1.3 Do Not Mail a Single Individual + + Many people send one question to one person. One person gets many mails, and + there is only one person who can give you a reply. The question may be + something that other people are also wanting to ask. These other people have + no way to read the reply, but to ask the one person the question. The one + person consequently gets overloaded with mail. + + If you really want to contact an individual and perhaps pay for his or her + services, by all means go ahead, but if it's just another curl question, + take it to a suitable list instead. + + 1.4 Subscription Required + + All curl mailing lists require that you are subscribed to allow a mail to go + through to all the subscribers. + + If you post without being subscribed (or from a different mail address than + the one you are subscribed with), your mail will simply be silently + discarded. You have to subscribe first, then post. + + The reason for this unfortunate and strict subscription policy is of course + to stop spam from pestering the lists. + + 1.5 Moderation of new posters + + Several of the curl mailing lists automatically make all posts from new + subscribers require moderation. This means that after you've subscribed and + send your first mail to a list, that mail will not be let through to the + list until a mailing list administrator has verified that it is OK and + permits it to get posted. + + Once a first post has been made that proves the sender is actually talking + about curl-related subjects, the moderation "flag" will be switched off and + future posts will go through without being moderated. + + The reason for this moderation policy is that we do suffer from spammers who + actually subscribe and send spam to our lists. + + 1.6 Handling trolls and spam + + Despite our good intentions and hard work to keep spam off the lists and to + maintain a friendly and positive atmosphere, there will be times when spam + and or trolls get through. + + Troll - "someone who posts inflammatory, extraneous, or off-topic messages + in an online community" + + Spam - "use of electronic messaging systems to send unsolicited bulk + messages" + + No matter what, we NEVER EVER respond to trolls or spammers on the list. If + you believe the list admin should do something particular, contact him/her + off-list. The subject will be taken care of as good as possible to prevent + repeated offences, but responding on the list to such messages never lead to + anything good and only puts the light even more on the offender: which was + the entire purpose of it getting to the list in the first place. + + Don't feed the trolls! + + 1.7 How to unsubscribe + + You unsubscribe the same way you subscribed in the first place. You go to + the page for the particular mailing list you're subscribed to and you enter + your email address and password and press the unsubscribe button. + + Also, this information is included in the headers of every mail that is sent + out to all curl related mailing lists and there's footer in each mail that + links to the "admin" page on which you can unsubscribe and change other + options. + + You NEVER EVER email the mailing list requesting someone else to get you off + the list. + + +2. Sending mail + + 2.1 Reply or New Mail + + Please do not reply to an existing message as a short-cut to post a message + to the lists. + + Many mail programs and web archivers use information within mails to keep + them together as "threads", as collections of posts that discuss a certain + subject. If you don't intend to reply on the same or similar subject, don't + just hit reply on an existing mail and change subject, create a new mail. + + 2.2 Reply to the List + + When replying to a message from the list, make sure that you do "group + reply" or "reply to all", and not just reply to the author of the single + mail you reply to. + + We're actively discouraging replying back to the single person by setting + the Reply-To: field in outgoing mails back to the mailing list address, + making it harder for people to mail the author only by mistake. + + 2.3 Use a Sensible Subject + + Please use a subject of the mail that makes sense and that is related to the + contents of your mail. It makes it a lot easier to find your mail afterwards + and it makes it easier to track mail threads and topics. + + 2.4 Do Not Top-Post + + If you reply to a message, don't use top-posting. Top-posting is when you + write the new text at the top of a mail and you insert the previous quoted + mail conversation below. It forces users to read the mail in a backwards + order to properly understand it. + + This is why top posting is so bad: + + A: Because it messes up the order in which people normally read + text. + Q: Why is top-posting such a bad thing? + A: Top-posting. + Q: What is the most annoying thing in e-mail? + + Apart from the screwed up read order (especially when mixed together in a + thread when someone responds using the mandated bottom-posting style), it + also makes it impossible to quote only parts of the original mail. + + When you reply to a mail. You let the mail client insert the previous mail + quoted. Then you put the cursor on the first line of the mail and you move + down through the mail, deleting all parts of the quotes that don't add + context for your comments. When you want to add a comment you do so, inline, + right after the quotes that relate to your comment. Then you continue + downwards again. + + When most of the quotes have been removed and you've added your own words, + you're done! + + 2.5 HTML is not for mails + + Please switch off those HTML encoded messages. You can mail all those funny + mails to your friends. We speak plain text mails. + + 2.6 Quoting + + Quote as little as possible. Just enough to provide the context you cannot + leave out. A lengthy description can be found here: + + http://www.netmeister.org/news/learn2quote.html + + 2.7 Digest + + We allow subscribers to subscribe to the "digest" version of the mailing + lists. A digest is a collection of mails lumped together in one single mail. + + Should you decide to reply to a mail sent out as a digest, there are two + things you MUST consider if you really really cannot subscribe normally + instead: + + Cut off all mails and chatter that is not related to the mail you want to + reply to. + + Change the subject name to something sensible and related to the subject, + preferably even the actual subject of the single mail you wanted to reply to + + 2.8 Please Tell Us How You Solved The Problem! + + Many people mail questions to the list, people spend some of their time and + make an effort in providing good answers to these questions. + + If you are the one who asks, please consider responding once more in case + one of the hints was what solved your problems. The guys who write answers + feel good to know that they provided a good answer and that you fixed the + problem. Far too often, the person who asked the question is never heard of + again, and we never get to know if he/she is gone because the problem was + solved or perhaps because the problem was unsolvable! + + Getting the solution posted also helps other users that experience the same + problem(s). They get to see (possibly in the web archives) that the + suggested fixes actually has helped at least one person. + diff --git a/libs/libcurl/docs/MANUAL b/libs/libcurl/docs/MANUAL new file mode 100644 index 0000000000..4ad2e135e3 --- /dev/null +++ b/libs/libcurl/docs/MANUAL @@ -0,0 +1,1023 @@ +LATEST VERSION + + You always find news about what's going on as well as the latest versions + from the curl web pages, located at: + + http://curl.haxx.se + +SIMPLE USAGE + + Get the main page from Netscape's web-server: + + curl http://www.netscape.com/ + + Get the README file the user's home directory at funet's ftp-server: + + curl ftp://ftp.funet.fi/README + + Get a web page from a server using port 8000: + + curl http://www.weirdserver.com:8000/ + + Get a directory listing of an FTP site: + + curl ftp://cool.haxx.se/ + + Get the definition of curl from a dictionary: + + curl dict://dict.org/m:curl + + Fetch two documents at once: + + curl ftp://cool.haxx.se/ http://www.weirdserver.com:8000/ + + Get a file off an FTPS server: + + curl ftps://files.are.secure.com/secrets.txt + + or use the more appropriate FTPS way to get the same file: + + curl --ftp-ssl ftp://files.are.secure.com/secrets.txt + + Get a file from an SSH server using SFTP: + + curl -u username sftp://shell.example.com/etc/issue + + Get a file from an SSH server using SCP using a private key to authenticate: + + curl -u username: --key ~/.ssh/id_dsa --pubkey ~/.ssh/id_dsa.pub \ + scp://shell.example.com/~/personal.txt + + Get the main page from an IPv6 web server: + + curl -g "http://[2001:1890:1112:1::20]/" + +DOWNLOAD TO A FILE + + Get a web page and store in a local file with a specific name: + + curl -o thatpage.html http://www.netscape.com/ + + Get a web page and store in a local file, make the local file get the name + of the remote document (if no file name part is specified in the URL, this + will fail): + + curl -O http://www.netscape.com/index.html + + Fetch two files and store them with their remote names: + + curl -O www.haxx.se/index.html -O curl.haxx.se/download.html + +USING PASSWORDS + + FTP + + To ftp files using name+passwd, include them in the URL like: + + curl ftp://name:passwd@machine.domain:port/full/path/to/file + + or specify them with the -u flag like + + curl -u name:passwd ftp://machine.domain:port/full/path/to/file + + FTPS + + It is just like for FTP, but you may also want to specify and use + SSL-specific options for certificates etc. + + Note that using FTPS:// as prefix is the "implicit" way as described in the + standards while the recommended "explicit" way is done by using FTP:// and + the --ftp-ssl option. + + SFTP / SCP + + This is similar to FTP, but you can specify a private key to use instead of + a password. Note that the private key may itself be protected by a password + that is unrelated to the login password of the remote system. If you + provide a private key file you must also provide a public key file. + + HTTP + + Curl also supports user and password in HTTP URLs, thus you can pick a file + like: + + curl http://name:passwd@machine.domain/full/path/to/file + + or specify user and password separately like in + + curl -u name:passwd http://machine.domain/full/path/to/file + + HTTP offers many different methods of authentication and curl supports + several: Basic, Digest, NTLM and Negotiate. Without telling which method to + use, curl defaults to Basic. You can also ask curl to pick the most secure + ones out of the ones that the server accepts for the given URL, by using + --anyauth. + + NOTE! According to the URL specification, HTTP URLs can not contain a user + and password, so that style will not work when using curl via a proxy, even + though curl allows it at other times. When using a proxy, you _must_ use + the -u style for user and password. + + HTTPS + + Probably most commonly used with private certificates, as explained below. + +PROXY + + curl supports both HTTP and SOCKS proxy servers, with optional authentication. + It does not have special support for FTP proxy servers since there are no + standards for those, but it can still be made to work with many of them. You + can also use both HTTP and SOCKS proxies to transfer files to and from FTP + servers. + + Get an ftp file using an HTTP proxy named my-proxy that uses port 888: + + curl -x my-proxy:888 ftp://ftp.leachsite.com/README + + Get a file from an HTTP server that requires user and password, using the + same proxy as above: + + curl -u user:passwd -x my-proxy:888 http://www.get.this/ + + Some proxies require special authentication. Specify by using -U as above: + + curl -U user:passwd -x my-proxy:888 http://www.get.this/ + + A comma-separated list of hosts and domains which do not use the proxy can + be specified as: + + curl --noproxy localhost,get.this -x my-proxy:888 http://www.get.this/ + + If the proxy is specified with --proxy1.0 instead of --proxy or -x, then + curl will use HTTP/1.0 instead of HTTP/1.1 for any CONNECT attempts. + + curl also supports SOCKS4 and SOCKS5 proxies with --socks4 and --socks5. + + See also the environment variables Curl supports that offer further proxy + control. + + Most FTP proxy servers are set up to appear as a normal FTP server from the + client's perspective, with special commands to select the remote FTP server. + curl supports the -u, -Q and --ftp-account options that can be used to + set up transfers through many FTP proxies. For example, a file can be + uploaded to a remote FTP server using a Blue Coat FTP proxy with the + options: + + curl -u "Remote-FTP-Username@remote.ftp.server Proxy-Username:Remote-Pass" \ + --ftp-account Proxy-Password --upload-file local-file \ + ftp://my-ftp.proxy.server:21/remote/upload/path/ + + See the manual for your FTP proxy to determine the form it expects to set up + transfers, and curl's -v option to see exactly what curl is sending. + +RANGES + + HTTP 1.1 introduced byte-ranges. Using this, a client can request + to get only one or more subparts of a specified document. Curl supports + this with the -r flag. + + Get the first 100 bytes of a document: + + curl -r 0-99 http://www.get.this/ + + Get the last 500 bytes of a document: + + curl -r -500 http://www.get.this/ + + Curl also supports simple ranges for FTP files as well. Then you can only + specify start and stop position. + + Get the first 100 bytes of a document using FTP: + + curl -r 0-99 ftp://www.get.this/README + +UPLOADING + + FTP / FTPS / SFTP / SCP + + Upload all data on stdin to a specified server: + + curl -T - ftp://ftp.upload.com/myfile + + Upload data from a specified file, login with user and password: + + curl -T uploadfile -u user:passwd ftp://ftp.upload.com/myfile + + Upload a local file to the remote site, and use the local file name at the remote + site too: + + curl -T uploadfile -u user:passwd ftp://ftp.upload.com/ + + Upload a local file to get appended to the remote file: + + curl -T localfile -a ftp://ftp.upload.com/remotefile + + Curl also supports ftp upload through a proxy, but only if the proxy is + configured to allow that kind of tunneling. If it does, you can run curl in + a fashion similar to: + + curl --proxytunnel -x proxy:port -T localfile ftp.upload.com + + HTTP + + Upload all data on stdin to a specified HTTP site: + + curl -T - http://www.upload.com/myfile + + Note that the HTTP server must have been configured to accept PUT before + this can be done successfully. + + For other ways to do HTTP data upload, see the POST section below. + +VERBOSE / DEBUG + + If curl fails where it isn't supposed to, if the servers don't let you in, + if you can't understand the responses: use the -v flag to get verbose + fetching. Curl will output lots of info and what it sends and receives in + order to let the user see all client-server interaction (but it won't show + you the actual data). + + curl -v ftp://ftp.upload.com/ + + To get even more details and information on what curl does, try using the + --trace or --trace-ascii options with a given file name to log to, like + this: + + curl --trace trace.txt www.haxx.se + + +DETAILED INFORMATION + + Different protocols provide different ways of getting detailed information + about specific files/documents. To get curl to show detailed information + about a single file, you should use -I/--head option. It displays all + available info on a single file for HTTP and FTP. The HTTP information is a + lot more extensive. + + For HTTP, you can get the header information (the same as -I would show) + shown before the data by using -i/--include. Curl understands the + -D/--dump-header option when getting files from both FTP and HTTP, and it + will then store the headers in the specified file. + + Store the HTTP headers in a separate file (headers.txt in the example): + + curl --dump-header headers.txt curl.haxx.se + + Note that headers stored in a separate file can be very useful at a later + time if you want curl to use cookies sent by the server. More about that in + the cookies section. + +POST (HTTP) + + It's easy to post data using curl. This is done using the -d <data> + option. The post data must be urlencoded. + + Post a simple "name" and "phone" guestbook. + + curl -d "name=Rafael%20Sagula&phone=3320780" \ + http://www.where.com/guest.cgi + + How to post a form with curl, lesson #1: + + Dig out all the <input> tags in the form that you want to fill in. (There's + a perl program called formfind.pl on the curl site that helps with this). + + If there's a "normal" post, you use -d to post. -d takes a full "post + string", which is in the format + + <variable1>=<data1>&<variable2>=<data2>&... + + The 'variable' names are the names set with "name=" in the <input> tags, and + the data is the contents you want to fill in for the inputs. The data *must* + be properly URL encoded. That means you replace space with + and that you + replace weird letters with %XX where XX is the hexadecimal representation of + the letter's ASCII code. + + Example: + + (page located at http://www.formpost.com/getthis/ + + <form action="post.cgi" method="post"> + <input name=user size=10> + <input name=pass type=password size=10> + <input name=id type=hidden value="blablabla"> + <input name=ding value="submit"> + </form> + + We want to enter user 'foobar' with password '12345'. + + To post to this, you enter a curl command line like: + + curl -d "user=foobar&pass=12345&id=blablabla&ding=submit" (continues) + http://www.formpost.com/getthis/post.cgi + + + While -d uses the application/x-www-form-urlencoded mime-type, generally + understood by CGI's and similar, curl also supports the more capable + multipart/form-data type. This latter type supports things like file upload. + + -F accepts parameters like -F "name=contents". If you want the contents to + be read from a file, use <@filename> as contents. When specifying a file, + you can also specify the file content type by appending ';type=<mime type>' + to the file name. You can also post the contents of several files in one + field. For example, the field name 'coolfiles' is used to send three files, + with different content types using the following syntax: + + curl -F "coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html" \ + http://www.post.com/postit.cgi + + If the content-type is not specified, curl will try to guess from the file + extension (it only knows a few), or use the previously specified type (from + an earlier file if several files are specified in a list) or else it will + use the default type 'application/octet-stream'. + + Emulate a fill-in form with -F. Let's say you fill in three fields in a + form. One field is a file name which to post, one field is your name and one + field is a file description. We want to post the file we have written named + "cooltext.txt". To let curl do the posting of this data instead of your + favourite browser, you have to read the HTML source of the form page and + find the names of the input fields. In our example, the input field names + are 'file', 'yourname' and 'filedescription'. + + curl -F "file=@cooltext.txt" -F "yourname=Daniel" \ + -F "filedescription=Cool text file with cool text inside" \ + http://www.post.com/postit.cgi + + To send two files in one post you can do it in two ways: + + 1. Send multiple files in a single "field" with a single field name: + + curl -F "pictures=@dog.gif,cat.gif" + + 2. Send two fields with two field names: + + curl -F "docpicture=@dog.gif" -F "catpicture=@cat.gif" + + To send a field value literally without interpreting a leading '@' + or '<', or an embedded ';type=', use --form-string instead of + -F. This is recommended when the value is obtained from a user or + some other unpredictable source. Under these circumstances, using + -F instead of --form-string would allow a user to trick curl into + uploading a file. + +REFERRER + + An HTTP request has the option to include information about which address + referred it to the actual page. Curl allows you to specify the + referrer to be used on the command line. It is especially useful to + fool or trick stupid servers or CGI scripts that rely on that information + being available or contain certain data. + + curl -e www.coolsite.com http://www.showme.com/ + + NOTE: The Referer: [sic] field is defined in the HTTP spec to be a full URL. + +USER AGENT + + An HTTP request has the option to include information about the browser + that generated the request. Curl allows it to be specified on the command + line. It is especially useful to fool or trick stupid servers or CGI + scripts that only accept certain browsers. + + Example: + + curl -A 'Mozilla/3.0 (Win95; I)' http://www.nationsbank.com/ + + Other common strings: + 'Mozilla/3.0 (Win95; I)' Netscape Version 3 for Windows 95 + 'Mozilla/3.04 (Win95; U)' Netscape Version 3 for Windows 95 + 'Mozilla/2.02 (OS/2; U)' Netscape Version 2 for OS/2 + 'Mozilla/4.04 [en] (X11; U; AIX 4.2; Nav)' NS for AIX + 'Mozilla/4.05 [en] (X11; U; Linux 2.0.32 i586)' NS for Linux + + Note that Internet Explorer tries hard to be compatible in every way: + 'Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)' MSIE for W95 + + Mozilla is not the only possible User-Agent name: + 'Konqueror/1.0' KDE File Manager desktop client + 'Lynx/2.7.1 libwww-FM/2.14' Lynx command line browser + +COOKIES + + Cookies are generally used by web servers to keep state information at the + client's side. The server sets cookies by sending a response line in the + headers that looks like 'Set-Cookie: <data>' where the data part then + typically contains a set of NAME=VALUE pairs (separated by semicolons ';' + like "NAME1=VALUE1; NAME2=VALUE2;"). The server can also specify for what + path the "cookie" should be used for (by specifying "path=value"), when the + cookie should expire ("expire=DATE"), for what domain to use it + ("domain=NAME") and if it should be used on secure connections only + ("secure"). + + If you've received a page from a server that contains a header like: + Set-Cookie: sessionid=boo123; path="/foo"; + + it means the server wants that first pair passed on when we get anything in + a path beginning with "/foo". + + Example, get a page that wants my name passed in a cookie: + + curl -b "name=Daniel" www.sillypage.com + + Curl also has the ability to use previously received cookies in following + sessions. If you get cookies from a server and store them in a file in a + manner similar to: + + curl --dump-header headers www.example.com + + ... you can then in a second connect to that (or another) site, use the + cookies from the 'headers' file like: + + curl -b headers www.example.com + + While saving headers to a file is a working way to store cookies, it is + however error-prone and not the preferred way to do this. Instead, make curl + save the incoming cookies using the well-known netscape cookie format like + this: + + curl -c cookies.txt www.example.com + + Note that by specifying -b you enable the "cookie awareness" and with -L + you can make curl follow a location: (which often is used in combination + with cookies). So that if a site sends cookies and a location, you can + use a non-existing file to trigger the cookie awareness like: + + curl -L -b empty.txt www.example.com + + The file to read cookies from must be formatted using plain HTTP headers OR + as netscape's cookie file. Curl will determine what kind it is based on the + file contents. In the above command, curl will parse the header and store + the cookies received from www.example.com. curl will send to the server the + stored cookies which match the request as it follows the location. The + file "empty.txt" may be a nonexistent file. + + Alas, to both read and write cookies from a netscape cookie file, you can + set both -b and -c to use the same file: + + curl -b cookies.txt -c cookies.txt www.example.com + +PROGRESS METER + + The progress meter exists to show a user that something actually is + happening. The different fields in the output have the following meaning: + + % Total % Received % Xferd Average Speed Time Curr. + Dload Upload Total Current Left Speed + 0 151M 0 38608 0 0 9406 0 4:41:43 0:00:04 4:41:39 9287 + + From left-to-right: + % - percentage completed of the whole transfer + Total - total size of the whole expected transfer + % - percentage completed of the download + Received - currently downloaded amount of bytes + % - percentage completed of the upload + Xferd - currently uploaded amount of bytes + Average Speed + Dload - the average transfer speed of the download + Average Speed + Upload - the average transfer speed of the upload + Time Total - expected time to complete the operation + Time Current - time passed since the invoke + Time Left - expected time left to completion + Curr.Speed - the average transfer speed the last 5 seconds (the first + 5 seconds of a transfer is based on less time of course.) + + The -# option will display a totally different progress bar that doesn't + need much explanation! + +SPEED LIMIT + + Curl allows the user to set the transfer speed conditions that must be met + to let the transfer keep going. By using the switch -y and -Y you + can make curl abort transfers if the transfer speed is below the specified + lowest limit for a specified time. + + To have curl abort the download if the speed is slower than 3000 bytes per + second for 1 minute, run: + + curl -Y 3000 -y 60 www.far-away-site.com + + This can very well be used in combination with the overall time limit, so + that the above operation must be completed in whole within 30 minutes: + + curl -m 1800 -Y 3000 -y 60 www.far-away-site.com + + Forcing curl not to transfer data faster than a given rate is also possible, + which might be useful if you're using a limited bandwidth connection and you + don't want your transfer to use all of it (sometimes referred to as + "bandwidth throttle"). + + Make curl transfer data no faster than 10 kilobytes per second: + + curl --limit-rate 10K www.far-away-site.com + + or + + curl --limit-rate 10240 www.far-away-site.com + + Or prevent curl from uploading data faster than 1 megabyte per second: + + curl -T upload --limit-rate 1M ftp://uploadshereplease.com + + When using the --limit-rate option, the transfer rate is regulated on a + per-second basis, which will cause the total transfer speed to become lower + than the given number. Sometimes of course substantially lower, if your + transfer stalls during periods. + +CONFIG FILE + + Curl automatically tries to read the .curlrc file (or _curlrc file on win32 + systems) from the user's home dir on startup. + + The config file could be made up with normal command line switches, but you + can also specify the long options without the dashes to make it more + readable. You can separate the options and the parameter with spaces, or + with = or :. Comments can be used within the file. If the first letter on a + line is a '#'-symbol the rest of the line is treated as a comment. + + If you want the parameter to contain spaces, you must enclose the entire + parameter within double quotes ("). Within those quotes, you specify a + quote as \". + + NOTE: You must specify options and their arguments on the same line. + + Example, set default time out and proxy in a config file: + + # We want a 30 minute timeout: + -m 1800 + # ... and we use a proxy for all accesses: + proxy = proxy.our.domain.com:8080 + + White spaces ARE significant at the end of lines, but all white spaces + leading up to the first characters of each line are ignored. + + Prevent curl from reading the default file by using -q as the first command + line parameter, like: + + curl -q www.thatsite.com + + Force curl to get and display a local help page in case it is invoked + without URL by making a config file similar to: + + # default url to get + url = "http://help.with.curl.com/curlhelp.html" + + You can specify another config file to be read by using the -K/--config + flag. If you set config file name to "-" it'll read the config from stdin, + which can be handy if you want to hide options from being visible in process + tables etc: + + echo "user = user:passwd" | curl -K - http://that.secret.site.com + +EXTRA HEADERS + + When using curl in your own very special programs, you may end up needing + to pass on your own custom headers when getting a web page. You can do + this by using the -H flag. + + Example, send the header "X-you-and-me: yes" to the server when getting a + page: + + curl -H "X-you-and-me: yes" www.love.com + + This can also be useful in case you want curl to send a different text in a + header than it normally does. The -H header you specify then replaces the + header curl would normally send. If you replace an internal header with an + empty one, you prevent that header from being sent. To prevent the Host: + header from being used: + + curl -H "Host:" www.server.com + +FTP and PATH NAMES + + Do note that when getting files with the ftp:// URL, the given path is + relative the directory you enter. To get the file 'README' from your home + directory at your ftp site, do: + + curl ftp://user:passwd@my.site.com/README + + But if you want the README file from the root directory of that very same + site, you need to specify the absolute file name: + + curl ftp://user:passwd@my.site.com//README + + (I.e with an extra slash in front of the file name.) + +SFTP and SCP and PATH NAMES + + With sftp: and scp: URLs, the path name given is the absolute name on the + server. To access a file relative to the remote user's home directory, + prefix the file with /~/ , such as: + + curl -u $USER sftp://home.example.com/~/.bashrc + +FTP and firewalls + + The FTP protocol requires one of the involved parties to open a second + connection as soon as data is about to get transferred. There are two ways to + do this. + + The default way for curl is to issue the PASV command which causes the + server to open another port and await another connection performed by the + client. This is good if the client is behind a firewall that doesn't allow + incoming connections. + + curl ftp.download.com + + If the server, for example, is behind a firewall that doesn't allow connections + on ports other than 21 (or if it just doesn't support the PASV command), the + other way to do it is to use the PORT command and instruct the server to + connect to the client on the given IP number and port (as parameters to the + PORT command). + + The -P flag to curl supports a few different options. Your machine may have + several IP-addresses and/or network interfaces and curl allows you to select + which of them to use. Default address can also be used: + + curl -P - ftp.download.com + + Download with PORT but use the IP address of our 'le0' interface (this does + not work on windows): + + curl -P le0 ftp.download.com + + Download with PORT but use 192.168.0.10 as our IP address to use: + + curl -P 192.168.0.10 ftp.download.com + +NETWORK INTERFACE + + Get a web page from a server using a specified port for the interface: + + curl --interface eth0:1 http://www.netscape.com/ + + or + + curl --interface 192.168.1.10 http://www.netscape.com/ + +HTTPS + + Secure HTTP requires SSL libraries to be installed and used when curl is + built. If that is done, curl is capable of retrieving and posting documents + using the HTTPS protocol. + + Example: + + curl https://www.secure-site.com + + Curl is also capable of using your personal certificates to get/post files + from sites that require valid certificates. The only drawback is that the + certificate needs to be in PEM-format. PEM is a standard and open format to + store certificates with, but it is not used by the most commonly used + browsers (Netscape and MSIE both use the so called PKCS#12 format). If you + want curl to use the certificates you use with your (favourite) browser, you + may need to download/compile a converter that can convert your browser's + formatted certificates to PEM formatted ones. This kind of converter is + included in recent versions of OpenSSL, and for older versions Dr Stephen + N. Henson has written a patch for SSLeay that adds this functionality. You + can get his patch (that requires an SSLeay installation) from his site at: + http://www.drh-consultancy.demon.co.uk/ + + Example on how to automatically retrieve a document using a certificate with + a personal password: + + curl -E /path/to/cert.pem:password https://secure.site.com/ + + If you neglect to specify the password on the command line, you will be + prompted for the correct password before any data can be received. + + Many older SSL-servers have problems with SSLv3 or TLS, which newer versions + of OpenSSL etc use, therefore it is sometimes useful to specify what + SSL-version curl should use. Use -3, -2 or -1 to specify that exact SSL + version to use (for SSLv3, SSLv2 or TLSv1 respectively): + + curl -2 https://secure.site.com/ + + Otherwise, curl will first attempt to use v3 and then v2. + + To use OpenSSL to convert your favourite browser's certificate into a PEM + formatted one that curl can use, do something like this: + + In Netscape, you start with hitting the 'Security' menu button. + + Select 'certificates->yours' and then pick a certificate in the list + + Press the 'Export' button + + enter your PIN code for the certs + + select a proper place to save it + + Run the 'openssl' application to convert the certificate. If you cd to the + openssl installation, you can do it like: + + # ./apps/openssl pkcs12 -in [file you saved] -clcerts -out [PEMfile] + + In Firefox, select Options, then Advanced, then the Encryption tab, + View Certificates. This opens the Certificate Manager, where you can + Export. Be sure to select PEM for the Save as type. + + In Internet Explorer, select Internet Options, then the Content tab, then + Certificates. Then you can Export, and depending on the format you may + need to convert to PEM. + + In Chrome, select Settings, then Show Advanced Settings. Under HTTPS/SSL + select Manage Certificates. + +RESUMING FILE TRANSFERS + + To continue a file transfer where it was previously aborted, curl supports + resume on HTTP(S) downloads as well as FTP uploads and downloads. + + Continue downloading a document: + + curl -C - -o file ftp://ftp.server.com/path/file + + Continue uploading a document(*1): + + curl -C - -T file ftp://ftp.server.com/path/file + + Continue downloading a document from a web server(*2): + + curl -C - -o file http://www.server.com/ + + (*1) = This requires that the FTP server supports the non-standard command + SIZE. If it doesn't, curl will say so. + + (*2) = This requires that the web server supports at least HTTP/1.1. If it + doesn't, curl will say so. + +TIME CONDITIONS + + HTTP allows a client to specify a time condition for the document it + requests. It is If-Modified-Since or If-Unmodified-Since. Curl allows you to + specify them with the -z/--time-cond flag. + + For example, you can easily make a download that only gets performed if the + remote file is newer than a local copy. It would be made like: + + curl -z local.html http://remote.server.com/remote.html + + Or you can download a file only if the local file is newer than the remote + one. Do this by prepending the date string with a '-', as in: + + curl -z -local.html http://remote.server.com/remote.html + + You can specify a "free text" date as condition. Tell curl to only download + the file if it was updated since January 12, 2012: + + curl -z "Jan 12 2012" http://remote.server.com/remote.html + + Curl will then accept a wide range of date formats. You always make the date + check the other way around by prepending it with a dash '-'. + +DICT + + For fun try + + curl dict://dict.org/m:curl + curl dict://dict.org/d:heisenbug:jargon + curl dict://dict.org/d:daniel:web1913 + + Aliases for 'm' are 'match' and 'find', and aliases for 'd' are 'define' + and 'lookup'. For example, + + curl dict://dict.org/find:curl + + Commands that break the URL description of the RFC (but not the DICT + protocol) are + + curl dict://dict.org/show:db + curl dict://dict.org/show:strat + + Authentication is still missing (but this is not required by the RFC) + +LDAP + + If you have installed the OpenLDAP library, curl can take advantage of it + and offer ldap:// support. + + LDAP is a complex thing and writing an LDAP query is not an easy task. I do + advise you to dig up the syntax description for that elsewhere. Two places + that might suit you are: + + Netscape's "Netscape Directory SDK 3.0 for C Programmer's Guide Chapter 10: + Working with LDAP URLs": + http://developer.netscape.com/docs/manuals/dirsdk/csdk30/url.htm + + RFC 2255, "The LDAP URL Format" http://curl.haxx.se/rfc/rfc2255.txt + + To show you an example, this is how I can get all people from my local LDAP + server that has a certain sub-domain in their email address: + + curl -B "ldap://ldap.frontec.se/o=frontec??sub?mail=*sth.frontec.se" + + If I want the same info in HTML format, I can get it by not using the -B + (enforce ASCII) flag. + +ENVIRONMENT VARIABLES + + Curl reads and understands the following environment variables: + + http_proxy, HTTPS_PROXY, FTP_PROXY + + They should be set for protocol-specific proxies. General proxy should be + set with + + ALL_PROXY + + A comma-separated list of host names that shouldn't go through any proxy is + set in (only an asterisk, '*' matches all hosts) + + NO_PROXY + + If the host name matches one of these strings, or the host is within the + domain of one of these strings, transactions with that node will not be + proxied. + + + The usage of the -x/--proxy flag overrides the environment variables. + +NETRC + + Unix introduced the .netrc concept a long time ago. It is a way for a user + to specify name and password for commonly visited FTP sites in a file so + that you don't have to type them in each time you visit those sites. You + realize this is a big security risk if someone else gets hold of your + passwords, so therefore most unix programs won't read this file unless it is + only readable by yourself (curl doesn't care though). + + Curl supports .netrc files if told to (using the -n/--netrc and + --netrc-optional options). This is not restricted to just FTP, + so curl can use it for all protocols where authentication is used. + + A very simple .netrc file could look something like: + + machine curl.haxx.se login iamdaniel password mysecret + +CUSTOM OUTPUT + + To better allow script programmers to get to know about the progress of + curl, the -w/--write-out option was introduced. Using this, you can specify + what information from the previous transfer you want to extract. + + To display the amount of bytes downloaded together with some text and an + ending newline: + + curl -w 'We downloaded %{size_download} bytes\n' www.download.com + +KERBEROS FTP TRANSFER + + Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need + the kerberos package installed and used at curl build time for it to be + available. + + First, get the krb-ticket the normal way, like with the kinit/kauth tool. + Then use curl in way similar to: + + curl --krb private ftp://krb4site.com -u username:fakepwd + + There's no use for a password on the -u switch, but a blank one will make + curl ask for one and you already entered the real password to kinit/kauth. + +TELNET + + The curl telnet support is basic and very easy to use. Curl passes all data + passed to it on stdin to the remote server. Connect to a remote telnet + server using a command line similar to: + + curl telnet://remote.server.com + + And enter the data to pass to the server on stdin. The result will be sent + to stdout or to the file you specify with -o. + + You might want the -N/--no-buffer option to switch off the buffered output + for slow connections or similar. + + Pass options to the telnet protocol negotiation, by using the -t option. To + tell the server we use a vt100 terminal, try something like: + + curl -tTTYPE=vt100 telnet://remote.server.com + + Other interesting options for it -t include: + + - XDISPLOC=<X display> Sets the X display location. + + - NEW_ENV=<var,val> Sets an environment variable. + + NOTE: The telnet protocol does not specify any way to login with a specified + user and password so curl can't do that automatically. To do that, you need + to track when the login prompt is received and send the username and + password accordingly. + +PERSISTENT CONNECTIONS + + Specifying multiple files on a single command line will make curl transfer + all of them, one after the other in the specified order. + + libcurl will attempt to use persistent connections for the transfers so that + the second transfer to the same host can use the same connection that was + already initiated and was left open in the previous transfer. This greatly + decreases connection time for all but the first transfer and it makes a far + better use of the network. + + Note that curl cannot use persistent connections for transfers that are used + in subsequence curl invokes. Try to stuff as many URLs as possible on the + same command line if they are using the same host, as that'll make the + transfers faster. If you use an HTTP proxy for file transfers, practically + all transfers will be persistent. + +MULTIPLE TRANSFERS WITH A SINGLE COMMAND LINE + + As is mentioned above, you can download multiple files with one command line + by simply adding more URLs. If you want those to get saved to a local file + instead of just printed to stdout, you need to add one save option for each + URL you specify. Note that this also goes for the -O option (but not + --remote-name-all). + + For example: get two files and use -O for the first and a custom file + name for the second: + + curl -O http://url.com/file.txt ftp://ftp.com/moo.exe -o moo.jpg + + You can also upload multiple files in a similar fashion: + + curl -T local1 ftp://ftp.com/moo.exe -T local2 ftp://ftp.com/moo2.txt + +IPv6 + + curl will connect to a server with IPv6 when a host lookup returns an IPv6 + address and fall back to IPv4 if the connection fails. The --ipv4 and --ipv6 + options can specify which address to use when both are available. IPv6 + addresses can also be specified directly in URLs using the syntax: + + http://[2001:1890:1112:1::20]/overview.html + + When this style is used, the -g option must be given to stop curl from + interpreting the square brackets as special globbing characters. Link local + and site local addresses including a scope identifier, such as fe80::1234%1, + may also be used, but the scope portion must be numeric and the percent + character must be URL escaped. The previous example in an SFTP URL might + look like: + + sftp://[fe80::1234%251]/ + + IPv6 addresses provided other than in URLs (e.g. to the --proxy, --interface + or --ftp-port options) should not be URL encoded. + +METALINK + + Curl supports Metalink (both version 3 and 4 (RFC 5854) are supported), a way + to list multiple URIs and hashes for a file. Curl will make use of the mirrors + listed within for failover if there are errors (such as the file or server not + being available). It will also verify the hash of the file after the download + completes. The Metalink file itself is downloaded and processed in memory and + not stored in the local file system. + + Example to use a remote Metalink file: + + curl --metalink http://www.example.com/example.metalink + + To use a Metalink file in the local file system, use FILE protocol (file://): + + curl --metalink file://example.metalink + + Please note that if FILE protocol is disabled, there is no way to use a local + Metalink file at the time of this writing. Also note that if --metalink and + --include are used together, --include will be ignored. This is because including + headers in the response will break Metalink parser and if the headers are included + in the file described in Metalink file, hash check will fail. + +MAILING LISTS + + For your convenience, we have several open mailing lists to discuss curl, + its development and things relevant to this. Get all info at + http://curl.haxx.se/mail/. Some of the lists available are: + + curl-users + + Users of the command line tool. How to use it, what doesn't work, new + features, related tools, questions, news, installations, compilations, + running, porting etc. + + curl-library + + Developers using or developing libcurl. Bugs, extensions, improvements. + + curl-announce + + Low-traffic. Only receives announcements of new public versions. At worst, + that makes something like one or two mails per month, but usually only one + mail every second month. + + curl-and-php + + Using the curl functions in PHP. Everything curl with a PHP angle. Or PHP + with a curl angle. + + curl-and-python + + Python hackers using curl with or without the python binding pycurl. + + Please direct curl questions, feature requests and trouble reports to one of + these mailing lists instead of mailing any individual. diff --git a/libs/libcurl/docs/Makefile.am b/libs/libcurl/docs/Makefile.am new file mode 100644 index 0000000000..8466a6c296 --- /dev/null +++ b/libs/libcurl/docs/Makefile.am @@ -0,0 +1,61 @@ +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at http://curl.haxx.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +########################################################################### + +AUTOMAKE_OPTIONS = foreign no-dependencies + +man_MANS = curl.1 curl-config.1 +noinst_man_MANS = mk-ca-bundle.1 +GENHTMLPAGES = curl.html curl-config.html mk-ca-bundle.html +PDFPAGES = curl.pdf curl-config.pdf mk-ca-bundle.pdf + +HTMLPAGES = $(GENHTMLPAGES) index.html + +SUBDIRS = examples libcurl + +CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES) + +EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \ + README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ + KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \ + $(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \ + MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS + +MAN2HTML= roffit < $< >$@ + +SUFFIXES = .1 .html .pdf + +html: $(HTMLPAGES) + cd libcurl; make html + +pdf: $(PDFPAGES) + cd libcurl; make pdf + +.1.html: + $(MAN2HTML) + +.1.pdf: + @(foo=`echo $@ | sed -e 's/\.[0-9]$$//g'`; \ + groff -Tps -man $< >$$foo.ps; \ + ps2pdf $$foo.ps $@; \ + rm $$foo.ps; \ + echo "converted $< to $@") + diff --git a/libs/libcurl/docs/Makefile.in b/libs/libcurl/docs/Makefile.in new file mode 100644 index 0000000000..971c63f1db --- /dev/null +++ b/libs/libcurl/docs/Makefile.in @@ -0,0 +1,819 @@ +# Makefile.in generated by automake 1.14 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +#*************************************************************************** +# _ _ ____ _ +# Project ___| | | | _ \| | +# / __| | | | |_) | | +# | (__| |_| | _ <| |___ +# \___|\___/|_| \_\_____| +# +# Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at http://curl.haxx.se/docs/copyright.html. +# +# You may opt to use, copy, modify, merge, publish, distribute and/or sell +# copies of the Software, and permit persons to whom the Software is +# furnished to do so, under the terms of the COPYING file. +# +# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +# KIND, either express or implied. +# +########################################################################### +VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = docs +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/mkinstalldirs INSTALL THANKS TODO +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/curl-compilers.m4 \ + $(top_srcdir)/m4/curl-confopts.m4 \ + $(top_srcdir)/m4/curl-functions.m4 \ + $(top_srcdir)/m4/curl-openssl.m4 \ + $(top_srcdir)/m4/curl-override.m4 \ + $(top_srcdir)/m4/curl-reentrant.m4 $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/xc-am-iface.m4 \ + $(top_srcdir)/m4/xc-cc-check.m4 \ + $(top_srcdir)/m4/xc-lt-iface.m4 \ + $(top_srcdir)/m4/xc-translit.m4 \ + $(top_srcdir)/m4/xc-val-flgs.m4 \ + $(top_srcdir)/m4/zz40-xc-ovr.m4 \ + $(top_srcdir)/m4/zz50-xc-ovr.m4 \ + $(top_srcdir)/m4/zz60-xc-ovr.m4 $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/lib/curl_config.h \ + $(top_builddir)/include/curl/curlbuild.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +man1dir = $(mandir)/man1 +am__installdirs = "$(DESTDIR)$(man1dir)" +MANS = $(man_MANS) +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + distdir +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AS = @AS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BLANK_AT_MAKETIME = @BLANK_AT_MAKETIME@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CFLAG_CURL_SYMBOL_HIDING = @CFLAG_CURL_SYMBOL_HIDING@ +CONFIGURE_OPTIONS = @CONFIGURE_OPTIONS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CPPFLAG_CURL_STATICLIB = @CPPFLAG_CURL_STATICLIB@ +CURLVERSION = @CURLVERSION@ +CURL_CA_BUNDLE = @CURL_CA_BUNDLE@ +CURL_CFLAG_EXTRAS = @CURL_CFLAG_EXTRAS@ +CURL_DISABLE_DICT = @CURL_DISABLE_DICT@ +CURL_DISABLE_FILE = @CURL_DISABLE_FILE@ +CURL_DISABLE_FTP = @CURL_DISABLE_FTP@ +CURL_DISABLE_GOPHER = @CURL_DISABLE_GOPHER@ +CURL_DISABLE_HTTP = @CURL_DISABLE_HTTP@ +CURL_DISABLE_IMAP = @CURL_DISABLE_IMAP@ +CURL_DISABLE_LDAP = @CURL_DISABLE_LDAP@ +CURL_DISABLE_LDAPS = @CURL_DISABLE_LDAPS@ +CURL_DISABLE_POP3 = @CURL_DISABLE_POP3@ +CURL_DISABLE_PROXY = @CURL_DISABLE_PROXY@ +CURL_DISABLE_RTSP = @CURL_DISABLE_RTSP@ +CURL_DISABLE_SMTP = @CURL_DISABLE_SMTP@ +CURL_DISABLE_TELNET = @CURL_DISABLE_TELNET@ +CURL_DISABLE_TFTP = @CURL_DISABLE_TFTP@ +CURL_LT_SHLIB_VERSIONED_FLAVOUR = @CURL_LT_SHLIB_VERSIONED_FLAVOUR@ +CURL_NETWORK_AND_TIME_LIBS = @CURL_NETWORK_AND_TIME_LIBS@ +CURL_NETWORK_LIBS = @CURL_NETWORK_LIBS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +ENABLE_SHARED = @ENABLE_SHARED@ +ENABLE_STATIC = @ENABLE_STATIC@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +HAVE_GNUTLS_SRP = @HAVE_GNUTLS_SRP@ +HAVE_LDAP_SSL = @HAVE_LDAP_SSL@ +HAVE_LIBZ = @HAVE_LIBZ@ +HAVE_NSS_INITCONTEXT = @HAVE_NSS_INITCONTEXT@ +HAVE_SSLEAY_SRP = @HAVE_SSLEAY_SRP@ +IDN_ENABLED = @IDN_ENABLED@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPV6_ENABLED = @IPV6_ENABLED@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBCURL_LIBS = @LIBCURL_LIBS@ +LIBMETALINK_CPPFLAGS = @LIBMETALINK_CPPFLAGS@ +LIBMETALINK_LDFLAGS = @LIBMETALINK_LDFLAGS@ +LIBMETALINK_LIBS = @LIBMETALINK_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MANOPT = @MANOPT@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKGADD_NAME = @PKGADD_NAME@ +PKGADD_PKG = @PKGADD_PKG@ +PKGADD_VENDOR = @PKGADD_VENDOR@ +PKGCONFIG = @PKGCONFIG@ +RANDOM_FILE = @RANDOM_FILE@ +RANLIB = @RANLIB@ +REQUIRE_LIB_DEPS = @REQUIRE_LIB_DEPS@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SSL_ENABLED = @SSL_ENABLED@ +STRIP = @STRIP@ +SUPPORT_FEATURES = @SUPPORT_FEATURES@ +SUPPORT_PROTOCOLS = @SUPPORT_PROTOCOLS@ +USE_ARES = @USE_ARES@ +USE_AXTLS = @USE_AXTLS@ +USE_CYASSL = @USE_CYASSL@ +USE_DARWINSSL = @USE_DARWINSSL@ +USE_GNUTLS = @USE_GNUTLS@ +USE_GNUTLS_NETTLE = @USE_GNUTLS_NETTLE@ +USE_LIBRTMP = @USE_LIBRTMP@ +USE_LIBSSH2 = @USE_LIBSSH2@ +USE_NGHTTP2 = @USE_NGHTTP2@ +USE_NSS = @USE_NSS@ +USE_OPENLDAP = @USE_OPENLDAP@ +USE_POLARSSL = @USE_POLARSSL@ +USE_SCHANNEL = @USE_SCHANNEL@ +USE_SSLEAY = @USE_SSLEAY@ +USE_WINDOWS_SSPI = @USE_WINDOWS_SSPI@ +VERSION = @VERSION@ +VERSIONNUM = @VERSIONNUM@ +ZLIB_LIBS = @ZLIB_LIBS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libext = @libext@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +subdirs = @subdirs@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +AUTOMAKE_OPTIONS = foreign no-dependencies +man_MANS = curl.1 curl-config.1 +noinst_man_MANS = mk-ca-bundle.1 +GENHTMLPAGES = curl.html curl-config.html mk-ca-bundle.html +PDFPAGES = curl.pdf curl-config.pdf mk-ca-bundle.pdf +HTMLPAGES = $(GENHTMLPAGES) index.html +SUBDIRS = examples libcurl +CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES) +EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \ + README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ + KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \ + $(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \ + MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS + +MAN2HTML = roffit < $< >$@ +SUFFIXES = .1 .html .pdf +all: all-recursive + +.SUFFIXES: +.SUFFIXES: .1 .html .pdf +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign docs/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign docs/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man1dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.1[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) + +# This directory's subdirectories are mostly independent; you can cd +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-recursive +all-am: Makefile $(MANS) +installdirs: installdirs-recursive +installdirs-am: + for dir in "$(DESTDIR)$(man1dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html-am: + +info: info-recursive + +info-am: + +install-data-am: install-man + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: install-man1 + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: uninstall-man + +uninstall-man: uninstall-man1 + +.MAKE: $(am__recursive_targets) install-am install-strip + +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ + check-am clean clean-generic clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-man1 install-pdf install-pdf-am install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs installdirs-am maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-man uninstall-man1 + + +html: $(HTMLPAGES) + cd libcurl; make html + +pdf: $(PDFPAGES) + cd libcurl; make pdf + +.1.html: + $(MAN2HTML) + +.1.pdf: + @(foo=`echo $@ | sed -e 's/\.[0-9]$$//g'`; \ + groff -Tps -man $< >$$foo.ps; \ + ps2pdf $$foo.ps $@; \ + rm $$foo.ps; \ + echo "converted $< to $@") + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/libs/libcurl/docs/README b/libs/libcurl/docs/README new file mode 100644 index 0000000000..2ffacc32cc --- /dev/null +++ b/libs/libcurl/docs/README @@ -0,0 +1,49 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +README + + Curl is a command line tool for transferring data specified with URL + syntax. Find out how to use curl by reading the curl.1 man page or the + MANUAL document. Find out how to install Curl by reading the INSTALL + document. + + libcurl is the library curl is using to do its job. It is readily + available to be used by your software. Read the libcurl.3 man page to + learn how! + + You find answers to the most frequent questions we get in the FAQ document. + + Study the COPYING file for distribution terms and similar. If you distribute + curl binaries or other binaries that involve libcurl, you might enjoy the + LICENSE-MIXING document. + +CONTACT + + If you have problems, questions, ideas or suggestions, please contact us + by posting to a suitable mailing list. See http://curl.haxx.se/mail/ + + All contributors to the project are listed in the THANKS document. + +WEB SITE + + Visit the curl web site for the latest news and downloads: + + http://curl.haxx.se/ + +GIT + + To download the very latest source off the GIT server do this: + + git clone git://github.com/bagder/curl.git + + (you'll get a directory named curl created, filled with the source code) + +NOTICE + + Curl contains pieces of source code that is Copyright (c) 1998, 1999 + Kungliga Tekniska Högskolan. This notice is included here to comply with the + distribution terms. diff --git a/libs/libcurl/docs/README.netware b/libs/libcurl/docs/README.netware new file mode 100644 index 0000000000..41da2e8dc0 --- /dev/null +++ b/libs/libcurl/docs/README.netware @@ -0,0 +1,27 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +README.netware + + Read the README file first. + + Curl has been successfully compiled with gcc / nlmconv on different flavours + of Linux as well as with the official Metrowerks CodeWarrior compiler. + While not being the main development target, a continously growing share of + curl users are NetWare-based, specially also consuming the lib from PHP. + + The unix-style man pages are tricky to read on windows, so therefore are all + those pages converted to HTML as well as pdf, and included in the release + archives. + + The main curl.1 man page is also "built-in" in the command line tool. Use a + command line similar to this in order to extract a separate text file: + + curl -M >manual.txt + + Read the INSTALL file for instructions how to compile curl self. + + diff --git a/libs/libcurl/docs/README.win32 b/libs/libcurl/docs/README.win32 new file mode 100644 index 0000000000..cfd45dd25b --- /dev/null +++ b/libs/libcurl/docs/README.win32 @@ -0,0 +1,26 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +README.win32 + + Read the README file first. + + Curl has been compiled, built and run on all sorts of Windows and win32 + systems. While not being the main develop target, a fair share of curl users + are win32-based. + + The unix-style man pages are tricky to read on windows, so therefore are all + those pages converted to HTML as well as pdf, and included in the release + archives. + + The main curl.1 man page is also "built-in" in the command line tool. Use a + command line similar to this in order to extract a separate text file: + + curl -M >manual.txt + + Read the INSTALL file for instructions how to compile curl self. + + diff --git a/libs/libcurl/docs/RELEASE-NOTES b/libs/libcurl/docs/RELEASE-NOTES new file mode 100644 index 0000000000..b8f1719bab --- /dev/null +++ b/libs/libcurl/docs/RELEASE-NOTES @@ -0,0 +1,111 @@ +Curl and libcurl 7.33.0 + + Public curl releases: 135 + Command line options: 161 + curl_easy_setopt() options: 205 + Public functions in libcurl: 58 + Known libcurl bindings: 42 + Contributors: 1057 + +This release includes the following changes: + + o test code for testing the event based API [3] + o CURLM_ADDED_ALREADY: new error code + o test TFTP server: support "writedelay" within <servercmd> + o krb4 support has been removed + o imap/pop3/smtp: added basic SASL XOAUTH2 support [9] + o darwinssl: add support for PKCS#12 files for client authentication + o darwinssl: enable BEAST workaround on iOS 7 & later + o Pass password to OpenSSL engine by user interface [15] + o c-ares: Add support for various DNS binding options + o cookies: add expiration + o curl: added --oauth2-bearer option + +This release includes the following bugfixes: + + o nss: make sure that NSS is initialized + o curl: make --no-[option] work properly for several options + o FTP: with socket_action send better socket updates in active mode [1] + o curl: fix the --sasl-ir in the --help output + o tests 2032, 2033: Don't hardcode port in expected output + o urlglob: better detect unclosed braces, empty lists and overflows [7] + o urlglob: error out on range overflow [8] + o imap: Fixed response check for SEARCH, EXPUNGE, LSUB, UID and NOOP commands [10] + o handle arbitrary-length username and password [2] + o TFTP: make the CURLOPT_LOW_SPEED* options work [4] + o curl.h: name space pollution by "enum type" [5] + o multi: move on from STATE_DONE faster [6] + o FTP: 60 secs delay if aborted in the CURLOPT_HEADERFUNCTION callback [11] + o multi_socket: improved 100-continue timeout handling + o curl_multi_remove_handle: allow multiple removes + o FTP: fix getsock during DO_MORE state [12] + o -x: rephrased the --proxy section somewhat + o acinclude: fix --without-ca-path when cross-compiling [13] + o LDAP: fix bad free() when URL parsing failed [14] + o --data: mention CRLF treatment when reading from file + o curl_easy_pause: suggest one way to unpause + o imap: Fixed calculation of transfer when partial FETCH received [16] + o pingpong: Check SSL library buffers for already read data [16] + o imap/pop3/smtp: Speed up SSL connection initialization + o libcurl.3: for multi interface connections are held in the multi handle + o curl_easy_setopt.3: mention RTMP URL quirks [17] + o curl.1: detail how short/long options work [18] + o curl.1: Added information about optional login options to --user option + o curl: Added clarification to the --mail options in the --help output + o curl_easy_setopt.3: clarify that TIMEOUT and TIMEOUT_MS set the same value + o openssl: use correct port number in error message [19] + o darwinssl: block TLS_RSA_WITH_NULL_SHA256 cipher + o OpenSSL: acknowledge CURLOPT_SSL_VERIFYHOST without VERIFYPEER + o xattr: add support for FreeBSD xattr API + o win32: fix Visual Studio 2010 build with WINVER >= 0x600 [22] + o configure: use icc options without space [21] + o test1112: Increase the timeout from 7s to 16s [20] + o SCP: upload speed on a fast connection limited to 16384 B/s + o curl_setup_once: fix errno access for lwip on Windows [24] + o HTTP: Output http response 304 when modified time is too old [23] + +This release includes the following known bugs: + + o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html) + +This release would not have looked like this without help, code, reports and +advice from friends like these: + + Alex McLellan, Bill Doyle, Colby Ranger, Fabian Keil, Gisle Vanem, + John E. Malmberg, Jonathan Nieder, Kamil Dudka, Shawn Landden, + Tor Arntsen, Will Dietz, Yi Huang, Kyle L. Huff, Steve Holme, Mike Mio, + Stefan Neis, Nick Zitzmann, Geoff Beier, John Dunn, Jiri Hruska, + Tomas Mlcoch, Kim Vandry, Ben Greear, Gorilla Maguila, Jerry Krinock, + Yamada Yasuharu, Gordon Marler, Dave Thompson, D. Flinkmann, + Benoit Sigoure, Clemens Gruber, Guenter Knauf, Petr Pisar, Elmira A Semenova, + Francois Charlier, Ishan SinghLevett, Marcel Raad, Ulf Samuelsson, + Andrej E Baranov, Derek Higgins, Heinrich Schaefer + + Thanks! (and sorry if I forgot to mention someone) + +References to bug reports and discussions on issues: + + [1] = http://curl.haxx.se/mail/lib-2013-08/0043.html + [2] = http://bugs.debian.org/719856 + [3] = http://daniel.haxx.se/blog/2013/08/20/testing-curl_multi_socket_action/ + [4] = http://curl.haxx.se/bug/view.cgi?id=1269 + [5] = https://github.com/bagder/curl/pull/76 + [6] = http://curl.haxx.se/mail/lib-2013-08/0211.html + [7] = http://curl.haxx.se/bug/view.cgi?id=1264 + [8] = http://curl.haxx.se/bug/view.cgi?id=1267 + [9] = http://curl.haxx.se/mail/lib-2013-08/0234.html + [10] = http://curl.haxx.se/mail/lib-2013-08/0136.html + [11] = https://bugzilla.redhat.com/1005686 + [12] = http://curl.haxx.se/mail/lib-2013-08/0109.html + [13] = http://curl.haxx.se/bug/view.cgi?id=1273 + [14] = http://curl.haxx.se/mail/lib-2013-08/0209.html + [15] = http://curl.haxx.se/mail/lib-2013-08/0265.html + [16] = http://curl.haxx.se/mail/lib-2013-08/0170.html + [17] = http://curl.haxx.se/bug/view.cgi?id=1278 + [18] = http://curl.haxx.se/bug/view.cgi?id=1279 + [19] = http://curl.haxx.se/bug/view.cgi?id=1281 + [20] = http://curl.haxx.se/mail/lib-2010-02/0200.html + [21] = http://curl.haxx.se/mail/lib-2013-09/0182.html + [22] = http://curl.haxx.se/bug/view.cgi?id=1282 + [23] = http://curl.haxx.se/bug/view.cgi?id=1288 + [24] = http://curl.haxx.se/mail/lib-2013-10/0048.html diff --git a/libs/libcurl/docs/RESOURCES b/libs/libcurl/docs/RESOURCES new file mode 100644 index 0000000000..760e75975a --- /dev/null +++ b/libs/libcurl/docs/RESOURCES @@ -0,0 +1,83 @@ + _ _ ____ _ + Project ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + +This document lists documents and standards used by curl. + + RFC 959 - The FTP protocol + + RFC 1635 - How to Use Anonymous FTP + + RFC 1738 - Uniform Resource Locators + + RFC 1777 - defines the LDAP protocol + + RFC 1808 - Relative Uniform Resource Locators + + RFC 1867 - Form-based File Upload in HTML + + RFC 1950 - ZLIB Compressed Data Format Specification + + RFC 1951 - DEFLATE Compressed Data Format Specification + + RFC 1952 - gzip compression format + + RFC 1959 - LDAP URL syntax + + RFC 2045-2049 - Everything you need to know about MIME! (needed for form + based upload) + + RFC 2068 - HTTP 1.1 (obsoleted by RFC 2616) + + RFC 2104 - Keyed-Hashing for Message Authentication + + RFC 2109 - HTTP State Management Mechanism (cookie stuff) + - Also, read Netscape's specification at + http://curl.haxx.se/rfc/cookie_spec.html + + RFC 2183 - The Content-Disposition Header Field + + RFC 2195 - CRAM-MD5 authentication + + RFC 2229 - A Dictionary Server Protocol + + RFC 2255 - Newer LDAP URL syntax document. + + RFC 2231 - MIME Parameter Value and Encoded Word Extensions: + Character Sets, Languages, and Continuations + + RFC 2388 - "Returning Values from Forms: multipart/form-data" + Use this as an addition to the RFC1867 + + RFC 2396 - "Uniform Resource Identifiers: Generic Syntax and Semantics" This + one obsoletes RFC 1738, but since RFC 1738 is often mentioned + I've left it in this list. + + RFC 2428 - FTP Extensions for IPv6 and NATs + + RFC 2577 - FTP Security Considerations + + RFC 2616 - HTTP 1.1, the latest + + RFC 2617 - HTTP Authentication + + RFC 2718 - Guidelines for new URL Schemes + + RFC 2732 - Format for Literal IPv6 Addresses in URL's + + RFC 2818 - HTTP Over TLS (TLS is the successor to SSL) + + RFC 2821 - SMTP protocol + + RFC 2964 - Use of HTTP State Management + + RFC 2965 - HTTP State Management Mechanism. Cookies. Obsoletes RFC2109 + + RFC 3207 - SMTP over TLS + + RFC 4616 - PLAIN authentication + + RFC 4954 - SMTP Authentication diff --git a/libs/libcurl/docs/SSLCERTS b/libs/libcurl/docs/SSLCERTS new file mode 100644 index 0000000000..e6b05c3e3f --- /dev/null +++ b/libs/libcurl/docs/SSLCERTS @@ -0,0 +1,138 @@ + Peer SSL Certificate Verification + ================================= + +(NOTE: If libcurl was built with Schannel or Secure Transport support, then +this does not apply to you. Scroll down for details on how the OS-native +engines handle SSL certificates. If you're not sure, then run "curl -V" and +read the results. If the version string says "WinSSL" in it, then it was built +with Schannel support.) + +libcurl performs peer SSL certificate verification by default. This is done +by using CA cert bundle that the SSL library can use to make sure the peer's +server certificate is valid. + +If you communicate with HTTPS or FTPS servers using certificates that are +signed by CAs present in the bundle, you can be sure that the remote server +really is the one it claims to be. + +Until 7.18.0, curl bundled a severely outdated ca bundle file that was +installed by default. These days, the curl archives include no ca certs at +all. You need to get them elsewhere. See below for example. + +If the remote server uses a self-signed certificate, if you don't install a CA +cert bundle, if the server uses a certificate signed by a CA that isn't +included in the bundle you use or if the remote host is an impostor +impersonating your favorite site, and you want to transfer files from this +server, do one of the following: + + 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE); + + With the curl command line tool, you disable this with -k/--insecure. + + 2. Get a CA certificate that can verify the remote server and use the proper + option to point out this CA cert for verification when connecting. For + libcurl hackers: curl_easy_setopt(curl, CURLOPT_CAPATH, capath); + + With the curl command line tool: --cacert [file] + + 3. Add the CA cert for your server to the existing default CA cert bundle. + The default path of the CA bundle used can be changed by running configure + with the --with-ca-bundle option pointing out the path of your choice. + + To do this, you need to get the CA cert for your server in PEM format and + then append that to your CA cert bundle. + + If you use Internet Explorer, this is one way to get extract the CA cert + for a particular server: + + o View the certificate by double-clicking the padlock + o Find out where the CA certificate is kept (Certificate> + Authority Information Access>URL) + o Get a copy of the crt file using curl + o Convert it from crt to PEM using the openssl tool: + openssl x509 -inform DES -in yourdownloaded.crt \ + -out outcert.pem -text + o Append the 'outcert.pem' to the CA cert bundle or use it stand-alone + as described below. + + If you use the 'openssl' tool, this is one way to get extract the CA cert + for a particular server: + + o openssl s_client -connect xxxxx.com:443 |tee logfile + o type "QUIT", followed by the "ENTER" key + o The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE" + markers. + o If you want to see the data in the certificate, you can do: "openssl + x509 -inform PEM -in certfile -text -out certdata" where certfile is + the cert you extracted from logfile. Look in certdata. + o If you want to trust the certificate, you can append it to your + cert_bundle or use it stand-alone as described. Just remember that the + security is no better than the way you obtained the certificate. + + 4. If you're using the curl command line tool, you can specify your own CA + cert path by setting the environment variable CURL_CA_BUNDLE to the path + of your choice. + + If you're using the curl command line tool on Windows, curl will search + for a CA cert file named "curl-ca-bundle.crt" in these directories and in + this order: + 1. application's directory + 2. current working directory + 3. Windows System directory (e.g. C:\windows\system32) + 4. Windows Directory (e.g. C:\windows) + 5. all directories along %PATH% + + 5. Get a better/different/newer CA cert bundle! One option is to extract the + one a recent Firefox browser uses by running 'make ca-bundle' in the curl + build tree root, or possibly download a version that was generated this + way for you: + + http://curl.haxx.se/docs/caextract.html + +Neglecting to use one of the above methods when dealing with a server using a +certificate that isn't signed by one of the certificates in the installed CA +cert bundle, will cause SSL to report an error ("certificate verify failed") +during the handshake and SSL will then refuse further communication with that +server. + + Peer SSL Certificate Verification with NSS + ========================================== + +If libcurl was built with NSS support, then depending on the OS distribution, +it is probably required to take some additional steps to use the system-wide CA +cert db. RedHat ships with an additional module, libnsspem.so, which enables +NSS to read the OpenSSL PEM CA bundle. This library is missing in OpenSuSE, and +without it, NSS can only work with its own internal formats. NSS also has a new +database format: https://wiki.mozilla.org/NSS_Shared_DB + +Starting with version 7.19.7, libcurl will check for the NSS version it runs, +and automatically add the 'sql:' prefix to the certdb directory (either the +hardcoded default /etc/pki/nssdb or the directory configured with SSL_DIR +environment variable) if version 3.12.0 or later is detected. To check which +ertdb format your distribution provides, examine the default +certdb location: /etc/pki/nssdb; the new certdb format can be identified by +the filenames cert9.db, key4.db, pkcs11.txt; filenames of older versions are +cert8.db, key3.db, modsec.db. + +Usually these cert databases are empty, but NSS also has built-in CAs which are +provided through a shared library, libnssckbi.so; if you want to use these +built-in CAs, then create a symlink to libnssckbi.so in /etc/pki/nssdb: +ln -s /usr/lib[64]/libnssckbi.so /etc/pki/nssdb/libnssckbi.so + + Peer SSL Certificate Verification with Schannel and Secure Transport + ==================================================================== + +If libcurl was built with Schannel (Microsoft's TLS/SSL engine) or Secure +Transport (Apple's TLS/SSL engine) support, then libcurl will still perform +peer certificate verification, but instead of using a CA cert bundle, it will +use the certificates that are built into the OS. These are the same +certificates that appear in the Internet Options control panel (under Windows) +or Keychain Access application (under OS X). Any custom security rules for +certificates will be honored. + +Schannel will run CRL checks on certificates unless peer verification is +disabled. Secure Transport on iOS will run OCSP checks on certificates unless +peer verification is disabled. Secure Transport on OS X will run either OCSP +or CRL checks on certificates if those features are enabled, and this behavior +can be adjusted in the preferences of Keychain Access. diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS new file mode 100644 index 0000000000..693139bf73 --- /dev/null +++ b/libs/libcurl/docs/THANKS @@ -0,0 +1,1063 @@ + This project has been alive for many years. Countless people have provided + feedback that have improved curl. Here follows a list of people that have + contributed (a-z order). + + If you have contributed but are missing here, please let us know! + +Aaron Oneal +Aaron Orenstein +Adam D. Moss +Adam Light +Adam Piggott +Adam Tkac +Adrian Schuur +Adriano Meirelles +Ajit Dhumale +Aki Koskinen +Akos Pasztory +Alan Pinstein +Albert Chin-A-Young +Albert Choy +Ale Vesely +Alejandro Alvarez +Aleksandar Milivojevic +Aleksey Tulinov +Alessandro Ghedini +Alessandro Vesely +Alex Bligh +Alex Fishman +Alex Gruz +Alex Neblett +Alex Suykov +Alex Vinnik +Alex aka WindEagle +Alexander Beedie +Alexander Klauer +Alexander Kourakos +Alexander Krasnostavsky +Alexander Lazic +Alexander Zhuravlev +Alexey Borzov +Alexey Pesternikov +Alexey Simak +Alexey Zakhlestin +Alexis Carvalho +Alfred Gebert +Allen Pulsifer +Amol Pattekar +Amr Shahin +Anatoli Tubman +Anders Gustafsson +Anders Havn +Andi Jahja +Andre Guibert de Bruet +Andreas Damm +Andreas Faerber +Andreas Farber +Andreas Malzahn +Andreas Ntaflos +Andreas Olsson +Andreas Rieke +Andreas Schuldei +Andreas Wurf +Andrei Benea +Andrei Cipu +Andres Garcia +Andrew Benham +Andrew Biggs +Andrew Bushnell +Andrew Francis +Andrew Fuller +Andrew Kurushin +Andrew Moise +Andrew Wansink +Andrew de los Reyes +Andrii Moiseiev +Andrés GarcÃa +Andy Cedilnik +Andy Serpa +Andy Tsouladze +Angus Mackay +Anthony Bryan +Anthony G. Basile +Antoine Calando +Anton Bychkov +Anton Kalmykov +Anton Malov +Anton Yabchinskiy +Arkadiusz Miskiewicz +Armel Asselin +Arnaud Compan +Arnaud Ebalard +Arthur Murray +Arve Knudsen +Ates Goral +Augustus Saunders +Avery Fay +Axel Tillequin +Balaji Parasuram +Balint Szilakszi +Bart Whiteley +Bas Mevissen +Ben Darnell +Ben Greear +Ben Madsen +Ben Noordhuis +Ben Van Hof +Ben Winslow +Benbuck Nason +Benjamin Gerard +Benjamin Gilbert +Benjamin Johnson +Bernard Leak +Bernhard Reutner-Fischer +Bertrand Demiddelaer +Bill Egert +Bill Hoffman +Bill Middlecamp +Bjoern Sikora +Bjorn Augustsson +Bjorn Reese +Björn Stenberg +Blaise Potard +Bob Relyea +Bob Richmond +Bob Schader +Bogdan Nicula +Brad Burdick +Brad Hards +Brad King +Bradford Bruce +Brandon Wang +Brendan Jurd +Brent Beardsley +Brian Akins +Brian Dessent +Brian J. Murrell +Brian R Duffy +Brian Ulm +Brock Noland +Bruce Mitchener +Bruno de Carvalho +Bryan Henderson +Bryan Kemp +Byrial Jensen +Cameron Kaiser +Camille Moncelier +Caolan McNamara +Carsten Lange +Casey O'Donnell +Cedric Deltheil +Chad Monroe +Chandrakant Bagul +Charles Kerr +Chih-Chung Chang +Chris "Bob Bob" +Chris Combes +Chris Conroy +Chris Deidun +Chris Flerackers +Chris Gaukroger +Chris Maltby +Chris Mumford +Chris Smowton +Christian Grothoff +Christian Hägele +Christian Krause +Christian Kurz +Christian Robottom Reis +Christian Schmitz +Christian Vogt +Christian Weisgerber +Christophe Demory +Christophe Legry +Christopher Conroy +Christopher Palow +Christopher R. Palmer +Christopher Stone +Ciprian Badescu +Claes Jakobsson +Clarence Gardner +Clemens Gruber +Clifford Wolf +Cody Jones +Colin Hogben +Colin Watson +Colm Buckley +Constantine Sapuntzakis +Cory Nelson +Craig A West +Craig Davison +Craig Markwardt +Cris Bailiff +Cristian RodrÃguez +Curt Bogmine +Cyrill Osterwalder +Cédric Deltheil +Dag Ekengren +Dagobert Michelsen +Damien Adant +Dan Becker +Dan C +Dan Fandrich +Dan Locks +Dan Nelson +Dan Petitt +Dan Torop +Dan Zitter +Daniel Black +Daniel Cater +Daniel Egger +Daniel Johnson +Daniel Mentz +Daniel Steinberg +Daniel Stenberg +Daniel Theron +Daniel at touchtunes +Darryl House +Darshan Mody +Dave Dribin +Dave Halbakken +Dave Hamilton +Dave May +Dave Reisner +Dave Vasilevsky +David Bau +David Binderman +David Blaikie +David Byron +David Cohen +David Eriksson +David Houlder +David Hull +David J Meyer +David James +David Kierznowski +David Kimdon +David Lang +David LeBlanc +David McCreedy +David Odin +David Phillips +David Rosenstrauch +David Shaw +David Strauss +David Tarendash +David Thiel +David Wright +David Yan +Dengminwen +Detlef Schmier +Didier Brisebourg +Diego Casorran +Dima Barsky +Dimitre Dimitrov +Dimitris Sarris +Dinar +Dirk Eddelbuettel +Dirk Manske +Dmitri Shubin +Dmitriy Sergeyev +Dmitry Bartsevich +Dmitry Kurochkin +Dmitry Popov +Dmitry Rechkin +Dolbneff A.V +Domenico Andreoli +Dominick Meglio +Dominique Leuenberger +Doug Kaufman +Doug Porter +Douglas E. Wegscheid +Douglas Kilpatrick +Douglas R. Horner +Douglas Steinwand +Dov Murik +Duane Cathey +Duncan +Duncan Mac-Vicar Prett +Dustin Boswell +Dylan Ellicott +Dylan Salisbury +Early Ehlinger +Ebenezer Ikonne +Edin Kadribasic +Eduard Bloch +Edward Rudd +Edward Sheldrake +Eelco Dolstra +Eetu Ojanen +Eldar Zaitov +Ellis Pritchard +Emanuele Bovisio +Emil Romanus +Emiliano Ida +Enrico Scholz +Enrik Berkhan +Eric Cooper +Eric Hu +Eric Landes +Eric Lavigne +Eric Melville +Eric Mertens +Eric Rautman +Eric S. Raymond +Eric Thelin +Eric Vergnaud +Eric Wong +Eric Young +Erick Nuwendam +Erik Johansson +Erwan Legrand +Erwin Authried +Eugene Kotlyarov +Evan Jordan +Evgeny Turnaev +Eygene Ryabinkin +Fabian Hiernaux +Fabian Keil +Fabrizio Ammollo +Fedor Karpelevitch +Felix von Leitner +Feng Tu +Florian Schoppmann +Forrest Cahoon +Frank Hempel +Frank Keeney +Frank McGeough +Frank Meier +Frank Ticheler +Frank Van Uffelen +FrantiÅ¡ek KuÄera +Fred Machado +Fred New +Fred Noz +Frederic Lepied +Fredrik Thulin +Gabriel Kuri +Gabriel Sjoberg +Garrett Holmstrom +Gary Maxwell +Gautam Kachroo +Gautam Mani +Gavrie Philipson +Gaz Iqbal +Georg Horn +Georg Huettenegger +Georg Lippitsch +Georg Wicherski +Gerd v. Egidy +Gerhard Herre +Gerrit Bruchhäuser +Ghennadi Procopciuc +Giancarlo Formicuccia +Giaslas Georgios +Gil Weber +Gilad +Gilbert Ramirez Jr. +Gilles Blanc +Gisle Vanem +Giuseppe Attardi +Giuseppe D'Ambrosio +Glen Nakamura +Glen Scott +Gokhan Sengun +Grant Erickson +Greg Hewgill +Greg Morse +Greg Onufer +Greg Zavertnik +Grigory Entin +Guenole Bescon +Guenter Knauf +Guido Berhoerster +Guillaume Arluison +Gustaf Hui +Gwenole Beauchesne +Götz Babin-Ebell +Hamish Mackenzie +Hang Kin Lau +Hang Su +Hanno Kranzhoff +Hans Steegers +Hans-Jurgen May +Hardeep Singh +Harshal Pradhan +Hauke Duden +Heikki Korpela +Heinrich Ko +Hendrik Visage +Henrik Storner +Henry Ludemann +Herve Amblard +Hidemoto Nakada +Ho-chi Chen +Hoi-Ho Chan +Hongli Lai +Howard Chu +Hzhijun +Ian D Allen +Ian Ford +Ian Gulliver +Ian Lynagh +Ian Turner +Ian Wilkes +Ignacio Vazquez-Abrams +Igor Franchuk +Igor Novoseltsev +Igor Polyakov +Ilguiz Latypov +Ilja van Sprundel +Immanuel Gregoire +Ingmar Runge +Ingo Ralf Blum +Ingo Wilken +Ishan SinghLevett +Jack Zhang +Jacky Lam +Jacob Meuser +Jacob Moshenko +Jad Chamcham +James Bursa +James Cheng +James Clancy +James Cone +James Gallagher +James Griffiths +James Housley +James MacMillan +Jamie Lokier +Jamie Newton +Jamie Wilkinson +Jan Ehrhardt +Jan Koen Annot +Jan Kunder +Jan Schaumann +Jan Van Boghout +Jared Jennings +Jared Lundell +Jari Sundell +Jason Glasgow +Jason Liu +Jason McDonald +Jason S. Priebe +Jay Austin +Jayesh A Shah +Jaz Fresh +Jean Jacques Drouin +Jean-Claude Chauve +Jean-Francois Bertrand +Jean-Louis Lemaire +Jean-Marc Ranger +Jean-Noel Rouvignac +Jean-Philippe Barrette-LaPierre +Jeff Connelly +Jeff Johnson +Jeff Lawson +Jeff Phillips +Jeff Pohlmeyer +Jeff Weber +Jeffrey Pohlmeyer +Jeremy Friesner +Jeremy Huddleston +Jerome Muffat-Meridol +Jerome Vouillon +Jerry Wu +Jes Badwal +Jesper Jensen +Jesse Noller +Jie He +Jim Drash +Jim Freeman +Jim Hollinger +Jim Meyering +Jiri Hruska +Jiri Jaburek +Jocelyn Jaubert +Joe Halpin +Joe Malicki +Joe Mason +Joel Chen +Jofell Gallardo +Johan Anderson +Johan Nilsson +Johan van Selst +Johannes Bauer +John Bradshaw +John Crow +John Dennis +John E. Malmberg +John Gardiner Myers +John Janssen +John Joseph Bachir +John Kelly +John Lask +John Lightsey +John Marino +John McGowan +John P. McCaskey +John Suprock +John Wilkinson +John-Mark Bell +Johnny Luong +Jon Grubbs +Jon Nelson +Jon Sargeant +Jon Travis +Jon Turner +Jonas Forsman +Jonas Schnelli +Jonatan Lander +Jonathan Hseu +Jonathan Nieder +Jongki Suwandi +Jose Kahan +Josef Wolf +Josh Kapell +Joshua Kwan +Josue Andrade Gomes +Juan Barreto +Juan F. Codagnone +Juan Ignacio Hervás +Judson Bishop +Juergen Wilke +Jukka Pihl +Julian Noble +Julian Taylor +Julien Chaffraix +Julien Royer +Jun-ichiro itojun Hagino +Jurij Smakov +Justin Fletcher +Justin Karneges +Jörg Mueller-Tolk +Jörn Hartroth +Kai Engert +Kai Sommerfeld +Kai-Uwe Rommel +Kalle Vahlman +Kamil Dudka +Kang-Jin Lee +Karl M +Karl Moerder +Karol Pietrzak +Kaspar Brand +Katie Wang +Kees Cook +Keith MacDonald +Keith McGuigan +Keith Mok +Ken Hirsch +Ken Rastatter +Kenny To +Kent Boortz +Keshav Krity +Kevin Baughman +Kevin Fisk +Kevin Lussier +Kevin Reed +Kevin Roth +Kim Rinnewitz +Kim Vandry +Kimmo Kinnunen +Kjell Ericson +Kjetil Jacobsen +Klevtsov Vadim +Konstantin Isakov +Kris Kennaway +Krishnendu Majumdar +Krister Johansen +Kristian Gunstone +Kristian Köhntopp +Kyle Sallee +Lachlan O'Dea +Larry Campbell +Larry Fahnoe +Lars Buitinck +Lars Gustafsson +Lars J. Aas +Lars Johannesen +Lars Nilsson +Lars Torben Wilson +Lau Hang Kin +Laurent Rabret +Legoff Vincent +Lehel Bernadt +Len Krause +Lenaic Lefever +Lenny Rachitsky +Liam Healy +Lijo Antony +Linas Vepstas +Ling Thio +Linus Nielsen Feltzing +Lisa Xu +Liza Alenchery +LluÃs Batlle i Rossell +Loic Dachary +Loren Kirkby +Luca Altea +Luca Alteas +Lucas Adamski +Ludovico Cavedon +Lukasz Czekierda +Luke Amery +Luke Call +Luong Dinh Dung +Maciej Karpiuk +Maciej W. Rozycki +Mamoru Tasaka +Mandy Wu +Manfred Schwarb +Manuel Massing +Marc Boucher +Marc Doughty +Marc Hoersken +Marc Kleine-Budde +Marcel Raad +Marcel Roelofs +Marcelo Juchem +Marcin Adamski +Marcin Konicki +Marco G. Salvagno +Marco Maggi +Marcus Sundberg +Marcus Webster +Mario Schroeder +Mark Brand +Mark Butler +Mark Davies +Mark Eichin +Mark Incley +Mark Karpeles +Mark Lentczner +Mark Salisbury +Mark Snelling +Mark Tully +Markus Duft +Markus Koetter +Markus Moeller +Markus Oberhumer +Martijn Koster +Martin C. Martin +Martin Drasar +Martin Hager +Martin Hedenfalk +Martin Jansen +Martin Lemke +Martin Skinner +Martin Storsjo +Marty Kuhrt +Maruko +Massimiliano Ziccardi +Massimo Callegari +Mateusz Loskot +Mathias Axelsson +Mats Lidell +Matt Arsenault +Matt Kraai +Matt Veenstra +Matt Witherspoon +Matt Wixson +Matteo Rocco +Matthew Blain +Matthew Clarke +Matthias Bolte +Maurice Barnum +Mauro Iorio +Max Katsev +Maxim Ivanov +Maxim Perenesenko +Maxim Prohorov +Maxime Larocque +Mehmet Bozkurt +Mekonikum +Mettgut Jamalla +Michael Benedict +Michael Calmer +Michael Cronenworth +Michael Curtis +Michael Day +Michael Goffioul +Michael Jahn +Michael Jerris +Michael Mealling +Michael Mueller +Michael Smith +Michael Stillwell +Michael Wallner +Michal Bonino +Michal Gorny +Michal Kowalczyk +Michal Marek +Michele Bini +Miguel Angel +Mihai Ionescu +Mikael Johansson +Mikael Sennerholm +Mike Bytnar +Mike Crowe +Mike Dobbs +Mike Giancola +Mike Hommey +Mike Power +Mike Protts +Mike Revi +Miklos Nemeth +Mitz Wark +Mohamed Lrhazi +Mohun Biswas +Moonesamy +Myk Taylor +Nach M. S. +Nathan Coulter +Nathan O'Sullivan +Nathanael Nerode +Naveen Chandran +Naveen Noel +Neil Bowers +Neil Dunbar +Neil Spring +Nic Roets +Nicholas Maniscalco +Nick Gimbrone +Nick Humfrey +Nick Zitzmann +Nico Baggus +Nicolas Berloquin +Nicolas Croiset +Nicolas François +Niels van Tongeren +Nikita Schmidt +Nikitinskit Dmitriy +Niklas Angebrand +Nikolai Kondrashov +Nikos Mavrogiannopoulos +Ning Dong +Nir Soffer +Nis Jorgensen +Nodak Sodak +Norbert Frese +Norbert Novotny +Ofer +Olaf Flebbe +Olaf Stueben +Olaf Stüben +Oliver Gondža +Olivier Berger +Oren Tirosh +Ori Avtalion +Oscar Koeroo +Oscar Norlander +P R Schaffner +Paolo Piacentini +Pascal Terjan +Pasha Kuznetsov +Pat Ray +Patrice Guerin +Patricia Muscalu +Patrick Bihan-Faou +Patrick Monnerat +Patrick Scott +Patrick Smith +Patrik Thunstrom +Pau Garcia i Quiles +Paul Harrington +Paul Howarth +Paul Marquis +Paul Moore +Paul Nolan +Paul Querna +Pavel Cenek +Pavel Orehov +Pavel Raiskup +Pawel A. Gajda +Pawel Kierski +Pedro Larroy +Pedro Neves +Pete Su +Peter Bray +Peter Forret +Peter Gal +Peter Heuchert +Peter Hjalmarsson +Peter Korsgaard +Peter Lamberg +Peter O'Gorman +Peter Pentchev +Peter Silva +Peter Su +Peter Sylvester +Peter Todd +Peter Verhas +Peter Wullinger +Peteris Krumins +Phil Blundell +Phil Karn +Phil Lisiecki +Phil Pellouchoud +Philip Craig +Philip Gladstone +Philip Langdale +Philippe Hameau +Philippe Raoult +Philippe Vaucher +Pierre +Pierre Brico +Pierre Chapuis +Pierre Joye +Pierre Ynard +Pooyan McSporran +Pramod Sharma +Puneet Pawaia +Quagmire +Quanah Gibson-Mount +Quinn Slack +Rafa Muyo +Rafael Sagula +Rainer Canavan +Rainer Jung +Rainer Koenig +Rajesh Naganathan +Ralf S. Engelschall +Ralph Beckmann +Ralph Mitchell +Ramana Mokkapati +Randy McMurchy +Ravi Pratap +Ray Dassen +Ray Pekowski +Reinout van Schouwen +Renato Botelho +Renaud Chaillat +Renaud Duhaut +Renaud Guillard +Rene Bernhardt +Rene Rebe +Reuven Wachtfogel +Reza Arbab +Ricardo Cadime +Rich Gray +Rich Rauenzahn +Richard Archer +Richard Atterer +Richard Bramante +Richard Clayton +Richard Cooper +Richard Gorton +Richard Michael +Richard Prescott +Richard Silverman +Rick Jones +Rick Richardson +Rob Crittenden +Rob Jones +Rob Stanzel +Rob Ward +Robert A. Monat +Robert B. Harris +Robert D. Young +Robert Foreman +Robert Iakobashvili +Robert Olson +Robert Schumann +Robert Weaver +Robert Wruck +Robin Cornelius +Robin Johnson +Robin Kay +Robson Braga Araujo +Rodney Simmons +Rodrigo Silva +Roland Blom +Roland Krikava +Roland Zimmermann +Rolland Dudemaine +Roman Koifman +Roman Mamedov +Ron Zapp +Rosimildo da Silva +Roy Shan +Rune Kleveland +Ruslan Gazizov +Rutger Hofman +Ryan Chan +Ryan Nelson +Ryan Schmidt +S. Moonesamy +Salvador Dávila +Salvatore Sorrentino +Sam Deane +Sam Listopad +Sampo Kellomaki +Samuel DÃaz GarcÃa +Samuel Listopad +Samuel Thibault +Sander Gates +Sandor Feldi +Santhana Todatry +Saqib Ali +Sara Golemon +Saran Neti +Saul good +Scott Bailey +Scott Barrett +Scott Cantor +Scott Davis +Scott McCreary +Sebastian Rasmussen +Sebastien Willemijns +Senthil Raja Velu +Sergei Nikulov +Sergio Ballestrero +Seshubabu Pasam +Sh Diao +Sharad Gupta +Shard +Shawn Poulson +Shmulik Regev +Siddhartha Prakash Jain +Sidney San Martin +Siegfried Gyuricsko +Simon Dick +Simon Josefsson +Simon Liu +Song Ma +Sonia Subramanian +Spacen Jasset +Spiridonoff A.V +Stadler Stephan +Stan van de Burgt +Stanislav Ivochkin +Stefan Esser +Stefan Krause +Stefan Neis +Stefan Teleman +Stefan Tomanek +Stefan Ulrich +Stephan Bergmann +Stephen Collyer +Stephen Kick +Stephen More +Sterling Hughes +Steve Green +Steve H Truong +Steve Holme +Steve Lhomme +Steve Little +Steve Marx +Steve Oliphant +Steve Roskowski +Steven Bazyl +Steven G. Johnson +Steven Gu +Steven M. Schweda +Steven Parkes +Stoned Elipot +Sven Anders +Sven Neuhaus +Sven Wegener +Sébastien Willemijns +T. Bharath +T. Yamada +Taneli Vahakangas +Tanguy Fautre +Tatsuhiro Tsujikawa +Temprimus +Thomas J. Moore +Thomas Klausner +Thomas L. Shinnick +Thomas Lopatic +Thomas Schwinge +Thomas Tonino +Tim Ansell +Tim Baker +Tim Bartley +Tim Chen +Tim Costello +Tim Harder +Tim Heckman +Tim Newsome +Tim Sneddon +Timo Sirainen +Tinus van den Berg +Tobias Rundström +Toby Peterson +Todd A Ouska +Todd Kulesza +Todd Ouska +Todd Vierling +Tom Benoist +Tom Donovan +Tom Grace +Tom Lee +Tom Mattison +Tom Moers +Tom Mueller +Tom Regner +Tom Wright +Tom Zerucha +Tomas Mlcoch +Tomas Pospisek +Tomas Szepe +Tomasz Lacki +Tommie Gannert +Tommy Tam +Ton Voon +Toni Moreno +Toon Verwaest +Tor Arntsen +Torsten Foertsch +Toshio Kuratomi +Toshiyuki Maezawa +Traian Nicolescu +Troels Walsted Hansen +Troy Engel +Tupone Alfredo +Ulf Härnhammar +Ulrich Doehner +Ulrich Zadow +Venkat Akella +Victor Snezhko +Vikram Saxena +Vilmos Nebehaj +Vincent Bronner +Vincent Le Normand +Vincent Penquerc'h +Vincent Sanders +Vincent Torri +Vlad Grachov +Vlad Ureche +Vladimir Grishchenko +Vladimir Lazarenko +Vojtech Janota +Vojtech Minarik +Vsevolod Novikov +Walter J. Mack +Ward Willats +Wayne Haigh +Werner Koch +Wesley Laxton +Wesley Miaw +Wez Furlong +Wilfredo Sanchez +Willem Sparreboom +Wojciech Zwiefka +Wouter Van Rooy +Wu Yongzheng +Xavier Bouchoux +Yamada Yasuharu +Yang Tse +Yarram Sunil +Yehoshua Hershberg +Yukihiro Kawada +Yuriy Sosov +Yves Arrouye +Yves Lejeune +Zdenek Pavlas +Zekun Ni +Zmey Petroff +Zvi Har'El +nk +swalkaus at yahoo.com +tommink[at]post.pl diff --git a/libs/libcurl/docs/TODO b/libs/libcurl/docs/TODO new file mode 100644 index 0000000000..8b133dc160 --- /dev/null +++ b/libs/libcurl/docs/TODO @@ -0,0 +1,700 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + Things that could be nice to do in the future + + Things to do in project cURL. Please tell us what you think, contribute and + send us patches that improve things! + + All bugs documented in the KNOWN_BUGS document are subject for fixing! + + 1. libcurl + 1.2 More data sharing + 1.3 struct lifreq + 1.4 signal-based resolver timeouts + 1.5 get rid of PATH_MAX + 1.6 Happy Eyeball dual stack connect + 1.7 Modified buffer size approach + + 2. libcurl - multi interface + 2.1 More non-blocking + 2.2 Fix HTTP Pipelining for PUT + + 3. Documentation + 3.1 More and better + + 4. FTP + 4.1 HOST + 4.2 Alter passive/active on failure and retry + 4.3 Earlier bad letter detection + 4.4 REST for large files + 4.5 FTP proxy support + 4.6 ASCII support + + 5. HTTP + 5.1 Better persistency for HTTP 1.0 + 5.2 support FF3 sqlite cookie files + 5.3 Rearrange request header order + 5.4 HTTP2/SPDY + + 6. TELNET + 6.1 ditch stdin + 6.2 ditch telnet-specific select + 6.3 feature negotiation debug data + 6.4 send data in chunks + + 7. SMTP + 7.1 Pipelining + 7.2 Graceful base64 decoding failure + 7.3 Enhanced capability support + + 8. POP3 + 8.1 Pipelining + 8.2 Graceful base64 decoding failure + 8.3 Enhanced capability support + + 9. IMAP + 9.1 Graceful base64 decoding failure + 9.2 Enhanced capability support + + 10. LDAP + 10.1 SASL based authentication mechanisms + + 11. New protocols + 11.1 RSYNC + + 12. SSL + 12.1 Disable specific versions + 12.2 Provide mutex locking API + 12.3 Evaluate SSL patches + 12.4 Cache OpenSSL contexts + 12.5 Export session ids + 12.6 Provide callback for cert verification + 12.7 Support other SSL libraries + 12.8 improve configure --with-ssl + 12.9 Support DANE + + 13. GnuTLS + 13.1 SSL engine stuff + 13.2 check connection + + 14. SASL + 14.1 Other authentication mechanisms + + 15. Client + 15.1 sync + 15.2 glob posts + 15.3 prevent file overwriting + 15.4 simultaneous parallel transfers + 15.5 provide formpost headers + 15.6 url-specific options + 15.7 warning when setting an option + 15.8 IPv6 addresses with globbing + + 16. Build + 16.1 roffit + + 17. Test suite + 17.1 SSL tunnel + 17.2 nicer lacking perl message + 17.3 more protocols supported + 17.4 more platforms supported + + 18. Next SONAME bump + 18.1 http-style HEAD output for ftp + 18.2 combine error codes + 18.3 extend CURLOPT_SOCKOPTFUNCTION prototype + + 19. Next major release + 19.1 cleanup return codes + 19.2 remove obsolete defines + 19.3 size_t + 19.4 remove several functions + 19.5 remove CURLOPT_FAILONERROR + 19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE + 19.7 remove progress meter from libcurl + 19.8 remove 'curl_httppost' from public + 19.9 have form functions use CURL handle argument + 19.10 Add CURLOPT_MAIL_CLIENT option + +============================================================================== + +1. libcurl + +1.2 More data sharing + + curl_share_* functions already exist and work, and they can be extended to + share more. For example, enable sharing of the ares channel and the + connection cache. + +1.3 struct lifreq + + Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and + SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete. + To support ipv6 interface addresses for network interfaces properly. + +1.4 signal-based resolver timeouts + + libcurl built without an asynchronous resolver library uses alarm() to time + out DNS lookups. When a timeout occurs, this causes libcurl to jump from the + signal handler back into the library with a sigsetjmp, which effectively + causes libcurl to continue running within the signal handler. This is + non-portable and could cause problems on some platforms. A discussion on the + problem is available at http://curl.haxx.se/mail/lib-2008-09/0197.html + + Also, alarm() provides timeout resolution only to the nearest second. alarm + ought to be replaced by setitimer on systems that support it. + +1.5 get rid of PATH_MAX + + Having code use and rely on PATH_MAX is not nice: + http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html + + Currently the SSH based code uses it a bit, but to remove PATH_MAX from there + we need libssh2 to properly tell us when we pass in a too small buffer and + its current API (as of libssh2 1.2.7) doesn't. + +1.6 Happy Eyeball dual stack connect + + In order to make alternative technologies not suffer when transitioning, like + when introducing IPv6 as an alternative to IPv4 and there are more than one + option existing simultaneously there are reasons to reconsider internal + choices. + + To make libcurl do blazing fast IPv6 in a dual-stack configuration, this needs + to be addressed: + + http://tools.ietf.org/html/rfc6555 + +1.7 Modified buffer size approach + + Current libcurl allocates a fixed 16K size buffer for download and an + additional 16K for upload. They are always unconditionally part of the easy + handle. If CRLF translations are requested, an additional 32K "scratch + buffer" is allocated. A total of 64K transfer buffers in the worst case. + + First, while the handles are not actually in use these buffers could be freed + so that lingering handles just kept in queues or whatever waste less memory. + + Secondly, SFTP is a protocol that needs to handle many ~30K blocks at once + since each need to be individually acked and therefore libssh2 must be + allowed to send (or receive) many separate ones in parallel to achieve high + transfer speeds. A current libcurl build with a 16K buffer makes that + impossible, but one with a 512K buffer will reach MUCH faster transfers. But + allocating 512K unconditionally for all buffers just in case they would like + to do fast SFTP transfers at some point is not a good solution either. + + Dynamically allocate buffer size depending on protocol in use in combination + with freeing it after each individual transfer? Other suggestions? + + +2. libcurl - multi interface + +2.1 More non-blocking + + Make sure we don't ever loop because of non-blocking sockets returning + EWOULDBLOCK or similar. Blocking cases include: + + - Name resolves on non-windows unless c-ares is used + - NSS SSL connections + - HTTP proxy CONNECT operations + - SOCKS proxy handshakes + - file:// transfers + - TELNET transfers + - The "DONE" operation (post transfer protocol-specific actions) for the + protocols SFTP, SMTP, FTP. Fixing Curl_done() for this is a worthy task. + +2.2 Fix HTTP Pipelining for PUT + + HTTP Pipelining can be a way to greatly enhance performance for multiple + serial requests and currently libcurl only supports that for HEAD and GET + requests but it should also be possible for PUT. + +3. Documentation + +3.1 More and better + + Exactly + +4. FTP + +4.1 HOST + + HOST is a suggested command in the works for a client to tell which host name + to use, to offer FTP servers named-based virtual hosting: + + http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts-11 + +4.2 Alter passive/active on failure and retry + + When trying to connect passively to a server which only supports active + connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the + connection. There could be a way to fallback to an active connection (and + vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793 + +4.3 Earlier bad letter detection + + Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the + process to avoid doing a resolve and connect in vain. + +4.4 REST for large files + + REST fix for servers not behaving well on >2GB requests. This should fail if + the server doesn't set the pointer to the requested index. The tricky + (impossible?) part is to figure out if the server did the right thing or not. + +4.5 FTP proxy support + + Support the most common FTP proxies, Philip Newton provided a list allegedly + from ncftp. This is not a subject without debate, and is probably not really + suitable for libcurl. http://curl.haxx.se/mail/archive-2003-04/0126.html + +4.6 ASCII support + + FTP ASCII transfers do not follow RFC959. They don't convert the data + accordingly. + +5. HTTP + +5.1 Better persistency for HTTP 1.0 + + "Better" support for persistent connections over HTTP 1.0 + http://curl.haxx.se/bug/feature.cgi?id=1089001 + +5.2 support FF3 sqlite cookie files + + Firefox 3 is changing from its former format to a a sqlite database instead. + We should consider how (lib)curl can/should support this. + http://curl.haxx.se/bug/feature.cgi?id=1871388 + +5.3 Rearrange request header order + + Server implementors often make an effort to detect browser and to reject + clients it can detect to not match. One of the last details we cannot yet + control in libcurl's HTTP requests, which also can be exploited to detect + that libcurl is in fact used even when it tries to impersonate a browser, is + the order of the request headers. I propose that we introduce a new option in + which you give headers a value, and then when the HTTP request is built it + sorts the headers based on that number. We could then have internally created + headers use a default value so only headers that need to be moved have to be + specified. + +5.4 HTTP2/SPDY + + The first drafts for HTTP2 have been published + (http://tools.ietf.org/html/draft-ietf-httpbis-http2-03) and is so far based + on SPDY (http://www.chromium.org/spdy) designs and experiences. Chances are + it will end up in that style. Chrome and Firefox already support SPDY and + lots of web services do. + + It would make sense to implement SPDY support now and later transition into + or add HTTP2 support as well. + + We should base or HTTP2/SPDY work on a 3rd party library for the protocol + fiddling. The Spindy library (http://spindly.haxx.se/) was an attempt to make + such a library with an API suitable for use by libcurl but that effort has + more or less stalled. spdylay (https://github.com/tatsuhiro-t/spdylay) may + be a better option, either used directly or wrapped with a more spindly-like + API. + + +6. TELNET + +6.1 ditch stdin + +Reading input (to send to the remote server) on stdin is a crappy solution for +library purposes. We need to invent a good way for the application to be able +to provide the data to send. + +6.2 ditch telnet-specific select + + Move the telnet support's network select() loop go away and merge the code + into the main transfer loop. Until this is done, the multi interface won't + work for telnet. + +6.3 feature negotiation debug data + + Add telnet feature negotiation data to the debug callback as header data. + +6.4 send data in chunks + + Currently, telnet sends data one byte at a time. This is fine for interactive + use, but inefficient for any other. Sent data should be sent in larger + chunks. + +7. SMTP + +7.1 Pipelining + + Add support for pipelining emails. + +7.2 Graceful base64 decoding failure + + Rather than shutting down the session and returning an error when the + decoding of a base64 encoded authentication response fails, we should + gracefully shutdown the authentication process by sending a * response to the + server as per RFC4954. + +7.3 Enhanced capability support + + Add the ability, for an application that uses libcurl, to obtain the list of + capabilities returned from the EHLO command. + +8. POP3 + +8.1 Pipelining + + Add support for pipelining commands. + +8.2 Graceful base64 decoding failure + + Rather than shutting down the session and returning an error when the + decoding of a base64 encoded authentication response fails, we should + gracefully shutdown the authentication process by sending a * response to the + server as per RFC5034. + +8.3 Enhanced capability support + + Add the ability, for an application that uses libcurl, to obtain the list of + capabilities returned from the CAPA command. + +9. IMAP + +9.1 Graceful base64 decoding failure + + Rather than shutting down the session and returning an error when the + decoding of a base64 encoded authentication response fails, we should + gracefully shutdown the authentication process by sending a * response to the + server as per RFC3501. + +9.2 Enhanced capability support + + Add the ability, for an application that uses libcurl, to obtain the list of + capabilities returned from the CAPABILITY command. + +10. LDAP + +10.1 SASL based authentication mechanisms + + Currently the LDAP module only supports ldap_simple_bind_s() in order to bind + to an LDAP server. However, this function sends username and password details + using the simple authentication mechanism (as clear text). However, it should + be possible to use ldap_bind_s() instead specifing the security context + information ourselves. + +11. New protocols + +11.1 RSYNC + + There's no RFC for the protocol or an URI/URL format. An implementation + should most probably use an existing rsync library, such as librsync. + +12. SSL + +12.1 Disable specific versions + + Provide an option that allows for disabling specific SSL versions, such as + SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276 + +12.2 Provide mutex locking API + + Provide a libcurl API for setting mutex callbacks in the underlying SSL + library, so that the same application code can use mutex-locking + independently of OpenSSL or GnutTLS being used. + +12.3 Evaluate SSL patches + + Evaluate/apply Gertjan van Wingerde's SSL patches: + http://curl.haxx.se/mail/lib-2004-03/0087.html + +12.4 Cache OpenSSL contexts + + "Look at SSL cafile - quick traces look to me like these are done on every + request as well, when they should only be necessary once per ssl context (or + once per handle)". The major improvement we can rather easily do is to make + sure we don't create and kill a new SSL "context" for every request, but + instead make one for every connection and re-use that SSL context in the same + style connections are re-used. It will make us use slightly more memory but + it will libcurl do less creations and deletions of SSL contexts. + +12.5 Export session ids + + Add an interface to libcurl that enables "session IDs" to get + exported/imported. Cris Bailiff said: "OpenSSL has functions which can + serialise the current SSL state to a buffer of your choice, and recover/reset + the state from such a buffer at a later date - this is used by mod_ssl for + apache to implement and SSL session ID cache". + +12.6 Provide callback for cert verification + + OpenSSL supports a callback for customised verification of the peer + certificate, but this doesn't seem to be exposed in the libcurl APIs. Could + it be? There's so much that could be done if it were! + +12.7 Support other SSL libraries + + Make curl's SSL layer capable of using other free SSL libraries. Such as + MatrixSSL (http://www.matrixssl.org/). + +12.8 improve configure --with-ssl + + make the configure --with-ssl option first check for OpenSSL, then GnuTLS, + then NSS... + +12.9 Support DANE + + DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL + keys and certs over DNS using DNSSEC as an alternative to the CA model. + http://www.rfc-editor.org/rfc/rfc6698.txt + + An initial patch was posted by Suresh Krishnaswamy on March 7th 2013 + (http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple + approach. See Daniel's comments: + http://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the + correct library to base this development on. + +13. GnuTLS + +13.1 SSL engine stuff + + Is this even possible? + +13.2 check connection + + Add a way to check if the connection seems to be alive, to correspond to the + SSL_peak() way we use with OpenSSL. + +14. SASL + +14.1 Other authentication mechanisms + + Add support for GSSAPI to SMTP, POP3 and IMAP. + +15. Client + +15.1 sync + + "curl --sync http://example.com/feed[1-100].rss" or + "curl --sync http://example.net/{index,calendar,history}.html" + + Downloads a range or set of URLs using the remote name, but only if the + remote file is newer than the local file. A Last-Modified HTTP date header + should also be used to set the mod date on the downloaded file. + +15.2 glob posts + + Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'. + This is easily scripted though. + +15.3 prevent file overwriting + + Add an option that prevents cURL from overwriting existing local files. When + used, and there already is an existing file with the target file name + (either -O or -o), a number should be appended (and increased if already + existing). So that index.html becomes first index.html.1 and then + index.html.2 etc. + +15.4 simultaneous parallel transfers + + The client could be told to use maximum N simultaneous parallel transfers and + then just make sure that happens. It should of course not make more than one + connection to the same remote host. This would require the client to use the + multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595 + +15.5 provide formpost headers + + Extending the capabilities of the multipart formposting. How about leaving + the ';type=foo' syntax as it is and adding an extra tag (headers) which + works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where + fil1.hdr contains extra headers like + + Content-Type: text/plain; charset=KOI8-R" + Content-Transfer-Encoding: base64 + X-User-Comment: Please don't use browser specific HTML code + + which should overwrite the program reasonable defaults (plain/text, + 8bit...) + +15.6 url-specific options + + Provide a way to make options bound to a specific URL among several on the + command line. Possibly by letting ':' separate options between URLs, + similar to this: + + curl --data foo --url url.com : \ + --url url2.com : \ + --url url3.com --data foo3 + + (More details: http://curl.haxx.se/mail/archive-2004-07/0133.html) + + The example would do a POST-GET-POST combination on a single command line. + +15.7 warning when setting an option + + Display a warning when libcurl returns an error when setting an option. + This can be useful to tell when support for a particular feature hasn't been + compiled into the library. + +15.8 IPv6 addresses with globbing + + Currently the command line client needs to get url globbing disabled (with + -g) for it to support IPv6 numerical addresses. This is a rather silly flaw + that should be corrected. It probably involves a smarter detection of the + '[' and ']' letters. + +16. Build + +16.1 roffit + + Consider extending 'roffit' to produce decent ASCII output, and use that + instead of (g)nroff when building src/tool_hugehelp.c + +17. Test suite + +17.1 SSL tunnel + + Make our own version of stunnel for simple port forwarding to enable HTTPS + and FTP-SSL tests without the stunnel dependency, and it could allow us to + provide test tools built with either OpenSSL or GnuTLS + +17.2 nicer lacking perl message + + If perl wasn't found by the configure script, don't attempt to run the tests + but explain something nice why it doesn't. + +17.3 more protocols supported + + Extend the test suite to include more protocols. The telnet could just do ftp + or http operations (for which we have test servers). + +17.4 more platforms supported + + Make the test suite work on more platforms. OpenBSD and Mac OS. Remove + fork()s and it should become even more portable. + +18. Next SONAME bump + +18.1 http-style HEAD output for ftp + + #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers + from being output in NOBODY requests over ftp + +18.2 combine error codes + + Combine some of the error codes to remove duplicates. The original + numbering should not be changed, and the old identifiers would be + macroed to the new ones in an CURL_NO_OLDIES section to help with + backward compatibility. + + Candidates for removal and their replacements: + + CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND + + CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND + + CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR + + CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT + + CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT + + CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL + + CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND + + CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED + +18.3 extend CURLOPT_SOCKOPTFUNCTION prototype + + The current prototype only provides 'purpose' that tells what the + connection/socket is for, but not any protocol or similar. It makes it hard + for applications to differentiate on TCP vs UDP and even HTTP vs FTP and + similar. + +10. Next major release + +19.1 cleanup return codes + + curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a + CURLMcode. These should be changed to be the same. + +19.2 remove obsolete defines + + remove obsolete defines from curl/curl.h + +19.3 size_t + + make several functions use size_t instead of int in their APIs + +19.4 remove several functions + + remove the following functions from the public API: + + curl_getenv + + curl_mprintf (and variations) + + curl_strequal + + curl_strnequal + + They will instead become curlx_ - alternatives. That makes the curl app + still capable of using them, by building with them from source. + + These functions have no purpose anymore: + + curl_multi_socket + + curl_multi_socket_all + +19.5 remove CURLOPT_FAILONERROR + + Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird + internally. Let the app judge success or not for itself. + +19.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE + + Remove support for a global DNS cache. Anything global is silly, and we + already offer the share interface for the same functionality but done + "right". + +19.7 remove progress meter from libcurl + + The internally provided progress meter output doesn't belong in the library. + Basically no application wants it (apart from curl) but instead applications + can and should do their own progress meters using the progress callback. + + The progress callback should then be bumped as well to get proper 64bit + variable types passed to it instead of doubles so that big files work + correctly. + +19.8 remove 'curl_httppost' from public + + curl_formadd() was made to fill in a public struct, but the fact that the + struct is public is never really used by application for their own advantage + but instead often restricts how the form functions can or can't be modified. + + Changing them to return a private handle will benefit the implementation and + allow us much greater freedoms while still maintining a solid API and ABI. + +19.9 have form functions use CURL handle argument + + curl_formadd() and curl_formget() both currently have no CURL handle + argument, but both can use a callback that is set in the easy handle, and + thus curl_formget() with callback cannot function without first having + curl_easy_perform() (or similar) called - which is hard to grasp and a design + mistake. + +19.10 Add CURLOPT_MAIL_CLIENT option + + Rather than use the URL to specify the mail client string to present in the + HELO and EHLO commands, libcurl should support a new CURLOPT specifically for + specifing this data as the URL is non-standard and to be honest a bit of a + hack ;-) + + Please see the following thread for more information: + http://curl.haxx.se/mail/lib-2012-05/0178.html + diff --git a/libs/libcurl/docs/TheArtOfHttpScripting b/libs/libcurl/docs/TheArtOfHttpScripting new file mode 100644 index 0000000000..b0dab5ff2c --- /dev/null +++ b/libs/libcurl/docs/TheArtOfHttpScripting @@ -0,0 +1,507 @@ +Online: http://curl.haxx.se/docs/httpscripting.html +Date: Jan 19, 2011 + + The Art Of Scripting HTTP Requests Using Curl + ============================================= + + This document will assume that you're familiar with HTML and general + networking. + + The possibility to write scripts is essential to make a good computer + system. Unix' capability to be extended by shell scripts and various tools to + run various automated commands and scripts is one reason why it has succeeded + so well. + + The increasing amount of applications moving to the web has made "HTTP + Scripting" more frequently requested and wanted. To be able to automatically + extract information from the web, to fake users, to post or upload data to + web servers are all important tasks today. + + Curl is a command line tool for doing all sorts of URL manipulations and + transfers, but this particular document will focus on how to use it when + doing HTTP requests for fun and profit. I'll assume that you know how to + invoke 'curl --help' or 'curl --manual' to get basic information about it. + + Curl is not written to do everything for you. It makes the requests, it gets + the data, it sends data and it retrieves the information. You probably need + to glue everything together using some kind of script language or repeated + manual invokes. + +1. The HTTP Protocol + + HTTP is the protocol used to fetch data from web servers. It is a very simple + protocol that is built upon TCP/IP. The protocol also allows information to + get sent to the server from the client using a few different methods, as will + be shown here. + + HTTP is plain ASCII text lines being sent by the client to a server to + request a particular action, and then the server replies a few text lines + before the actual requested content is sent to the client. + + The client, curl, sends a HTTP request. The request contains a method (like + GET, POST, HEAD etc), a number of request headers and sometimes a request + body. The HTTP server responds with a status line (indicating if things went + well), response headers and most often also a response body. The "body" part + is the plain data you requested, like the actual HTML or the image etc. + + 1.1 See the Protocol + + Using curl's option --verbose (-v as a short option) will display what kind + of commands curl sends to the server, as well as a few other informational + texts. + + --verbose is the single most useful option when it comes to debug or even + understand the curl<->server interaction. + + Sometimes even --verbose is not enough. Then --trace and --trace-ascii offer + even more details as they show EVERYTHING curl sends and receives. Use it + like this: + + curl --trace-ascii debugdump.txt http://www.example.com/ + +2. URL + + The Uniform Resource Locator format is how you specify the address of a + particular resource on the Internet. You know these, you've seen URLs like + http://curl.haxx.se or https://yourbank.com a million times. + +3. GET a page + + The simplest and most common request/operation made using HTTP is to get a + URL. The URL could itself refer to a web page, an image or a file. The client + issues a GET request to the server and receives the document it asked for. + If you issue the command line + + curl http://curl.haxx.se + + you get a web page returned in your terminal window. The entire HTML document + that that URL holds. + + All HTTP replies contain a set of response headers that are normally hidden, + use curl's --include (-i) option to display them as well as the rest of the + document. You can also ask the remote server for ONLY the headers by using + the --head (-I) option (which will make curl issue a HEAD request). + +4. Forms + + Forms are the general way a web site can present a HTML page with fields for + the user to enter data in, and then press some kind of 'OK' or 'submit' + button to get that data sent to the server. The server then typically uses + the posted data to decide how to act. Like using the entered words to search + in a database, or to add the info in a bug track system, display the entered + address on a map or using the info as a login-prompt verifying that the user + is allowed to see what it is about to see. + + Of course there has to be some kind of program in the server end to receive + the data you send. You cannot just invent something out of the air. + + 4.1 GET + + A GET-form uses the method GET, as specified in HTML like: + + <form method="GET" action="junk.cgi"> + <input type=text name="birthyear"> + <input type=submit name=press value="OK"> + </form> + + In your favorite browser, this form will appear with a text box to fill in + and a press-button labeled "OK". If you fill in '1905' and press the OK + button, your browser will then create a new URL to get for you. The URL will + get "junk.cgi?birthyear=1905&press=OK" appended to the path part of the + previous URL. + + If the original form was seen on the page "www.hotmail.com/when/birth.html", + the second page you'll get will become + "www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK". + + Most search engines work this way. + + To make curl do the GET form post for you, just enter the expected created + URL: + + curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK" + + 4.2 POST + + The GET method makes all input field names get displayed in the URL field of + your browser. That's generally a good thing when you want to be able to + bookmark that page with your given data, but it is an obvious disadvantage + if you entered secret information in one of the fields or if there are a + large amount of fields creating a very long and unreadable URL. + + The HTTP protocol then offers the POST method. This way the client sends the + data separated from the URL and thus you won't see any of it in the URL + address field. + + The form would look very similar to the previous one: + + <form method="POST" action="junk.cgi"> + <input type=text name="birthyear"> + <input type=submit name=press value=" OK "> + </form> + + And to use curl to post this form with the same data filled in as before, we + could do it like: + + curl --data "birthyear=1905&press=%20OK%20" \ + http://www.example.com/when.cgi + + This kind of POST will use the Content-Type + application/x-www-form-urlencoded and is the most widely used POST kind. + + The data you send to the server MUST already be properly encoded, curl will + not do that for you. For example, if you want the data to contain a space, + you need to replace that space with %20 etc. Failing to comply with this + will most likely cause your data to be received wrongly and messed up. + + Recent curl versions can in fact url-encode POST data for you, like this: + + curl --data-urlencode "name=I am Daniel" http://www.example.com + + 4.3 File Upload POST + + Back in late 1995 they defined an additional way to post data over HTTP. It + is documented in the RFC 1867, why this method sometimes is referred to as + RFC1867-posting. + + This method is mainly designed to better support file uploads. A form that + allows a user to upload a file could be written like this in HTML: + + <form method="POST" enctype='multipart/form-data' action="upload.cgi"> + <input type=file name=upload> + <input type=submit name=press value="OK"> + </form> + + This clearly shows that the Content-Type about to be sent is + multipart/form-data. + + To post to a form like this with curl, you enter a command line like: + + curl --form upload=@localfilename --form press=OK [URL] + + 4.4 Hidden Fields + + A very common way for HTML based application to pass state information + between pages is to add hidden fields to the forms. Hidden fields are + already filled in, they aren't displayed to the user and they get passed + along just as all the other fields. + + A similar example form with one visible field, one hidden field and one + submit button could look like: + + <form method="POST" action="foobar.cgi"> + <input type=text name="birthyear"> + <input type=hidden name="person" value="daniel"> + <input type=submit name="press" value="OK"> + </form> + + To post this with curl, you won't have to think about if the fields are + hidden or not. To curl they're all the same: + + curl --data "birthyear=1905&press=OK&person=daniel" [URL] + + 4.5 Figure Out What A POST Looks Like + + When you're about fill in a form and send to a server by using curl instead + of a browser, you're of course very interested in sending a POST exactly the + way your browser does. + + An easy way to get to see this, is to save the HTML page with the form on + your local disk, modify the 'method' to a GET, and press the submit button + (you could also change the action URL if you want to). + + You will then clearly see the data get appended to the URL, separated with a + '?'-letter as GET forms are supposed to. + +5. PUT + + The perhaps best way to upload data to a HTTP server is to use PUT. Then + again, this of course requires that someone put a program or script on the + server end that knows how to receive a HTTP PUT stream. + + Put a file to a HTTP server with curl: + + curl --upload-file uploadfile http://www.example.com/receive.cgi + +6. HTTP Authentication + + HTTP Authentication is the ability to tell the server your username and + password so that it can verify that you're allowed to do the request you're + doing. The Basic authentication used in HTTP (which is the type curl uses by + default) is *plain* *text* based, which means it sends username and password + only slightly obfuscated, but still fully readable by anyone that sniffs on + the network between you and the remote server. + + To tell curl to use a user and password for authentication: + + curl --user name:password http://www.example.com + + The site might require a different authentication method (check the headers + returned by the server), and then --ntlm, --digest, --negotiate or even + --anyauth might be options that suit you. + + Sometimes your HTTP access is only available through the use of a HTTP + proxy. This seems to be especially common at various companies. A HTTP proxy + may require its own user and password to allow the client to get through to + the Internet. To specify those with curl, run something like: + + curl --proxy-user proxyuser:proxypassword curl.haxx.se + + If your proxy requires the authentication to be done using the NTLM method, + use --proxy-ntlm, if it requires Digest use --proxy-digest. + + If you use any one these user+password options but leave out the password + part, curl will prompt for the password interactively. + + Do note that when a program is run, its parameters might be possible to see + when listing the running processes of the system. Thus, other users may be + able to watch your passwords if you pass them as plain command line + options. There are ways to circumvent this. + + It is worth noting that while this is how HTTP Authentication works, very + many web sites will not use this concept when they provide logins etc. See + the Web Login chapter further below for more details on that. + +7. Referer + + A HTTP request may include a 'referer' field (yes it is misspelled), which + can be used to tell from which URL the client got to this particular + resource. Some programs/scripts check the referer field of requests to verify + that this wasn't arriving from an external site or an unknown page. While + this is a stupid way to check something so easily forged, many scripts still + do it. Using curl, you can put anything you want in the referer-field and + thus more easily be able to fool the server into serving your request. + + Use curl to set the referer field with: + + curl --referer http://www.example.come http://www.example.com + +8. User Agent + + Very similar to the referer field, all HTTP requests may set the User-Agent + field. It names what user agent (client) that is being used. Many + applications use this information to decide how to display pages. Silly web + programmers try to make different pages for users of different browsers to + make them look the best possible for their particular browsers. They usually + also do different kinds of javascript, vbscript etc. + + At times, you will see that getting a page with curl will not return the same + page that you see when getting the page with your browser. Then you know it + is time to set the User Agent field to fool the server into thinking you're + one of those browsers. + + To make curl look like Internet Explorer 5 on a Windows 2000 box: + + curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL] + + Or why not look like you're using Netscape 4.73 on an old Linux box: + + curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL] + +9. Redirects + + When a resource is requested from a server, the reply from the server may + include a hint about where the browser should go next to find this page, or a + new page keeping newly generated output. The header that tells the browser + to redirect is Location:. + + Curl does not follow Location: headers by default, but will simply display + such pages in the same manner it display all HTTP replies. It does however + feature an option that will make it attempt to follow the Location: pointers. + + To tell curl to follow a Location: + + curl --location http://www.example.com + + If you use curl to POST to a site that immediately redirects you to another + page, you can safely use --location (-L) and --data/--form together. Curl will + only use POST in the first request, and then revert to GET in the following + operations. + +10. Cookies + + The way the web browsers do "client side state control" is by using + cookies. Cookies are just names with associated contents. The cookies are + sent to the client by the server. The server tells the client for what path + and host name it wants the cookie sent back, and it also sends an expiration + date and a few more properties. + + When a client communicates with a server with a name and path as previously + specified in a received cookie, the client sends back the cookies and their + contents to the server, unless of course they are expired. + + Many applications and servers use this method to connect a series of requests + into a single logical session. To be able to use curl in such occasions, we + must be able to record and send back cookies the way the web application + expects them. The same way browsers deal with them. + + The simplest way to send a few cookies to the server when getting a page with + curl is to add them on the command line like: + + curl --cookie "name=Daniel" http://www.example.com + + Cookies are sent as common HTTP headers. This is practical as it allows curl + to record cookies simply by recording headers. Record cookies with curl by + using the --dump-header (-D) option like: + + curl --dump-header headers_and_cookies http://www.example.com + + (Take note that the --cookie-jar option described below is a better way to + store cookies.) + + Curl has a full blown cookie parsing engine built-in that comes to use if you + want to reconnect to a server and use cookies that were stored from a + previous connection (or handicrafted manually to fool the server into + believing you had a previous connection). To use previously stored cookies, + you run curl like: + + curl --cookie stored_cookies_in_file http://www.example.com + + Curl's "cookie engine" gets enabled when you use the --cookie option. If you + only want curl to understand received cookies, use --cookie with a file that + doesn't exist. Example, if you want to let curl understand cookies from a + page and follow a location (and thus possibly send back cookies it received), + you can invoke it like: + + curl --cookie nada --location http://www.example.com + + Curl has the ability to read and write cookie files that use the same file + format that Netscape and Mozilla do. It is a convenient way to share cookies + between browsers and automatic scripts. The --cookie (-b) switch + automatically detects if a given file is such a cookie file and parses it, + and by using the --cookie-jar (-c) option you'll make curl write a new cookie + file at the end of an operation: + + curl --cookie cookies.txt --cookie-jar newcookies.txt \ + http://www.example.com + +11. HTTPS + + There are a few ways to do secure HTTP transfers. The by far most common + protocol for doing this is what is generally known as HTTPS, HTTP over + SSL. SSL encrypts all the data that is sent and received over the network and + thus makes it harder for attackers to spy on sensitive information. + + SSL (or TLS as the latest version of the standard is called) offers a + truckload of advanced features to allow all those encryptions and key + infrastructure mechanisms encrypted HTTP requires. + + Curl supports encrypted fetches thanks to the freely available OpenSSL + libraries. To get a page from a HTTPS server, simply run curl like: + + curl https://secure.example.com + + 11.1 Certificates + + In the HTTPS world, you use certificates to validate that you are the one + you claim to be, as an addition to normal passwords. Curl supports client- + side certificates. All certificates are locked with a pass phrase, which you + need to enter before the certificate can be used by curl. The pass phrase + can be specified on the command line or if not, entered interactively when + curl queries for it. Use a certificate with curl on a HTTPS server like: + + curl --cert mycert.pem https://secure.example.com + + curl also tries to verify that the server is who it claims to be, by + verifying the server's certificate against a locally stored CA cert + bundle. Failing the verification will cause curl to deny the connection. You + must then use --insecure (-k) in case you want to tell curl to ignore that + the server can't be verified. + + More about server certificate verification and ca cert bundles can be read + in the SSLCERTS document, available online here: + + http://curl.haxx.se/docs/sslcerts.html + +12. Custom Request Elements + + Doing fancy stuff, you may need to add or change elements of a single curl + request. + + For example, you can change the POST request to a PROPFIND and send the data + as "Content-Type: text/xml" (instead of the default Content-Type) like this: + + curl --data "<xml>" --header "Content-Type: text/xml" \ + --request PROPFIND url.com + + You can delete a default header by providing one without content. Like you + can ruin the request by chopping off the Host: header: + + curl --header "Host:" http://www.example.com + + You can add headers the same way. Your server may want a "Destination:" + header, and you can add it: + + curl --header "Destination: http://nowhere" http://example.com + +13. Web Login + + While not strictly just HTTP related, it still cause a lot of people problems + so here's the executive run-down of how the vast majority of all login forms + work and how to login to them using curl. + + It can also be noted that to do this properly in an automated fashion, you + will most certainly need to script things and do multiple curl invokes etc. + + First, servers mostly use cookies to track the logged-in status of the + client, so you will need to capture the cookies you receive in the + responses. Then, many sites also set a special cookie on the login page (to + make sure you got there through their login page) so you should make a habit + of first getting the login-form page to capture the cookies set there. + + Some web-based login systems features various amounts of javascript, and + sometimes they use such code to set or modify cookie contents. Possibly they + do that to prevent programmed logins, like this manual describes how to... + Anyway, if reading the code isn't enough to let you repeat the behavior + manually, capturing the HTTP requests done by your browers and analyzing the + sent cookies is usually a working method to work out how to shortcut the + javascript need. + + In the actual <form> tag for the login, lots of sites fill-in random/session + or otherwise secretly generated hidden tags and you may need to first capture + the HTML code for the login form and extract all the hidden fields to be able + to do a proper login POST. Remember that the contents need to be URL encoded + when sent in a normal POST. + +14. Debug + + Many times when you run curl on a site, you'll notice that the site doesn't + seem to respond the same way to your curl requests as it does to your + browser's. + + Then you need to start making your curl requests more similar to your + browser's requests: + + * Use the --trace-ascii option to store fully detailed logs of the requests + for easier analyzing and better understanding + + * Make sure you check for and use cookies when needed (both reading with + --cookie and writing with --cookie-jar) + + * Set user-agent to one like a recent popular browser does + + * Set referer like it is set by the browser + + * If you use POST, make sure you send all the fields and in the same order as + the browser does it. (See chapter 4.5 above) + + A very good helper to make sure you do this right, is the LiveHTTPHeader tool + that lets you view all headers you send and receive with Mozilla/Firefox + (even when using HTTPS). + + A more raw approach is to capture the HTTP traffic on the network with tools + such as ethereal or tcpdump and check what headers that were sent and + received by the browser. (HTTPS makes this technique inefficient.) + +15. References + + RFC 2616 is a must to read if you want in-depth understanding of the HTTP + protocol. + + RFC 3986 explains the URL syntax. + + RFC 2109 defines how cookies are supposed to work. + + RFC 1867 defines the HTTP post upload format. + + http://curl.haxx.se is the home of the cURL project diff --git a/libs/libcurl/docs/VERSIONS b/libs/libcurl/docs/VERSIONS new file mode 100644 index 0000000000..0670089bdb --- /dev/null +++ b/libs/libcurl/docs/VERSIONS @@ -0,0 +1,60 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +Version Numbers and Releases + + Curl is not only curl. Curl is also libcurl. They're actually individually + versioned, but they mostly follow each other rather closely. + + The version numbering is always built up using the same system: + + X.Y[.Z] + + Where + X is main version number + Y is release number + Z is patch number + + One of these numbers will get bumped in each new release. The numbers to the + right of a bumped number will be reset to zero. If Z is zero, it may not be + included in the version number. + + The main version number will get bumped when *really* big, world colliding + changes are made. The release number is bumped when changes are performed or + things/features are added. The patch number is bumped when the changes are + mere bugfixes. + + It means that after release 1.2.3, we can release 2.0 if something really big + has been made, 1.3 if not that big changes were made or 1.2.4 if mostly bugs + were fixed. + + Bumping, as in increasing the number with 1, is unconditionally only + affecting one of the numbers (except the ones to the right of it, that may be + set to zero). 1 becomes 2, 3 becomes 4, 9 becomes 10, 88 becomes 89 and 99 + becomes 100. So, after 1.2.9 comes 1.2.10. After 3.99.3, 3.100 might come. + + All original curl source release archives are named according to the libcurl + version (not according to the curl client version that, as said before, might + differ). + + As a service to any application that might want to support new libcurl + features while still being able to build with older versions, all releases + have the libcurl version stored in the curl/curlver.h file using a static + numbering scheme that can be used for comparison. The version number is + defined as: + + #define LIBCURL_VERSION_NUM 0xXXYYZZ + + Where XX, YY and ZZ are the main version, release and patch numbers in + hexadecimal. All three number fields are always represented using two digits + (eight bits each). 1.2 would appear as "0x010200" while version 9.11.7 + appears as "0x090b07". + + This 6-digit hexadecimal number is always a greater number in a more recent + release. It makes comparisons with greater than and less than work. + + This number is also available as three separate defines: + LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. diff --git a/libs/libcurl/docs/curl-config.1 b/libs/libcurl/docs/curl-config.1 new file mode 100644 index 0000000000..14a9d2ba87 --- /dev/null +++ b/libs/libcurl/docs/curl-config.1 @@ -0,0 +1,98 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH curl-config 1 "25 Oct 2007" "Curl 7.17.1" "curl-config manual" +.SH NAME +curl-config \- Get information about a libcurl installation +.SH SYNOPSIS +.B curl-config [options] +.SH DESCRIPTION +.B curl-config +displays information about the curl and libcurl installation. +.SH OPTIONS +.IP "--ca" +Displays the built-in path to the CA cert bundle this libcurl uses. +.IP "--cc" +Displays the compiler used to build libcurl. +.IP "--cflags" +Set of compiler options (CFLAGS) to use when compiling files that use +libcurl. Currently that is only the include path to the curl include files. +.IP "--checkfor [version]" +Specify the oldest possible libcurl version string you want, and this +script will return 0 if the current installation is new enough or it +returns 1 and outputs a text saying that the current version is not new +enough. (Added in 7.15.4) +.IP "--configure" +Displays the arguments given to configure when building curl. +.IP "--feature" +Lists what particular main features the installed libcurl was built with. At +the time of writing, this list may include SSL, KRB4 or IPv6. Do not assume +any particular order. The keywords will be separated by newlines. There may be +none, one, or several keywords in the list. +.IP "--help" +Displays the available options. +.IP "--libs" +Shows the complete set of libs and other linker options you will need in order +to link your application with libcurl. +.IP "--prefix" +This is the prefix used when libcurl was installed. Libcurl is then installed +in $prefix/lib and its header files are installed in $prefix/include and so +on. The prefix is set with "configure --prefix". +.IP "--protocols" +Lists what particular protocols the installed libcurl was built to support. At +the time of writing, this list may include HTTP, HTTPS, FTP, FTPS, FILE, +TELNET, LDAP, DICT. Do not assume any particular order. The protocols will +be listed using uppercase and are separated by newlines. There may be none, +one, or several protocols in the list. (Added in 7.13.0) +.IP "--static-libs" +Shows the complete set of libs and other linker options you will need in order +to link your application with libcurl statically. (Added in 7.17.1) +.IP "--version" +Outputs version information about the installed libcurl. +.IP "--vernum" +Outputs version information about the installed libcurl, in numerical mode. +This outputs the version number, in hexadecimal, with 8 bits for each part; +major, minor, patch. So that libcurl 7.7.4 would appear as 070704 and libcurl +12.13.14 would appear as 0c0d0e... Note that the initial zero might be +omitted. (This option was broken in the 7.15.0 release.) +.SH "EXAMPLES" +What linker options do I need when I link with libcurl? + + $ curl-config --libs + +What compiler options do I need when I compile using libcurl functions? + + $ curl-config --cflags + +How do I know if libcurl was built with SSL support? + + $ curl-config --feature | grep SSL + +What's the installed libcurl version? + + $ curl-config --version + +How do I build a single file with a one-line command? + + $ `curl-config --cc --cflags` -o example example.c `curl-config --libs` +.SH "SEE ALSO" +.BR curl (1) diff --git a/libs/libcurl/docs/curl-config.html b/libs/libcurl/docs/curl-config.html new file mode 100644 index 0000000000..1563d548b9 --- /dev/null +++ b/libs/libcurl/docs/curl-config.html @@ -0,0 +1,91 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> +<html><head> +<title>curl-config man page</title> +<meta name="generator" content="roffit"> +<STYLE type="text/css"> +P.level0 { + padding-left: 2em; +} + +P.level1 { + padding-left: 4em; +} + +P.level2 { + padding-left: 6em; +} + +span.emphasis { + font-style: italic; +} + +span.bold { + font-weight: bold; +} + +span.manpage { + font-weight: bold; +} + +h2.nroffsh { + background-color: #e0e0e0; +} + +span.nroffip { + font-weight: bold; + font-size: 120%; + font-family: monospace; +} + +p.roffit { + text-align: center; + font-size: 80%; +} +</STYLE> +</head><body> + +<p class="level0"><a name="NAME"></a><h2 class="nroffsh">NAME</h2> +<p class="level0">curl-config - Get information about a libcurl installation <a name="SYNOPSIS"></a><h2 class="nroffsh">SYNOPSIS</h2> +<p class="level0"><span Class="bold">curl-config [options]</span> <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2> +<p class="level0"><span Class="bold">curl-config</span> displays information about the curl and libcurl installation. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2> +<p class="level0"> +<p class="level0"><a name="--ca"></a><span class="nroffip">--ca</span> +<p class="level1">Displays the built-in path to the CA cert bundle this libcurl uses. +<p class="level0"><a name="--cc"></a><span class="nroffip">--cc</span> +<p class="level1">Displays the compiler used to build libcurl. +<p class="level0"><a name="--cflags"></a><span class="nroffip">--cflags</span> +<p class="level1">Set of compiler options (CFLAGS) to use when compiling files that use libcurl. Currently that is only the include path to the curl include files. +<p class="level0"><a name="--checkfor"></a><span class="nroffip">--checkfor [version]</span> +<p class="level1">Specify the oldest possible libcurl version string you want, and this script will return 0 if the current installation is new enough or it returns 1 and outputs a text saying that the current version is not new enough. (Added in 7.15.4) +<p class="level0"><a name="--configure"></a><span class="nroffip">--configure</span> +<p class="level1">Displays the arguments given to configure when building curl. +<p class="level0"><a name="--feature"></a><span class="nroffip">--feature</span> +<p class="level1">Lists what particular main features the installed libcurl was built with. At the time of writing, this list may include SSL, KRB4 or IPv6. Do not assume any particular order. The keywords will be separated by newlines. There may be none, one, or several keywords in the list. +<p class="level0"><a name="--help"></a><span class="nroffip">--help</span> +<p class="level1">Displays the available options. +<p class="level0"><a name="--libs"></a><span class="nroffip">--libs</span> +<p class="level1">Shows the complete set of libs and other linker options you will need in order to link your application with libcurl. +<p class="level0"><a name="--prefix"></a><span class="nroffip">--prefix</span> +<p class="level1">This is the prefix used when libcurl was installed. Libcurl is then installed in $prefix/lib and its header files are installed in $prefix/include and so on. The prefix is set with "configure --prefix". +<p class="level0"><a name="--protocols"></a><span class="nroffip">--protocols</span> +<p class="level1">Lists what particular protocols the installed libcurl was built to support. At the time of writing, this list may include HTTP, HTTPS, FTP, FTPS, FILE, TELNET, LDAP, DICT. Do not assume any particular order. The protocols will be listed using uppercase and are separated by newlines. There may be none, one, or several protocols in the list. (Added in 7.13.0) +<p class="level0"><a name="--static-libs"></a><span class="nroffip">--static-libs</span> +<p class="level1">Shows the complete set of libs and other linker options you will need in order to link your application with libcurl statically. (Added in 7.17.1) +<p class="level0"><a name="--version"></a><span class="nroffip">--version</span> +<p class="level1">Outputs version information about the installed libcurl. +<p class="level0"><a name="--vernum"></a><span class="nroffip">--vernum</span> +<p class="level1">Outputs version information about the installed libcurl, in numerical mode. This outputs the version number, in hexadecimal, with 8 bits for each part; major, minor, patch. So that libcurl 7.7.4 would appear as 070704 and libcurl 12.13.14 would appear as 0c0d0e... Note that the initial zero might be omitted. (This option was broken in the 7.15.0 release.) <a name="EXAMPLES"></a><h2 class="nroffsh">EXAMPLES</h2> +<p class="level0">What linker options do I need when I link with libcurl? +<p class="level0"> $ curl-config --libs +<p class="level0">What compiler options do I need when I compile using libcurl functions? +<p class="level0"> $ curl-config --cflags +<p class="level0">How do I know if libcurl was built with SSL support? +<p class="level0"> $ curl-config --feature | grep SSL +<p class="level0">What's the installed libcurl version? +<p class="level0"> $ curl-config --version +<p class="level0">How do I build a single file with a one-line command? +<p class="level0"> $ `curl-config --cc --cflags` -o example example.c `curl-config --libs` <a name="SEE"></a><h2 class="nroffsh">SEE ALSO</h2> +<p class="level0"><span Class="manpage">curl (1)</span> <p class="roffit"> + This HTML page was made with <a href="http://daniel.haxx.se/projects/roffit/">roffit</a>. +</body></html> diff --git a/libs/libcurl/docs/curl-config.pdf b/libs/libcurl/docs/curl-config.pdf Binary files differnew file mode 100644 index 0000000000..0d0d994246 --- /dev/null +++ b/libs/libcurl/docs/curl-config.pdf diff --git a/libs/libcurl/docs/curl.1 b/libs/libcurl/docs/curl.1 new file mode 100644 index 0000000000..30ef4ccf6f --- /dev/null +++ b/libs/libcurl/docs/curl.1 @@ -0,0 +1,2070 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH curl 1 "27 July 2012" "Curl 7.27.0" "Curl Manual" +.SH NAME +curl \- transfer a URL +.SH SYNOPSIS +.B curl [options] +.I [URL...] +.SH DESCRIPTION +.B curl +is a tool to transfer data from or to a server, using one of the supported +protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, +LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP). The +command is designed to work without user interaction. + +curl offers a busload of useful tricks like proxy support, user +authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer +resume, Metalink, and more. As you will see below, the number of features will +make your head spin! + +curl is powered by libcurl for all transfer-related features. See +.BR libcurl (3) +for details. +.SH URL +The URL syntax is protocol-dependent. You'll find a detailed description in +RFC 3986. + +You can specify multiple URLs or parts of URLs by writing part sets within +braces as in: + + http://site.{one,two,three}.com + +or you can get sequences of alphanumeric series by using [] as in: + + ftp://ftp.numericals.com/file[1-100].txt + ftp://ftp.numericals.com/file[001-100].txt (with leading zeros) + ftp://ftp.letters.com/file[a-z].txt + +Nested sequences are not supported, but you can use several ones next to each +other: + + http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html + +You can specify any amount of URLs on the command line. They will be fetched +in a sequential manner in the specified order. + +You can specify a step counter for the ranges to get every Nth number or +letter: + + http://www.numericals.com/file[1-100:10].txt + http://www.letters.com/file[a-z:2].txt + +If you specify URL without protocol:// prefix, curl will attempt to guess what +protocol you might want. It will then default to HTTP but try other protocols +based on often-used host name prefixes. For example, for host names starting +with "ftp." curl will assume you want to speak FTP. + +curl will do its best to use what you pass to it as a URL. It is not trying to +validate it as a syntactically correct URL by any means but is instead +\fBvery\fP liberal with what it accepts. + +curl will attempt to re-use connections for multiple file transfers, so that +getting many files from the same server will not do multiple connects / +handshakes. This improves speed. Of course this is only done on files +specified on a single command line and cannot be used between separate curl +invokes. +.SH "PROGRESS METER" +curl normally displays a progress meter during operations, indicating the +amount of transferred data, transfer speeds and estimated time left, etc. + +curl displays this data to the terminal by default, so if you invoke curl to +do an operation and it is about to write data to the terminal, it +\fIdisables\fP the progress meter as otherwise it would mess up the output +mixing progress meter and response data. + +If you want a progress meter for HTTP POST or PUT requests, you need to +redirect the response output to a file, using shell redirect (>), -o [file] or +similar. + +It is not the same case for FTP upload as that operation does not spit out +any response data to the terminal. + +If you prefer a progress "bar" instead of the regular meter, \fI-#\fP is your +friend. +.SH OPTIONS +Options start with one or two dashes. Many of the options require an addition +value next to it. + +The short "single-dash" form of the options, -d for example, may be used with +or without a space between it and its value, although a space is a recommended +separator. The long "double-dash" form, --data for example, requires a space +between it and its value. + +Short version options that don't need any additional values can be used +immediately next to each other, like for example you can specify all the +options -O, -L and -v at once as -OLv. + +In general, all boolean options are enabled with --\fBoption\fP and yet again +disabled with --\fBno-\fPoption. That is, you use the exact same option name +but prefix it with "no-". However, in this list we mostly only list and show +the --option version of them. (This concept with --no options was added in +7.19.0. Previously most options were toggled on/off on repeated use of the +same command line option.) +.IP "-#, --progress-bar" +Make curl display progress as a simple progress bar instead of the standard, +more informational, meter. +.IP "-0, --http1.0" +(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally +preferred: HTTP 1.1. +.IP "--http1.1" +(HTTP) Tells curl to use HTTP version 1.1. This is the internal default +version. (Added in 7.33.0) +.IP "--http2.0" +(HTTP) Tells curl to issue its requests using HTTP 2.0. This requires that the +underlying libcurl was built to support it. (Added in 7.33.0) +.IP "-1, --tlsv1" +(SSL) +Forces curl to use TLS version 1 when negotiating with a remote TLS server. +.IP "-2, --sslv2" +(SSL) +Forces curl to use SSL version 2 when negotiating with a remote SSL server. +.IP "-3, --sslv3" +(SSL) +Forces curl to use SSL version 3 when negotiating with a remote SSL server. +.IP "-4, --ipv4" +If curl is capable of resolving an address to multiple IP versions (which it +is if it is IPv6-capable), this option tells curl to resolve names to IPv4 +addresses only. +.IP "-6, --ipv6" +If curl is capable of resolving an address to multiple IP versions (which it +is if it is IPv6-capable), this option tells curl to resolve names to IPv6 +addresses only. +.IP "-a, --append" +(FTP/SFTP) When used in an upload, this will tell curl to append to the target +file instead of overwriting it. If the file doesn't exist, it will be created. +Note that this flag is ignored by some SSH servers (including OpenSSH). +.IP "-A, --user-agent <agent string>" +(HTTP) Specify the User-Agent string to send to the HTTP server. Some badly +done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in +the string, surround the string with single quote marks. This can also be set +with the \fI-H, --header\fP option of course. + +If this option is used several times, the last one will be used. +.IP "--anyauth" +(HTTP) Tells curl to figure out authentication method by itself, and use the +most secure one the remote site claims to support. This is done by first +doing a request and checking the response-headers, thus possibly inducing an +extra network round-trip. This is used instead of setting a specific +authentication method, which you can do with \fI--basic\fP, \fI--digest\fP, +\fI--ntlm\fP, and \fI--negotiate\fP. + +Note that using --anyauth is not recommended if you do uploads from stdin, +since it may require data to be sent twice and then the client must be able to +rewind. If the need should arise when uploading from stdin, the upload +operation will fail. +.IP "-b, --cookie <name=data>" +(HTTP) +Pass the data to the HTTP server as a cookie. It is supposedly the +data previously received from the server in a "Set-Cookie:" line. +The data should be in the format "NAME1=VALUE1; NAME2=VALUE2". + +If no '=' symbol is used in the line, it is treated as a filename to use to +read previously stored cookie lines from, which should be used in this session +if they match. Using this method also activates the "cookie parser" which will +make curl record incoming cookies too, which may be handy if you're using this +in combination with the \fI-L, --location\fP option. The file format of the +file to read cookies from should be plain HTTP headers or the Netscape/Mozilla +cookie file format. + +\fBNOTE\fP that the file specified with \fI-b, --cookie\fP is only used as +input. No cookies will be stored in the file. To store cookies, use the +\fI-c, --cookie-jar\fP option or you could even save the HTTP headers to a file +using \fI-D, --dump-header\fP! + +If this option is used several times, the last one will be used. +.IP "-B, --use-ascii" +(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be +enforced by using an URL that ends with ";type=A". This option causes data +sent to stdout to be in text mode for win32 systems. +.IP "--basic" +(HTTP) Tells curl to use HTTP Basic authentication. This is the default and +this option is usually pointless, unless you use it to override a previously +set option that sets a different authentication method (such as \fI--ntlm\fP, +\fI--digest\fP, or \fI--negotiate\fP). +.IP "-c, --cookie-jar <file name>" +(HTTP) Specify to which file you want curl to write all cookies after a +completed operation. Curl writes all cookies previously read from a specified +file as well as all cookies received from remote server(s). If no cookies are +known, no file will be written. The file will be written using the Netscape +cookie file format. If you set the file name to a single dash, "-", the +cookies will be written to stdout. + +This command line option will activate the cookie engine that makes curl +record and use cookies. Another way to activate it is to use the \fI-b, +--cookie\fP option. + +If the cookie jar can't be created or written to, the whole curl operation +won't fail or even report an error clearly. Using -v will get a warning +displayed, but that is the only visible feedback you get about this possibly +lethal situation. + +If this option is used several times, the last specified file name will be +used. +.IP "-C, --continue-at <offset>" +Continue/Resume a previous file transfer at the given offset. The given offset +is the exact number of bytes that will be skipped, counting from the beginning +of the source file before it is transferred to the destination. If used with +uploads, the FTP server command SIZE will not be used by curl. + +Use "-C -" to tell curl to automatically find out where/how to resume the +transfer. It then uses the given output/input files to figure that out. + +If this option is used several times, the last one will be used. +.IP "--ciphers <list of ciphers>" +(SSL) Specifies which ciphers to use in the connection. The list of ciphers +must specify valid ciphers. Read up on SSL cipher list details on this URL: +\fIhttp://www.openssl.org/docs/apps/ciphers.html\fP + +NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS +ciphers is in the NSSCipherSuite entry at this URL: +\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP + +If this option is used several times, the last one will be used. +.IP "--compressed" +(HTTP) Request a compressed response using one of the algorithms curl +supports, and save the uncompressed document. If this option is used and the +server sends an unsupported encoding, curl will report an error. +.IP "--connect-timeout <seconds>" +Maximum time in seconds that you allow the connection to the server to take. +This only limits the connection phase, once curl has connected this option is +of no more use. Since 7.32.0, this option accepts decimal values, but the +actual timeout will decrease in accuracy as the specified timeout increases in +decimal precision. See also the \fI-m, --max-time\fP option. + +If this option is used several times, the last one will be used. +.IP "--create-dirs" +When used in conjunction with the \fI-o\fP option, curl will create the +necessary local directory hierarchy as needed. This option creates the dirs +mentioned with the \fI-o\fP option, nothing else. If the \fI-o\fP file name +uses no dir or if the dirs it mentions already exist, no dir will be created. + +To create remote directories when using FTP or SFTP, try +\fI--ftp-create-dirs\fP. +.IP "--crlf" +(FTP) Convert LF to CRLF in upload. Useful for MVS (OS/390). +.IP "--crlfile <file>" +(HTTPS/FTPS) Provide a file using PEM format with a Certificate Revocation +List that may specify peer certificates that are to be considered revoked. + +If this option is used several times, the last one will be used. + +(Added in 7.19.7) +.IP "-d, --data <data>" +(HTTP) Sends the specified data in a POST request to the HTTP server, in the +same way that a browser does when a user has filled in an HTML form and +presses the submit button. This will cause curl to pass the data to the server +using the content-type application/x-www-form-urlencoded. Compare to +\fI-F, --form\fP. + +\fI-d, --data\fP is the same as \fI--data-ascii\fP. To post data purely binary, +you should instead use the \fI--data-binary\fP option. To URL-encode the value +of a form field you may use \fI--data-urlencode\fP. + +If any of these options is used more than once on the same command line, the +data pieces specified will be merged together with a separating +&-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post +chunk that looks like \&'name=daniel&skill=lousy'. + +If you start the data with the letter @, the rest should be a file name to +read the data from, or - if you want curl to read the data from stdin. The +contents of the file must already be URL-encoded. Multiple files can also be +specified. Posting data from a file named 'foobar' would thus be done with +\fI--data\fP @foobar. When --data is told to read from a file like that, +carriage returns and newlines will be stripped out. +.IP "-D, --dump-header <file>" +Write the protocol headers to the specified file. + +This option is handy to use when you want to store the headers that an HTTP +site sends to you. Cookies from the headers could then be read in a second +curl invocation by using the \fI-b, --cookie\fP option! The +\fI-c, --cookie-jar\fP option is however a better way to store cookies. + +When used in FTP, the FTP server response lines are considered being "headers" +and thus are saved there. + +If this option is used several times, the last one will be used. + +.IP "--data-ascii <data>" +See \fI-d, --data\fP. +.IP "--data-binary <data>" +(HTTP) This posts data exactly as specified with no extra processing +whatsoever. + +If you start the data with the letter @, the rest should be a filename. Data +is posted in a similar manner as \fI--data-ascii\fP does, except that newlines +and carriage returns are preserved and conversions are never done. + +If this option is used several times, the ones following the first will append +data as described in \fI-d, --data\fP. +.IP "--data-urlencode <data>" +(HTTP) This posts data, similar to the other --data options with the exception +that this performs URL-encoding. (Added in 7.18.0) + +To be CGI-compliant, the <data> part should begin with a \fIname\fP followed +by a separator and a content specification. The <data> part can be passed to +curl using one of the following syntaxes: +.RS +.IP "content" +This will make curl URL-encode the content and pass that on. Just be careful +so that the content doesn't contain any = or @ symbols, as that will then make +the syntax match one of the other cases below! +.IP "=content" +This will make curl URL-encode the content and pass that on. The preceding = +symbol is not included in the data. +.IP "name=content" +This will make curl URL-encode the content part and pass that on. Note that +the name part is expected to be URL-encoded already. +.IP "@filename" +This will make curl load data from the given file (including any newlines), +URL-encode that data and pass it on in the POST. +.IP "name@filename" +This will make curl load data from the given file (including any newlines), +URL-encode that data and pass it on in the POST. The name part gets an equal +sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the +name is expected to be URL-encoded already. +.RE +.IP "--delegation LEVEL" +Set \fILEVEL\fP to tell the server what it is allowed to delegate when it +comes to user credentials. Used with GSS/kerberos. +.RS +.IP "none" +Don't allow any delegation. +.IP "policy" +Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos +service ticket, which is a matter of realm policy. +.IP "always" +Unconditionally allow the server to delegate. +.RE +.IP "--digest" +(HTTP) Enables HTTP Digest authentication. This is an authentication scheme +that prevents the password from being sent over the wire in clear text. Use +this in combination with the normal \fI-u, --user\fP option to set user name +and password. See also \fI--ntlm\fP, \fI--negotiate\fP and \fI--anyauth\fP for +related options. + +If this option is used several times, only the first one is used. +.IP "--disable-eprt" +(FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing +active FTP transfers. Curl will normally always first attempt to use EPRT, +then LPRT before using PORT, but with this option, it will use PORT right +away. EPRT and LPRT are extensions to the original FTP protocol, and may not +work on all servers, but they enable more functionality in a better way than +the traditional PORT command. + +\fB--eprt\fP can be used to explicitly enable EPRT again and \fB--no-eprt\fP +is an alias for \fB--disable-eprt\fP. + +Disabling EPRT only changes the active behavior. If you want to switch to +passive mode you need to not use \fI-P, --ftp-port\fP or force it with +\fI--ftp-pasv\fP. +.IP "--disable-epsv" +(FTP) Tell curl to disable the use of the EPSV command when doing passive FTP +transfers. Curl will normally always first attempt to use EPSV before PASV, +but with this option, it will not try using EPSV. + +\fB--epsv\fP can be used to explicitly enable EPSV again and \fB--no-epsv\fP +is an alias for \fB--disable-epsv\fP. + +Disabling EPSV only changes the passive behavior. If you want to switch to +active mode you need to use \fI-P, --ftp-port\fP. +.IP "--dns-interface <interface>" +Tell curl to send outgoing DNS requests through <interface>. This option +is a counterpart to \fI--interface\fP (which does not affect DNS). The +supplied string must be an interface name (not an address). + +This option requires that libcurl was built with a resolver backend that +supports this operation. The c-ares backend is the only such one. (Added in +7.33.0) +.IP "--dns-ipv4-addr <ip-address>" +Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that +the DNS requests originate from this address. The argument should be a +single IPv4 address. + +This option requires that libcurl was built with a resolver backend that +supports this operation. The c-ares backend is the only such one. (Added in +7.33.0) +.IP "--dns-ipv6-addr <ip-address>" +Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that +the DNS requests originate from this address. The argument should be a +single IPv6 address. + +This option requires that libcurl was built with a resolver backend that +supports this operation. The c-ares backend is the only such one. (Added in +7.33.0) +.IP "--dns-servers <ip-address,ip-address>" +Set the list of DNS servers to be used instead of the system default. +The list of IP addresses should be separated with commas. Port numbers +may also optionally be given as \fI:<port-number>\fP after each IP +address. + +This option requires that libcurl was built with a resolver backend that +supports this operation. The c-ares backend is the only such one. (Added in +7.33.0) +.IP "-e, --referer <URL>" +(HTTP) Sends the "Referer Page" information to the HTTP server. This can also +be set with the \fI-H, --header\fP flag of course. When used with +\fI-L, --location\fP you can append ";auto" to the --referer URL to make curl +automatically set the previous URL when it follows a Location: header. The +\&";auto" string can be used alone, even if you don't set an initial --referer. + +If this option is used several times, the last one will be used. +.IP "-E, --cert <certificate[:password]>" +(SSL) Tells curl to use the specified client certificate file when getting a +file with HTTPS, FTPS or another SSL-based protocol. The certificate must be +in PKCS#12 format if using Secure Transport, or PEM format if using any other +engine. If the optional password isn't specified, it will be queried +for on the terminal. Note that this option assumes a \&"certificate" file that +is the private key and the private certificate concatenated! See \fI--cert\fP +and \fI--key\fP to specify them independently. + +If curl is built against the NSS SSL library then this option can tell +curl the nickname of the certificate to use within the NSS database defined +by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the +NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be +loaded. If you want to use a file from the current directory, please precede +it with "./" prefix, in order to avoid confusion with a nickname. If the +nickname contains ":", it needs to be preceded by "\\" so that it is not +recognized as password delimiter. If the nickname contains "\\", it needs to +be escaped as "\\\\" so that it is not recognized as an escape character. + +(iOS and Mac OS X only) If curl is built against Secure Transport, then the +certificate string can either be the name of a certificate/private key in the +system or user keychain, or the path to a PKCS#12-encoded certificate and +private key. If you want to use a file from the current directory, please +precede it with "./" prefix, in order to avoid confusion with a nickname. + +If this option is used several times, the last one will be used. +.IP "--engine <name>" +Select the OpenSSL crypto engine to use for cipher +operations. Use \fI--engine list\fP to print a list of build-time supported +engines. Note that not all (or none) of the engines may be available at +run-time. +.IP "--environment" +(RISC OS ONLY) Sets a range of environment variables, using the names the +\fI-w\fP option supports, to allow easier extraction of useful information +after having run curl. +.IP "--egd-file <file>" +(SSL) Specify the path name to the Entropy Gathering Daemon socket. The socket +is used to seed the random engine for SSL connections. See also the +\fI--random-file\fP option. +.IP "--cert-type <type>" +(SSL) Tells curl what certificate type the provided certificate is in. PEM, +DER and ENG are recognized types. If not specified, PEM is assumed. + +If this option is used several times, the last one will be used. +.IP "--cacert <CA certificate>" +(SSL) Tells curl to use the specified certificate file to verify the peer. The +file may contain multiple CA certificates. The certificate(s) must be in PEM +format. Normally curl is built to use a default file for this, so this option +is typically used to alter that default file. + +curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is +set, and uses the given path as a path to a CA cert bundle. This option +overrides that variable. + +The windows version of curl will automatically look for a CA certs file named +\'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the +Current Working Directory, or in any folder along your PATH. + +If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module +(libnsspem.so) needs to be available for this option to work properly. + +If this option is used several times, the last one will be used. +.IP "--capath <CA certificate directory>" +(SSL) Tells curl to use the specified certificate directory to verify the +peer. Multiple paths can be provided by separating them with ":" (e.g. +\&"path1:path2:path3"). The certificates must be in PEM format, and if curl is +built against OpenSSL, the directory must have been processed using the +c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow +OpenSSL-powered curl to make SSL-connections much more efficiently than using +\fI--cacert\fP if the \fI--cacert\fP file contains many CA certificates. + +If this option is set, the default capath value will be ignored, and if it is +used several times, the last one will be used. +.IP "-f, --fail" +(HTTP) Fail silently (no output at all) on server errors. This is mostly done +to better enable scripts etc to better deal with failed attempts. In +normal cases when an HTTP server fails to deliver a document, it returns an +HTML document stating so (which often also describes why and more). This flag +will prevent curl from outputting that and return error 22. + +This method is not fail-safe and there are occasions where non-successful +response codes will slip through, especially when authentication is involved +(response codes 401 and 407). +.IP "-F, --form <name=content>" +(HTTP) This lets curl emulate a filled-in form in which a user has pressed the +submit button. This causes curl to POST data using the Content-Type +multipart/form-data according to RFC 2388. This enables uploading of binary +files etc. To force the 'content' part to be a file, prefix the file name +with an @ sign. To just get the content part from a file, prefix the file name +with the symbol <. The difference between @ and < is then that @ makes a file +get attached in the post as a file upload, while the < makes a text field and +just get the contents for that text field from a file. + +Example, to send your password file to the server, where +\&'password' is the name of the form-field to which /etc/passwd will be the +input: + +\fBcurl\fP -F password=@/etc/passwd www.mypasswords.com + +To read content from stdin instead of a file, use - as the filename. This goes +for both @ and < constructs. + +You can also tell curl what Content-Type to use by using 'type=', in a manner +similar to: + +\fBcurl\fP -F "web=@index.html;type=text/html" url.com + +or + +\fBcurl\fP -F "name=daniel;type=text/foo" url.com + +You can also explicitly change the name field of a file upload part by setting +filename=, like this: + +\fBcurl\fP -F "file=@localfile;filename=nameinpost" url.com + +If filename/path contains ',' or ';', it must be quoted by double-quotes like: + +\fBcurl\fP -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" url.com + +or + +\fBcurl\fP -F 'file=@"localfile";filename="nameinpost"' url.com + +Note that if a filename/path is quoted by double-quotes, any double-quote +or backslash within the filename must be escaped by backslash. + +See further examples and details in the MANUAL. + +This option can be used multiple times. +.IP "--ftp-account [data]" +(FTP) When an FTP server asks for "account data" after user name and password +has been provided, this data is sent off using the ACCT command. (Added in +7.13.0) + +If this option is used several times, the last one will be used. +.IP "--ftp-alternative-to-user <command>" +(FTP) If authenticating with the USER and PASS commands fails, send this +command. When connecting to Tumbleweed's Secure Transport server over FTPS +using a client certificate, using "SITE AUTH" will tell the server to retrieve +the username from the certificate. (Added in 7.15.5) +.IP "--ftp-create-dirs" +(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't +currently exist on the server, the standard behavior of curl is to +fail. Using this option, curl will instead attempt to create missing +directories. +.IP "--ftp-method [method]" +(FTP) Control what method curl should use to reach a file on an FTP(S) +server. The method argument should be one of the following alternatives: +.RS +.IP multicwd +curl does a single CWD operation for each path part in the given URL. For deep +hierarchies this means very many commands. This is how RFC 1738 says it should +be done. This is the default but the slowest behavior. +.IP nocwd +curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full +path to the server for all these commands. This is the fastest behavior. +.IP singlecwd +curl does one CWD with the full target directory and then operates on the file +\&"normally" (like in the multicwd case). This is somewhat more standards +compliant than 'nocwd' but without the full penalty of 'multicwd'. +.RE +(Added in 7.15.1) +.IP "--ftp-pasv" +(FTP) Use passive mode for the data connection. Passive is the internal default +behavior, but using this option can be used to override a previous +\fI-P/-ftp-port\fP option. (Added in 7.11.0) + +If this option is used several times, only the first one is used. Undoing an +enforced passive really isn't doable but you must then instead enforce the +correct \fI-P, --ftp-port\fP again. + +Passive mode means that curl will try the EPSV command first and then PASV, +unless \fI--disable-epsv\fP is used. +.IP "--ftp-skip-pasv-ip" +(FTP) Tell curl to not use the IP address the server suggests in its response +to curl's PASV command when curl connects the data connection. Instead curl +will re-use the same IP address it already uses for the control +connection. (Added in 7.14.2) + +This option has no effect if PORT, EPRT or EPSV is used instead of PASV. +.IP "--ftp-pret" +(FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain +FTP servers, mainly drftpd, require this non-standard command for +directory listings as well as up and downloads in PASV mode. +(Added in 7.20.x) +.IP "--ftp-ssl-ccc" +(FTP) Use CCC (Clear Command Channel) +Shuts down the SSL/TLS layer after authenticating. The rest of the +control channel communication will be unencrypted. This allows +NAT routers to follow the FTP transaction. The default mode is +passive. See \fI--ftp-ssl-ccc-mode\fP for other modes. +(Added in 7.16.1) +.IP "--ftp-ssl-ccc-mode [active/passive]" +(FTP) Use CCC (Clear Command Channel) +Sets the CCC mode. The passive mode will not initiate the shutdown, but +instead wait for the server to do it, and will not reply to the +shutdown from the server. The active mode initiates the shutdown and +waits for a reply from the server. +(Added in 7.16.2) +.IP "--ftp-ssl-control" +(FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure +authentication, but non-encrypted data transfers for efficiency. Fails the +transfer if the server doesn't support SSL/TLS. (Added in 7.16.0) +that can still be used but will be removed in a future version. +.IP "--form-string <name=string>" +(HTTP) Similar to \fI--form\fP except that the value string for the named +parameter is used literally. Leading \&'@' and \&'<' characters, and the +\&';type=' string in the value have no special meaning. Use this in preference +to \fI--form\fP if there's any possibility that the string value may +accidentally trigger the \&'@' or \&'<' features of \fI--form\fP. +.IP "-g, --globoff" +This option switches off the "URL globbing parser". When you set this option, +you can specify URLs that contain the letters {}[] without having them being +interpreted by curl itself. Note that these letters are not normal legal URL +contents but they should be encoded according to the URI standard. +.IP "-G, --get" +When used, this option will make all data specified with \fI-d, --data\fP or +\fI--data-binary\fP to be used in an HTTP GET request instead of the POST +request that otherwise would be used. The data will be appended to the URL +with a '?' separator. + +If used in combination with -I, the POST data will instead be appended to the +URL with a HEAD request. + +If this option is used several times, only the first one is used. This is +because undoing a GET doesn't make sense, but you should then instead enforce +the alternative method you prefer. +.IP "-H, --header <header>" +(HTTP) Extra header to use when getting a web page. You may specify any number +of extra headers. Note that if you should add a custom header that has the +same name as one of the internal ones curl would use, your externally set +header will be used instead of the internal one. This allows you to make even +trickier stuff than curl would normally do. You should not replace internally +set headers without knowing perfectly well what you're doing. Remove an +internal header by giving a replacement without content on the right side of +the colon, as in: -H \&"Host:". If you send the custom header with no-value +then its header must be terminated with a semicolon, such as \-H +\&"X-Custom-Header;" to send "X-Custom-Header:". + +curl will make sure that each header you add/replace is sent with the proper +end-of-line marker, you should thus \fBnot\fP add that as a part of the header +content: do not add newlines or carriage returns, they will only mess things up +for you. + +See also the \fI-A, --user-agent\fP and \fI-e, --referer\fP options. + +This option can be used multiple times to add/replace/remove multiple headers. +.IP "--hostpubmd5 <md5>" +(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should +be the 128 bit MD5 checksum of the remote host's public key, curl will refuse +the connection with the host unless the md5sums match. (Added in 7.17.1) +.IP "--ignore-content-length" +(HTTP) +Ignore the Content-Length header. This is particularly useful for servers +running Apache 1.x, which will report incorrect Content-Length for files +larger than 2 gigabytes. +.IP "-i, --include" +(HTTP) Include the HTTP-header in the output. The HTTP-header includes things +like server-name, date of the document, HTTP-version and more... +.IP "-I, --head" +(HTTP/FTP/FILE) +Fetch the HTTP-header only! HTTP-servers feature the command HEAD +which this uses to get nothing but the header of a document. When used +on an FTP or FILE file, curl displays the file size and last modification +time only. +.IP "--interface <name>" +Perform an operation using a specified interface. You can enter interface +name, IP address or host name. An example could look like: + + curl --interface eth0:1 http://www.netscape.com/ + +If this option is used several times, the last one will be used. +.IP "-j, --junk-session-cookies" +(HTTP) When curl is told to read cookies from a given file, this option will +make it discard all "session cookies". This will basically have the same effect +as if a new session is started. Typical browsers always discard session +cookies when they're closed down. +.IP "-J, --remote-header-name" +(HTTP) This option tells the \fI-O, --remote-name\fP option to use the +server-specified Content-Disposition filename instead of extracting a filename +from the URL. +.IP "-k, --insecure" +(SSL) This option explicitly allows curl to perform "insecure" SSL connections +and transfers. All SSL connections are attempted to be made secure by using +the CA certificate bundle installed by default. This makes all connections +considered "insecure" fail unless \fI-k, --insecure\fP is used. + +See this online resource for further details: +\fBhttp://curl.haxx.se/docs/sslcerts.html\fP +.IP "-K, --config <config file>" +Specify which config file to read curl arguments from. The config file is a +text file in which command line arguments can be written which then will be +used as if they were written on the actual command line. Options and their +parameters must be specified on the same config file line, separated by +whitespace, colon, the equals sign or any combination thereof (however, +the preferred separator is the equals sign). If the parameter is to contain +whitespace, the parameter must be enclosed within quotes. Within double +quotes, the following escape sequences are available: \\\\, \\", \\t, \\n, +\\r and \\v. A backslash preceding any other letter is ignored. If the +first column of a config line is a '#' character, the rest of the line will be +treated as a comment. Only write one option per physical line in the config +file. + +Specify the filename to -K, --config as '-' to make curl read the file from +stdin. + +Note that to be able to specify a URL in the config file, you need to specify +it using the \fI--url\fP option, and not by simply writing the URL on its own +line. So, it could look similar to this: + +url = "http://curl.haxx.se/docs/" + +Long option names can optionally be given in the config file without the +initial double dashes. + +When curl is invoked, it always (unless \fI-q\fP is used) checks for a default +config file and uses it if found. The default config file is checked for in +the following places in this order: + +1) curl tries to find the "home dir": It first checks for the CURL_HOME and +then the HOME environment variables. Failing that, it uses getpwuid() on +UNIX-like systems (which returns the home dir given the current user in your +system). On Windows, it then checks for the APPDATA variable, or as a last +resort the '%USERPROFILE%\\Application Data'. + +2) On windows, if there is no _curlrc file in the home dir, it checks for one +in the same dir the curl executable is placed. On UNIX-like systems, it will +simply try to load .curlrc from the determined home dir. + +.nf +# --- Example file --- +# this is a comment +url = "curl.haxx.se" +output = "curlhere.html" +user-agent = "superagent/1.0" + +# and fetch another URL too +url = "curl.haxx.se/docs/manpage.html" +-O +referer = "http://nowhereatall.com/" +# --- End of example file --- +.fi + +This option can be used multiple times to load multiple config files. +.IP "--keepalive-time <seconds>" +This option sets the time a connection needs to remain idle before sending +keepalive probes and the time between individual keepalive probes. It is +currently effective on operating systems offering the TCP_KEEPIDLE and +TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This +option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0) + +If this option is used several times, the last one will be used. If +unspecified, the option defaults to 60 seconds. +.IP "--key <key>" +(SSL/SSH) Private key file name. Allows you to provide your private key in this +separate file. + +If this option is used several times, the last one will be used. +.IP "--key-type <type>" +(SSL) Private key file type. Specify which type your \fI--key\fP provided +private key is. DER, PEM, and ENG are supported. If not specified, PEM is +assumed. + +If this option is used several times, the last one will be used. +.IP "--krb <level>" +(FTP) Enable Kerberos authentication and use. The level must be entered and +should be one of 'clear', 'safe', 'confidential', or 'private'. Should you use +a level that is not one of these, 'private' will instead be used. + +This option requires a library built with kerberos4 or GSSAPI +(GSS-Negotiate) support. This is not very common. Use \fI-V, --version\fP to +see if your curl supports it. + +If this option is used several times, the last one will be used. +.IP "-l, --list-only" +(FTP) +When listing an FTP directory, this switch forces a name-only view. +Especially useful if you want to machine-parse the contents of an FTP +directory since the normal directory view doesn't use a standard look +or format. + +This option causes an FTP NLST command to be sent. Some FTP servers +list only files in their response to NLST; they do not include +subdirectories and symbolic links. + +.IP "-L, --location" +(HTTP/HTTPS) If the server reports that the requested page has moved to a +different location (indicated with a Location: header and a 3XX response code), +this option will make curl redo the request on the new place. If used together +with \fI-i, --include\fP or \fI-I, --head\fP, headers from all requested pages +will be shown. When authentication is used, curl only sends its credentials to +the initial host. If a redirect takes curl to a different host, it won't be +able to intercept the user+password. See also \fI--location-trusted\fP on how +to change this. You can limit the amount of redirects to follow by using the +\fI--max-redirs\fP option. + +When curl follows a redirect and the request is not a plain GET (for example +POST or PUT), it will do the following request with a GET if the HTTP response +was 301, 302, or 303. If the response code was any other 3xx code, curl will +re-send the following request using the same unmodified method. +.IP "--libcurl <file>" +Append this option to any ordinary curl command line, and you will get a +libcurl-using C source code written to the file that does the equivalent +of what your command-line operation does! + +If this option is used several times, the last given file name will be +used. (Added in 7.16.1) +.IP "--limit-rate <speed>" +Specify the maximum transfer rate you want curl to use. This feature is useful +if you have a limited pipe and you'd like your transfer not to use your entire +bandwidth. + +The given speed is measured in bytes/second, unless a suffix is appended. +Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it +megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G. + +The given rate is the average speed counted during the entire transfer. It +means that curl might use higher transfer speeds in short bursts, but over +time it uses no more than the given rate. + +If you also use the \fI-Y, --speed-limit\fP option, that option will take +precedence and might cripple the rate-limiting slightly, to help keeping the +speed-limit logic working. + +If this option is used several times, the last one will be used. +.IP "--local-port <num>[-num]" +Set a preferred number or range of local port numbers to use for the +connection(s). Note that port numbers by nature are a scarce resource that +will be busy at times so setting this range to something too narrow might +cause unnecessary connection setup failures. (Added in 7.15.2) +.IP "--location-trusted" +(HTTP/HTTPS) Like \fI-L, --location\fP, but will allow sending the name + +password to all hosts that the site may redirect to. This may or may not +introduce a security breach if the site redirects you to a site to which +you'll send your authentication info (which is plaintext in the case of HTTP +Basic authentication). +.IP "-m, --max-time <seconds>" +Maximum time in seconds that you allow the whole operation to take. This is +useful for preventing your batch jobs from hanging for hours due to slow +networks or links going down. Since 7.32.0, this option accepts decimal +values, but the actual timeout will decrease in accuracy as the specified +timeout increases in decimal precision. See also the \fI--connect-timeout\fP +option. + +If this option is used several times, the last one will be used. +.IP "--mail-auth <address>" +(SMTP) Specify a single address. This will be used to specify the +authentication address (identity) of a submitted message that is being relayed +to another server. + +(Added in 7.25.0) +.IP "--mail-from <address>" +(SMTP) Specify a single address that the given mail should get sent from. + +(Added in 7.20.0) +.IP "--max-filesize <bytes>" +Specify the maximum size (in bytes) of a file to download. If the file +requested is larger than this value, the transfer will not start and curl will +return with exit code 63. + +\fBNOTE:\fP The file size is not always known prior to download, and for such +files this option has no effect even if the file transfer ends up being larger +than this given limit. This concerns both FTP and HTTP transfers. +.IP "--mail-rcpt <address>" +(SMTP) Specify a single address that the given mail should get sent to. This +option can be used multiple times to specify many recipients. + +(Added in 7.20.0) +.IP "--max-redirs <num>" +Set maximum number of redirection-followings allowed. If \fI-L, --location\fP +is used, this option can be used to prevent curl from following redirections +\&"in absurdum". By default, the limit is set to 50 redirections. Set this +option to -1 to make it limitless. + +If this option is used several times, the last one will be used. +.IP "--metalink" +This option can tell curl to parse and process a given URI as Metalink file +(both version 3 and 4 (RFC 5854) are supported) and make use of the mirrors +listed within for failover if there are errors (such as the file or server not +being available). It will also verify the hash of the file after the download +completes. The Metalink file itself is downloaded and processed in memory and +not stored in the local file system. + +Example to use a remote Metalink file: + +\fBcurl\fP --metalink http://www.example.com/example.metalink + +To use a Metalink file in the local file system, use FILE protocol +(file://): + +\fBcurl\fP --metalink file://example.metalink + +Please note that if FILE protocol is disabled, there is no way to use +a local Metalink file at the time of this writing. Also note that if +\fI--metalink\fP and \fI--include\fP are used together, \fI--include\fP will be +ignored. This is because including headers in the response will break +Metalink parser and if the headers are included in the file described +in Metalink file, hash check will fail. + +(Added in 7.27.0, if built against the libmetalink library.) +.IP "-n, --netrc" +Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's +home directory for login name and password. This is typically used for FTP on +UNIX. If used with HTTP, curl will enable user authentication. See +.BR netrc(4) +or +.BR ftp(1) +for details on the file format. Curl will not complain if that file +doesn't have the right permissions (it should not be either world- or +group-readable). The environment variable "HOME" is used to find the home +directory. + +A quick and very simple example of how to setup a \fI.netrc\fP to allow curl +to FTP to the machine host.domain.com with user name \&'myself' and password +\&'secret' should look similar to: + +.B "machine host.domain.com login myself password secret" +.IP "-N, --no-buffer" +Disables the buffering of the output stream. In normal work situations, curl +will use a standard buffered output stream that will have the effect that it +will output the data in chunks, not necessarily exactly when the data arrives. +Using this option will disable that buffering. + +Note that this is the negated option name documented. You can thus use +\fI--buffer\fP to enforce the buffering. +.IP "--netrc-file" +This option is similar to \fI--netrc\fP, except that you provide the path +(absolute or relative) to the netrc file that Curl should use. +You can only specify one netrc file per invocation. If several +\fI--netrc-file\fP options are provided, only the \fBlast one\fP will be used. +(Added in 7.21.5) + +This option overrides any use of \fI--netrc\fP as they are mutually exclusive. +It will also abide by \fI--netrc-optional\fP if specified. + +.IP "--netrc-optional" +Very similar to \fI--netrc\fP, but this option makes the .netrc usage +\fBoptional\fP and not mandatory as the \fI--netrc\fP option does. + +.IP "--negotiate" +(HTTP) Enables GSS-Negotiate authentication. The GSS-Negotiate method was +designed by Microsoft and is used in their web applications. It is primarily +meant as a support for Kerberos5 authentication but may be also used along +with another authentication method. For more information see IETF draft +draft-brezak-spnego-http-04.txt. + +If you want to enable Negotiate for your proxy authentication, then use +\fI--proxy-negotiate\fP. + +This option requires a library built with GSSAPI support. This is +not very common. Use \fI-V, --version\fP to see if your version supports +GSS-Negotiate. + +When using this option, you must also provide a fake \fI-u, --user\fP option to +activate the authentication code properly. Sending a '-u :' is enough as the +user name and password from the \fI-u\fP option aren't actually used. + +If this option is used several times, only the first one is used. +.IP "--no-keepalive" +Disables the use of keepalive messages on the TCP connection, as by default +curl enables them. + +Note that this is the negated option name documented. You can thus use +\fI--keepalive\fP to enforce keepalive. +.IP "--no-sessionid" +(SSL) Disable curl's use of SSL session-ID caching. By default all transfers +are done using the cache. Note that while nothing should ever get hurt by +attempting to reuse SSL session-IDs, there seem to be broken SSL +implementations in the wild that may require you to disable this in order for +you to succeed. (Added in 7.16.0) + +Note that this is the negated option name documented. You can thus use +\fI--sessionid\fP to enforce session-ID caching. +.IP "--noproxy <no-proxy-list>" +Comma-separated list of hosts which do not use a proxy, if one is specified. +The only wildcard is a single * character, which matches all hosts, and +effectively disables the proxy. Each name in this list is matched as either +a domain which contains the hostname, or the hostname itself. For example, +local.com would match local.com, local.com:80, and www.local.com, but not +www.notlocal.com. (Added in 7.19.4). +.IP "--ntlm" +(HTTP) Enables NTLM authentication. The NTLM authentication method was +designed by Microsoft and is used by IIS web servers. It is a proprietary +protocol, reverse-engineered by clever people and implemented in curl based +on their efforts. This kind of behavior should not be endorsed, you should +encourage everyone who uses NTLM to switch to a public and documented +authentication method instead, such as Digest. + +If you want to enable NTLM for your proxy authentication, then use +\fI--proxy-ntlm\fP. + +This option requires a library built with SSL support. Use +\fI-V, --version\fP to see if your curl supports NTLM. + +If this option is used several times, only the first one is used. +.IP "-o, --output <file>" +Write output to <file> instead of stdout. If you are using {} or [] to fetch +multiple documents, you can use '#' followed by a number in the <file> +specifier. That variable will be replaced with the current string for the URL +being fetched. Like in: + + curl http://{one,two}.site.com -o "file_#1.txt" + +or use several variables like: + + curl http://{site,host}.host[1-5].com -o "#1_#2" + +You may use this option as many times as the number of URLs you have. + +See also the \fI--create-dirs\fP option to create the local directories +dynamically. Specifying the output as '-' (a single dash) will force the +output to be done to stdout. +.IP "-O, --remote-name" +Write output to a local file named like the remote file we get. (Only the file +part of the remote file is used, the path is cut off.) + +The remote file name to use for saving is extracted from the given URL, +nothing else. + +Consequentially, the file will be saved in the current working directory. If +you want the file saved in a different directory, make sure you change current +working directory before you invoke curl with the \fB-O, --remote-name\fP flag! + +You may use this option as many times as the number of URLs you have. +.IP "--oauth2-bearer" +(IMAP/POP3/SMTP) Specify the Bearer Token for OAUTH 2.0 server authentication. +The Bearer Token is used in conjuction with the user name which can be +specified as part of the \fI--url\fP or \fI-u, --user\fP options. + +The Bearer Token and user name are formatted according to RFC 6750. + +If this option is used several times, the last one will be used. +.IP "-p, --proxytunnel" +When an HTTP proxy is used (\fI-x, --proxy\fP), this option will cause non-HTTP +protocols to attempt to tunnel through the proxy instead of merely using it to +do HTTP-like operations. The tunnel approach is made with the HTTP proxy +CONNECT request and requires that the proxy allows direct connect to the +remote port number curl wants to tunnel through to. +.IP "-P, --ftp-port <address>" +(FTP) Reverses the default initiator/listener roles when connecting with +FTP. This switch makes curl use active mode. In practice, curl then tells the +server to connect back to the client's specified address and port, while +passive mode asks the server to setup an IP address and port for it to connect +to. <address> should be one of: +.RS +.IP interface +i.e "eth0" to specify which interface's IP address you want to use (Unix only) +.IP "IP address" +i.e "192.168.10.1" to specify the exact IP address +.IP "host name" +i.e "my.host.domain" to specify the machine +.IP "-" +make curl pick the same IP address that is already used for the control +connection +.RE + +If this option is used several times, the last one will be used. Disable the +use of PORT with \fI--ftp-pasv\fP. Disable the attempt to use the EPRT command +instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++. + +Starting in 7.19.5, you can append \&":[start]-[end]\&" to the right of the +address, to tell curl what TCP port range to use. That means you specify a +port range, from a lower to a higher number. A single number works as well, +but do note that it increases the risk of failure since the port may not be +available. +.IP "--pass <phrase>" +(SSL/SSH) Passphrase for the private key + +If this option is used several times, the last one will be used. +.IP "--post301" +(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests +into GET requests when following a 301 redirection. The non-RFC behaviour is +ubiquitous in web browsers, so curl does the conversion by default to maintain +consistency. However, a server may require a POST to remain a POST after such +a redirection. This option is meaningful only when using \fI-L, --location\fP +(Added in 7.17.1) +.IP "--post302" +(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests +into GET requests when following a 302 redirection. The non-RFC behaviour is +ubiquitous in web browsers, so curl does the conversion by default to maintain +consistency. However, a server may require a POST to remain a POST after such +a redirection. This option is meaningful only when using \fI-L, --location\fP +(Added in 7.19.1) +.IP "--post303" +(HTTP) Tells curl to respect RFC 2616/10.3.2 and not convert POST requests +into GET requests when following a 303 redirection. The non-RFC behaviour is +ubiquitous in web browsers, so curl does the conversion by default to maintain +consistency. However, a server may require a POST to remain a POST after such +a redirection. This option is meaningful only when using \fI-L, --location\fP +(Added in 7.26.0) +.IP "--proto <protocols>" +Tells curl to use the listed protocols for its initial retrieval. Protocols +are evaluated left to right, are comma separated, and are each a protocol +name or 'all', optionally prefixed by zero or more modifiers. Available +modifiers are: +.RS +.TP 3 +.B + +Permit this protocol in addition to protocols already permitted (this is +the default if no modifier is used). +.TP +.B - +Deny this protocol, removing it from the list of protocols already permitted. +.TP +.B = +Permit only this protocol (ignoring the list already permitted), though +subject to later modification by subsequent entries in the comma separated +list. +.RE +.IP +For example: +.RS +.TP 15 +.B --proto -ftps +uses the default protocols, but disables ftps +.TP +.B --proto -all,https,+http +only enables http and https +.TP +.B --proto =http,https +also only enables http and https +.RE +.IP +Unknown protocols produce a warning. This allows scripts to safely rely on +being able to disable potentially dangerous protocols, without relying upon +support for that protocol being built into curl to avoid an error. + +This option can be used multiple times, in which case the effect is the same +as concatenating the protocols into one instance of the option. + +(Added in 7.20.2) +.IP "--proto-redir <protocols>" +Tells curl to use the listed protocols after a redirect. See --proto for +how protocols are represented. + +(Added in 7.20.2) +.IP "--proxy-anyauth" +Tells curl to pick a suitable authentication method when communicating with +the given proxy. This might cause an extra request/response round-trip. (Added +in 7.13.2) +.IP "--proxy-basic" +Tells curl to use HTTP Basic authentication when communicating with the given +proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is +the default authentication method curl uses with proxies. +.IP "--proxy-digest" +Tells curl to use HTTP Digest authentication when communicating with the given +proxy. Use \fI--digest\fP for enabling HTTP Digest with a remote host. +.IP "--proxy-negotiate" +Tells curl to use HTTP Negotiate authentication when communicating +with the given proxy. Use \fI--negotiate\fP for enabling HTTP Negotiate +with a remote host. (Added in 7.17.1) +.IP "--proxy-ntlm" +Tells curl to use HTTP NTLM authentication when communicating with the given +proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host. +.IP "--proxy1.0 <proxyhost[:port]>" +Use the specified HTTP 1.0 proxy. If the port number is not specified, it is +assumed at port 1080. + +The only difference between this and the HTTP proxy option (\fI-x, --proxy\fP), +is that attempts to use CONNECT through the proxy will specify an HTTP 1.0 +protocol instead of the default HTTP 1.1. +.IP "--pubkey <key>" +(SSH) Public key file name. Allows you to provide your public key in this +separate file. + +If this option is used several times, the last one will be used. +.IP "-q" +If used as the first parameter on the command line, the \fIcurlrc\fP config +file will not be read and used. See the \fI-K, --config\fP for details on the +default config file search path. +.IP "-Q, --quote <command>" +(FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP server. Quote +commands are sent BEFORE the transfer takes place (just after the initial PWD +command in an FTP transfer, to be exact). To make commands take place after a +successful transfer, prefix them with a dash '-'. To make commands be sent +after curl has changed the working directory, just before the transfer +command(s), prefix the command with a '+' (this is only supported for +FTP). You may specify any number of commands. If the server returns failure +for one of the commands, the entire operation will be aborted. You must send +syntactically correct FTP commands as RFC 959 defines to FTP servers, or one +of the commands listed below to SFTP servers. This option can be used +multiple times. When speaking to an FTP server, prefix the command with an +asterisk (*) to make curl continue even if the command fails as by default +curl will stop at first failure. + +SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands +itself before sending them to the server. File names may be quoted +shell-style to embed spaces or special characters. Following is the list of +all supported SFTP quote commands: +.RS +.IP "chgrp group file" +The chgrp command sets the group ID of the file named by the file operand to +the group ID specified by the group operand. The group operand is a decimal +integer group ID. +.IP "chmod mode file" +The chmod command modifies the file mode bits of the specified file. The +mode operand is an octal integer mode number. +.IP "chown user file" +The chown command sets the owner of the file named by the file operand to the +user ID specified by the user operand. The user operand is a decimal +integer user ID. +.IP "ln source_file target_file" +The ln and symlink commands create a symbolic link at the target_file location +pointing to the source_file location. +.IP "mkdir directory_name" +The mkdir command creates the directory named by the directory_name operand. +.IP "pwd" +The pwd command returns the absolute pathname of the current working directory. +.IP "rename source target" +The rename command renames the file or directory named by the source +operand to the destination path named by the target operand. +.IP "rm file" +The rm command removes the file specified by the file operand. +.IP "rmdir directory" +The rmdir command removes the directory entry specified by the directory +operand, provided it is empty. +.IP "symlink source_file target_file" +See ln. +.RE +.IP "-r, --range <range>" +(HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial document) from a +HTTP/1.1, FTP or SFTP server or a local FILE. Ranges can be specified +in a number of ways. +.RS +.TP 10 +.B 0-499 +specifies the first 500 bytes +.TP +.B 500-999 +specifies the second 500 bytes +.TP +.B -500 +specifies the last 500 bytes +.TP +.B 9500- +specifies the bytes from offset 9500 and forward +.TP +.B 0-0,-1 +specifies the first and last byte only(*)(H) +.TP +.B 500-700,600-799 +specifies 300 bytes from offset 500(H) +.TP +.B 100-199,500-599 +specifies two separate 100-byte ranges(*)(H) +.RE + +(*) = NOTE that this will cause the server to reply with a multipart +response! + +Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the +\&'start-stop' range syntax. If a non-digit character is given in the range, +the server's response will be unspecified, depending on the server's +configuration. + +You should also be aware that many HTTP/1.1 servers do not have this feature +enabled, so that when you attempt to get a range, you'll instead get the whole +document. + +FTP and SFTP range downloads only support the simple 'start-stop' syntax +(optionally with one of the numbers omitted). FTP use depends on the extended +FTP command SIZE. + +If this option is used several times, the last one will be used. +.IP "-R, --remote-time" +When used, this will make curl attempt to figure out the timestamp of the +remote file, and if that is available make the local file get that same +timestamp. +.IP "--random-file <file>" +(SSL) Specify the path name to file containing what will be considered as +random data. The data is used to seed the random engine for SSL connections. +See also the \fI--egd-file\fP option. +.IP "--raw" +(HTTP) When used, it disables all internal HTTP decoding of content or transfer +encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2) +.IP "--remote-name-all" +This option changes the default action for all given URLs to be dealt with as +if \fI-O, --remote-name\fP were used for each one. So if you want to disable +that for a specific URL after \fI--remote-name-all\fP has been used, you must +use "-o -" or \fI--no-remote-name\fP. (Added in 7.19.0) +.IP "--resolve <host:port:address>" +Provide a custom address for a specific host and port pair. Using this, you +can make the curl requests(s) use a specified address and prevent the +otherwise normally resolved address to be used. Consider it a sort of +/etc/hosts alternative provided on the command line. The port number should be +the number used for the specific protocol the host will be used for. It means +you need several entries if you want to provide address for the same host but +different ports. + +This option can be used many times to add many host names to resolve. + +(Added in 7.21.3) +.IP "--retry <num>" +If a transient error is returned when curl tries to perform a transfer, it +will retry this number of times before giving up. Setting the number to 0 +makes curl do no retries (which is the default). Transient error means either: +a timeout, an FTP 4xx response code or an HTTP 5xx response code. + +When curl is about to retry a transfer, it will first wait one second and then +for all forthcoming retries it will double the waiting time until it reaches +10 minutes which then will be the delay between the rest of the retries. By +using \fI--retry-delay\fP you disable this exponential backoff algorithm. See +also \fI--retry-max-time\fP to limit the total time allowed for +retries. (Added in 7.12.3) + +If this option is used several times, the last one will be used. +.IP "--retry-delay <seconds>" +Make curl sleep this amount of time before each retry when a transfer has +failed with a transient error (it changes the default backoff time algorithm +between retries). This option is only interesting if \fI--retry\fP is also +used. Setting this delay to zero will make curl use the default backoff time. +(Added in 7.12.3) + +If this option is used several times, the last one will be used. +.IP "--retry-max-time <seconds>" +The retry timer is reset before the first transfer attempt. Retries will be +done as usual (see \fI--retry\fP) as long as the timer hasn't reached this +given limit. Notice that if the timer hasn't reached the limit, the request +will be made and while performing, it may take longer than this given time +period. To limit a single request\'s maximum time, use \fI-m, --max-time\fP. +Set this option to zero to not timeout retries. (Added in 7.12.3) + +If this option is used several times, the last one will be used. +.IP "-s, --silent" +Silent or quiet mode. Don't show progress meter or error messages. Makes Curl +mute. It will still output the data you ask for, potentially even to the +terminal/stdout unless you redirect it. +.IP "--sasl-ir" +Enable initial response in SASL authentication. +(Added in 7.31.0) +.IP "-S, --show-error" +When used with \fI-s\fP it makes curl show an error message if it fails. +.IP "--ssl" +(FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection. Reverts to a +non-secure connection if the server doesn't support SSL/TLS. See also +\fI--ftp-ssl-control\fP and \fI--ssl-reqd\fP for different levels of +encryption required. (Added in 7.20.0) + +This option was formerly known as \fI--ftp-ssl\fP (Added in 7.11.0). That +option name can still be used but will be removed in a future version. +.IP "--ssl-reqd" +(FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection. Terminates the +connection if the server doesn't support SSL/TLS. (Added in 7.20.0) + +This option was formerly known as \fI--ftp-ssl-reqd\fP (added in 7.15.5). That +option name can still be used but will be removed in a future version. +.IP "--ssl-allow-beast" +(SSL) This option tells curl to not work around a security flaw in the SSL3 +and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer +may use work-arounds known to cause interoperability problems with some older +SSL implementations. WARNING: this option loosens the SSL security, and by +using this flag you ask for exactly that. (Added in 7.25.0) +.IP "--socks4 <host[:port]>" +Use the specified SOCKS4 proxy. If the port number is not specified, it is +assumed at port 1080. (Added in 7.15.2) + +This option overrides any previous use of \fI-x, --proxy\fP, as they are +mutually exclusive. + +Since 7.21.7, this option is superfluous since you can specify a socks4 proxy +with \fI-x, --proxy\fP using a socks4:// protocol prefix. + +If this option is used several times, the last one will be used. +.IP "--socks4a <host[:port]>" +Use the specified SOCKS4a proxy. If the port number is not specified, it is +assumed at port 1080. (Added in 7.18.0) + +This option overrides any previous use of \fI-x, --proxy\fP, as they are +mutually exclusive. + +Since 7.21.7, this option is superfluous since you can specify a socks4a proxy +with \fI-x, --proxy\fP using a socks4a:// protocol prefix. + +If this option is used several times, the last one will be used. +.IP "--socks5-hostname <host[:port]>" +Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If +the port number is not specified, it is assumed at port 1080. (Added in +7.18.0) + +This option overrides any previous use of \fI-x, --proxy\fP, as they are +mutually exclusive. + +Since 7.21.7, this option is superfluous since you can specify a socks5 +hostname proxy with \fI-x, --proxy\fP using a socks5h:// protocol prefix. + +If this option is used several times, the last one will be used. (This option +was previously wrongly documented and used as --socks without the number +appended.) +.IP "--socks5 <host[:port]>" +Use the specified SOCKS5 proxy - but resolve the host name locally. If the +port number is not specified, it is assumed at port 1080. + +This option overrides any previous use of \fI-x, --proxy\fP, as they are +mutually exclusive. + +Since 7.21.7, this option is superfluous since you can specify a socks5 proxy +with \fI-x, --proxy\fP using a socks5:// protocol prefix. + +If this option is used several times, the last one will be used. (This option +was previously wrongly documented and used as --socks without the number +appended.) + +This option (as well as \fI--socks4\fP) does not work with IPV6, FTPS or LDAP. +.IP "--socks5-gssapi-service <servicename>" +The default service name for a socks server is rcmd/server-fqdn. This option +allows you to change it. + +Examples: --socks5 proxy-name \fI--socks5-gssapi-service\fP sockd would use +sockd/proxy-name --socks5 proxy-name \fI--socks5-gssapi-service\fP +sockd/real-name would use sockd/real-name for cases where the proxy-name does +not match the principal name. (Added in 7.19.4). +.IP "--socks5-gssapi-nec" +As part of the gssapi negotiation a protection mode is negotiated. RFC 1961 +says in section 4.3/4.4 it should be protected, but the NEC reference +implementation does not. The option \fI--socks5-gssapi-nec\fP allows the +unprotected exchange of the protection mode negotiation. (Added in 7.19.4). +.IP "--stderr <file>" +Redirect all writes to stderr to the specified file instead. If the file name +is a plain '-', it is instead written to stdout. + +If this option is used several times, the last one will be used. +.IP "-t, --telnet-option <OPT=val>" +Pass options to the telnet protocol. Supported options are: + +TTYPE=<term> Sets the terminal type. + +XDISPLOC=<X display> Sets the X display location. + +NEW_ENV=<var,val> Sets an environment variable. +.IP "-T, --upload-file <file>" +This transfers the specified local file to the remote URL. If there is no file +part in the specified URL, Curl will append the local file name. NOTE that you +must use a trailing / on the last directory to really prove to Curl that there +is no file name or curl will think that your last directory name is the remote +file name to use. That will most likely cause the upload operation to fail. If +this is used on an HTTP(S) server, the PUT command will be used. + +Use the file name "-" (a single dash) to use stdin instead of a given file. +Alternately, the file name "." (a single period) may be specified instead +of "-" to use stdin in non-blocking mode to allow reading server output +while stdin is being uploaded. + +You can specify one -T for each URL on the command line. Each -T + URL pair +specifies what to upload and to where. curl also supports "globbing" of the -T +argument, meaning that you can upload multiple files to a single URL by using +the same URL globbing style supported in the URL, like this: + +curl -T "{file1,file2}" http://www.uploadtothissite.com + +or even + +curl -T "img[1-1000].png" ftp://ftp.picturemania.com/upload/ +.IP "--tcp-nodelay" +Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for +details about this option. (Added in 7.11.2) +.IP "--tftp-blksize <value>" +(TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that +curl will try to use when transferring data to or from a TFTP server. By +default 512 bytes will be used. + +If this option is used several times, the last one will be used. + +(Added in 7.20.0) +.IP "--tlsauthtype <authtype>" +Set TLS authentication type. Currently, the only supported option is "SRP", +for TLS-SRP (RFC 5054). If \fI--tlsuser\fP and \fI--tlspassword\fP are +specified but \fI--tlsauthtype\fP is not, then this option defaults to "SRP". +(Added in 7.21.4) +.IP "--tlsuser <user>" +Set username for use with the TLS authentication method specified with +\fI--tlsauthtype\fP. Requires that \fI--tlspassword\fP also be set. (Added in +7.21.4) +.IP "--tlspassword <password>" +Set password for use with the TLS authentication method specified with +\fI--tlsauthtype\fP. Requires that \fI--tlsuser\fP also be set. (Added in +7.21.4) +.IP "--tr-encoding" +(HTTP) Request a compressed Transfer-Encoding response using one of the +algorithms curl supports, and uncompress the data while receiving it. + +(Added in 7.21.6) +.IP "--trace <file>" +Enables a full trace dump of all incoming and outgoing data, including +descriptive information, to the given output file. Use "-" as filename to have +the output sent to stdout. + +This option overrides previous uses of \fI-v, --verbose\fP or +\fI--trace-ascii\fP. + +If this option is used several times, the last one will be used. +.IP "--trace-ascii <file>" +Enables a full trace dump of all incoming and outgoing data, including +descriptive information, to the given output file. Use "-" as filename to have +the output sent to stdout. + +This is very similar to \fI--trace\fP, but leaves out the hex part and only +shows the ASCII part of the dump. It makes smaller output that might be easier +to read for untrained humans. + +This option overrides previous uses of \fI-v, --verbose\fP or \fI--trace\fP. + +If this option is used several times, the last one will be used. +.IP "--trace-time" +Prepends a time stamp to each trace or verbose line that curl displays. +(Added in 7.14.0) +.IP "-u, --user <user:password;options>" +Specify the user name, password and optional login options to use for server +authentication. Overrides \fI-n, --netrc\fP and \fI--netrc-optional\fP. + +If you simply specify the user name, with or without the login options, curl +will prompt for a password. + +If you use an SSPI-enabled curl binary and perform NTLM authentication, you +can force curl to select the user name and password from your environment by +simply specifying a single colon with this option: "-u :" or by specfying the +login options on their own, for example "-u ;auth=NTLM". + +You can use the optional login options part to specify protocol specific +options that may be used during authentication. At present only IMAP, POP3 and +SMTP support login options as part of the user login information. For more +information about the login options please see RFC 2384, RFC 5092 and IETF +draft draft-earhart-url-smtp-00.txt (Added in 7.31.0). + +If this option is used several times, the last one will be used. +.IP "-U, --proxy-user <user:password>" +Specify the user name and password to use for proxy authentication. + +If you use an SSPI-enabled curl binary and do NTLM authentication, you can +force curl to pick up the user name and password from your environment by +simply specifying a single colon with this option: "-U :". + +If this option is used several times, the last one will be used. +.IP "--url <URL>" +Specify a URL to fetch. This option is mostly handy when you want to specify +URL(s) in a config file. + +This option may be used any number of times. To control where this URL is +written, use the \fI-o, --output\fP or the \fI-O, --remote-name\fP options. +.IP "-v, --verbose" +Makes the fetching more verbose/talkative. Mostly useful for debugging. A line +starting with '>' means "header data" sent by curl, '<' means "header data" +received by curl that is hidden in normal cases, and a line starting with '*' +means additional info provided by curl. + +Note that if you only want HTTP headers in the output, \fI-i, --include\fP +might be the option you're looking for. + +If you think this option still doesn't give you enough details, consider using +\fI--trace\fP or \fI--trace-ascii\fP instead. + +This option overrides previous uses of \fI--trace-ascii\fP or \fI--trace\fP. + +Use \fI-s, --silent\fP to make curl quiet. +.IP "-w, --write-out <format>" +Defines what to display on stdout after a completed and successful +operation. The format is a string that may contain plain text mixed with any +number of variables. The string can be specified as "string", to get read from +a particular file you specify it "@filename" and to tell curl to read the +format from stdin you write "@-". + +The variables present in the output format will be substituted by the value or +text that curl thinks fit, as described below. All variables are specified +as %{variable_name} and to output a normal % you just write them as +%%. You can output a newline by using \\n, a carriage return with \\r and a tab +space with \\t. + +.B NOTE: +The %-symbol is a special symbol in the win32-environment, where all +occurrences of % must be doubled when using this option. + +The variables available are: +.RS +.TP 15 +.B content_type +The Content-Type of the requested document, if there was any. +.TP +.B filename_effective +The ultimate filename that curl writes out to. This is only meaningful if curl +is told to write to a file with the \fI--remote-name\fP or \fI--output\fP +option. It's most useful in combination with the \fI--remote-header-name\fP +option. (Added in 7.25.1) +.TP +.B ftp_entry_path +The initial path curl ended up in when logging on to the remote FTP +server. (Added in 7.15.4) +.TP +.B http_code +The numerical response code that was found in the last retrieved HTTP(S) or +FTP(s) transfer. In 7.18.2 the alias \fBresponse_code\fP was added to show the +same info. +.TP +.B http_connect +The numerical code that was found in the last response (from a proxy) to a +curl CONNECT request. (Added in 7.12.4) +.TP +.B local_ip +The IP address of the local end of the most recently done connection - can be +either IPv4 or IPv6 (Added in 7.29.0) +.TP +.B local_port +The local port number of the most recently done connection (Added in 7.29.0) +.TP +.B num_connects +Number of new connects made in the recent transfer. (Added in 7.12.3) +.TP +.B num_redirects +Number of redirects that were followed in the request. (Added in 7.12.3) +.TP +.B redirect_url +When an HTTP request was made without -L to follow redirects, this variable +will show the actual URL a redirect \fIwould\fP take you to. (Added in 7.18.2) +.TP +.B remote_ip +The remote IP address of the most recently done connection - can be either +IPv4 or IPv6 (Added in 7.29.0) +.TP +.B remote_port +The remote port number of the most recently done connection (Added in 7.29.0) +.TP +.B size_download +The total amount of bytes that were downloaded. +.TP +.B size_header +The total amount of bytes of the downloaded headers. +.TP +.B size_request +The total amount of bytes that were sent in the HTTP request. +.TP +.B size_upload +The total amount of bytes that were uploaded. +.TP +.B speed_download +The average download speed that curl measured for the complete download. Bytes +per second. +.TP +.B speed_upload +The average upload speed that curl measured for the complete upload. Bytes per +second. +.TP +.B ssl_verify_result +The result of the SSL peer certificate verification that was requested. 0 +means the verification was successful. (Added in 7.19.0) +.TP +.B time_appconnect +The time, in seconds, it took from the start until the SSL/SSH/etc +connect/handshake to the remote host was completed. (Added in 7.19.0) +.TP +.B time_connect +The time, in seconds, it took from the start until the TCP connect to the +remote host (or proxy) was completed. +.TP +.B time_namelookup +The time, in seconds, it took from the start until the name resolving was +completed. +.TP +.B time_pretransfer +The time, in seconds, it took from the start until the file transfer was just +about to begin. This includes all pre-transfer commands and negotiations that +are specific to the particular protocol(s) involved. +.TP +.B time_redirect +The time, in seconds, it took for all redirection steps include name lookup, +connect, pretransfer and transfer before the final transaction was +started. time_redirect shows the complete execution time for multiple +redirections. (Added in 7.12.3) +.TP +.B time_starttransfer +The time, in seconds, it took from the start until the first byte was just +about to be transferred. This includes time_pretransfer and also the time the +server needed to calculate the result. +.TP +.B time_total +The total time, in seconds, that the full operation lasted. The time will be +displayed with millisecond resolution. +.TP +.B url_effective +The URL that was fetched last. This is most meaningful if you've told curl +to follow location: headers. +.RE + +If this option is used several times, the last one will be used. +.IP "-x, --proxy <[protocol://][user:password@]proxyhost[:port]>" +Use the specified proxy. + +The proxy string can be specified with a protocol:// prefix to specify +alternative proxy protocols. Use socks4://, socks4a://, socks5:// or +socks5h:// to request the specific SOCKS version to be used. No protocol +specified, http:// and all others will be treated as HTTP proxies. (The +protocol support was added in curl 7.21.7) + +If the port number is not specified in the proxy string, it is assumed to be +1080. + +This option overrides existing environment variables that set the proxy to +use. If there's an environment variable setting a proxy, you can set proxy to +\&"" to override it. + +All operations that are performed over an HTTP proxy will transparently be +converted to HTTP. It means that certain protocol specific operations might +not be available. This is not the case if you can tunnel through the proxy, as +one with the \fI-p, --proxytunnel\fP option. + +User and password that might be provided in the proxy string are URL decoded +by curl. This allows you to pass in special characters such as @ by using %40 +or pass in a colon with %3a. + +The proxy host can be specified the exact same way as the proxy environment +variables, including the protocol prefix (http://) and the embedded user + +password. + +If this option is used several times, the last one will be used. +.IP "-X, --request <command>" +(HTTP) Specifies a custom request method to use when communicating with the +HTTP server. The specified request will be used instead of the method +otherwise used (which defaults to GET). Read the HTTP 1.1 specification for +details and explanations. Common additional HTTP requests include PUT and +DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and +more. + +Normally you don't need this option. All sorts of GET, HEAD, POST and PUT +requests are rather invoked by using dedicated command line options. + +This option only changes the actual word used in the HTTP request, it does not +alter the way curl behaves. So for example if you want to make a proper HEAD +request, using -X HEAD will not suffice. You need to use the \fI-I, --head\fP +option. + +(FTP) +Specifies a custom FTP command to use instead of LIST when doing file lists +with FTP. + +If this option is used several times, the last one will be used. + +.IP "--xattr" +When saving output to a file, this option tells curl to store certain file +metadata in extended file attributes. Currently, the URL is stored in the +xdg.origin.url attribute and, for HTTP, the content type is stored in +the mime_type attribute. If the file system does not support extended +attributes, a warning is issued. + +.IP "-y, --speed-time <time>" +If a download is slower than speed-limit bytes per second during a speed-time +period, the download gets aborted. If speed-time is used, the default +speed-limit will be 1 unless set with \fI-Y\fP. + +This option controls transfers and thus will not affect slow connects etc. If +this is a concern for you, try the \fI--connect-timeout\fP option. + +If this option is used several times, the last one will be used. +.IP "-Y, --speed-limit <speed>" +If a download is slower than this given speed (in bytes per second) for +speed-time seconds it gets aborted. speed-time is set with \fI-y\fP and is 30 +if not set. + +If this option is used several times, the last one will be used. +.IP "-z, --time-cond <date expression>|<file>" +(HTTP/FTP) Request a file that has been modified later than the given time and +date, or one that has been modified before that time. The <date expression> +can be all sorts of date strings or if it doesn't match any internal ones, it +is taken as a filename and tries to get the modification date (mtime) from +<file> instead. See the \fIcurl_getdate(3)\fP man pages for date expression +details. + +Start the date expression with a dash (-) to make it request for a document +that is older than the given date/time, default is a document that is newer +than the specified date/time. + +If this option is used several times, the last one will be used. +.IP "-h, --help" +Usage help. +.IP "-M, --manual" +Manual. Display the huge help text. +.IP "-V, --version" +Displays information about curl and the libcurl version it uses. + +The first line includes the full version of curl, libcurl and other 3rd party +libraries linked with the executable. + +The second line (starts with "Protocols:") shows all protocols that libcurl +reports to support. + +The third line (starts with "Features:") shows specific features libcurl +reports to offer. Available features include: +.RS +.IP "IPv6" +You can use IPv6 with this. +.IP "krb4" +Krb4 for FTP is supported. +.IP "SSL" +HTTPS and FTPS are supported. +.IP "libz" +Automatic decompression of compressed files over HTTP is supported. +.IP "NTLM" +NTLM authentication is supported. +.IP "GSS-Negotiate" +Negotiate authentication and krb5 for FTP is supported. +.IP "Debug" +This curl uses a libcurl built with Debug. This enables more error-tracking +and memory debugging etc. For curl-developers only! +.IP "AsynchDNS" +This curl uses asynchronous name resolves. +.IP "SPNEGO" +SPNEGO Negotiate authentication is supported. +.IP "Largefile" +This curl supports transfers of large files, files larger than 2GB. +.IP "IDN" +This curl supports IDN - international domain names. +.IP "SSPI" +SSPI is supported. If you use NTLM and set a blank user name, curl will +authenticate with your current user and password. +.IP "TLS-SRP" +SRP (Secure Remote Password) authentication is supported for TLS. +.IP "Metalink" +This curl supports Metalink (both version 3 and 4 (RFC 5854)), which +describes mirrors and hashes. curl will use mirrors for failover if +there are errors (such as the file or server not being available). +.RE +.SH FILES +.I ~/.curlrc +.RS +Default config file, see \fI-K, --config\fP for details. +.SH ENVIRONMENT +The environment variables can be specified in lower case or upper case. The +lower case version has precedence. http_proxy is an exception as it is only +available in lower case. + +Using an environment variable to set the proxy has the same effect as using +the \fI--proxy\fP option. + +.IP "http_proxy [protocol://]<host>[:port]" +Sets the proxy server to use for HTTP. +.IP "HTTPS_PROXY [protocol://]<host>[:port]" +Sets the proxy server to use for HTTPS. +.IP "[url-protocol]_PROXY [protocol://]<host>[:port]" +Sets the proxy server to use for [url-protocol], where the protocol is a +protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP, +SMTP, LDAP etc. +.IP "ALL_PROXY [protocol://]<host>[:port]" +Sets the proxy server to use if no protocol-specific proxy is set. +.IP "NO_PROXY <comma-separated list of hosts>" +list of host names that shouldn't go through any proxy. If set to a asterisk +\&'*' only, it matches all hosts. +.SH "PROXY PROTOCOL PREFIXES" +Since curl version 7.21.7, the proxy string may be specified with a +protocol:// prefix to specify alternative proxy protocols. + +If no protocol is specified in the proxy string or if the string doesn't match +a supported one, the proxy will be treated as an HTTP proxy. + +The supported proxy protocol prefixes are as follows: +.IP "socks4://" +Makes it the equivalent of \fI--socks4\fP +.IP "socks4a://" +Makes it the equivalent of \fI--socks4a\fP +.IP "socks5://" +Makes it the equivalent of \fI--socks5\fP +.IP "socks5h://" +Makes it the equivalent of \fI--socks5-hostname\fP +.SH EXIT CODES +There are a bunch of different error codes and their corresponding error +messages that may appear during bad conditions. At the time of this writing, +the exit codes are: +.IP 1 +Unsupported protocol. This build of curl has no support for this protocol. +.IP 2 +Failed to initialize. +.IP 3 +URL malformed. The syntax was not correct. +.IP 4 +A feature or option that was needed to perform the desired request was not +enabled or was explicitly disabled at build-time. To make curl able to do +this, you probably need another build of libcurl! +.IP 5 +Couldn't resolve proxy. The given proxy host could not be resolved. +.IP 6 +Couldn't resolve host. The given remote host was not resolved. +.IP 7 +Failed to connect to host. +.IP 8 +FTP weird server reply. The server sent data curl couldn't parse. +.IP 9 +FTP access denied. The server denied login or denied access to the particular +resource or directory you wanted to reach. Most often you tried to change to a +directory that doesn't exist on the server. +.IP 11 +FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request. +.IP 13 +FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request. +.IP 14 +FTP weird 227 format. Curl couldn't parse the 227-line the server sent. +.IP 15 +FTP can't get host. Couldn't resolve the host IP we got in the 227-line. +.IP 17 +FTP couldn't set binary. Couldn't change transfer method to binary. +.IP 18 +Partial file. Only a part of the file was transferred. +.IP 19 +FTP couldn't download/access the given file, the RETR (or similar) command +failed. +.IP 21 +FTP quote error. A quote command returned error from the server. +.IP 22 +HTTP page not retrieved. The requested url was not found or returned another +error with the HTTP error code being 400 or above. This return code only +appears if \fI-f, --fail\fP is used. +.IP 23 +Write error. Curl couldn't write data to a local filesystem or similar. +.IP 25 +FTP couldn't STOR file. The server denied the STOR operation, used for FTP +uploading. +.IP 26 +Read error. Various reading problems. +.IP 27 +Out of memory. A memory allocation request failed. +.IP 28 +Operation timeout. The specified time-out period was reached according to the +conditions. +.IP 30 +FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT +command, try doing a transfer using PASV instead! +.IP 31 +FTP couldn't use REST. The REST command failed. This command is used for +resumed FTP transfers. +.IP 33 +HTTP range error. The range "command" didn't work. +.IP 34 +HTTP post error. Internal post-request generation error. +.IP 35 +SSL connect error. The SSL handshaking failed. +.IP 36 +FTP bad download resume. Couldn't continue an earlier aborted download. +.IP 37 +FILE couldn't read file. Failed to open the file. Permissions? +.IP 38 +LDAP cannot bind. LDAP bind operation failed. +.IP 39 +LDAP search failed. +.IP 41 +Function not found. A required LDAP function was not found. +.IP 42 +Aborted by callback. An application told curl to abort the operation. +.IP 43 +Internal error. A function was called with a bad parameter. +.IP 45 +Interface error. A specified outgoing interface could not be used. +.IP 47 +Too many redirects. When following redirects, curl hit the maximum amount. +.IP 48 +Unknown option specified to libcurl. This indicates that you passed a weird +option to curl that was passed on to libcurl and rejected. Read up in the +manual! +.IP 49 +Malformed telnet option. +.IP 51 +The peer's SSL certificate or SSH MD5 fingerprint was not OK. +.IP 52 +The server didn't reply anything, which here is considered an error. +.IP 53 +SSL crypto engine not found. +.IP 54 +Cannot set SSL crypto engine as default. +.IP 55 +Failed sending network data. +.IP 56 +Failure in receiving network data. +.IP 58 +Problem with the local certificate. +.IP 59 +Couldn't use specified SSL cipher. +.IP 60 +Peer certificate cannot be authenticated with known CA certificates. +.IP 61 +Unrecognized transfer encoding. +.IP 62 +Invalid LDAP URL. +.IP 63 +Maximum file size exceeded. +.IP 64 +Requested FTP SSL level failed. +.IP 65 +Sending the data requires a rewind that failed. +.IP 66 +Failed to initialise SSL Engine. +.IP 67 +The user name, password, or similar was not accepted and curl failed to log in. +.IP 68 +File not found on TFTP server. +.IP 69 +Permission problem on TFTP server. +.IP 70 +Out of disk space on TFTP server. +.IP 71 +Illegal TFTP operation. +.IP 72 +Unknown TFTP transfer ID. +.IP 73 +File already exists (TFTP). +.IP 74 +No such user (TFTP). +.IP 75 +Character conversion failed. +.IP 76 +Character conversion functions required. +.IP 77 +Problem with reading the SSL CA cert (path? access rights?). +.IP 78 +The resource referenced in the URL does not exist. +.IP 79 +An unspecified error occurred during the SSH session. +.IP 80 +Failed to shut down the SSL connection. +.IP 82 +Could not load CRL file, missing or wrong format (added in 7.19.0). +.IP 83 +Issuer check failed (added in 7.19.0). +.IP 84 +The FTP PRET command failed +.IP 85 +RTSP: mismatch of CSeq numbers +.IP 86 +RTSP: mismatch of Session Identifiers +.IP 87 +unable to parse FTP file list +.IP 88 +FTP chunk callback reported error +.IP XX +More error codes will appear here in future releases. The existing ones +are meant to never change. +.SH AUTHORS / CONTRIBUTORS +Daniel Stenberg is the main author, but the whole list of contributors is +found in the separate THANKS file. +.SH WWW +http://curl.haxx.se +.SH FTP +ftp://ftp.sunet.se/pub/www/utilities/curl/ +.SH "SEE ALSO" +.BR ftp (1), +.BR wget (1) diff --git a/libs/libcurl/docs/curl.html b/libs/libcurl/docs/curl.html new file mode 100644 index 0000000000..c04a69633d --- /dev/null +++ b/libs/libcurl/docs/curl.html @@ -0,0 +1,961 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> +<html><head> +<title>curl man page</title> +<meta name="generator" content="roffit"> +<STYLE type="text/css"> +P.level0 { + padding-left: 2em; +} + +P.level1 { + padding-left: 4em; +} + +P.level2 { + padding-left: 6em; +} + +span.emphasis { + font-style: italic; +} + +span.bold { + font-weight: bold; +} + +span.manpage { + font-weight: bold; +} + +h2.nroffsh { + background-color: #e0e0e0; +} + +span.nroffip { + font-weight: bold; + font-size: 120%; + font-family: monospace; +} + +p.roffit { + text-align: center; + font-size: 80%; +} +</STYLE> +</head><body> + +<p class="level0"><a name="NAME"></a><h2 class="nroffsh">NAME</h2> +<p class="level0">curl - transfer a URL <a name="SYNOPSIS"></a><h2 class="nroffsh">SYNOPSIS</h2> +<p class="level0"><span Class="bold">curl [options]</span> <a class="emphasis" href="#URL">[URL...]</a> <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2> +<p class="level0"><span Class="bold">curl</span> is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction. +<p class="level0">curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer resume, Metalink, and more. As you will see below, the number of features will make your head spin! +<p class="level0">curl is powered by libcurl for all transfer-related features. See <span Class="manpage">libcurl (3)</span> for details. <a name="URL"></a><h2 class="nroffsh">URL</h2> +<p class="level0">The URL syntax is protocol-dependent. You'll find a detailed description in <a href="http://www.ietf.org/rfc/rfc3986.txt">RFC 3986</a>. +<p class="level0">You can specify multiple URLs or parts of URLs by writing part sets within braces as in: +<p class="level0"> <a href="http://site">http://site</a>.{one,two,three}.com +<p class="level0">or you can get sequences of alphanumeric series by using [] as in: +<p class="level0"> <a href="ftp://ftp.numericals.com/file">ftp://ftp.numericals.com/file</a>[1-100].txt <a href="ftp://ftp.numericals.com/file">ftp://ftp.numericals.com/file</a>[001-100].txt (with leading zeros) <a href="ftp://ftp.letters.com/file">ftp://ftp.letters.com/file</a>[a-z].txt +<p class="level0">Nested sequences are not supported, but you can use several ones next to each other: +<p class="level0"> <a href="http://any.org/archive">http://any.org/archive</a>[1996-1999]/vol[1-4]/part{a,b,c}.html +<p class="level0">You can specify any amount of URLs on the command line. They will be fetched in a sequential manner in the specified order. +<p class="level0">You can specify a step counter for the ranges to get every Nth number or letter: +<p class="level0"> <a href="http://www.numericals.com/file">http://www.numericals.com/file</a>[1-100:10].txt <a href="http://www.letters.com/file">http://www.letters.com/file</a>[a-z:2].txt +<p class="level0">If you specify URL without protocol:// prefix, curl will attempt to guess what protocol you might want. It will then default to HTTP but try other protocols based on often-used host name prefixes. For example, for host names starting with "ftp." curl will assume you want to speak FTP. +<p class="level0">curl will do its best to use what you pass to it as a URL. It is not trying to validate it as a syntactically correct URL by any means but is instead <span Class="bold">very</span> liberal with what it accepts. +<p class="level0">curl will attempt to re-use connections for multiple file transfers, so that getting many files from the same server will not do multiple connects / handshakes. This improves speed. Of course this is only done on files specified on a single command line and cannot be used between separate curl invokes. <a name="PROGRESS"></a><h2 class="nroffsh">PROGRESS METER</h2> +<p class="level0">curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. +<p class="level0">curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it <span Class="emphasis">disables</span> the progress meter as otherwise it would mess up the output mixing progress meter and response data. +<p class="level0">If you want a progress meter for HTTP POST or PUT requests, you need to redirect the response output to a file, using shell redirect (>), -o [file] or similar. +<p class="level0">It is not the same case for FTP upload as that operation does not spit out any response data to the terminal. +<p class="level0">If you prefer a progress "bar" instead of the regular meter, <a class="emphasis" href="#-">-#</a> is your friend. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2> +<p class="level0">Options start with one or two dashes. Many of the options require an addition value next to it. +<p class="level0">The short "single-dash" form of the options, -d for example, may be used with or without a space between it and its value, although a space is a recommended separator. The long "double-dash" form, --data for example, requires a space between it and its value. +<p class="level0">Short version options that don't need any additional values can be used immediately next to each other, like for example you can specify all the options -O, -L and -v at once as -OLv. +<p class="level0">In general, all boolean options are enabled with --<span Class="bold">option</span> and yet again disabled with --<span Class="bold">no-</span>option. That is, you use the exact same option name but prefix it with "no-". However, in this list we mostly only list and show the --option version of them. (This concept with --no options was added in 7.19.0. Previously most options were toggled on/off on repeated use of the same command line option.) +<p class="level0"><a name="-"></a><span class="nroffip">-#, --progress-bar</span> +<p class="level1">Make curl display progress as a simple progress bar instead of the standard, more informational, meter. +<p class="level0"><a name="-0"></a><span class="nroffip">-0, --http1.0</span> +<p class="level1">(HTTP) Tells curl to use HTTP version 1.0 instead of using its internally preferred: HTTP 1.1. +<p class="level0"><a name="--http11"></a><span class="nroffip">--http1.1</span> +<p class="level1">(HTTP) Tells curl to use HTTP version 1.1. This is the internal default version. (Added in 7.33.0) +<p class="level0"><a name="--http20"></a><span class="nroffip">--http2.0</span> +<p class="level1">(HTTP) Tells curl to issue its requests using HTTP 2.0. This requires that the underlying libcurl was built to support it. (Added in 7.33.0) +<p class="level0"><a name="-1"></a><span class="nroffip">-1, --tlsv1</span> +<p class="level1">(SSL) Forces curl to use TLS version 1 when negotiating with a remote TLS server. +<p class="level0"><a name="-2"></a><span class="nroffip">-2, --sslv2</span> +<p class="level1">(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL server. +<p class="level0"><a name="-3"></a><span class="nroffip">-3, --sslv3</span> +<p class="level1">(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL server. +<p class="level0"><a name="-4"></a><span class="nroffip">-4, --ipv4</span> +<p class="level1">If curl is capable of resolving an address to multiple IP versions (which it is if it is IPv6-capable), this option tells curl to resolve names to IPv4 addresses only. +<p class="level0"><a name="-6"></a><span class="nroffip">-6, --ipv6</span> +<p class="level1">If curl is capable of resolving an address to multiple IP versions (which it is if it is IPv6-capable), this option tells curl to resolve names to IPv6 addresses only. +<p class="level0"><a name="-a"></a><span class="nroffip">-a, --append</span> +<p class="level1">(FTP/SFTP) When used in an upload, this will tell curl to append to the target file instead of overwriting it. If the file doesn't exist, it will be created. Note that this flag is ignored by some SSH servers (including OpenSSH). +<p class="level0"><a name="-A"></a><span class="nroffip">-A, --user-agent <agent string></span> +<p class="level1">(HTTP) Specify the User-Agent string to send to the HTTP server. Some badly done CGIs fail if this field isn't set to "Mozilla/4.0". To encode blanks in the string, surround the string with single quote marks. This can also be set with the <a class="emphasis" href="#-H">-H, --header</a> option of course. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--anyauth"></a><span class="nroffip">--anyauth</span> +<p class="level1">(HTTP) Tells curl to figure out authentication method by itself, and use the most secure one the remote site claims to support. This is done by first doing a request and checking the response-headers, thus possibly inducing an extra network round-trip. This is used instead of setting a specific authentication method, which you can do with <a class="emphasis" href="#--basic">--basic</a>, <a class="emphasis" href="#--digest">--digest</a>, <a class="emphasis" href="#--ntlm">--ntlm</a>, and <a class="emphasis" href="#--negotiate">--negotiate</a>. +<p class="level1">Note that using --anyauth is not recommended if you do uploads from stdin, since it may require data to be sent twice and then the client must be able to rewind. If the need should arise when uploading from stdin, the upload operation will fail. +<p class="level0"><a name="-b"></a><span class="nroffip">-b, --cookie <name=data></span> +<p class="level1">(HTTP) Pass the data to the HTTP server as a cookie. It is supposedly the data previously received from the server in a "Set-Cookie:" line. The data should be in the format "NAME1=VALUE1; NAME2=VALUE2". +<p class="level1">If no '=' symbol is used in the line, it is treated as a filename to use to read previously stored cookie lines from, which should be used in this session if they match. Using this method also activates the "cookie parser" which will make curl record incoming cookies too, which may be handy if you're using this in combination with the <a class="emphasis" href="#-L">-L, --location</a> option. The file format of the file to read cookies from should be plain HTTP headers or the Netscape/Mozilla cookie file format. +<p class="level1"><span Class="bold">NOTE</span> that the file specified with <a class="emphasis" href="#-b">-b, --cookie</a> is only used as input. No cookies will be stored in the file. To store cookies, use the <a class="emphasis" href="#-c">-c, --cookie-jar</a> option or you could even save the HTTP headers to a file using <a class="emphasis" href="#-D">-D, --dump-header</a>! +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-B"></a><span class="nroffip">-B, --use-ascii</span> +<p class="level1">(FTP/LDAP) Enable ASCII transfer. For FTP, this can also be enforced by using an URL that ends with ";type=A". This option causes data sent to stdout to be in text mode for win32 systems. +<p class="level0"><a name="--basic"></a><span class="nroffip">--basic</span> +<p class="level1">(HTTP) Tells curl to use HTTP Basic authentication. This is the default and this option is usually pointless, unless you use it to override a previously set option that sets a different authentication method (such as <a class="emphasis" href="#--ntlm">--ntlm</a>, <a class="emphasis" href="#--digest">--digest</a>, or <a class="emphasis" href="#--negotiate">--negotiate</a>). +<p class="level0"><a name="-c"></a><span class="nroffip">-c, --cookie-jar <file name></span> +<p class="level1">(HTTP) Specify to which file you want curl to write all cookies after a completed operation. Curl writes all cookies previously read from a specified file as well as all cookies received from remote server(s). If no cookies are known, no file will be written. The file will be written using the Netscape cookie file format. If you set the file name to a single dash, "-", the cookies will be written to stdout. +<p class="level1">This command line option will activate the cookie engine that makes curl record and use cookies. Another way to activate it is to use the <span class="emphasis">-b, --cookie</span> option. +<p class="level1">If the cookie jar can't be created or written to, the whole curl operation won't fail or even report an error clearly. Using -v will get a warning displayed, but that is the only visible feedback you get about this possibly lethal situation. +<p class="level1">If this option is used several times, the last specified file name will be used. +<p class="level0"><a name="-C"></a><span class="nroffip">-C, --continue-at <offset></span> +<p class="level1">Continue/Resume a previous file transfer at the given offset. The given offset is the exact number of bytes that will be skipped, counting from the beginning of the source file before it is transferred to the destination. If used with uploads, the FTP server command SIZE will not be used by curl. +<p class="level1">Use "-C -" to tell curl to automatically find out where/how to resume the transfer. It then uses the given output/input files to figure that out. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--ciphers"></a><span class="nroffip">--ciphers <list of ciphers></span> +<p class="level1">(SSL) Specifies which ciphers to use in the connection. The list of ciphers must specify valid ciphers. Read up on SSL cipher list details on this URL: <span Class="emphasis"><a href="http://www.openssl.org/docs/apps/ciphers.html">http://www.openssl.org/docs/apps/ciphers.html</a></span> +<p class="level1">NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS ciphers is in the NSSCipherSuite entry at this URL: <span Class="emphasis"><a href="http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html">http://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html</a>#Directives</span> +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--compressed"></a><span class="nroffip">--compressed</span> +<p class="level1">(HTTP) Request a compressed response using one of the algorithms curl supports, and save the uncompressed document. If this option is used and the server sends an unsupported encoding, curl will report an error. +<p class="level0"><a name="--connect-timeout"></a><span class="nroffip">--connect-timeout <seconds></span> +<p class="level1">Maximum time in seconds that you allow the connection to the server to take. This only limits the connection phase, once curl has connected this option is of no more use. Since 7.32.0, this option accepts decimal values, but the actual timeout will decrease in accuracy as the specified timeout increases in decimal precision. See also the <a class="emphasis" href="#-m">-m, --max-time</a> option. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--create-dirs"></a><span class="nroffip">--create-dirs</span> +<p class="level1">When used in conjunction with the <a class="emphasis" href="#-o">-o</a> option, curl will create the necessary local directory hierarchy as needed. This option creates the dirs mentioned with the <a class="emphasis" href="#-o">-o</a> option, nothing else. If the <a class="emphasis" href="#-o">-o</a> file name uses no dir or if the dirs it mentions already exist, no dir will be created. +<p class="level1">To create remote directories when using FTP or SFTP, try <a class="emphasis" href="#--ftp-create-dirs">--ftp-create-dirs</a>. +<p class="level0"><a name="--crlf"></a><span class="nroffip">--crlf</span> +<p class="level1">(FTP) Convert LF to CRLF in upload. Useful for MVS (OS/390). +<p class="level0"><a name="--crlfile"></a><span class="nroffip">--crlfile <file></span> +<p class="level1">(HTTPS/FTPS) Provide a file using PEM format with a Certificate Revocation List that may specify peer certificates that are to be considered revoked. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level1">(Added in 7.19.7) +<p class="level0"><a name="-d"></a><span class="nroffip">-d, --data <data></span> +<p class="level1">(HTTP) Sends the specified data in a POST request to the HTTP server, in the same way that a browser does when a user has filled in an HTML form and presses the submit button. This will cause curl to pass the data to the server using the content-type application/x-www-form-urlencoded. Compare to <a class="emphasis" href="#-F">-F, --form</a>. +<p class="level1"><a class="emphasis" href="#-d">-d, --data</a> is the same as <a class="emphasis" href="#--data-ascii">--data-ascii</a>. To post data purely binary, you should instead use the <a class="emphasis" href="#--data-binary">--data-binary</a> option. To URL-encode the value of a form field you may use <a class="emphasis" href="#--data-urlencode">--data-urlencode</a>. +<p class="level1">If any of these options is used more than once on the same command line, the data pieces specified will be merged together with a separating &-symbol. Thus, using '-d name=daniel -d skill=lousy' would generate a post chunk that looks like 'name=daniel&skill=lousy'. +<p class="level1">If you start the data with the letter @, the rest should be a file name to read the data from, or - if you want curl to read the data from stdin. The contents of the file must already be URL-encoded. Multiple files can also be specified. Posting data from a file named 'foobar' would thus be done with <span Class="emphasis">--data</span> @foobar. When --data is told to read from a file like that, carriage returns and newlines will be stripped out. +<p class="level0"><a name="-D"></a><span class="nroffip">-D, --dump-header <file></span> +<p class="level1">Write the protocol headers to the specified file. +<p class="level1">This option is handy to use when you want to store the headers that an HTTP site sends to you. Cookies from the headers could then be read in a second curl invocation by using the <a class="emphasis" href="#-b">-b, --cookie</a> option! The <a class="emphasis" href="#-c">-c, --cookie-jar</a> option is however a better way to store cookies. +<p class="level1">When used in FTP, the FTP server response lines are considered being "headers" and thus are saved there. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level1"> +<p class="level0"><a name="--data-ascii"></a><span class="nroffip">--data-ascii <data></span> +<p class="level1">See <a class="emphasis" href="#-d">-d, --data</a>. +<p class="level0"><a name="--data-binary"></a><span class="nroffip">--data-binary <data></span> +<p class="level1">(HTTP) This posts data exactly as specified with no extra processing whatsoever. +<p class="level1">If you start the data with the letter @, the rest should be a filename. Data is posted in a similar manner as <a class="emphasis" href="#--data-ascii">--data-ascii</a> does, except that newlines and carriage returns are preserved and conversions are never done. +<p class="level1">If this option is used several times, the ones following the first will append data as described in <a class="emphasis" href="#-d">-d, --data</a>. +<p class="level0"><a name="--data-urlencode"></a><span class="nroffip">--data-urlencode <data></span> +<p class="level1">(HTTP) This posts data, similar to the other --data options with the exception that this performs URL-encoding. (Added in 7.18.0) +<p class="level1">To be CGI-compliant, the <data> part should begin with a <span Class="emphasis">name</span> followed by a separator and a content specification. The <data> part can be passed to curl using one of the following syntaxes: +<p class="level2"> +<p class="level1"><a name="content"></a><span class="nroffip">content</span> +<p class="level2">This will make curl URL-encode the content and pass that on. Just be careful so that the content doesn't contain any = or @ symbols, as that will then make the syntax match one of the other cases below! +<p class="level1"><a name="content"></a><span class="nroffip">=content</span> +<p class="level2">This will make curl URL-encode the content and pass that on. The preceding = symbol is not included in the data. +<p class="level1"><a name="namecontent"></a><span class="nroffip">name=content</span> +<p class="level2">This will make curl URL-encode the content part and pass that on. Note that the name part is expected to be URL-encoded already. +<p class="level1"><a name="filename"></a><span class="nroffip">@filename</span> +<p class="level2">This will make curl load data from the given file (including any newlines), URL-encode that data and pass it on in the POST. +<p class="level1"><a name="namefilename"></a><span class="nroffip">name@filename</span> +<p class="level2">This will make curl load data from the given file (including any newlines), URL-encode that data and pass it on in the POST. The name part gets an equal sign appended, resulting in <span Class="emphasis">name=urlencoded-file-content</span>. Note that the name is expected to be URL-encoded already. +<p class="level1"> +<p class="level0"><a name="--delegation"></a><span class="nroffip">--delegation LEVEL</span> +<p class="level1">Set <span Class="emphasis">LEVEL</span> to tell the server what it is allowed to delegate when it comes to user credentials. Used with GSS/kerberos. +<p class="level2"> +<p class="level1"><a name="none"></a><span class="nroffip">none</span> +<p class="level2">Don't allow any delegation. +<p class="level1"><a name="policy"></a><span class="nroffip">policy</span> +<p class="level2">Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos service ticket, which is a matter of realm policy. +<p class="level1"><a name="always"></a><span class="nroffip">always</span> +<p class="level2">Unconditionally allow the server to delegate. +<p class="level1"> +<p class="level0"><a name="--digest"></a><span class="nroffip">--digest</span> +<p class="level1">(HTTP) Enables HTTP Digest authentication. This is an authentication scheme that prevents the password from being sent over the wire in clear text. Use this in combination with the normal <a class="emphasis" href="#-u">-u, --user</a> option to set user name and password. See also <a class="emphasis" href="#--ntlm">--ntlm</a>, <a class="emphasis" href="#--negotiate">--negotiate</a> and <a class="emphasis" href="#--anyauth">--anyauth</a> for related options. +<p class="level1">If this option is used several times, only the first one is used. +<p class="level0"><a name="--disable-eprt"></a><span class="nroffip">--disable-eprt</span> +<p class="level1">(FTP) Tell curl to disable the use of the EPRT and LPRT commands when doing active FTP transfers. Curl will normally always first attempt to use EPRT, then LPRT before using PORT, but with this option, it will use PORT right away. EPRT and LPRT are extensions to the original FTP protocol, and may not work on all servers, but they enable more functionality in a better way than the traditional PORT command. +<p class="level1"><span Class="bold">--eprt</span> can be used to explicitly enable EPRT again and <span Class="bold">--no-eprt</span> is an alias for <a class="bold" href="#--disable-eprt">--disable-eprt</a>. +<p class="level1">Disabling EPRT only changes the active behavior. If you want to switch to passive mode you need to not use <a class="emphasis" href="#-P">-P, --ftp-port</a> or force it with <a class="emphasis" href="#--ftp-pasv">--ftp-pasv</a>. +<p class="level0"><a name="--disable-epsv"></a><span class="nroffip">--disable-epsv</span> +<p class="level1">(FTP) Tell curl to disable the use of the EPSV command when doing passive FTP transfers. Curl will normally always first attempt to use EPSV before PASV, but with this option, it will not try using EPSV. +<p class="level1"><span Class="bold">--epsv</span> can be used to explicitly enable EPSV again and <span Class="bold">--no-epsv</span> is an alias for <a class="bold" href="#--disable-epsv">--disable-epsv</a>. +<p class="level1">Disabling EPSV only changes the passive behavior. If you want to switch to active mode you need to use <a class="emphasis" href="#-P">-P, --ftp-port</a>. +<p class="level0"><a name="--dns-interface"></a><span class="nroffip">--dns-interface <interface></span> +<p class="level1">Tell curl to send outgoing DNS requests through <interface>. This option is a counterpart to <a class="emphasis" href="#--interface">--interface</a> (which does not affect DNS). The supplied string must be an interface name (not an address). +<p class="level1">This option requires that libcurl was built with a resolver backend that supports this operation. The c-ares backend is the only such one. (Added in 7.33.0) +<p class="level0"><a name="--dns-ipv4-addr"></a><span class="nroffip">--dns-ipv4-addr <ip-address></span> +<p class="level1">Tell curl to bind to <ip-address> when making IPv4 DNS requests, so that the DNS requests originate from this address. The argument should be a single IPv4 address. +<p class="level1">This option requires that libcurl was built with a resolver backend that supports this operation. The c-ares backend is the only such one. (Added in 7.33.0) +<p class="level0"><a name="--dns-ipv6-addr"></a><span class="nroffip">--dns-ipv6-addr <ip-address></span> +<p class="level1">Tell curl to bind to <ip-address> when making IPv6 DNS requests, so that the DNS requests originate from this address. The argument should be a single IPv6 address. +<p class="level1">This option requires that libcurl was built with a resolver backend that supports this operation. The c-ares backend is the only such one. (Added in 7.33.0) +<p class="level0"><a name="--dns-servers"></a><span class="nroffip">--dns-servers <ip-address,ip-address></span> +<p class="level1">Set the list of DNS servers to be used instead of the system default. The list of IP addresses should be separated with commas. Port numbers may also optionally be given as <span Class="emphasis">:<port-number></span> after each IP address. +<p class="level1">This option requires that libcurl was built with a resolver backend that supports this operation. The c-ares backend is the only such one. (Added in 7.33.0) +<p class="level0"><a name="-e"></a><span class="nroffip">-e, --referer <URL></span> +<p class="level1">(HTTP) Sends the "Referer Page" information to the HTTP server. This can also be set with the <a class="emphasis" href="#-H">-H, --header</a> flag of course. When used with <a class="emphasis" href="#-L">-L, --location</a> you can append ";auto" to the --referer URL to make curl automatically set the previous URL when it follows a Location: header. The ";auto" string can be used alone, even if you don't set an initial --referer. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-E"></a><span class="nroffip">-E, --cert <certificate[:password]></span> +<p class="level1">(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PKCS#12 format if using Secure Transport, or PEM format if using any other engine. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the private certificate concatenated! See <span Class="emphasis">--cert</span> and <a class="emphasis" href="#--key">--key</a> to specify them independently. +<p class="level1">If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. If the nickname contains ":", it needs to be preceded by "\" so that it is not recognized as password delimiter. If the nickname contains "\", it needs to be escaped as "\\" so that it is not recognized as an escape character. +<p class="level1">(iOS and Mac OS X only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--engine"></a><span class="nroffip">--engine <name></span> +<p class="level1">Select the OpenSSL crypto engine to use for cipher operations. Use <a class="emphasis" href="#--engine">--engine list</a> to print a list of build-time supported engines. Note that not all (or none) of the engines may be available at run-time. +<p class="level0"><a name="--environment"></a><span class="nroffip">--environment</span> +<p class="level1">(RISC OS ONLY) Sets a range of environment variables, using the names the <a class="emphasis" href="#-w">-w</a> option supports, to allow easier extraction of useful information after having run curl. +<p class="level0"><a name="--egd-file"></a><span class="nroffip">--egd-file <file></span> +<p class="level1">(SSL) Specify the path name to the Entropy Gathering Daemon socket. The socket is used to seed the random engine for SSL connections. See also the <a class="emphasis" href="#--random-file">--random-file</a> option. +<p class="level0"><a name="--cert-type"></a><span class="nroffip">--cert-type <type></span> +<p class="level1">(SSL) Tells curl what certificate type the provided certificate is in. PEM, DER and ENG are recognized types. If not specified, PEM is assumed. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--cacert"></a><span class="nroffip">--cacert <CA certificate></span> +<p class="level1">(SSL) Tells curl to use the specified certificate file to verify the peer. The file may contain multiple CA certificates. The certificate(s) must be in PEM format. Normally curl is built to use a default file for this, so this option is typically used to alter that default file. +<p class="level1">curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set, and uses the given path as a path to a CA cert bundle. This option overrides that variable. +<p class="level1">The windows version of curl will automatically look for a CA certs file named ´curl-ca-bundle.crt´, either in the same directory as curl.exe, or in the Current Working Directory, or in any folder along your PATH. +<p class="level1">If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--capath"></a><span class="nroffip">--capath <CA certificate directory></span> +<p class="level1">(SSL) Tells curl to use the specified certificate directory to verify the peer. Multiple paths can be provided by separating them with ":" (e.g. "path1:path2:path3"). The certificates must be in PEM format, and if curl is built against OpenSSL, the directory must have been processed using the c_rehash utility supplied with OpenSSL. Using <a class="emphasis" href="#--capath">--capath</a> can allow OpenSSL-powered curl to make SSL-connections much more efficiently than using <a class="emphasis" href="#--cacert">--cacert</a> if the <a class="emphasis" href="#--cacert">--cacert</a> file contains many CA certificates. +<p class="level1">If this option is set, the default capath value will be ignored, and if it is used several times, the last one will be used. +<p class="level0"><a name="-f"></a><span class="nroffip">-f, --fail</span> +<p class="level1">(HTTP) Fail silently (no output at all) on server errors. This is mostly done to better enable scripts etc to better deal with failed attempts. In normal cases when an HTTP server fails to deliver a document, it returns an HTML document stating so (which often also describes why and more). This flag will prevent curl from outputting that and return error 22. +<p class="level1">This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407). +<p class="level0"><a name="-F"></a><span class="nroffip">-F, --form <name=content></span> +<p class="level1">(HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit button. This causes curl to POST data using the Content-Type multipart/form-data according to <a href="http://www.ietf.org/rfc/rfc2388.txt">RFC 2388</a>. This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an @ sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file. +<p class="level1">Example, to send your password file to the server, where 'password' is the name of the form-field to which /etc/passwd will be the input: +<p class="level1"><span Class="bold">curl</span> -F password=@/etc/passwd www.mypasswords.com +<p class="level1">To read content from stdin instead of a file, use - as the filename. This goes for both @ and < constructs. +<p class="level1">You can also tell curl what Content-Type to use by using 'type=', in a manner similar to: +<p class="level1"><span Class="bold">curl</span> -F "web=@index.html;type=text/html" url.com +<p class="level1">or +<p class="level1"><span Class="bold">curl</span> -F "name=daniel;type=text/foo" url.com +<p class="level1">You can also explicitly change the name field of a file upload part by setting filename=, like this: +<p class="level1"><span Class="bold">curl</span> -F "file=@localfile;filename=nameinpost" url.com +<p class="level1">If filename/path contains ',' or ';', it must be quoted by double-quotes like: +<p class="level1"><span Class="bold">curl</span> -F "file=@\"localfile\";filename=\"nameinpost\"" url.com +<p class="level1">or +<p class="level1"><span Class="bold">curl</span> -F 'file=@"localfile";filename="nameinpost"' url.com +<p class="level1">Note that if a filename/path is quoted by double-quotes, any double-quote or backslash within the filename must be escaped by backslash. +<p class="level1">See further examples and details in the MANUAL. +<p class="level1">This option can be used multiple times. +<p class="level0"><a name="--ftp-account"></a><span class="nroffip">--ftp-account [data]</span> +<p class="level1">(FTP) When an FTP server asks for "account data" after user name and password has been provided, this data is sent off using the ACCT command. (Added in 7.13.0) +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--ftp-alternative-to-user"></a><span class="nroffip">--ftp-alternative-to-user <command></span> +<p class="level1">(FTP) If authenticating with the USER and PASS commands fails, send this command. When connecting to Tumbleweed's Secure Transport server over FTPS using a client certificate, using "SITE AUTH" will tell the server to retrieve the username from the certificate. (Added in 7.15.5) +<p class="level0"><a name="--ftp-create-dirs"></a><span class="nroffip">--ftp-create-dirs</span> +<p class="level1">(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on the server, the standard behavior of curl is to fail. Using this option, curl will instead attempt to create missing directories. +<p class="level0"><a name="--ftp-method"></a><span class="nroffip">--ftp-method [method]</span> +<p class="level1">(FTP) Control what method curl should use to reach a file on an FTP(S) server. The method argument should be one of the following alternatives: +<p class="level2"> +<p class="level1"><a name="multicwd"></a><span class="nroffip">multicwd</span> +<p class="level2">curl does a single CWD operation for each path part in the given URL. For deep hierarchies this means very many commands. This is how <a href="http://www.ietf.org/rfc/rfc1738.txt">RFC 1738</a> says it should be done. This is the default but the slowest behavior. +<p class="level1"><a name="nocwd"></a><span class="nroffip">nocwd</span> +<p class="level2">curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full path to the server for all these commands. This is the fastest behavior. +<p class="level1"><a name="singlecwd"></a><span class="nroffip">singlecwd</span> +<p class="level2">curl does one CWD with the full target directory and then operates on the file "normally" (like in the multicwd case). This is somewhat more standards compliant than 'nocwd' but without the full penalty of 'multicwd'. +<p class="level1">(Added in 7.15.1) +<p class="level0"><a name="--ftp-pasv"></a><span class="nroffip">--ftp-pasv</span> +<p class="level1">(FTP) Use passive mode for the data connection. Passive is the internal default behavior, but using this option can be used to override a previous <span Class="emphasis">-P/-ftp-port</span> option. (Added in 7.11.0) +<p class="level1">If this option is used several times, only the first one is used. Undoing an enforced passive really isn't doable but you must then instead enforce the correct <a class="emphasis" href="#-P">-P, --ftp-port</a> again. +<p class="level1">Passive mode means that curl will try the EPSV command first and then PASV, unless <a class="emphasis" href="#--disable-epsv">--disable-epsv</a> is used. +<p class="level0"><a name="--ftp-skip-pasv-ip"></a><span class="nroffip">--ftp-skip-pasv-ip</span> +<p class="level1">(FTP) Tell curl to not use the IP address the server suggests in its response to curl's PASV command when curl connects the data connection. Instead curl will re-use the same IP address it already uses for the control connection. (Added in 7.14.2) +<p class="level1">This option has no effect if PORT, EPRT or EPSV is used instead of PASV. +<p class="level0"><a name="--ftp-pret"></a><span class="nroffip">--ftp-pret</span> +<p class="level1">(FTP) Tell curl to send a PRET command before PASV (and EPSV). Certain FTP servers, mainly drftpd, require this non-standard command for directory listings as well as up and downloads in PASV mode. (Added in 7.20.x) +<p class="level0"><a name="--ftp-ssl-ccc"></a><span class="nroffip">--ftp-ssl-ccc</span> +<p class="level1">(FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS layer after authenticating. The rest of the control channel communication will be unencrypted. This allows NAT routers to follow the FTP transaction. The default mode is passive. See <a class="emphasis" href="#--ftp-ssl-ccc-mode">--ftp-ssl-ccc-mode</a> for other modes. (Added in 7.16.1) +<p class="level0"><a name="--ftp-ssl-ccc-mode"></a><span class="nroffip">--ftp-ssl-ccc-mode [active/passive]</span> +<p class="level1">(FTP) Use CCC (Clear Command Channel) Sets the CCC mode. The passive mode will not initiate the shutdown, but instead wait for the server to do it, and will not reply to the shutdown from the server. The active mode initiates the shutdown and waits for a reply from the server. (Added in 7.16.2) +<p class="level0"><a name="--ftp-ssl-control"></a><span class="nroffip">--ftp-ssl-control</span> +<p class="level1">(FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure authentication, but non-encrypted data transfers for efficiency. Fails the transfer if the server doesn't support SSL/TLS. (Added in 7.16.0) that can still be used but will be removed in a future version. +<p class="level0"><a name="--form-string"></a><span class="nroffip">--form-string <name=string></span> +<p class="level1">(HTTP) Similar to <span Class="emphasis">--form</span> except that the value string for the named parameter is used literally. Leading '@' and '<' characters, and the ';type=' string in the value have no special meaning. Use this in preference to <span Class="emphasis">--form</span> if there's any possibility that the string value may accidentally trigger the '@' or '<' features of <span Class="emphasis">--form</span>. +<p class="level0"><a name="-g"></a><span class="nroffip">-g, --globoff</span> +<p class="level1">This option switches off the "URL globbing parser". When you set this option, you can specify URLs that contain the letters {}[] without having them being interpreted by curl itself. Note that these letters are not normal legal URL contents but they should be encoded according to the URI standard. +<p class="level0"><a name="-G"></a><span class="nroffip">-G, --get</span> +<p class="level1">When used, this option will make all data specified with <a class="emphasis" href="#-d">-d, --data</a> or <a class="emphasis" href="#--data-binary">--data-binary</a> to be used in an HTTP GET request instead of the POST request that otherwise would be used. The data will be appended to the URL with a '?' separator. +<p class="level1">If used in combination with -I, the POST data will instead be appended to the URL with a HEAD request. +<p class="level1">If this option is used several times, only the first one is used. This is because undoing a GET doesn't make sense, but you should then instead enforce the alternative method you prefer. +<p class="level0"><a name="-H"></a><span class="nroffip">-H, --header <header></span> +<p class="level1">(HTTP) Extra header to use when getting a web page. You may specify any number of extra headers. Note that if you should add a custom header that has the same name as one of the internal ones curl would use, your externally set header will be used instead of the internal one. This allows you to make even trickier stuff than curl would normally do. You should not replace internally set headers without knowing perfectly well what you're doing. Remove an internal header by giving a replacement without content on the right side of the colon, as in: -H "Host:". If you send the custom header with no-value then its header must be terminated with a semicolon, such as -H "X-Custom-Header;" to send "X-Custom-Header:". +<p class="level1">curl will make sure that each header you add/replace is sent with the proper end-of-line marker, you should thus <span Class="bold">not</span> add that as a part of the header content: do not add newlines or carriage returns, they will only mess things up for you. +<p class="level1">See also the <a class="emphasis" href="#-A">-A, --user-agent</a> and <a class="emphasis" href="#-e">-e, --referer</a> options. +<p class="level1">This option can be used multiple times to add/replace/remove multiple headers. +<p class="level0"><a name="--hostpubmd5"></a><span class="nroffip">--hostpubmd5 <md5></span> +<p class="level1">(SCP/SFTP) Pass a string containing 32 hexadecimal digits. The string should be the 128 bit MD5 checksum of the remote host's public key, curl will refuse the connection with the host unless the md5sums match. (Added in 7.17.1) +<p class="level0"><a name="--ignore-content-length"></a><span class="nroffip">--ignore-content-length</span> +<p class="level1">(HTTP) Ignore the Content-Length header. This is particularly useful for servers running Apache 1.x, which will report incorrect Content-Length for files larger than 2 gigabytes. +<p class="level0"><a name="-i"></a><span class="nroffip">-i, --include</span> +<p class="level1">(HTTP) Include the HTTP-header in the output. The HTTP-header includes things like server-name, date of the document, HTTP-version and more... +<p class="level0"><a name="-I"></a><span class="nroffip">-I, --head</span> +<p class="level1">(HTTP/FTP/FILE) Fetch the HTTP-header only! HTTP-servers feature the command HEAD which this uses to get nothing but the header of a document. When used on an FTP or FILE file, curl displays the file size and last modification time only. +<p class="level0"><a name="--interface"></a><span class="nroffip">--interface <name></span> +<p class="level1">Perform an operation using a specified interface. You can enter interface name, IP address or host name. An example could look like: +<p class="level1"> curl --interface eth0:1 <a href="http://www.netscape.com/">http://www.netscape.com/</a> +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-j"></a><span class="nroffip">-j, --junk-session-cookies</span> +<p class="level1">(HTTP) When curl is told to read cookies from a given file, this option will make it discard all "session cookies". This will basically have the same effect as if a new session is started. Typical browsers always discard session cookies when they're closed down. +<p class="level0"><a name="-J"></a><span class="nroffip">-J, --remote-header-name</span> +<p class="level1">(HTTP) This option tells the <a class="emphasis" href="#-O">-O, --remote-name</a> option to use the server-specified Content-Disposition filename instead of extracting a filename from the URL. +<p class="level0"><a name="-k"></a><span class="nroffip">-k, --insecure</span> +<p class="level1">(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless <a class="emphasis" href="#-k">-k, --insecure</a> is used. +<p class="level1">See this online resource for further details: <span Class="bold"><a href="http://curl.haxx.se/docs/sslcerts.html">http://curl.haxx.se/docs/sslcerts.html</a></span> +<p class="level0"><a name="-K"></a><span class="nroffip">-K, --config <config file></span> +<p class="level1">Specify which config file to read curl arguments from. The config file is a text file in which command line arguments can be written which then will be used as if they were written on the actual command line. Options and their parameters must be specified on the same config file line, separated by whitespace, colon, the equals sign or any combination thereof (however, the preferred separator is the equals sign). If the parameter is to contain whitespace, the parameter must be enclosed within quotes. Within double quotes, the following escape sequences are available: \\, \", \t, \n, \r and \v. A backslash preceding any other letter is ignored. If the first column of a config line is a '#' character, the rest of the line will be treated as a comment. Only write one option per physical line in the config file. +<p class="level1">Specify the filename to -K, --config as '-' to make curl read the file from stdin. +<p class="level1">Note that to be able to specify a URL in the config file, you need to specify it using the <a class="emphasis" href="#--url">--url</a> option, and not by simply writing the URL on its own line. So, it could look similar to this: +<p class="level1">url = "<a href="http://curl.haxx.se/docs/">http://curl.haxx.se/docs/</a>" +<p class="level1">Long option names can optionally be given in the config file without the initial double dashes. +<p class="level1">When curl is invoked, it always (unless <a class="emphasis" href="#-q">-q</a> is used) checks for a default config file and uses it if found. The default config file is checked for in the following places in this order: +<p class="level1">1) curl tries to find the "home dir": It first checks for the CURL_HOME and then the HOME environment variables. Failing that, it uses getpwuid() on UNIX-like systems (which returns the home dir given the current user in your system). On Windows, it then checks for the APPDATA variable, or as a last resort the '%USERPROFILE%\Application Data'. +<p class="level1">2) On windows, if there is no _curlrc file in the home dir, it checks for one in the same dir the curl executable is placed. On UNIX-like systems, it will simply try to load .curlrc from the determined home dir. +<p class="level1"><pre> +<p class="level1"># --- Example file --- + # this is a comment + url = "curl.haxx.se" + output = "curlhere.html" + user-agent = "superagent/1.0" + <p class="level1"># and fetch another URL too + url = "curl.haxx.se/docs/manpage.html" + -O + referer = "<a href="http://nowhereatall.com/">http://nowhereatall.com/</a>" + # --- End of example file --- + </pre> + +<p class="level1"> +<p class="level1">This option can be used multiple times to load multiple config files. +<p class="level0"><a name="--keepalive-time"></a><span class="nroffip">--keepalive-time <seconds></span> +<p class="level1">This option sets the time a connection needs to remain idle before sending keepalive probes and the time between individual keepalive probes. It is currently effective on operating systems offering the TCP_KEEPIDLE and TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This option has no effect if <a class="emphasis" href="#--no-keepalive">--no-keepalive</a> is used. (Added in 7.18.0) +<p class="level1">If this option is used several times, the last one will be used. If unspecified, the option defaults to 60 seconds. +<p class="level0"><a name="--key"></a><span class="nroffip">--key <key></span> +<p class="level1">(SSL/SSH) Private key file name. Allows you to provide your private key in this separate file. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--key-type"></a><span class="nroffip">--key-type <type></span> +<p class="level1">(SSL) Private key file type. Specify which type your <a class="emphasis" href="#--key">--key</a> provided private key is. DER, PEM, and ENG are supported. If not specified, PEM is assumed. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--krb"></a><span class="nroffip">--krb <level></span> +<p class="level1">(FTP) Enable Kerberos authentication and use. The level must be entered and should be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a level that is not one of these, 'private' will instead be used. +<p class="level1">This option requires a library built with kerberos4 or GSSAPI (GSS-Negotiate) support. This is not very common. Use <a class="emphasis" href="#-V">-V, --version</a> to see if your curl supports it. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-l"></a><span class="nroffip">-l, --list-only</span> +<p class="level1">(FTP) When listing an FTP directory, this switch forces a name-only view. Especially useful if you want to machine-parse the contents of an FTP directory since the normal directory view doesn't use a standard look or format. +<p class="level1">This option causes an FTP NLST command to be sent. Some FTP servers list only files in their response to NLST; they do not include subdirectories and symbolic links. +<p class="level1"> +<p class="level0"><a name="-L"></a><span class="nroffip">-L, --location</span> +<p class="level1">(HTTP/HTTPS) If the server reports that the requested page has moved to a different location (indicated with a Location: header and a 3XX response code), this option will make curl redo the request on the new place. If used together with <a class="emphasis" href="#-i">-i, --include</a> or <a class="emphasis" href="#-I">-I, --head</a>, headers from all requested pages will be shown. When authentication is used, curl only sends its credentials to the initial host. If a redirect takes curl to a different host, it won't be able to intercept the user+password. See also <a class="emphasis" href="#--location-trusted">--location-trusted</a> on how to change this. You can limit the amount of redirects to follow by using the <a class="emphasis" href="#--max-redirs">--max-redirs</a> option. +<p class="level1">When curl follows a redirect and the request is not a plain GET (for example POST or PUT), it will do the following request with a GET if the HTTP response was 301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodified method. +<p class="level0"><a name="--libcurl"></a><span class="nroffip">--libcurl <file></span> +<p class="level1">Append this option to any ordinary curl command line, and you will get a libcurl-using C source code written to the file that does the equivalent of what your command-line operation does! +<p class="level1">If this option is used several times, the last given file name will be used. (Added in 7.16.1) +<p class="level0"><a name="--limit-rate"></a><span class="nroffip">--limit-rate <speed></span> +<p class="level1">Specify the maximum transfer rate you want curl to use. This feature is useful if you have a limited pipe and you'd like your transfer not to use your entire bandwidth. +<p class="level1">The given speed is measured in bytes/second, unless a suffix is appended. Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G. +<p class="level1">The given rate is the average speed counted during the entire transfer. It means that curl might use higher transfer speeds in short bursts, but over time it uses no more than the given rate. +<p class="level1">If you also use the <a class="emphasis" href="#-Y">-Y, --speed-limit</a> option, that option will take precedence and might cripple the rate-limiting slightly, to help keeping the speed-limit logic working. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--local-port"></a><span class="nroffip">--local-port <num>[-num]</span> +<p class="level1">Set a preferred number or range of local port numbers to use for the connection(s). Note that port numbers by nature are a scarce resource that will be busy at times so setting this range to something too narrow might cause unnecessary connection setup failures. (Added in 7.15.2) +<p class="level0"><a name="--location-trusted"></a><span class="nroffip">--location-trusted</span> +<p class="level1">(HTTP/HTTPS) Like <a class="emphasis" href="#-L">-L, --location</a>, but will allow sending the name + password to all hosts that the site may redirect to. This may or may not introduce a security breach if the site redirects you to a site to which you'll send your authentication info (which is plaintext in the case of HTTP Basic authentication). +<p class="level0"><a name="-m"></a><span class="nroffip">-m, --max-time <seconds></span> +<p class="level1">Maximum time in seconds that you allow the whole operation to take. This is useful for preventing your batch jobs from hanging for hours due to slow networks or links going down. Since 7.32.0, this option accepts decimal values, but the actual timeout will decrease in accuracy as the specified timeout increases in decimal precision. See also the <a class="emphasis" href="#--connect-timeout">--connect-timeout</a> option. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--mail-auth"></a><span class="nroffip">--mail-auth <address></span> +<p class="level1">(SMTP) Specify a single address. This will be used to specify the authentication address (identity) of a submitted message that is being relayed to another server. +<p class="level1">(Added in 7.25.0) +<p class="level0"><a name="--mail-from"></a><span class="nroffip">--mail-from <address></span> +<p class="level1">(SMTP) Specify a single address that the given mail should get sent from. +<p class="level1">(Added in 7.20.0) +<p class="level0"><a name="--max-filesize"></a><span class="nroffip">--max-filesize <bytes></span> +<p class="level1">Specify the maximum size (in bytes) of a file to download. If the file requested is larger than this value, the transfer will not start and curl will return with exit code 63. +<p class="level1"><span Class="bold">NOTE:</span> The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers. +<p class="level0"><a name="--mail-rcpt"></a><span class="nroffip">--mail-rcpt <address></span> +<p class="level1">(SMTP) Specify a single address that the given mail should get sent to. This option can be used multiple times to specify many recipients. +<p class="level1">(Added in 7.20.0) +<p class="level0"><a name="--max-redirs"></a><span class="nroffip">--max-redirs <num></span> +<p class="level1">Set maximum number of redirection-followings allowed. If <a class="emphasis" href="#-L">-L, --location</a> is used, this option can be used to prevent curl from following redirections "in absurdum". By default, the limit is set to 50 redirections. Set this option to -1 to make it limitless. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--metalink"></a><span class="nroffip">--metalink</span> +<p class="level1">This option can tell curl to parse and process a given URI as Metalink file (both version 3 and 4 (<a href="http://www.ietf.org/rfc/rfc5854.txt">RFC 5854</a>) are supported) and make use of the mirrors listed within for failover if there are errors (such as the file or server not being available). It will also verify the hash of the file after the download completes. The Metalink file itself is downloaded and processed in memory and not stored in the local file system. +<p class="level1">Example to use a remote Metalink file: +<p class="level1"><span Class="bold">curl</span> --metalink <a href="http://www.example.com/example.metalink">http://www.example.com/example.metalink</a> +<p class="level1">To use a Metalink file in the local file system, use FILE protocol (file://): +<p class="level1"><span Class="bold">curl</span> --metalink file://example.metalink +<p class="level1">Please note that if FILE protocol is disabled, there is no way to use a local Metalink file at the time of this writing. Also note that if <a class="emphasis" href="#--metalink">--metalink</a> and <span Class="emphasis">--include</span> are used together, <span Class="emphasis">--include</span> will be ignored. This is because including headers in the response will break Metalink parser and if the headers are included in the file described in Metalink file, hash check will fail. +<p class="level1">(Added in 7.27.0, if built against the libmetalink library.) +<p class="level0"><a name="-n"></a><span class="nroffip">-n, --netrc</span> +<p class="level1">Makes curl scan the <span Class="emphasis">.netrc</span> (<span Class="emphasis">_netrc</span> on Windows) file in the user's home directory for login name and password. This is typically used for FTP on UNIX. If used with HTTP, curl will enable user authentication. See <span Class="manpage">netrc(4)</span> or <span Class="manpage">ftp(1)</span> for details on the file format. Curl will not complain if that file doesn't have the right permissions (it should not be either world- or group-readable). The environment variable "HOME" is used to find the home directory. +<p class="level1">A quick and very simple example of how to setup a <span Class="emphasis">.netrc</span> to allow curl to FTP to the machine host.domain.com with user name 'myself' and password 'secret' should look similar to: +<p class="level1"><span Class="bold">machine host.domain.com login myself password secret</span> +<p class="level0"><a name="-N"></a><span class="nroffip">-N, --no-buffer</span> +<p class="level1">Disables the buffering of the output stream. In normal work situations, curl will use a standard buffered output stream that will have the effect that it will output the data in chunks, not necessarily exactly when the data arrives. Using this option will disable that buffering. +<p class="level1">Note that this is the negated option name documented. You can thus use <span Class="emphasis">--buffer</span> to enforce the buffering. +<p class="level0"><a name="--netrc-file"></a><span class="nroffip">--netrc-file</span> +<p class="level1">This option is similar to <span Class="emphasis">--netrc</span>, except that you provide the path (absolute or relative) to the netrc file that Curl should use. You can only specify one netrc file per invocation. If several <a class="emphasis" href="#--netrc-file">--netrc-file</a> options are provided, only the <span Class="bold">last one</span> will be used. (Added in 7.21.5) +<p class="level1">This option overrides any use of <span Class="emphasis">--netrc</span> as they are mutually exclusive. It will also abide by <a class="emphasis" href="#--netrc-optional">--netrc-optional</a> if specified. +<p class="level1"> +<p class="level0"><a name="--netrc-optional"></a><span class="nroffip">--netrc-optional</span> +<p class="level1">Very similar to <span Class="emphasis">--netrc</span>, but this option makes the .netrc usage <span Class="bold">optional</span> and not mandatory as the <span Class="emphasis">--netrc</span> option does. +<p class="level1"> +<p class="level0"><a name="--negotiate"></a><span class="nroffip">--negotiate</span> +<p class="level1">(HTTP) Enables GSS-Negotiate authentication. The GSS-Negotiate method was designed by Microsoft and is used in their web applications. It is primarily meant as a support for Kerberos5 authentication but may be also used along with another authentication method. For more information see IETF draft draft-brezak-spnego-http-04.txt. +<p class="level1">If you want to enable Negotiate for your proxy authentication, then use <a class="emphasis" href="#--proxy-negotiate">--proxy-negotiate</a>. +<p class="level1">This option requires a library built with GSSAPI support. This is not very common. Use <a class="emphasis" href="#-V">-V, --version</a> to see if your version supports GSS-Negotiate. +<p class="level1">When using this option, you must also provide a fake <a class="emphasis" href="#-u">-u, --user</a> option to activate the authentication code properly. Sending a '-u :' is enough as the user name and password from the <a class="emphasis" href="#-u">-u</a> option aren't actually used. +<p class="level1">If this option is used several times, only the first one is used. +<p class="level0"><a name="--no-keepalive"></a><span class="nroffip">--no-keepalive</span> +<p class="level1">Disables the use of keepalive messages on the TCP connection, as by default curl enables them. +<p class="level1">Note that this is the negated option name documented. You can thus use <span Class="emphasis">--keepalive</span> to enforce keepalive. +<p class="level0"><a name="--no-sessionid"></a><span class="nroffip">--no-sessionid</span> +<p class="level1">(SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) +<p class="level1">Note that this is the negated option name documented. You can thus use <span Class="emphasis">--sessionid</span> to enforce session-ID caching. +<p class="level0"><a name="--noproxy"></a><span class="nroffip">--noproxy <no-proxy-list></span> +<p class="level1">Comma-separated list of hosts which do not use a proxy, if one is specified. The only wildcard is a single * character, which matches all hosts, and effectively disables the proxy. Each name in this list is matched as either a domain which contains the hostname, or the hostname itself. For example, local.com would match local.com, local.com:80, and www.local.com, but not www.notlocal.com. (Added in 7.19.4). +<p class="level0"><a name="--ntlm"></a><span class="nroffip">--ntlm</span> +<p class="level1">(HTTP) Enables NTLM authentication. The NTLM authentication method was designed by Microsoft and is used by IIS web servers. It is a proprietary protocol, reverse-engineered by clever people and implemented in curl based on their efforts. This kind of behavior should not be endorsed, you should encourage everyone who uses NTLM to switch to a public and documented authentication method instead, such as Digest. +<p class="level1">If you want to enable NTLM for your proxy authentication, then use <a class="emphasis" href="#--proxy-ntlm">--proxy-ntlm</a>. +<p class="level1">This option requires a library built with SSL support. Use <a class="emphasis" href="#-V">-V, --version</a> to see if your curl supports NTLM. +<p class="level1">If this option is used several times, only the first one is used. +<p class="level0"><a name="-o"></a><span class="nroffip">-o, --output <file></span> +<p class="level1">Write output to <file> instead of stdout. If you are using {} or [] to fetch multiple documents, you can use '#' followed by a number in the <file> specifier. That variable will be replaced with the current string for the URL being fetched. Like in: +<p class="level1"> curl http://{one,two}.site.com -o "file_#1.txt" +<p class="level1">or use several variables like: +<p class="level1"> curl http://{site,host}.host[1-5].com -o "#1_#2" +<p class="level1">You may use this option as many times as the number of URLs you have. +<p class="level1">See also the <a class="emphasis" href="#--create-dirs">--create-dirs</a> option to create the local directories dynamically. Specifying the output as '-' (a single dash) will force the output to be done to stdout. +<p class="level0"><a name="-O"></a><span class="nroffip">-O, --remote-name</span> +<p class="level1">Write output to a local file named like the remote file we get. (Only the file part of the remote file is used, the path is cut off.) +<p class="level1">The remote file name to use for saving is extracted from the given URL, nothing else. +<p class="level1">Consequentially, the file will be saved in the current working directory. If you want the file saved in a different directory, make sure you change current working directory before you invoke curl with the <a class="bold" href="#-O">-O, --remote-name</a> flag! +<p class="level1">You may use this option as many times as the number of URLs you have. +<p class="level0"><a name="--oauth2-bearer"></a><span class="nroffip">--oauth2-bearer</span> +<p class="level1">(IMAP/POP3/SMTP) Specify the Bearer Token for OAUTH 2.0 server authentication. The Bearer Token is used in conjuction with the user name which can be specified as part of the <a class="emphasis" href="#--url">--url</a> or <a class="emphasis" href="#-u">-u, --user</a> options. +<p class="level1">The Bearer Token and user name are formatted according to <a href="http://www.ietf.org/rfc/rfc6750.txt">RFC 6750</a>. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-p"></a><span class="nroffip">-p, --proxytunnel</span> +<p class="level1">When an HTTP proxy is used (<a class="emphasis" href="#-x">-x, --proxy</a>), this option will cause non-HTTP protocols to attempt to tunnel through the proxy instead of merely using it to do HTTP-like operations. The tunnel approach is made with the HTTP proxy CONNECT request and requires that the proxy allows direct connect to the remote port number curl wants to tunnel through to. +<p class="level0"><a name="-P"></a><span class="nroffip">-P, --ftp-port <address></span> +<p class="level1">(FTP) Reverses the default initiator/listener roles when connecting with FTP. This switch makes curl use active mode. In practice, curl then tells the server to connect back to the client's specified address and port, while passive mode asks the server to setup an IP address and port for it to connect to. <address> should be one of: +<p class="level2"> +<p class="level1"><a name="interface"></a><span class="nroffip">interface</span> +<p class="level2">i.e "eth0" to specify which interface's IP address you want to use (Unix only) +<p class="level1"><a name="IP"></a><span class="nroffip">IP address</span> +<p class="level2">i.e "192.168.10.1" to specify the exact IP address +<p class="level1"><a name="host"></a><span class="nroffip">host name</span> +<p class="level2">i.e "my.host.domain" to specify the machine +<p class="level1"><a name="-"></a><span class="nroffip">-</span> +<p class="level2">make curl pick the same IP address that is already used for the control connection +<p class="level1"> +<p class="level1">If this option is used several times, the last one will be used. Disable the use of PORT with <a class="emphasis" href="#--ftp-pasv">--ftp-pasv</a>. Disable the attempt to use the EPRT command instead of PORT by using <a class="emphasis" href="#--disable-eprt">--disable-eprt</a>. EPRT is really PORT++. +<p class="level1">Starting in 7.19.5, you can append ":[start]-[end]" to the right of the address, to tell curl what TCP port range to use. That means you specify a port range, from a lower to a higher number. A single number works as well, but do note that it increases the risk of failure since the port may not be available. +<p class="level0"><a name="--pass"></a><span class="nroffip">--pass <phrase></span> +<p class="level1">(SSL/SSH) Passphrase for the private key +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--post301"></a><span class="nroffip">--post301</span> +<p class="level1">(HTTP) Tells curl to respect <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>/10.3.2 and not convert POST requests into GET requests when following a 301 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using <a class="emphasis" href="#-L">-L, --location</a> (Added in 7.17.1) +<p class="level0"><a name="--post302"></a><span class="nroffip">--post302</span> +<p class="level1">(HTTP) Tells curl to respect <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>/10.3.2 and not convert POST requests into GET requests when following a 302 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using <a class="emphasis" href="#-L">-L, --location</a> (Added in 7.19.1) +<p class="level0"><a name="--post303"></a><span class="nroffip">--post303</span> +<p class="level1">(HTTP) Tells curl to respect <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a>/10.3.2 and not convert POST requests into GET requests when following a 303 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using <a class="emphasis" href="#-L">-L, --location</a> (Added in 7.26.0) +<p class="level0"><a name="--proto"></a><span class="nroffip">--proto <protocols></span> +<p class="level1">Tells curl to use the listed protocols for its initial retrieval. Protocols are evaluated left to right, are comma separated, and are each a protocol name or 'all', optionally prefixed by zero or more modifiers. Available modifiers are: +<p class="level2"> +<p class="level2"><a class="bold" href="#">+</a> Permit this protocol in addition to protocols already permitted (this is the default if no modifier is used). +<p class="level2"><a class="bold" href="#-">-</a> Deny this protocol, removing it from the list of protocols already permitted. +<p class="level2"><a class="bold" href="#">=</a> Permit only this protocol (ignoring the list already permitted), though subject to later modification by subsequent entries in the comma separated list. +<p class="level1"> +<p class="level0"><a name=""></a><span class="nroffip"></span> +<p class="level1">For example: +<p class="level2"> +<p class="level2"><a class="bold" href="#--proto">--proto -ftps</a> uses the default protocols, but disables ftps +<p class="level2"><a class="bold" href="#--proto">--proto -all,https,+http</a> only enables http and https +<p class="level2"><a class="bold" href="#--proto">--proto =http,https</a> also only enables http and https +<p class="level1"> +<p class="level0"><a name=""></a><span class="nroffip"></span> +<p class="level1">Unknown protocols produce a warning. This allows scripts to safely rely on being able to disable potentially dangerous protocols, without relying upon support for that protocol being built into curl to avoid an error. +<p class="level1">This option can be used multiple times, in which case the effect is the same as concatenating the protocols into one instance of the option. +<p class="level1">(Added in 7.20.2) +<p class="level0"><a name="--proto-redir"></a><span class="nroffip">--proto-redir <protocols></span> +<p class="level1">Tells curl to use the listed protocols after a redirect. See --proto for how protocols are represented. +<p class="level1">(Added in 7.20.2) +<p class="level0"><a name="--proxy-anyauth"></a><span class="nroffip">--proxy-anyauth</span> +<p class="level1">Tells curl to pick a suitable authentication method when communicating with the given proxy. This might cause an extra request/response round-trip. (Added in 7.13.2) +<p class="level0"><a name="--proxy-basic"></a><span class="nroffip">--proxy-basic</span> +<p class="level1">Tells curl to use HTTP Basic authentication when communicating with the given proxy. Use <a class="emphasis" href="#--basic">--basic</a> for enabling HTTP Basic with a remote host. Basic is the default authentication method curl uses with proxies. +<p class="level0"><a name="--proxy-digest"></a><span class="nroffip">--proxy-digest</span> +<p class="level1">Tells curl to use HTTP Digest authentication when communicating with the given proxy. Use <a class="emphasis" href="#--digest">--digest</a> for enabling HTTP Digest with a remote host. +<p class="level0"><a name="--proxy-negotiate"></a><span class="nroffip">--proxy-negotiate</span> +<p class="level1">Tells curl to use HTTP Negotiate authentication when communicating with the given proxy. Use <a class="emphasis" href="#--negotiate">--negotiate</a> for enabling HTTP Negotiate with a remote host. (Added in 7.17.1) +<p class="level0"><a name="--proxy-ntlm"></a><span class="nroffip">--proxy-ntlm</span> +<p class="level1">Tells curl to use HTTP NTLM authentication when communicating with the given proxy. Use <a class="emphasis" href="#--ntlm">--ntlm</a> for enabling NTLM with a remote host. +<p class="level0"><a name="--proxy10"></a><span class="nroffip">--proxy1.0 <proxyhost[:port]></span> +<p class="level1">Use the specified HTTP 1.0 proxy. If the port number is not specified, it is assumed at port 1080. +<p class="level1">The only difference between this and the HTTP proxy option (<a class="emphasis" href="#-x">-x, --proxy</a>), is that attempts to use CONNECT through the proxy will specify an HTTP 1.0 protocol instead of the default HTTP 1.1. +<p class="level0"><a name="--pubkey"></a><span class="nroffip">--pubkey <key></span> +<p class="level1">(SSH) Public key file name. Allows you to provide your public key in this separate file. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-q"></a><span class="nroffip">-q</span> +<p class="level1">If used as the first parameter on the command line, the <span Class="emphasis">curlrc</span> config file will not be read and used. See the <a class="emphasis" href="#-K">-K, --config</a> for details on the default config file search path. +<p class="level0"><a name="-Q"></a><span class="nroffip">-Q, --quote <command></span> +<p class="level1">(FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP server. Quote commands are sent BEFORE the transfer takes place (just after the initial PWD command in an FTP transfer, to be exact). To make commands take place after a successful transfer, prefix them with a dash '-'. To make commands be sent after curl has changed the working directory, just before the transfer command(s), prefix the command with a '+' (this is only supported for FTP). You may specify any number of commands. If the server returns failure for one of the commands, the entire operation will be aborted. You must send syntactically correct FTP commands as <a href="http://www.ietf.org/rfc/rfc959.txt">RFC 959</a> defines to FTP servers, or one of the commands listed below to SFTP servers. This option can be used multiple times. When speaking to an FTP server, prefix the command with an asterisk (*) to make curl continue even if the command fails as by default curl will stop at first failure. +<p class="level1">SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP quote commands itself before sending them to the server. File names may be quoted shell-style to embed spaces or special characters. Following is the list of all supported SFTP quote commands: +<p class="level2"> +<p class="level1"><a name="chgrp"></a><span class="nroffip">chgrp group file</span> +<p class="level2">The chgrp command sets the group ID of the file named by the file operand to the group ID specified by the group operand. The group operand is a decimal integer group ID. +<p class="level1"><a name="chmod"></a><span class="nroffip">chmod mode file</span> +<p class="level2">The chmod command modifies the file mode bits of the specified file. The mode operand is an octal integer mode number. +<p class="level1"><a name="chown"></a><span class="nroffip">chown user file</span> +<p class="level2">The chown command sets the owner of the file named by the file operand to the user ID specified by the user operand. The user operand is a decimal integer user ID. +<p class="level1"><a name="ln"></a><span class="nroffip">ln source_file target_file</span> +<p class="level2">The ln and symlink commands create a symbolic link at the target_file location pointing to the source_file location. +<p class="level1"><a name="mkdir"></a><span class="nroffip">mkdir directory_name</span> +<p class="level2">The mkdir command creates the directory named by the directory_name operand. +<p class="level1"><a name="pwd"></a><span class="nroffip">pwd</span> +<p class="level2">The pwd command returns the absolute pathname of the current working directory. +<p class="level1"><a name="rename"></a><span class="nroffip">rename source target</span> +<p class="level2">The rename command renames the file or directory named by the source operand to the destination path named by the target operand. +<p class="level1"><a name="rm"></a><span class="nroffip">rm file</span> +<p class="level2">The rm command removes the file specified by the file operand. +<p class="level1"><a name="rmdir"></a><span class="nroffip">rmdir directory</span> +<p class="level2">The rmdir command removes the directory entry specified by the directory operand, provided it is empty. +<p class="level1"><a name="symlink"></a><span class="nroffip">symlink source_file target_file</span> +<p class="level2">See ln. +<p class="level1"> +<p class="level0"><a name="-r"></a><span class="nroffip">-r, --range <range></span> +<p class="level1">(HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial document) from a HTTP/1.1, FTP or SFTP server or a local FILE. Ranges can be specified in a number of ways. +<p class="level2"> +<p class="level2"><span Class="bold">0-499</span> specifies the first 500 bytes +<p class="level2"><span Class="bold">500-999</span> specifies the second 500 bytes +<p class="level2"><span Class="bold">-500</span> specifies the last 500 bytes +<p class="level2"><span Class="bold">9500-</span> specifies the bytes from offset 9500 and forward +<p class="level2"><span Class="bold">0-0,-1</span> specifies the first and last byte only(*)(H) +<p class="level2"><span Class="bold">500-700,600-799</span> specifies 300 bytes from offset 500(H) +<p class="level2"><span Class="bold">100-199,500-599</span> specifies two separate 100-byte ranges(*)(H) +<p class="level1"> +<p class="level1">(*) = NOTE that this will cause the server to reply with a multipart response! +<p class="level1">Only digit characters (0-9) are valid in the 'start' and 'stop' fields of the 'start-stop' range syntax. If a non-digit character is given in the range, the server's response will be unspecified, depending on the server's configuration. +<p class="level1">You should also be aware that many HTTP/1.1 servers do not have this feature enabled, so that when you attempt to get a range, you'll instead get the whole document. +<p class="level1">FTP and SFTP range downloads only support the simple 'start-stop' syntax (optionally with one of the numbers omitted). FTP use depends on the extended FTP command SIZE. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-R"></a><span class="nroffip">-R, --remote-time</span> +<p class="level1">When used, this will make curl attempt to figure out the timestamp of the remote file, and if that is available make the local file get that same timestamp. +<p class="level0"><a name="--random-file"></a><span class="nroffip">--random-file <file></span> +<p class="level1">(SSL) Specify the path name to file containing what will be considered as random data. The data is used to seed the random engine for SSL connections. See also the <a class="emphasis" href="#--egd-file">--egd-file</a> option. +<p class="level0"><a name="--raw"></a><span class="nroffip">--raw</span> +<p class="level1">(HTTP) When used, it disables all internal HTTP decoding of content or transfer encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2) +<p class="level0"><a name="--remote-name-all"></a><span class="nroffip">--remote-name-all</span> +<p class="level1">This option changes the default action for all given URLs to be dealt with as if <a class="emphasis" href="#-O">-O, --remote-name</a> were used for each one. So if you want to disable that for a specific URL after <a class="emphasis" href="#--remote-name-all">--remote-name-all</a> has been used, you must use "-o -" or <span Class="emphasis">--no-remote-name</span>. (Added in 7.19.0) +<p class="level0"><a name="--resolve"></a><span class="nroffip">--resolve <host:port:address></span> +<p class="level1">Provide a custom address for a specific host and port pair. Using this, you can make the curl requests(s) use a specified address and prevent the otherwise normally resolved address to be used. Consider it a sort of /etc/hosts alternative provided on the command line. The port number should be the number used for the specific protocol the host will be used for. It means you need several entries if you want to provide address for the same host but different ports. +<p class="level1">This option can be used many times to add many host names to resolve. +<p class="level1">(Added in 7.21.3) +<p class="level0"><a name="--retry"></a><span class="nroffip">--retry <num></span> +<p class="level1">If a transient error is returned when curl tries to perform a transfer, it will retry this number of times before giving up. Setting the number to 0 makes curl do no retries (which is the default). Transient error means either: a timeout, an FTP 4xx response code or an HTTP 5xx response code. +<p class="level1">When curl is about to retry a transfer, it will first wait one second and then for all forthcoming retries it will double the waiting time until it reaches 10 minutes which then will be the delay between the rest of the retries. By using <a class="emphasis" href="#--retry-delay">--retry-delay</a> you disable this exponential backoff algorithm. See also <a class="emphasis" href="#--retry-max-time">--retry-max-time</a> to limit the total time allowed for retries. (Added in 7.12.3) +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--retry-delay"></a><span class="nroffip">--retry-delay <seconds></span> +<p class="level1">Make curl sleep this amount of time before each retry when a transfer has failed with a transient error (it changes the default backoff time algorithm between retries). This option is only interesting if <a class="emphasis" href="#--retry">--retry</a> is also used. Setting this delay to zero will make curl use the default backoff time. (Added in 7.12.3) +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--retry-max-time"></a><span class="nroffip">--retry-max-time <seconds></span> +<p class="level1">The retry timer is reset before the first transfer attempt. Retries will be done as usual (see <a class="emphasis" href="#--retry">--retry</a>) as long as the timer hasn't reached this given limit. Notice that if the timer hasn't reached the limit, the request will be made and while performing, it may take longer than this given time period. To limit a single request´s maximum time, use <a class="emphasis" href="#-m">-m, --max-time</a>. Set this option to zero to not timeout retries. (Added in 7.12.3) +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-s"></a><span class="nroffip">-s, --silent</span> +<p class="level1">Silent or quiet mode. Don't show progress meter or error messages. Makes Curl mute. It will still output the data you ask for, potentially even to the terminal/stdout unless you redirect it. +<p class="level0"><a name="--sasl-ir"></a><span class="nroffip">--sasl-ir</span> +<p class="level1">Enable initial response in SASL authentication. (Added in 7.31.0) +<p class="level0"><a name="-S"></a><span class="nroffip">-S, --show-error</span> +<p class="level1">When used with <a class="emphasis" href="#-s">-s</a> it makes curl show an error message if it fails. +<p class="level0"><a name="--ssl"></a><span class="nroffip">--ssl</span> +<p class="level1">(FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection. Reverts to a non-secure connection if the server doesn't support SSL/TLS. See also <a class="emphasis" href="#--ftp-ssl-control">--ftp-ssl-control</a> and <a class="emphasis" href="#--ssl-reqd">--ssl-reqd</a> for different levels of encryption required. (Added in 7.20.0) +<p class="level1">This option was formerly known as <span Class="emphasis">--ftp-ssl</span> (Added in 7.11.0). That option name can still be used but will be removed in a future version. +<p class="level0"><a name="--ssl-reqd"></a><span class="nroffip">--ssl-reqd</span> +<p class="level1">(FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection. Terminates the connection if the server doesn't support SSL/TLS. (Added in 7.20.0) +<p class="level1">This option was formerly known as <span Class="emphasis">--ftp-ssl-reqd</span> (added in 7.15.5). That option name can still be used but will be removed in a future version. +<p class="level0"><a name="--ssl-allow-beast"></a><span class="nroffip">--ssl-allow-beast</span> +<p class="level1">(SSL) This option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may use work-arounds known to cause interoperability problems with some older SSL implementations. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that. (Added in 7.25.0) +<p class="level0"><a name="--socks4"></a><span class="nroffip">--socks4 <host[:port]></span> +<p class="level1">Use the specified SOCKS4 proxy. If the port number is not specified, it is assumed at port 1080. (Added in 7.15.2) +<p class="level1">This option overrides any previous use of <a class="emphasis" href="#-x">-x, --proxy</a>, as they are mutually exclusive. +<p class="level1">Since 7.21.7, this option is superfluous since you can specify a socks4 proxy with <a class="emphasis" href="#-x">-x, --proxy</a> using a socks4:// protocol prefix. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--socks4a"></a><span class="nroffip">--socks4a <host[:port]></span> +<p class="level1">Use the specified SOCKS4a proxy. If the port number is not specified, it is assumed at port 1080. (Added in 7.18.0) +<p class="level1">This option overrides any previous use of <a class="emphasis" href="#-x">-x, --proxy</a>, as they are mutually exclusive. +<p class="level1">Since 7.21.7, this option is superfluous since you can specify a socks4a proxy with <a class="emphasis" href="#-x">-x, --proxy</a> using a socks4a:// protocol prefix. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--socks5-hostname"></a><span class="nroffip">--socks5-hostname <host[:port]></span> +<p class="level1">Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If the port number is not specified, it is assumed at port 1080. (Added in 7.18.0) +<p class="level1">This option overrides any previous use of <a class="emphasis" href="#-x">-x, --proxy</a>, as they are mutually exclusive. +<p class="level1">Since 7.21.7, this option is superfluous since you can specify a socks5 hostname proxy with <a class="emphasis" href="#-x">-x, --proxy</a> using a socks5h:// protocol prefix. +<p class="level1">If this option is used several times, the last one will be used. (This option was previously wrongly documented and used as --socks without the number appended.) +<p class="level0"><a name="--socks5"></a><span class="nroffip">--socks5 <host[:port]></span> +<p class="level1">Use the specified SOCKS5 proxy - but resolve the host name locally. If the port number is not specified, it is assumed at port 1080. +<p class="level1">This option overrides any previous use of <a class="emphasis" href="#-x">-x, --proxy</a>, as they are mutually exclusive. +<p class="level1">Since 7.21.7, this option is superfluous since you can specify a socks5 proxy with <a class="emphasis" href="#-x">-x, --proxy</a> using a socks5:// protocol prefix. +<p class="level1">If this option is used several times, the last one will be used. (This option was previously wrongly documented and used as --socks without the number appended.) +<p class="level1">This option (as well as <a class="emphasis" href="#--socks4">--socks4</a>) does not work with IPV6, FTPS or LDAP. +<p class="level0"><a name="--socks5-gssapi-service"></a><span class="nroffip">--socks5-gssapi-service <servicename></span> +<p class="level1">The default service name for a socks server is rcmd/server-fqdn. This option allows you to change it. +<p class="level1">Examples: --socks5 proxy-name <a class="emphasis" href="#--socks5-gssapi-service">--socks5-gssapi-service</a> sockd would use sockd/proxy-name --socks5 proxy-name <a class="emphasis" href="#--socks5-gssapi-service">--socks5-gssapi-service</a> sockd/real-name would use sockd/real-name for cases where the proxy-name does not match the principal name. (Added in 7.19.4). +<p class="level0"><a name="--socks5-gssapi-nec"></a><span class="nroffip">--socks5-gssapi-nec</span> +<p class="level1">As part of the gssapi negotiation a protection mode is negotiated. <a href="http://www.ietf.org/rfc/rfc1961.txt">RFC 1961</a> says in section 4.3/4.4 it should be protected, but the NEC reference implementation does not. The option <a class="emphasis" href="#--socks5-gssapi-nec">--socks5-gssapi-nec</a> allows the unprotected exchange of the protection mode negotiation. (Added in 7.19.4). +<p class="level0"><a name="--stderr"></a><span class="nroffip">--stderr <file></span> +<p class="level1">Redirect all writes to stderr to the specified file instead. If the file name is a plain '-', it is instead written to stdout. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-t"></a><span class="nroffip">-t, --telnet-option <OPT=val></span> +<p class="level1">Pass options to the telnet protocol. Supported options are: +<p class="level1">TTYPE=<term> Sets the terminal type. +<p class="level1">XDISPLOC=<X display> Sets the X display location. +<p class="level1">NEW_ENV=<var,val> Sets an environment variable. +<p class="level0"><a name="-T"></a><span class="nroffip">-T, --upload-file <file></span> +<p class="level1">This transfers the specified local file to the remote URL. If there is no file part in the specified URL, Curl will append the local file name. NOTE that you must use a trailing / on the last directory to really prove to Curl that there is no file name or curl will think that your last directory name is the remote file name to use. That will most likely cause the upload operation to fail. If this is used on an HTTP(S) server, the PUT command will be used. +<p class="level1">Use the file name "-" (a single dash) to use stdin instead of a given file. Alternately, the file name "." (a single period) may be specified instead of "-" to use stdin in non-blocking mode to allow reading server output while stdin is being uploaded. +<p class="level1">You can specify one -T for each URL on the command line. Each -T + URL pair specifies what to upload and to where. curl also supports "globbing" of the -T argument, meaning that you can upload multiple files to a single URL by using the same URL globbing style supported in the URL, like this: +<p class="level1">curl -T "{file1,file2}" <a href="http://www.uploadtothissite.com">http://www.uploadtothissite.com</a> +<p class="level1">or even +<p class="level1">curl -T "img[1-1000].png" <a href="ftp://ftp.picturemania.com/upload/">ftp://ftp.picturemania.com/upload/</a> +<p class="level0"><a name="--tcp-nodelay"></a><span class="nroffip">--tcp-nodelay</span> +<p class="level1">Turn on the TCP_NODELAY option. See the <span Class="emphasis">curl_easy_setopt(3)</span> man page for details about this option. (Added in 7.11.2) +<p class="level0"><a name="--tftp-blksize"></a><span class="nroffip">--tftp-blksize <value></span> +<p class="level1">(TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that curl will try to use when transferring data to or from a TFTP server. By default 512 bytes will be used. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level1">(Added in 7.20.0) +<p class="level0"><a name="--tlsauthtype"></a><span class="nroffip">--tlsauthtype <authtype></span> +<p class="level1">Set TLS authentication type. Currently, the only supported option is "SRP", for TLS-SRP (<a href="http://www.ietf.org/rfc/rfc5054.txt">RFC 5054</a>). If <a class="emphasis" href="#--tlsuser">--tlsuser</a> and <a class="emphasis" href="#--tlspassword">--tlspassword</a> are specified but <a class="emphasis" href="#--tlsauthtype">--tlsauthtype</a> is not, then this option defaults to "SRP". (Added in 7.21.4) +<p class="level0"><a name="--tlsuser"></a><span class="nroffip">--tlsuser <user></span> +<p class="level1">Set username for use with the TLS authentication method specified with <a class="emphasis" href="#--tlsauthtype">--tlsauthtype</a>. Requires that <a class="emphasis" href="#--tlspassword">--tlspassword</a> also be set. (Added in 7.21.4) +<p class="level0"><a name="--tlspassword"></a><span class="nroffip">--tlspassword <password></span> +<p class="level1">Set password for use with the TLS authentication method specified with <a class="emphasis" href="#--tlsauthtype">--tlsauthtype</a>. Requires that <a class="emphasis" href="#--tlsuser">--tlsuser</a> also be set. (Added in 7.21.4) +<p class="level0"><a name="--tr-encoding"></a><span class="nroffip">--tr-encoding</span> +<p class="level1">(HTTP) Request a compressed Transfer-Encoding response using one of the algorithms curl supports, and uncompress the data while receiving it. +<p class="level1">(Added in 7.21.6) +<p class="level0"><a name="--trace"></a><span class="nroffip">--trace <file></span> +<p class="level1">Enables a full trace dump of all incoming and outgoing data, including descriptive information, to the given output file. Use "-" as filename to have the output sent to stdout. +<p class="level1">This option overrides previous uses of <a class="emphasis" href="#-v">-v, --verbose</a> or <a class="emphasis" href="#--trace-ascii">--trace-ascii</a>. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--trace-ascii"></a><span class="nroffip">--trace-ascii <file></span> +<p class="level1">Enables a full trace dump of all incoming and outgoing data, including descriptive information, to the given output file. Use "-" as filename to have the output sent to stdout. +<p class="level1">This is very similar to <a class="emphasis" href="#--trace">--trace</a>, but leaves out the hex part and only shows the ASCII part of the dump. It makes smaller output that might be easier to read for untrained humans. +<p class="level1">This option overrides previous uses of <a class="emphasis" href="#-v">-v, --verbose</a> or <a class="emphasis" href="#--trace">--trace</a>. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--trace-time"></a><span class="nroffip">--trace-time</span> +<p class="level1">Prepends a time stamp to each trace or verbose line that curl displays. (Added in 7.14.0) +<p class="level0"><a name="-u"></a><span class="nroffip">-u, --user <user:password;options></span> +<p class="level1">Specify the user name, password and optional login options to use for server authentication. Overrides <a class="emphasis" href="#-n">-n, --netrc</a> and <a class="emphasis" href="#--netrc-optional">--netrc-optional</a>. +<p class="level1">If you simply specify the user name, with or without the login options, curl will prompt for a password. +<p class="level1">If you use an SSPI-enabled curl binary and perform NTLM authentication, you can force curl to select the user name and password from your environment by simply specifying a single colon with this option: "-u :" or by specfying the login options on their own, for example "-u ;auth=NTLM". +<p class="level1">You can use the optional login options part to specify protocol specific options that may be used during authentication. At present only IMAP, POP3 and SMTP support login options as part of the user login information. For more information about the login options please see <a href="http://www.ietf.org/rfc/rfc2384.txt">RFC 2384</a>, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt (Added in 7.31.0). +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-U"></a><span class="nroffip">-U, --proxy-user <user:password></span> +<p class="level1">Specify the user name and password to use for proxy authentication. +<p class="level1">If you use an SSPI-enabled curl binary and do NTLM authentication, you can force curl to pick up the user name and password from your environment by simply specifying a single colon with this option: "-U :". +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="--url"></a><span class="nroffip">--url <URL></span> +<p class="level1">Specify a URL to fetch. This option is mostly handy when you want to specify URL(s) in a config file. +<p class="level1">This option may be used any number of times. To control where this URL is written, use the <a class="emphasis" href="#-o">-o, --output</a> or the <a class="emphasis" href="#-O">-O, --remote-name</a> options. +<p class="level0"><a name="-v"></a><span class="nroffip">-v, --verbose</span> +<p class="level1">Makes the fetching more verbose/talkative. Mostly useful for debugging. A line starting with '>' means "header data" sent by curl, '<' means "header data" received by curl that is hidden in normal cases, and a line starting with '*' means additional info provided by curl. +<p class="level1">Note that if you only want HTTP headers in the output, <a class="emphasis" href="#-i">-i, --include</a> might be the option you're looking for. +<p class="level1">If you think this option still doesn't give you enough details, consider using <a class="emphasis" href="#--trace">--trace</a> or <a class="emphasis" href="#--trace-ascii">--trace-ascii</a> instead. +<p class="level1">This option overrides previous uses of <a class="emphasis" href="#--trace-ascii">--trace-ascii</a> or <a class="emphasis" href="#--trace">--trace</a>. +<p class="level1">Use <a class="emphasis" href="#-s">-s, --silent</a> to make curl quiet. +<p class="level0"><a name="-w"></a><span class="nroffip">-w, --write-out <format></span> +<p class="level1">Defines what to display on stdout after a completed and successful operation. The format is a string that may contain plain text mixed with any number of variables. The string can be specified as "string", to get read from a particular file you specify it "@filename" and to tell curl to read the format from stdin you write "@-". +<p class="level1">The variables present in the output format will be substituted by the value or text that curl thinks fit, as described below. All variables are specified as %{variable_name} and to output a normal % you just write them as %%. You can output a newline by using \n, a carriage return with \r and a tab space with \t. +<p class="level1"><span Class="bold">NOTE:</span> The %-symbol is a special symbol in the win32-environment, where all occurrences of % must be doubled when using this option. +<p class="level1">The variables available are: +<p class="level2"> +<p class="level2"><span Class="bold">content_type</span> The Content-Type of the requested document, if there was any. +<p class="level2"><span Class="bold">filename_effective</span> The ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the <span Class="emphasis">--remote-name</span> or <span Class="emphasis">--output</span> option. It's most useful in combination with the <span Class="emphasis">--remote-header-name</span> option. (Added in 7.25.1) +<p class="level2"><span Class="bold">ftp_entry_path</span> The initial path curl ended up in when logging on to the remote FTP server. (Added in 7.15.4) +<p class="level2"><span Class="bold">http_code</span> The numerical response code that was found in the last retrieved HTTP(S) or FTP(s) transfer. In 7.18.2 the alias <span Class="bold">response_code</span> was added to show the same info. +<p class="level2"><span Class="bold">http_connect</span> The numerical code that was found in the last response (from a proxy) to a curl CONNECT request. (Added in 7.12.4) +<p class="level2"><span Class="bold">local_ip</span> The IP address of the local end of the most recently done connection - can be either IPv4 or IPv6 (Added in 7.29.0) +<p class="level2"><span Class="bold">local_port</span> The local port number of the most recently done connection (Added in 7.29.0) +<p class="level2"><span Class="bold">num_connects</span> Number of new connects made in the recent transfer. (Added in 7.12.3) +<p class="level2"><span Class="bold">num_redirects</span> Number of redirects that were followed in the request. (Added in 7.12.3) +<p class="level2"><span Class="bold">redirect_url</span> When an HTTP request was made without -L to follow redirects, this variable will show the actual URL a redirect <span Class="emphasis">would</span> take you to. (Added in 7.18.2) +<p class="level2"><span Class="bold">remote_ip</span> The remote IP address of the most recently done connection - can be either IPv4 or IPv6 (Added in 7.29.0) +<p class="level2"><span Class="bold">remote_port</span> The remote port number of the most recently done connection (Added in 7.29.0) +<p class="level2"><span Class="bold">size_download</span> The total amount of bytes that were downloaded. +<p class="level2"><span Class="bold">size_header</span> The total amount of bytes of the downloaded headers. +<p class="level2"><span Class="bold">size_request</span> The total amount of bytes that were sent in the HTTP request. +<p class="level2"><span Class="bold">size_upload</span> The total amount of bytes that were uploaded. +<p class="level2"><span Class="bold">speed_download</span> The average download speed that curl measured for the complete download. Bytes per second. +<p class="level2"><span Class="bold">speed_upload</span> The average upload speed that curl measured for the complete upload. Bytes per second. +<p class="level2"><span Class="bold">ssl_verify_result</span> The result of the SSL peer certificate verification that was requested. 0 means the verification was successful. (Added in 7.19.0) +<p class="level2"><span Class="bold">time_appconnect</span> The time, in seconds, it took from the start until the SSL/SSH/etc connect/handshake to the remote host was completed. (Added in 7.19.0) +<p class="level2"><span Class="bold">time_connect</span> The time, in seconds, it took from the start until the TCP connect to the remote host (or proxy) was completed. +<p class="level2"><span Class="bold">time_namelookup</span> The time, in seconds, it took from the start until the name resolving was completed. +<p class="level2"><span Class="bold">time_pretransfer</span> The time, in seconds, it took from the start until the file transfer was just about to begin. This includes all pre-transfer commands and negotiations that are specific to the particular protocol(s) involved. +<p class="level2"><span Class="bold">time_redirect</span> The time, in seconds, it took for all redirection steps include name lookup, connect, pretransfer and transfer before the final transaction was started. time_redirect shows the complete execution time for multiple redirections. (Added in 7.12.3) +<p class="level2"><span Class="bold">time_starttransfer</span> The time, in seconds, it took from the start until the first byte was just about to be transferred. This includes time_pretransfer and also the time the server needed to calculate the result. +<p class="level2"><span Class="bold">time_total</span> The total time, in seconds, that the full operation lasted. The time will be displayed with millisecond resolution. +<p class="level2"><span Class="bold">url_effective</span> The URL that was fetched last. This is most meaningful if you've told curl to follow location: headers. +<p class="level1"> +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-x"></a><span class="nroffip">-x, --proxy <[protocol://][user:password@]proxyhost[:port]></span> +<p class="level1">Use the specified proxy. +<p class="level1">The proxy string can be specified with a protocol:// prefix to specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or socks5h:// to request the specific SOCKS version to be used. No protocol specified, http:// and all others will be treated as HTTP proxies. (The protocol support was added in curl 7.21.7) +<p class="level1">If the port number is not specified in the proxy string, it is assumed to be 1080. +<p class="level1">This option overrides existing environment variables that set the proxy to use. If there's an environment variable setting a proxy, you can set proxy to "" to override it. +<p class="level1">All operations that are performed over an HTTP proxy will transparently be converted to HTTP. It means that certain protocol specific operations might not be available. This is not the case if you can tunnel through the proxy, as one with the <a class="emphasis" href="#-p">-p, --proxytunnel</a> option. +<p class="level1">User and password that might be provided in the proxy string are URL decoded by curl. This allows you to pass in special characters such as @ by using %40 or pass in a colon with %3a. +<p class="level1">The proxy host can be specified the exact same way as the proxy environment variables, including the protocol prefix (http://) and the embedded user + password. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-X"></a><span class="nroffip">-X, --request <command></span> +<p class="level1">(HTTP) Specifies a custom request method to use when communicating with the HTTP server. The specified request will be used instead of the method otherwise used (which defaults to GET). Read the HTTP 1.1 specification for details and explanations. Common additional HTTP requests include PUT and DELETE, but related technologies like WebDAV offers PROPFIND, COPY, MOVE and more. +<p class="level1">Normally you don't need this option. All sorts of GET, HEAD, POST and PUT requests are rather invoked by using dedicated command line options. +<p class="level1">This option only changes the actual word used in the HTTP request, it does not alter the way curl behaves. So for example if you want to make a proper HEAD request, using -X HEAD will not suffice. You need to use the <a class="emphasis" href="#-I">-I, --head</a> option. +<p class="level1">(FTP) Specifies a custom FTP command to use instead of LIST when doing file lists with FTP. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level1"> +<p class="level0"><a name="--xattr"></a><span class="nroffip">--xattr</span> +<p class="level1">When saving output to a file, this option tells curl to store certain file metadata in extended file attributes. Currently, the URL is stored in the xdg.origin.url attribute and, for HTTP, the content type is stored in the mime_type attribute. If the file system does not support extended attributes, a warning is issued. +<p class="level1"> +<p class="level0"><a name="-y"></a><span class="nroffip">-y, --speed-time <time></span> +<p class="level1">If a download is slower than speed-limit bytes per second during a speed-time period, the download gets aborted. If speed-time is used, the default speed-limit will be 1 unless set with <a class="emphasis" href="#-Y">-Y</a>. +<p class="level1">This option controls transfers and thus will not affect slow connects etc. If this is a concern for you, try the <a class="emphasis" href="#--connect-timeout">--connect-timeout</a> option. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-Y"></a><span class="nroffip">-Y, --speed-limit <speed></span> +<p class="level1">If a download is slower than this given speed (in bytes per second) for speed-time seconds it gets aborted. speed-time is set with <a class="emphasis" href="#-y">-y</a> and is 30 if not set. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-z"></a><span class="nroffip">-z, --time-cond <date expression>|<file></span> +<p class="level1">(HTTP/FTP) Request a file that has been modified later than the given time and date, or one that has been modified before that time. The <date expression> can be all sorts of date strings or if it doesn't match any internal ones, it is taken as a filename and tries to get the modification date (mtime) from <file> instead. See the <span Class="emphasis">curl_getdate(3)</span> man pages for date expression details. +<p class="level1">Start the date expression with a dash (-) to make it request for a document that is older than the given date/time, default is a document that is newer than the specified date/time. +<p class="level1">If this option is used several times, the last one will be used. +<p class="level0"><a name="-h"></a><span class="nroffip">-h, --help</span> +<p class="level1">Usage help. +<p class="level0"><a name="-M"></a><span class="nroffip">-M, --manual</span> +<p class="level1">Manual. Display the huge help text. +<p class="level0"><a name="-V"></a><span class="nroffip">-V, --version</span> +<p class="level1">Displays information about curl and the libcurl version it uses. +<p class="level1">The first line includes the full version of curl, libcurl and other 3rd party libraries linked with the executable. +<p class="level1">The second line (starts with "Protocols:") shows all protocols that libcurl reports to support. +<p class="level1">The third line (starts with "Features:") shows specific features libcurl reports to offer. Available features include: +<p class="level2"> +<p class="level1"><a name="IPv6"></a><span class="nroffip">IPv6</span> +<p class="level2">You can use IPv6 with this. +<p class="level1"><a name="krb4"></a><span class="nroffip">krb4</span> +<p class="level2">Krb4 for FTP is supported. +<p class="level1"><a name="SSL"></a><span class="nroffip">SSL</span> +<p class="level2">HTTPS and FTPS are supported. +<p class="level1"><a name="libz"></a><span class="nroffip">libz</span> +<p class="level2">Automatic decompression of compressed files over HTTP is supported. +<p class="level1"><a name="NTLM"></a><span class="nroffip">NTLM</span> +<p class="level2">NTLM authentication is supported. +<p class="level1"><a name="GSS-Negotiate"></a><span class="nroffip">GSS-Negotiate</span> +<p class="level2">Negotiate authentication and krb5 for FTP is supported. +<p class="level1"><a name="Debug"></a><span class="nroffip">Debug</span> +<p class="level2">This curl uses a libcurl built with Debug. This enables more error-tracking and memory debugging etc. For curl-developers only! +<p class="level1"><a name="AsynchDNS"></a><span class="nroffip">AsynchDNS</span> +<p class="level2">This curl uses asynchronous name resolves. +<p class="level1"><a name="SPNEGO"></a><span class="nroffip">SPNEGO</span> +<p class="level2">SPNEGO Negotiate authentication is supported. +<p class="level1"><a name="Largefile"></a><span class="nroffip">Largefile</span> +<p class="level2">This curl supports transfers of large files, files larger than 2GB. +<p class="level1"><a name="IDN"></a><span class="nroffip">IDN</span> +<p class="level2">This curl supports IDN - international domain names. +<p class="level1"><a name="SSPI"></a><span class="nroffip">SSPI</span> +<p class="level2">SSPI is supported. If you use NTLM and set a blank user name, curl will authenticate with your current user and password. +<p class="level1"><a name="TLS-SRP"></a><span class="nroffip">TLS-SRP</span> +<p class="level2">SRP (Secure Remote Password) authentication is supported for TLS. +<p class="level1"><a name="Metalink"></a><span class="nroffip">Metalink</span> +<p class="level2">This curl supports Metalink (both version 3 and 4 (<a href="http://www.ietf.org/rfc/rfc5854.txt">RFC 5854</a>)), which describes mirrors and hashes. curl will use mirrors for failover if there are errors (such as the file or server not being available). +<p class="level1"><a name="FILES"></a><h2 class="nroffsh">FILES</h2> +<p class="level0"><span Class="emphasis">~/.curlrc</span> +<p class="level1">Default config file, see <a class="emphasis" href="#-K">-K, --config</a> for details. <a name="ENVIRONMENT"></a><h2 class="nroffsh">ENVIRONMENT</h2> +<p class="level0">The environment variables can be specified in lower case or upper case. The lower case version has precedence. http_proxy is an exception as it is only available in lower case. +<p class="level0">Using an environment variable to set the proxy has the same effect as using the <span Class="emphasis">--proxy</span> option. +<p class="level0"> +<p class="level0"><a name="httpproxy"></a><span class="nroffip">http_proxy [protocol://]<host>[:port]</span> +<p class="level1">Sets the proxy server to use for HTTP. +<p class="level0"><a name="HTTPSPROXY"></a><span class="nroffip">HTTPS_PROXY [protocol://]<host>[:port]</span> +<p class="level1">Sets the proxy server to use for HTTPS. +<p class="level0"><a name="url-protocolPROXY"></a><span class="nroffip">[url-protocol]_PROXY [protocol://]<host>[:port]</span> +<p class="level1">Sets the proxy server to use for [url-protocol], where the protocol is a protocol that curl supports and as specified in a URL. FTP, FTPS, POP3, IMAP, SMTP, LDAP etc. +<p class="level0"><a name="ALLPROXY"></a><span class="nroffip">ALL_PROXY [protocol://]<host>[:port]</span> +<p class="level1">Sets the proxy server to use if no protocol-specific proxy is set. +<p class="level0"><a name="NOPROXY"></a><span class="nroffip">NO_PROXY <comma-separated list of hosts></span> +<p class="level1">list of host names that shouldn't go through any proxy. If set to a asterisk '*' only, it matches all hosts. <a name="PROXY"></a><h2 class="nroffsh">PROXY PROTOCOL PREFIXES</h2> +<p class="level0">Since curl version 7.21.7, the proxy string may be specified with a protocol:// prefix to specify alternative proxy protocols. +<p class="level0">If no protocol is specified in the proxy string or if the string doesn't match a supported one, the proxy will be treated as an HTTP proxy. +<p class="level0">The supported proxy protocol prefixes are as follows: +<p class="level0"><a name="socks4"></a><span class="nroffip">socks4://</span> +<p class="level1">Makes it the equivalent of <a class="emphasis" href="#--socks4">--socks4</a> +<p class="level0"><a name="socks4a"></a><span class="nroffip">socks4a://</span> +<p class="level1">Makes it the equivalent of <a class="emphasis" href="#--socks4a">--socks4a</a> +<p class="level0"><a name="socks5"></a><span class="nroffip">socks5://</span> +<p class="level1">Makes it the equivalent of <a class="emphasis" href="#--socks5">--socks5</a> +<p class="level0"><a name="socks5h"></a><span class="nroffip">socks5h://</span> +<p class="level1">Makes it the equivalent of <a class="emphasis" href="#--socks5-hostname">--socks5-hostname</a> <a name="EXIT"></a><h2 class="nroffsh">EXIT CODES</h2> +<p class="level0">There are a bunch of different error codes and their corresponding error messages that may appear during bad conditions. At the time of this writing, the exit codes are: +<p class="level0"><a name="1"></a><span class="nroffip">1</span> +<p class="level1">Unsupported protocol. This build of curl has no support for this protocol. +<p class="level0"><a name="2"></a><span class="nroffip">2</span> +<p class="level1">Failed to initialize. +<p class="level0"><a name="3"></a><span class="nroffip">3</span> +<p class="level1">URL malformed. The syntax was not correct. +<p class="level0"><a name="4"></a><span class="nroffip">4</span> +<p class="level1">A feature or option that was needed to perform the desired request was not enabled or was explicitly disabled at build-time. To make curl able to do this, you probably need another build of libcurl! +<p class="level0"><a name="5"></a><span class="nroffip">5</span> +<p class="level1">Couldn't resolve proxy. The given proxy host could not be resolved. +<p class="level0"><a name="6"></a><span class="nroffip">6</span> +<p class="level1">Couldn't resolve host. The given remote host was not resolved. +<p class="level0"><a name="7"></a><span class="nroffip">7</span> +<p class="level1">Failed to connect to host. +<p class="level0"><a name="8"></a><span class="nroffip">8</span> +<p class="level1">FTP weird server reply. The server sent data curl couldn't parse. +<p class="level0"><a name="9"></a><span class="nroffip">9</span> +<p class="level1">FTP access denied. The server denied login or denied access to the particular resource or directory you wanted to reach. Most often you tried to change to a directory that doesn't exist on the server. +<p class="level0"><a name="11"></a><span class="nroffip">11</span> +<p class="level1">FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request. +<p class="level0"><a name="13"></a><span class="nroffip">13</span> +<p class="level1">FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request. +<p class="level0"><a name="14"></a><span class="nroffip">14</span> +<p class="level1">FTP weird 227 format. Curl couldn't parse the 227-line the server sent. +<p class="level0"><a name="15"></a><span class="nroffip">15</span> +<p class="level1">FTP can't get host. Couldn't resolve the host IP we got in the 227-line. +<p class="level0"><a name="17"></a><span class="nroffip">17</span> +<p class="level1">FTP couldn't set binary. Couldn't change transfer method to binary. +<p class="level0"><a name="18"></a><span class="nroffip">18</span> +<p class="level1">Partial file. Only a part of the file was transferred. +<p class="level0"><a name="19"></a><span class="nroffip">19</span> +<p class="level1">FTP couldn't download/access the given file, the RETR (or similar) command failed. +<p class="level0"><a name="21"></a><span class="nroffip">21</span> +<p class="level1">FTP quote error. A quote command returned error from the server. +<p class="level0"><a name="22"></a><span class="nroffip">22</span> +<p class="level1">HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above. This return code only appears if <a class="emphasis" href="#-f">-f, --fail</a> is used. +<p class="level0"><a name="23"></a><span class="nroffip">23</span> +<p class="level1">Write error. Curl couldn't write data to a local filesystem or similar. +<p class="level0"><a name="25"></a><span class="nroffip">25</span> +<p class="level1">FTP couldn't STOR file. The server denied the STOR operation, used for FTP uploading. +<p class="level0"><a name="26"></a><span class="nroffip">26</span> +<p class="level1">Read error. Various reading problems. +<p class="level0"><a name="27"></a><span class="nroffip">27</span> +<p class="level1">Out of memory. A memory allocation request failed. +<p class="level0"><a name="28"></a><span class="nroffip">28</span> +<p class="level1">Operation timeout. The specified time-out period was reached according to the conditions. +<p class="level0"><a name="30"></a><span class="nroffip">30</span> +<p class="level1">FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT command, try doing a transfer using PASV instead! +<p class="level0"><a name="31"></a><span class="nroffip">31</span> +<p class="level1">FTP couldn't use REST. The REST command failed. This command is used for resumed FTP transfers. +<p class="level0"><a name="33"></a><span class="nroffip">33</span> +<p class="level1">HTTP range error. The range "command" didn't work. +<p class="level0"><a name="34"></a><span class="nroffip">34</span> +<p class="level1">HTTP post error. Internal post-request generation error. +<p class="level0"><a name="35"></a><span class="nroffip">35</span> +<p class="level1">SSL connect error. The SSL handshaking failed. +<p class="level0"><a name="36"></a><span class="nroffip">36</span> +<p class="level1">FTP bad download resume. Couldn't continue an earlier aborted download. +<p class="level0"><a name="37"></a><span class="nroffip">37</span> +<p class="level1">FILE couldn't read file. Failed to open the file. Permissions? +<p class="level0"><a name="38"></a><span class="nroffip">38</span> +<p class="level1">LDAP cannot bind. LDAP bind operation failed. +<p class="level0"><a name="39"></a><span class="nroffip">39</span> +<p class="level1">LDAP search failed. +<p class="level0"><a name="41"></a><span class="nroffip">41</span> +<p class="level1">Function not found. A required LDAP function was not found. +<p class="level0"><a name="42"></a><span class="nroffip">42</span> +<p class="level1">Aborted by callback. An application told curl to abort the operation. +<p class="level0"><a name="43"></a><span class="nroffip">43</span> +<p class="level1">Internal error. A function was called with a bad parameter. +<p class="level0"><a name="45"></a><span class="nroffip">45</span> +<p class="level1">Interface error. A specified outgoing interface could not be used. +<p class="level0"><a name="47"></a><span class="nroffip">47</span> +<p class="level1">Too many redirects. When following redirects, curl hit the maximum amount. +<p class="level0"><a name="48"></a><span class="nroffip">48</span> +<p class="level1">Unknown option specified to libcurl. This indicates that you passed a weird option to curl that was passed on to libcurl and rejected. Read up in the manual! +<p class="level0"><a name="49"></a><span class="nroffip">49</span> +<p class="level1">Malformed telnet option. +<p class="level0"><a name="51"></a><span class="nroffip">51</span> +<p class="level1">The peer's SSL certificate or SSH MD5 fingerprint was not OK. +<p class="level0"><a name="52"></a><span class="nroffip">52</span> +<p class="level1">The server didn't reply anything, which here is considered an error. +<p class="level0"><a name="53"></a><span class="nroffip">53</span> +<p class="level1">SSL crypto engine not found. +<p class="level0"><a name="54"></a><span class="nroffip">54</span> +<p class="level1">Cannot set SSL crypto engine as default. +<p class="level0"><a name="55"></a><span class="nroffip">55</span> +<p class="level1">Failed sending network data. +<p class="level0"><a name="56"></a><span class="nroffip">56</span> +<p class="level1">Failure in receiving network data. +<p class="level0"><a name="58"></a><span class="nroffip">58</span> +<p class="level1">Problem with the local certificate. +<p class="level0"><a name="59"></a><span class="nroffip">59</span> +<p class="level1">Couldn't use specified SSL cipher. +<p class="level0"><a name="60"></a><span class="nroffip">60</span> +<p class="level1">Peer certificate cannot be authenticated with known CA certificates. +<p class="level0"><a name="61"></a><span class="nroffip">61</span> +<p class="level1">Unrecognized transfer encoding. +<p class="level0"><a name="62"></a><span class="nroffip">62</span> +<p class="level1">Invalid LDAP URL. +<p class="level0"><a name="63"></a><span class="nroffip">63</span> +<p class="level1">Maximum file size exceeded. +<p class="level0"><a name="64"></a><span class="nroffip">64</span> +<p class="level1">Requested FTP SSL level failed. +<p class="level0"><a name="65"></a><span class="nroffip">65</span> +<p class="level1">Sending the data requires a rewind that failed. +<p class="level0"><a name="66"></a><span class="nroffip">66</span> +<p class="level1">Failed to initialise SSL Engine. +<p class="level0"><a name="67"></a><span class="nroffip">67</span> +<p class="level1">The user name, password, or similar was not accepted and curl failed to log in. +<p class="level0"><a name="68"></a><span class="nroffip">68</span> +<p class="level1">File not found on TFTP server. +<p class="level0"><a name="69"></a><span class="nroffip">69</span> +<p class="level1">Permission problem on TFTP server. +<p class="level0"><a name="70"></a><span class="nroffip">70</span> +<p class="level1">Out of disk space on TFTP server. +<p class="level0"><a name="71"></a><span class="nroffip">71</span> +<p class="level1">Illegal TFTP operation. +<p class="level0"><a name="72"></a><span class="nroffip">72</span> +<p class="level1">Unknown TFTP transfer ID. +<p class="level0"><a name="73"></a><span class="nroffip">73</span> +<p class="level1">File already exists (TFTP). +<p class="level0"><a name="74"></a><span class="nroffip">74</span> +<p class="level1">No such user (TFTP). +<p class="level0"><a name="75"></a><span class="nroffip">75</span> +<p class="level1">Character conversion failed. +<p class="level0"><a name="76"></a><span class="nroffip">76</span> +<p class="level1">Character conversion functions required. +<p class="level0"><a name="77"></a><span class="nroffip">77</span> +<p class="level1">Problem with reading the SSL CA cert (path? access rights?). +<p class="level0"><a name="78"></a><span class="nroffip">78</span> +<p class="level1">The resource referenced in the URL does not exist. +<p class="level0"><a name="79"></a><span class="nroffip">79</span> +<p class="level1">An unspecified error occurred during the SSH session. +<p class="level0"><a name="80"></a><span class="nroffip">80</span> +<p class="level1">Failed to shut down the SSL connection. +<p class="level0"><a name="82"></a><span class="nroffip">82</span> +<p class="level1">Could not load CRL file, missing or wrong format (added in 7.19.0). +<p class="level0"><a name="83"></a><span class="nroffip">83</span> +<p class="level1">Issuer check failed (added in 7.19.0). +<p class="level0"><a name="84"></a><span class="nroffip">84</span> +<p class="level1">The FTP PRET command failed +<p class="level0"><a name="85"></a><span class="nroffip">85</span> +<p class="level1">RTSP: mismatch of CSeq numbers +<p class="level0"><a name="86"></a><span class="nroffip">86</span> +<p class="level1">RTSP: mismatch of Session Identifiers +<p class="level0"><a name="87"></a><span class="nroffip">87</span> +<p class="level1">unable to parse FTP file list +<p class="level0"><a name="88"></a><span class="nroffip">88</span> +<p class="level1">FTP chunk callback reported error +<p class="level0"><a name="XX"></a><span class="nroffip">XX</span> +<p class="level1">More error codes will appear here in future releases. The existing ones are meant to never change. <a name="AUTHORS"></a><h2 class="nroffsh">AUTHORS / CONTRIBUTORS</h2> +<p class="level0">Daniel Stenberg is the main author, but the whole list of contributors is found in the separate THANKS file. <a name="WWW"></a><h2 class="nroffsh">WWW</h2> +<p class="level0"><a href="http://curl.haxx.se">http://curl.haxx.se</a> <a name="FTP"></a><h2 class="nroffsh">FTP</h2> +<p class="level0"><a href="ftp://ftp.sunet.se/pub/www/utilities/curl/">ftp://ftp.sunet.se/pub/www/utilities/curl/</a> <a name="SEE"></a><h2 class="nroffsh">SEE ALSO</h2> +<p class="level0"><span Class="manpage">ftp (1)</span> <span Class="manpage">wget (1)</span> <p class="roffit"> + This HTML page was made with <a href="http://daniel.haxx.se/projects/roffit/">roffit</a>. +</body></html> diff --git a/libs/libcurl/docs/curl.pdf b/libs/libcurl/docs/curl.pdf Binary files differnew file mode 100644 index 0000000000..d990270390 --- /dev/null +++ b/libs/libcurl/docs/curl.pdf diff --git a/libs/libcurl/docs/index.html b/libs/libcurl/docs/index.html new file mode 100644 index 0000000000..4390378afd --- /dev/null +++ b/libs/libcurl/docs/index.html @@ -0,0 +1,20 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html><head> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<title>Index to Curl documentation</title> +</head> + +<body> +<h1 align="center">Index to Curl documentation</h1> + +<h2>Programs</h2> +<a href="curl-config.html">curl-config</A> +<br><a href="curl.html">curl</A> + +<h2>Tutorial</h2> +<a href="TheArtOfHttpScripting">The Art Of Scripting HTTP Requests Using Curl</a> (plain text) + +<h2>libcurl</h2> +See the <a href="libcurl/index.html">libcurl section</a> + +</body></html> diff --git a/libs/libcurl/docs/mk-ca-bundle.1 b/libs/libcurl/docs/mk-ca-bundle.1 new file mode 100644 index 0000000000..c2f9f0c76a --- /dev/null +++ b/libs/libcurl/docs/mk-ca-bundle.1 @@ -0,0 +1,70 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 2008 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH mk-ca-bundle 1 "5 Jan 2013" "version 1.17" "mk-ca-bundle manual" +.SH NAME +mk-ca-bundle \- convert mozilla's certdata.txt to PEM format +.SH SYNOPSIS +mk-ca-bundle [bilnqtuv] +.I [outputfile] +.SH DESCRIPTION +The mk-ca-bundle tool downloads the certdata.txt file from Mozilla's source +tree over HTTP, then parses certdata.txt and extracts CA Root Certificates +into PEM format. These are then processed with the OpenSSL commandline tool +to produce the final ca-bundle file. + +The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-' +(a single dash) you will get the output sent to STDOUT instead of a file. + +The PEM format this scripts uses for output makes the result readily available +for use by just about all OpenSSL or GnuTLS powered applications, such as +curl, wget and more. +.SH OPTIONS +The following options are supported: +.IP -b +backup an existing version of \fIoutputfilename\fP +.IP -f +force rebuild even if certdata.txt is current (Added in version 1.17) +.IP -i +print version info about used modules +.IP -l +print license info about certdata.txt +.IP -n +no download of certdata.txt (to use existing) +.IP -q +be really quiet (no progress output at all) +.IP -t +include plain text listing of certificates +.IP -u +unlink (remove) certdata.txt after processing +.IP -v +be verbose and print out processed CAs +.SH EXIT STATUS +Returns 0 on success. Returns 1 if it fails to download data. +.SH SEE ALSO +.BR curl (1) +.SH HISTORY +\fBmk-ca-bundle\fP is a command line tool that is shipped as part of every +curl and libcurl release (see http://curl.haxx.se/). It was originally based +on the parse-certs script written by Roland Krikava and was later much +improved by Guenter Knauf. This manual page was written by Jan Schaumann +\&<jschauma@netmeister.org>. diff --git a/libs/libcurl/docs/mk-ca-bundle.html b/libs/libcurl/docs/mk-ca-bundle.html new file mode 100644 index 0000000000..fbdd58957a --- /dev/null +++ b/libs/libcurl/docs/mk-ca-bundle.html @@ -0,0 +1,82 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> +<html><head> +<title>mk-ca-bundle man page</title> +<meta name="generator" content="roffit"> +<STYLE type="text/css"> +P.level0 { + padding-left: 2em; +} + +P.level1 { + padding-left: 4em; +} + +P.level2 { + padding-left: 6em; +} + +span.emphasis { + font-style: italic; +} + +span.bold { + font-weight: bold; +} + +span.manpage { + font-weight: bold; +} + +h2.nroffsh { + background-color: #e0e0e0; +} + +span.nroffip { + font-weight: bold; + font-size: 120%; + font-family: monospace; +} + +p.roffit { + text-align: center; + font-size: 80%; +} +</STYLE> +</head><body> + +<p class="level0"><a name="NAME"></a><h2 class="nroffsh">NAME</h2> +<p class="level0">mk-ca-bundle - convert mozilla's certdata.txt to PEM format <a name="SYNOPSIS"></a><h2 class="nroffsh">SYNOPSIS</h2> +<p class="level0">mk-ca-bundle [bilnqtuv] <span Class="emphasis">[outputfile]</span> <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2> +<p class="level0">The mk-ca-bundle tool downloads the certdata.txt file from Mozilla's source tree over HTTP, then parses certdata.txt and extracts CA Root Certificates into PEM format. These are then processed with the OpenSSL commandline tool to produce the final ca-bundle file. +<p class="level0">The default <span Class="emphasis">outputfile</span> name is <span Class="bold">ca-bundle.crt</span>. By setting it to '-' (a single dash) you will get the output sent to STDOUT instead of a file. +<p class="level0">The PEM format this scripts uses for output makes the result readily available for use by just about all OpenSSL or GnuTLS powered applications, such as curl, wget and more. <a name="OPTIONS"></a><h2 class="nroffsh">OPTIONS</h2> +<p class="level0">The following options are supported: +<p class="level0"><a name="-b"></a><span class="nroffip">-b</span> +<p class="level1">backup an existing version of <span Class="emphasis">outputfilename</span> +<p class="level0"><a name="-f"></a><span class="nroffip">-f</span> +<p class="level1">force rebuild even if certdata.txt is current (Added in version 1.17) +<p class="level0"><a name="-i"></a><span class="nroffip">-i</span> +<p class="level1">print version info about used modules +<p class="level0"><a name="-l"></a><span class="nroffip">-l</span> +<p class="level1">print license info about certdata.txt +<p class="level0"><a name="-n"></a><span class="nroffip">-n</span> +<p class="level1">no download of certdata.txt (to use existing) +<p class="level0"><a name="-q"></a><span class="nroffip">-q</span> +<p class="level1">be really quiet (no progress output at all) +<p class="level0"><a name="-t"></a><span class="nroffip">-t</span> +<p class="level1">include plain text listing of certificates +<p class="level0"><a name="-u"></a><span class="nroffip">-u</span> +<p class="level1">unlink (remove) certdata.txt after processing +<p class="level0"><a name="-v"></a><span class="nroffip">-v</span> +<p class="level1">be verbose and print out processed CAs <a name="EXIT"></a><h2 class="nroffsh">EXIT STATUS</h2> +<p class="level0">Returns 0 on success. Returns 1 if it fails to download data. <a name="CERTDATA"></a><h2 class="nroffsh">CERTDATA FORMAT</h2> +<p class="level0">The file format used by Mozilla for this trust information seems to be documented here: <pre> +<p class="level0"><a href="http://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html">http://p11-glue.freedesktop.org/doc/storing-trust-policy/storing-trust-existing.html</a> + </pre> + +<p class="level0"><a name="SEE"></a><h2 class="nroffsh">SEE ALSO</h2> +<p class="level0"><span Class="manpage">curl (1)</span> <a name="HISTORY"></a><h2 class="nroffsh">HISTORY</h2> +<p class="level0"><span Class="bold">mk-ca-bundle</span> is a command line tool that is shipped as part of every curl and libcurl release (see <a href="http://curl.haxx.se/">http://curl.haxx.se/</a>). It was originally based on the parse-certs script written by Roland Krikava and was later much improved by Guenter Knauf. This manual page was initially written by Jan Schaumann <jschauma@netmeister.org>. <p class="roffit"> + This HTML page was made with <a href="http://daniel.haxx.se/projects/roffit/">roffit</a>. +</body></html> diff --git a/libs/libcurl/docs/mk-ca-bundle.pdf b/libs/libcurl/docs/mk-ca-bundle.pdf Binary files differnew file mode 100644 index 0000000000..aa11a96672 --- /dev/null +++ b/libs/libcurl/docs/mk-ca-bundle.pdf |